|
|
(62 intermediate revisions by 3 users not shown) |
Line 1: |
Line 1: |
− | This page summarizes how [[Mirror]] was set up in Spring 2009.
| + | [[Category:Server Setup Documentation]] |
| | | |
− | ==Install==
| + | This page summarizes how [[Old Mirror]] was set up in Spring 2014. |
− | *Installed CentOS 5.3 x64.
| |
− | **Partition Scheme
| |
− | ***100 MB /boot - Software RAID 1
| |
− | ***73 GB root_lvg - Logical Volume Group Software RAID 1
| |
− | ****53 GB / (root_lvg-root_lv)
| |
− | ****10 GB /var (root_lvg-var_lv)
| |
− | ****10 GB swap (root_lvg-swap_lv)
| |
− | ***903 GB /mnt/raid - Software RAID 1
| |
− | ***1.8 TB /mnt/lvg_storage (storage_lvg-storage_lv)
| |
− | ***903 GB /mnt/storage1
| |
− | ***903 GB /mnt/storage2
| |
| | | |
− | ===Kickstart File=== | + | =Install= |
− | <code><pre>
| + | See [[Debian Server Setup]] |
− | # Kickstart file automatically generated by anaconda.
| |
− | | |
− | install
| |
− | cdrom
| |
− | lang en_US.UTF-8
| |
− | keyboard us
| |
− | network --device eth0 --bootproto static --ip 128.153.145.19 --netmask 255.255.255.0 --gateway 128.153.145.1 --nameserver 128.153.0.254,128.153.5.254 --hostname mirror.clar
| |
− | kson.edu
| |
− | network --device eth1 --bootproto static --ip 10.0.1.36 --netmask 255.255.255.0 --gateway 128.153.145.1 --nameserver 128.153.0.254,128.153.5.254 --hostname mirror.clarkson.
| |
− | edu
| |
− | network --device eth2 --bootproto static --ip 10.0.0.14 --netmask 255.255.255.0 --gateway 128.153.145.1 --nameserver 128.153.0.254,128.153.5.254 --hostname mirror.clarkson.
| |
− | edu
| |
− | rootpw --iscrypted ENCRYPTED-PASSWORD-GOES-HERE
| |
− | firewall --enabled --port=22:tcp
| |
− | authconfig --enableshadow --enablemd5
| |
− | selinux --enforcing
| |
− | timezone --utc America/New_York
| |
− | bootloader --location=partition --driveorder=hda,hdb,sda,sdc,sdb,sdd,sde,sdf --md5pass=ENCRYPTED-PASSWORD-GOES-HERE
| |
− | # The following is the partition information you requested
| |
− | # Note that any partitions you deleted are not expressed
| |
− | # here so unless you clear all partitions first, this is
| |
− | # not guaranteed to work
| |
− | clearpart --linux
| |
− | part raid.11 --size=100 --ondisk=hda
| |
− | part raid.14 --size=100 --ondisk=hdb
| |
− | part /mnt/storage2 --fstype ext3 --size=100 --grow --ondisk=sdf
| |
− | part /mnt/storage1 --fstype ext3 --size=100 --grow --ondisk=sde
| |
− | part pv.25 --size=100 --grow --ondisk=sdd
| |
− | part pv.24 --size=100 --grow --ondisk=sdc
| |
− | part raid.22 --size=100 --grow --ondisk=sdb
| |
− | part raid.21 --size=100 --grow --ondisk=sda
| |
− | part raid.13 --size=100 --grow --ondisk=hdb
| |
− | part raid.12 --size=100 --grow --ondisk=hda
| |
− | raid /boot --fstype ext3 --level=RAID1 --device=md0 raid.11 raid.14
| |
− | raid pv.16 --fstype "physical volume (LVM)" --level=RAID1 --device=md1 raid.12 raid.13
| |
− | raid /mnt/raid --fstype ext3 --level=RAID1 --device=md2 raid.21 raid.22
| |
− | volgroup root_lvg --pesize=32768 pv.16
| |
− | volgroup storage_lvg --pesize=32768 pv.24 pv.25
| |
− | logvol swap --fstype swap --name=swap_lv --vgname=root_lvg --size=10240
| |
− | logvol /var --fstype ext3 --name=var_lv --vgname=root_lvg --size=10240
| |
− | logvol / --fstype ext3 --name=root_lv --vgname=root_lvg --size=55712
| |
− | logvol /mnt/lvg_storage --fstype ext3 --name=storage_lv --vgname=storage_lvg --size=1907712
| |
− | | |
− | %packages
| |
− | @core
| |
− | @base
| |
− | device-mapper-multipath
| |
− | -NetworkManager
| |
− | -bluez-utils
| |
− | </pre></code>
| |
− | | |
− | ==Configuration==
| |
− | ===Updated VM===
| |
− | *Added RPMForge Yum Repository
| |
− | **<code>rpm -Uhv http://apt.sw.be/redhat/el5/en/x86_64/rpmforge/RPMS//rpmforge-release-0.3.6-1.el5.rf.x86_64.rpm</code>
| |
− | ***From [http://dag.wieers.com/rpm/FAQ.php#B2 Dag Wieers]
| |
− | | |
− | *Installed Yum ProtectBase
| |
− | **<code>yum install yum-protectbase</code>
| |
− | | |
− | *Configured Yum ProtectBase & to use our mirror
| |
− | **Edited <code>/etc/yum.repos.d/CentOS-Base.repo</code>
| |
− | <code><pre>
| |
− | # CentOS-Base.repo
| |
− | #
| |
− | # This file uses a new mirrorlist system developed by Lance Davis for CentOS.
| |
− | # The mirror system uses the connecting IP address of the client and the
| |
− | # update status of each mirror to pick mirrors that are updated to and
| |
− | # geographically close to the client. You should use this for CentOS updates
| |
− | # unless you are manually picking other mirrors.
| |
− | #
| |
− | # If the mirrorlist= does not work for you, as a fall back you can try the
| |
− | # remarked out baseurl= line instead.
| |
− | #
| |
− | #
| |
− | | |
− | [base] | |
− | name=CentOS-$releasever - Base
| |
− | #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
| |
− | baseurl=http://mirror.clarkson.edu/centos/$releasever/os/$basearch/
| |
− | gpgcheck=1
| |
− | protect=1
| |
− | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
| |
− | | |
− | #released updates
| |
− | [updates] | |
− | name=CentOS-$releasever - Updates
| |
− | #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
| |
− | baseurl=http://mirror.clarkson.edu/centos/$releasever/updates/$basearch/
| |
− | gpgcheck=1
| |
− | protect=1
| |
− | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
| |
− | | |
− | #packages used/produced in the build but not released
| |
− | [addons]
| |
− | name=CentOS-$releasever - Addons
| |
− | #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=addons
| |
− | baseurl=http://mirror.clarkson.edu/centos/$releasever/addons/$basearch/
| |
− | gpgcheck=1
| |
− | protect=0
| |
− | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
| |
| | | |
− | #additional packages that may be useful
| + | ==Debian 7 x64== |
− | [extras]
| + | *71 GB / - Software RAID 1 |
− | name=CentOS-$releasever - Extras
| + | *4GB Swap per OS Drive |
− | #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
| |
− | baseurl=http://mirror.clarkson.edu/centos/$releasever/extras/$basearch/
| |
− | gpgcheck=1
| |
− | protect=0
| |
− | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
| |
| | | |
− | #additional packages that extend functionality of existing packages
| + | =Setup= |
− | [centosplus] | + | See [[Debian Server Setup]] |
− | name=CentOS-$releasever - Plus
| |
− | #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
| |
− | baseurl=http://mirror.clarkson.edu/centos/$releasever/centosplus/$basearch/
| |
− | gpgcheck=1
| |
− | enabled=0
| |
− | protect=0
| |
− | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
| |
| | | |
− | #contrib - packages by Centos Users
| + | ==Raid== |
− | [contrib]
| + | *sda sdb sdc sde sdg sdh |
− | name=CentOS-$releasever - Contrib
| + | */dev/md2 |
− | #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib
| + | *Software RAID 10 |
− | baseurl=http://mirror.clarkson.edu/centos/$releasever/contrib/$basearch/
| + | */storage xfs |
− | gpgcheck=1
| |
− | enabled=0
| |
− | protect=0
| |
− | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
| |
− | </pre></code>
| |
− | **Edited <code>/etc/yum.repos.d/</code> | |
− | <code><pre>
| |
− | # Name: RPMforge RPM Repository for Red Hat Enterprise 5 - dag
| |
− | # URL: http://rpmforge.net/
| |
− | [rpmforge]
| |
− | name = Red Hat Enterprise $releasever - RPMforge.net - dag
| |
− | baseurl = http://mirror.clarkson.edu/dag/redhat/el5/en/$basearch/dag
| |
− | #mirrorlist = http://apt.sw.be/redhat/el5/en/mirrors-rpmforge
| |
− | #mirrorlist = file:///etc/yum.repos.d/mirrors-rpmforge
| |
− | enabled = 1
| |
− | protect = 0
| |
− | gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
| |
− | gpgcheck = 1
| |
− | </pre></code>
| |
| | | |
− | *<code>yum install yum-fastestmirror vim-enhanced gcc emacs-nox screen</code>
| + | ==Networking== |
− | *<code>yum update</code>
| |
| | | |
− | ===Created Users=== | + | ===eth2=== |
− | *Created user mccarrms | + | *Intel Corporation 82541PI Gigabit Ethernet Controller |
− | **<code>/usr/sbin/useradd -m mccarrms</code> | + | *HWADDR=00:1B:21:28:C8:48 |
− | *Set password for mccarrms | + | *IPADDR=128.153.145.19 |
− | **<code>passwd mccarrms</code>
| |
− | *Created user ignazirj
| |
− | **<code>/usr/sbin/useradd -m ignazirj</code>
| |
− | *Set password for ignazirj
| |
− | **<code>passwd ignazirj</code>
| |
| | | |
| + | ===eth1=== |
| + | *Intel Corporation 82566DM-2 Gigabit Network Connection |
| + | *HWADDR=00:30:48:9A:DB:26 |
| + | *IPADDR=10.0.1.36 |
| | | |
− | ===Configured Sudo=== | + | ===eth3=== |
− | *<code>/usr/sbin/visudo</code> | + | *Intel Corporation 82573L Gigabit Ethernet Controller |
| + | *HWADDR=00:30:48:9A:DB:27 |
| + | *IPADDR=10.0.0.14 |
| | | |
− | <code><pre>
| + | ==Set Up SSH Login Banner== |
− | ## Sudoers allows particular users to run various commands as
| + | /etc/issue.net |
− | ## the root user, without needing the root password.
| |
− | | |
− | ## Networking
| |
− | Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool
| |
− | | |
− | ## Installation and management of software
| |
− | Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum
| |
− | | |
− | ## Services
| |
− | Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig
| |
− | | |
− | ## Updating the locate database
| |
− | Cmnd_Alias LOCATE = /usr/sbin/updatedb
| |
− | | |
− | ## Storage
| |
− | Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount
| |
− | | |
− | ## Delegating permissions
| |
− | Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp
| |
− | | |
− | ## Processes
| |
− | Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall
| |
− | | |
− | ## Drivers
| |
− | Cmnd_Alias DRIVERS = /sbin/modprobe
| |
− | | |
− | ## Shells
| |
− | Cmnd_Alias SHELLS = /bin/sh, /bin/bash, /usr/bin/rsh, /bin/dash, /bin/rbash, /bin/su
| |
− | | |
− | ## Users
| |
− | Cmnd_Alias USERS = /usr/sbin/useradd, /usr/sbin/userdel, /usr/sbin/userhelper, /usr/sbin/usermod, /usr/sbin/usernetctl
| |
− | | |
− | Defaults requiretty
| |
− | | |
− | Defaults env_reset,tty_tickets,lecture=always,logfile=/var/log/sudo.log
| |
− | Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR \
| |
− | LS_COLORS MAIL PS1 PS2 QTDIR USERNAME \
| |
− | LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION \
| |
− | LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC \
| |
− | LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS \
| |
− | _XKB_CHARSET XAUTHORITY"
| |
− | | |
− | ## Allow root to run any commands anywhere
| |
− | root ALL=(ALL) ALL
| |
− | %wheel ALL=(ALL) ALL
| |
− | </pre></code>
| |
− | | |
− | ===Configured Networks===
| |
− | *Configured hostname in <code>/etc/sysconfig/network</code>
| |
− | <code><pre>
| |
− | NETWORKING=yes
| |
− | NETWORKING_IPV6=no
| |
− | HOSTNAME=mirror.clarkson.edu
| |
− | GATEWAY=128.153.145.1
| |
− | </pre></code>
| |
− | | |
− | *Verified eth0 configuration for Clarkson Network in <code>/etc/sysconfig/network-scripts/ifcfg-eth0</code>
| |
− | <code><pre>
| |
− | # Intel Corporation 82541PI Gigabit Ethernet Controller
| |
− | DEVICE=eth0
| |
− | BOOTPROTO=static
| |
− | BROADCAST=128.153.145.255
| |
− | HWADDR=00:1B:21:28:C8:48
| |
− | IPADDR=128.153.145.19
| |
− | NETMASK=255.255.255.0
| |
− | NETWORK=128.153.145.0
| |
− | ONBOOT=yes
| |
− | </pre></code>
| |
− | | |
− | *Verified eth1 configuration for the Server Room Network in <code>/etc/sysconfig/network-scripts/ifcfg-eth1</code>
| |
− | <code><pre>
| |
− | # Intel Corporation 82566DM-2 Gigabit Network Connection
| |
− | DEVICE=eth1
| |
− | BOOTPROTO=static
| |
− | BROADCAST=10.0.1.255
| |
− | HWADDR=00:30:48:9A:DB:26
| |
− | IPADDR=10.0.1.36
| |
− | NETMASK=255.255.255.0
| |
− | NETWORK=10.0.1.0
| |
− | ONBOOT=yes
| |
− | </pre></code>
| |
− | | |
− | *Verified eth2 configuration for the Internal Network in <code>/etc/sysconfig/network-scripts/ifcfg-eth2</code>
| |
− | <code><pre>
| |
− | # Intel Corporation 82573L Gigabit Ethernet Controller
| |
− | DEVICE=eth2
| |
− | BOOTPROTO=static
| |
− | BROADCAST=10.0.0.255
| |
− | HWADDR=00:30:48:9A:DB:27
| |
− | IPADDR=10.0.0.14
| |
− | NETMASK=255.255.255.0
| |
− | NETWORK=10.0.0.0
| |
− | ONBOOT=yes
| |
− | </pre></code>
| |
− | | |
− | ====Configured Hosts====
| |
− | *Edited <code>/etc/hosts</code>
| |
− | <code><pre>
| |
− | 127.0.0.1 localhost.localdomain localhost
| |
− | ::1 localhost6.localdomain6 localhost6
| |
− | 128.153.145.19 mirror.clarkson.edu mirror.cslabs.clarkson.edu mirror.cslabs mirror
| |
− | 10.0.1.36 mirror.sr.cslabs.clarkson.edu mirror.sr.cslabs mirror.sr
| |
− | 10.0.0.14 mirror.int.cslabs.clarkson.edu mirror.int.cslabs mirror.int
| |
− | </pre></code>
| |
− | | |
− | ====Configured DNS Servers====
| |
− | *Edited <code>/etc/resolv.conf</code>
| |
− | <code><pre>
| |
− | search clarkson.edu
| |
− | nameserver 128.153.0.254
| |
− | nameserver 128.153.5.254
| |
− | </pre></code>
| |
− | | |
− | ===Configured IPtables===
| |
− | <code><pre>
| |
− | Due to the sensitivity of this material, this config file has been left off; however, the following rules are needed.
| |
− | </pre></code>
| |
− | *Restarted iptables
| |
− | **<code>/etc/init.d/iptables restart</code>
| |
− | | |
− | ===Configured SSH===
| |
− | *Edited <code>/etc/ssh/sshd_config</code>
| |
− | <code><pre>
| |
− | Due to the sensitivity of this material, this config file has been left off.
| |
− | </pre></code>
| |
− | *Restarted sshd
| |
− | **<code>/etc/init.d/sshd restart</code>
| |
− | | |
− | ====Set Up SSH Login Banner====
| |
− | *Edited <code>/etc/issue.net</code>
| |
| <code><pre> | | <code><pre> |
| _ | | _ |
Line 318: |
Line 45: |
| | | |
| </pre></code> | | </pre></code> |
| + | ==SSHD config== |
| + | uncomment |
| + | Banner /etc/issue.net |
| | | |
− | ===Configured Password Requirements=== | + | ==Installed nginx== |
− | *Edited <code>/etc/login.defs</code>
| + | apt-get install install nginx |
− | <code><pre>
| |
− | MAIL_DIR /var/spool/mail
| |
| | | |
− | PASS_MAX_DAYS 360
| + | ==Configure rsync to run as a daemon== |
− | PASS_MIN_DAYS 0
| + | *Installed <code>xinetd</code> |
− | PASS_MIN_LEN 8
| + | apt-get install rsync |
− | PASS_WARN_AGE 60
| |
| | | |
− | UID_MIN 500
| + | *Configured rsync /etc/rsyncd.conf |
− | UID_MAX 60000
| |
− | | |
− | GID_MIN 500
| |
− | GID_MAX 60000
| |
− | | |
− | CREATE_HOME yes
| |
− | | |
− | UMASK 077
| |
− | | |
− | USERGROUPS_ENAB yes
| |
− | | |
− | MD5_CRYPT_ENAB yes
| |
− | | |
− | ENCRYPT_METHOD MD5
| |
− | </pre></code>
| |
− | | |
− | ===Added Custom PATH Variables===
| |
− | *Added the following to <code>/etc/profile</code> | |
| <code><pre> | | <code><pre> |
− | PATH=$PATH:/usr/sbin:/sbin
| + | uid = nobody |
− | export PATH
| + | gid = nogroup |
− | </pre></code>
| + | use chroot = yes |
− | | + | max connections = 20 |
− | ===Modified Root's Crontab=== | + | pid file = /var/run/rsyncd.pid |
− | *<code>crontab -e</code> | + | motd file = /etc/rsyncd.motd |
− | <code><pre>
| + | log file = /var/log/rsync.log |
− | # Used to update locate database
| + | transfer logging = yes |
− | 0 * * * * /usr/bin/updatedb
| + | log format = %t %a %m %f %b |
− | </pre></code>
| + | syslog facility = local3 |
| + | timeout = 900 |
| + | dont compress = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2 |
| + | refuse options = checksum |
| | | |
− | ===Set Up & Configured NTP=== | + | [name] |
− | *Installed NTP
| + | comment = Name of Repository |
− | **<code>yum install ntp</code>
| + | path = /storage/repository |
| + | exclude = lost+found/ |
| + | read only = true |
| + | ignore nonreadable = yes</pre></code> |
| | | |
− | *Edited <code>/etc/ntp.conf</code> | + | *Created rsync motd /etc/rsyncd.motd |
| <code><pre> | | <code><pre> |
− | restrict default kod nomodify notrap nopeer noquery
| + | ############################################################### |
− | restrict -6 default kod nomodify notrap nopeer noquery
| |
| | | |
− | restrict 127.0.0.1
| + | The Clarkson University mirror is located in Potsdam, NY, US. |
− | restrict -6 ::1
| |
| | | |
− | restrict tick.clarkson.edu mask 255.255.255.255 nomodify notrap noquery
| + | This mirror is operated by the Clarkson Open Source Institute. |
− | restrict tock.clarkson.edu mask 255.255.255.255 nomodify notrap noquery
| + | http://cosi.clarkson.edu/ |
− | | |
− | server tick.clarkson.edu
| |
− | server tock.clarkson.edu
| |
| | | |
− | server 127.127.1.0 # local clock
| + | If you have any questions or problems, please email |
− | fudge 127.127.1.0 stratum 10
| + | mirror-admin@cslabs.clarkson.edu. |
| | | |
− | driftfile /var/lib/ntp/drift
| + | Recent changes can be found at |
| + | http://status.cslabs.clarkson.edu/tag/mirror. |
| | | |
− | keys /etc/ntp/keys
| + | ############################################################### |
| </pre></code> | | </pre></code> |
| | | |
− | *Edited <code>/etc/ntp/step-tickers</code> | + | ==Set Up Fedora Mirror Manager== |
− | <code><pre>
| + | *Installed mirrormanager |
− | tick.clarkson.edu
| + | cd /usr/local/sbin |
− | tock.clarkson.edu
| + | git clone git://git.fedorahosted.org/mirrormanager/ |
− | </pre></code>
| + | ln -s /usr/local/sbin/mirrormanager/client/report_mirror /usr/local/sbin/report_mirror |
− | | + | |
− | *Configured ntpd to start on boot
| |
− | **<code>/sbin/chkconfig --levels 2345 ntpd on</code>
| |
− | | |
− | *Started ntpd
| |
− | **<code>/etc/init.d/ntpd start</code>
| |
| | | |
− | ====Configured ntpd to Sync Hardware Clock====
| + | *Configured mirrormanager |
− | *Edited <code>/etc/sysconfig/ntpd</code> | + | **Modified /etc/mirrormanager-client/report_mirror.conf |
| <code><pre> | | <code><pre> |
− | # Drop root to id 'ntp:ntp' by default. | + | [global] |
− | OPTIONS="-u ntp:ntp -p /var/run/ntpd.pid"
| + | # if enabled=0, no data is sent to the database |
| + | enabled=1 |
| + | # server= is the URL to the MirrorManager XML-RPC interface |
| + | server=https://admin.fedoraproject.org/mirrormanager/xmlrpc |
| | | |
− | # Set to 'yes' to sync hw clock after successful ntpdate
| |
− | SYNC_HWCLOCK=yes
| |
| | | |
− | # Additional options for ntpdate | + | [site] |
− | NTPDATE_OPTIONS=""
| + | # if enabled=0, no data about this site is sent to the database |
− | </pre></code> | + | enabled=1 |
| + | # Name and Password fields need to match the Site name and password |
| + | # fields you entered for your Site in the MirrorManager database at |
| + | # https://admin.fedoraproject.org/mirrormanager |
| + | name=Clarkson University |
| + | password=<PASSWORD GOES HERE> |
| | | |
− | ===Installed and Configured [http://www.apcupsd.org/ APCUPSD]=== | + | [host] |
− | This package is used to monitor the UPS which [[Mirror]] is plugged into and is used to shutdown the system in the event of a power failure. | + | # if enabled=0, no data about this host is sent to the database |
| + | enabled=1 |
| + | # Name field need to match the Host name field you entered for your |
| + | # Host in the MirrorManager database at |
| + | # https://admin.fedoraproject.org/mirrormanager |
| + | name=mirror.clarkson.edu |
| + | # if user_active=0, no data about this category is given to the public |
| + | # This can be used to toggle between serving and not serving data, |
| + | # such enabled during the nighttime (when you have more idle bandwidth |
| + | # available) and disabled during the daytime. |
| + | # By not specifying user_active, the database will not be updated. |
| + | # user_active=1 |
| | | |
− | ====Configured to Power On when Power is Restored====
| + | [stats] |
− | *Edited the BIOS to have <code>Restore on AC/Power Loss</code> set to <code>Power On</code>.
| + | # Stats are only sent when run with the -s option |
− | | + | # and when this section is enabled. |
− | ====Installed and configured <code>apcupsd</code>==== | + | # This feature is not presently implemented |
− | *Installed <code>apcupsd</code>
| + | enabled=0 |
− | **<code>yum install apcupsd</code>
| + | apache=/var/log/httpd/access_log |
− | | + | vsftpd=/var/log/vsftpd.log |
− | *Edited <code>/etc/apcupsd/apcupsd.conf</code>
| + | # remember to enable log file and transfer logging in rsyncd.conf |
− | <code><pre>
| + | rsyncd=/var/log/rsyncd.log |
− | ## apcupsd.conf v1.1 ## | |
− | | |
− | UPSNAME ups3
| |
− | | |
− | UPSCABLE ether
| |
− | | |
− | UPSTYPE net
| |
− | DEVICE 128.153.145.215:3551
| |
− | | |
− | LOCKFILE /var/lock
| |
− | | |
− | SCRIPTDIR /etc/apcupsd
| |
− | | |
− | PWRFAILDIR /etc/apcupsd
| |
− | | |
− | NOLOGINDIR /etc
| |
− | | |
− | ONBATTERYDELAY 6
| |
− | | |
− | BATTERYLEVEL 10
| |
− | | |
− | MINUTES 15
| |
− | | |
− | TIMEOUT 0
| |
− | | |
− | ANNOY 300
| |
− | | |
− | ANNOYDELAY 60
| |
− | | |
− | NOLOGON disable
| |
| | | |
− | KILLDELAY 0
| |
| | | |
− | NETSERVER on
| + | # Content Categories |
− | | + | # These sections match the Categories for content tracked by MirrorManager. |
− | NISIP 127.0.0.1
| |
− | | |
− | NISPORT 3551
| |
− | | |
− | EVENTSFILE /var/log/apcupsd.events
| |
− | | |
− | EVENTSFILEMAX 10
| |
− | | |
− | UPSCLASS standalone
| |
− | | |
− | UPSMODE disable
| |
− | | |
− | STATTIME 0
| |
− | | |
− | STATFILE /var/log/apcupsd.status
| |
− | | |
− | LOGSTATS off
| |
− | | |
− | DATATIME 0
| |
− | | |
− | SELFTEST 336
| |
− | </pre></code>
| |
− | | |
− | *Edited <code>/etc/apcupsd/offbattery</code>
| |
− | <code><pre>
| |
− | #!/bin/sh
| |
| # | | # |
− | # This shell script if placed in /etc/apcupsd | + | # enabled=1 means information about this category will be sent to the database. |
− | # will be called by /etc/apcupsd/apccontrol when the
| + | # enabled=0, no data about this host is sent to the database. If the |
− | # UPS goes back on to the mains after a power failure. | + | # database already has information for you for this Category, it will |
− | # We send an email message to root to notify him. | + | # remain unchanged. This can be used to update the database after you |
| + | # have manually synced some infrequently-updated content, such as |
| + | # historical releases. |
| # | | # |
− | SYSADMIN=mccarrms@gmail.com,emergency@cslabs.clarkson.edu
| + | # path= is the path on your local disk to the top-level directory for this Category |
− | APCUPSD_MAIL="/bin/mail"
| |
| | | |
− | HOSTNAME=`hostname`
| + | [Fedora Linux] |
− | MSG="$HOSTNAME Power has returned"
| + | enabled=1 |
− | #
| + | path=/usr/share/nginx/www/fedora/linux |
− | (
| |
− | echo "Subject: $MSG"
| |
− | echo " "
| |
− | echo "$MSG"
| |
− | echo " "
| |
− | /sbin/apcaccess status
| |
− | ) | $APCUPSD_MAIL -s "$MSG" $SYSADMIN
| |
− | exit 0
| |
− | </pre></code>
| |
| | | |
− | *Edited <code>/etc/apcupsd/onbattery</code>
| + | [Fedora EPEL] |
− | <code><pre>
| + | enabled=1 |
− | #!/bin/sh
| + | path=/usr/share/nginx/www/epel |
− | #
| |
− | # This shell script if placed in /etc/apcupsd
| |
− | # will be called by /etc/apcupsd/apccontrol when the UPS
| |
− | # goes on batteries.
| |
− | # We send an email message to root to notify him.
| |
− | #
| |
− | SYSADMIN=mccarrms@gmail.com,emergency@cslabs.clarkson.edu
| |
− | APCUPSD_MAIL="/bin/mail"
| |
| | | |
− | HOSTNAME=`hostname`
| + | # lesser used categories below |
− | MSG="$HOSTNAME Power Failure !!!"
| |
− | # | |
− | (
| |
− | echo "Subject: $MSG"
| |
− | echo " "
| |
− | echo "$MSG"
| |
− | echo " "
| |
− | /sbin/apcaccess status
| |
− | ) | $APCUPSD_MAIL -s "$MSG" $SYSADMIN
| |
− | exit 0
| |
− | </pre></code>
| |
| | | |
− | *Edited <code>/etc/apcupsd/commfailure</code>
| + | [Fedora Web] |
− | <code><pre>
| + | enabled=0 |
− | #!/bin/sh
| + | path=/usr/share/nginx/www/pub/fedora/web |
− | #
| |
− | # This shell script if placed in /etc/apcupsd
| |
− | # will be called by /etc/apcupsd/apccontrol when apcupsd
| |
− | # loses contact with the UPS (i.e. the serial connection is not responding).
| |
− | # We send an email message to root to notify him.
| |
− | #
| |
− | SYSADMIN=mccarrms@gmail.com,emergency@cslabs.clarkson.edu
| |
− | APCUPSD_MAIL="/bin/mail"
| |
| | | |
− | HOSTNAME=`hostname`
| + | [Fedora Secondary Arches] |
− | MSG="$HOSTNAME Communications with UPS lost"
| + | enabled=0 |
− | #
| + | path=/usr/share/nginx/www/pub/fedora-secondary |
− | (
| |
− | echo "Subject: $MSG"
| |
− | echo " "
| |
− | echo "$MSG"
| |
− | echo " "
| |
− | /sbin/apcaccess status
| |
− | ) | $APCUPSD_MAIL -s "$MSG" $SYSADMIN
| |
− | exit 0
| |
− | </pre></code>
| |
| | | |
− | *Edited <code>/etc/apcupsd/commok</code>
| + | [Fedora Other] |
− | <code><pre>
| + | enabled=0 |
− | #!/bin/sh
| + | path=/usr/share/nginx/www/pub/alt |
− | #
| |
− | # This shell script if placed in /etc/apcupsd
| |
− | # will be called by /etc/apcupsd/apccontrol when apcupsd
| |
− | # restores contact with the UPS (i.e. the serial connection is restored).
| |
− | # We send an email message to root to notify him.
| |
− | #
| |
− | SYSADMIN=mccarrms@gmail.com,emergency@cslabs.clarkson.edu
| |
− | APCUPSD_MAIL="/bin/mail"
| |
| | | |
− | HOSTNAME=`hostname`
| + | # historical content |
− | MSG="$HOSTNAME Communications with UPS restored"
| |
− | # | |
− | (
| |
− | echo "Subject: $MSG"
| |
− | echo " "
| |
− | echo "$MSG"
| |
− | echo " "
| |
− | /sbin/apcaccess status
| |
− | ) | $APCUPSD_MAIL -s "$MSG" $SYSADMIN
| |
− | exit 0
| |
− | </pre></code>
| |
| | | |
− | *Edited <code>/etc/apcupsd/changeme</code>
| + | [Fedora Core] |
− | <code><pre>
| + | enabled=0 |
− | #!/bin/sh
| + | path=/usr/share/nginx/www/pub/fedora/linux/core |
− | #
| |
− | # This shell script if placed in /etc/apcupsd
| |
− | # will be called by /etc/apcupsd/apccontrol when apcupsd
| |
− | # detects that the battery should be replaced.
| |
− | # We send an email message to root to notify him.
| |
− | #
| |
− | SYSADMIN=mccarrms@gmail.com,emergency@cslabs.clarkson.edu
| |
− | APCUPSD_MAIL="/bin/mail"
| |
| | | |
− | HOSTNAME=`hostname`
| + | [Fedora Extras] |
− | MSG="$HOSTNAME UPS battery needs changing NOW."
| + | enabled=0 |
− | #
| + | path=/usr/share/nginx/www/pub/fedora/linux/extras |
− | (
| |
− | echo "Subject: $MSG"
| |
− | echo " "
| |
− | echo "$MSG"
| |
− | echo " "
| |
− | /sbin/apcaccess status
| |
− | ) | $APCUPSD_MAIL -s "$MSG" $SYSADMIN
| |
− | exit 0
| |
− | </pre></code>
| |
| | | |
− | *Configured <code>apcupsd</code> to start on boot
| + | [Fedora Archive] |
− | **<code>/sbin/chkconfig --levels 2345 apcupsd on</code>
| + | enabled=0 |
− | | + | path=/usr/share/nginx/www/pub/fedora-archive |
− | *Started <code>apcupsd</code>
| |
− | **<code>/etc/init.d/apcupsd start</code>
| |
− | | |
− | ===Installed Apache===
| |
− | *Installed <code>httpd</code>
| |
− | **<code>yum install httpd</code>
| |
− | | |
− | *Modified <code>/etc/httpd/conf/httpd.conf</code>
| |
− | <code><pre>
| |
− | ServerTokens Prod
| |
− | | |
− | ServerRoot "/etc/httpd"
| |
− | | |
− | PidFile run/httpd.pid
| |
− | | |
− | Timeout 120
| |
− | | |
− | KeepAlive On
| |
− | | |
− | MaxKeepAliveRequests 100
| |
− | | |
− | KeepAliveTimeout 2
| |
− | | |
− | <IfModule prefork.c>
| |
− | StartServers 8
| |
− | MinSpareServers 5
| |
− | MaxSpareServers 20
| |
− | ServerLimit 256
| |
− | MaxClients 250
| |
− | MaxRequestsPerChild 1000
| |
− | </IfModule>
| |
− | | |
− | <IfModule worker.c>
| |
− | StartServers 2
| |
− | MaxClients 250
| |
− | MinSpareThreads 25
| |
− | MaxSpareThreads 75
| |
− | ThreadsPerChild 25
| |
− | MaxRequestsPerChild 0
| |
− | </IfModule>
| |
− | | |
− | Listen 80
| |
− | | |
− | LoadModule auth_basic_module modules/mod_auth_basic.so
| |
− | LoadModule auth_digest_module modules/mod_auth_digest.so
| |
− | LoadModule authn_file_module modules/mod_authn_file.so
| |
− | LoadModule authn_alias_module modules/mod_authn_alias.so
| |
− | LoadModule authn_anon_module modules/mod_authn_anon.so
| |
− | LoadModule authn_dbm_module modules/mod_authn_dbm.so
| |
− | LoadModule authn_default_module modules/mod_authn_default.so
| |
− | LoadModule authz_host_module modules/mod_authz_host.so
| |
− | LoadModule authz_user_module modules/mod_authz_user.so
| |
− | LoadModule authz_owner_module modules/mod_authz_owner.so
| |
− | LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
| |
− | LoadModule authz_dbm_module modules/mod_authz_dbm.so
| |
− | LoadModule authz_default_module modules/mod_authz_default.so
| |
− | LoadModule ldap_module modules/mod_ldap.so
| |
− | LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
| |
− | LoadModule include_module modules/mod_include.so
| |
− | LoadModule log_config_module modules/mod_log_config.so
| |
− | LoadModule logio_module modules/mod_logio.so
| |
− | LoadModule env_module modules/mod_env.so
| |
− | LoadModule ext_filter_module modules/mod_ext_filter.so
| |
− | LoadModule mime_magic_module modules/mod_mime_magic.so
| |
− | LoadModule expires_module modules/mod_expires.so
| |
− | LoadModule deflate_module modules/mod_deflate.so
| |
− | LoadModule headers_module modules/mod_headers.so
| |
− | LoadModule usertrack_module modules/mod_usertrack.so
| |
− | LoadModule setenvif_module modules/mod_setenvif.so
| |
− | LoadModule mime_module modules/mod_mime.so
| |
− | LoadModule dav_module modules/mod_dav.so
| |
− | LoadModule status_module modules/mod_status.so
| |
− | LoadModule autoindex_module modules/mod_autoindex.so
| |
− | LoadModule info_module modules/mod_info.so
| |
− | LoadModule dav_fs_module modules/mod_dav_fs.so
| |
− | LoadModule vhost_alias_module modules/mod_vhost_alias.so
| |
− | LoadModule negotiation_module modules/mod_negotiation.so
| |
− | LoadModule dir_module modules/mod_dir.so
| |
− | LoadModule actions_module modules/mod_actions.so
| |
− | LoadModule speling_module modules/mod_speling.so
| |
− | LoadModule userdir_module modules/mod_userdir.so
| |
− | LoadModule alias_module modules/mod_alias.so
| |
− | LoadModule rewrite_module modules/mod_rewrite.so
| |
− | LoadModule proxy_module modules/mod_proxy.so
| |
− | LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
| |
− | LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
| |
− | LoadModule proxy_http_module modules/mod_proxy_http.so
| |
− | LoadModule proxy_connect_module modules/mod_proxy_connect.so
| |
− | LoadModule cache_module modules/mod_cache.so
| |
− | LoadModule suexec_module modules/mod_suexec.so
| |
− | LoadModule disk_cache_module modules/mod_disk_cache.so
| |
− | LoadModule file_cache_module modules/mod_file_cache.so
| |
− | LoadModule mem_cache_module modules/mod_mem_cache.so
| |
− | LoadModule cgi_module modules/mod_cgi.so
| |
− | LoadModule version_module modules/mod_version.so
| |
− | | |
− | Include conf.d/*.conf
| |
− | | |
− | User apache
| |
− | Group apache
| |
− | | |
− | ServerAdmin mirror-admin@cslabs.clarkson.edu
| |
− | | |
− | UseCanonicalName Off
| |
− | | |
− | DocumentRoot "/var/www/html"
| |
− | | |
− | <Directory />
| |
− | Options FollowSymLinks
| |
− | AllowOverride None
| |
− | </Directory>
| |
− | | |
− | <Directory "/var/www/html">
| |
− | Options Indexes FollowSymLinks
| |
− | AllowOverride All
| |
− | Order allow,deny
| |
− | Allow from all
| |
− | </Directory>
| |
− | | |
− | <IfModule mod_userdir.c>
| |
− | UserDir disable
| |
− | </IfModule>
| |
− | | |
− | DirectoryIndex index.html index.html.var
| |
− | | |
− | AccessFileName .htaccess
| |
− | | |
− | <Files ~ "^\.ht">
| |
− | Order allow,deny
| |
− | Deny from all
| |
− | </Files>
| |
− | | |
− | TypesConfig /etc/mime.types
| |
− | | |
− | DefaultType text/plain
| |
− | | |
− | <IfModule mod_mime_magic.c>
| |
− | # MIMEMagicFile /usr/share/magic.mime
| |
− | MIMEMagicFile conf/magic
| |
− | </IfModule>
| |
− | | |
− | HostnameLookups Off
| |
− | | |
− | ErrorLog logs/error_log
| |
− | | |
− | LogLevel warn
| |
− | | |
− | LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
| |
− | LogFormat "%h %l %u %t \"%r\" %>s %b" common
| |
− | LogFormat "%{Referer}i -> %U" referer
| |
− | LogFormat "%{User-agent}i" agent
| |
− | | |
− | CustomLog logs/access_log combined
| |
− | | |
− | ServerSignature On
| |
− | | |
− | Alias /icons/ "/var/www/icons/"
| |
− | | |
− | <Directory "/var/www/icons">
| |
− | Options Indexes MultiViews
| |
− | AllowOverride None
| |
− | Order allow,deny
| |
− | Allow from all
| |
− | </Directory>
| |
− | | |
− | <IfModule mod_dav_fs.c>
| |
− | # Location of the WebDAV lock database.
| |
− | DAVLockDB /var/lib/dav/lockdb
| |
− | </IfModule>
| |
− | | |
− | ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
| |
− | | |
− | <Directory "/var/www/cgi-bin">
| |
− | AllowOverride None
| |
− | Options None
| |
− | Order allow,deny
| |
− | Allow from all
| |
− | </Directory>
| |
− | | |
− | IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable
| |
− | | |
− | AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
| |
− | | |
− | AddIconByType (TXT,/icons/text.gif) text/*
| |
− | AddIconByType (IMG,/icons/image2.gif) image/*
| |
− | AddIconByType (SND,/icons/sound2.gif) audio/*
| |
− | AddIconByType (VID,/icons/movie.gif) video/*
| |
− | | |
− | AddIcon /icons/binary.gif .bin .exe
| |
− | AddIcon /icons/binhex.gif .hqx
| |
− | AddIcon /icons/tar.gif .tar
| |
− | AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
| |
− | AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
| |
− | AddIcon /icons/a.gif .ps .ai .eps
| |
− | AddIcon /icons/layout.gif .html .shtml .htm .pdf
| |
− | AddIcon /icons/text.gif .txt
| |
− | AddIcon /icons/c.gif .c
| |
− | AddIcon /icons/p.gif .pl .py
| |
− | AddIcon /icons/f.gif .for
| |
− | AddIcon /icons/dvi.gif .dvi
| |
− | AddIcon /icons/uuencoded.gif .uu
| |
− | AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
| |
− | AddIcon /icons/tex.gif .tex
| |
− | AddIcon /icons/bomb.gif core
| |
− | | |
− | AddIcon /icons/back.gif ..
| |
− | AddIcon /icons/hand.right.gif README
| |
− | AddIcon /icons/folder.gif ^^DIRECTORY^^
| |
− | AddIcon /icons/blank.gif ^^BLANKICON^^
| |
− | | |
− | DefaultIcon /icons/unknown.gif
| |
− | | |
− | ReadmeName README.html
| |
− | HeaderName HEADER.html
| |
− | | |
− | IndexIgnore .??* *~ *# favicon.ico robots.txt pub directory-sizes.txt
| |
− | | |
− | AddLanguage ca .ca
| |
− | AddLanguage cs .cz .cs
| |
− | AddLanguage da .dk
| |
− | AddLanguage de .de
| |
− | AddLanguage el .el
| |
− | AddLanguage en .en
| |
− | AddLanguage eo .eo
| |
− | AddLanguage es .es
| |
− | AddLanguage et .et
| |
− | AddLanguage fr .fr
| |
− | AddLanguage he .he
| |
− | AddLanguage hr .hr
| |
− | AddLanguage it .it
| |
− | AddLanguage ja .ja
| |
− | AddLanguage ko .ko
| |
− | AddLanguage ltz .ltz
| |
− | AddLanguage nl .nl
| |
− | AddLanguage nn .nn
| |
− | AddLanguage no .no
| |
− | AddLanguage pl .po
| |
− | AddLanguage pt .pt
| |
− | AddLanguage pt-BR .pt-br
| |
− | AddLanguage ru .ru
| |
− | AddLanguage sv .sv
| |
− | AddLanguage zh-CN .zh-cn
| |
− | AddLanguage zh-TW .zh-tw
| |
− | | |
− | LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW
| |
− | | |
− | ForceLanguagePriority Prefer Fallback
| |
− | | |
− | AddDefaultCharset UTF-8
| |
− | | |
− | AddType application/x-compress .Z
| |
− | AddType application/x-gzip .gz .tgz
| |
− | | |
− | AddHandler type-map var
| |
− | | |
− | AddType text/html .shtml
| |
− | AddOutputFilter INCLUDES .shtml
| |
− | | |
− | Alias /error/ "/var/www/error/"
| |
− | | |
− | <IfModule mod_negotiation.c>
| |
− | <IfModule mod_include.c>
| |
− | <Directory "/var/www/error">
| |
− | AllowOverride None
| |
− | Options IncludesNoExec
| |
− | AddOutputFilter Includes html
| |
− | AddHandler type-map var
| |
− | Order allow,deny
| |
− | Allow from all
| |
− | LanguagePriority en es de fr
| |
− | ForceLanguagePriority Prefer Fallback
| |
− | </Directory>
| |
− | | |
− | </IfModule>
| |
− | </IfModule>
| |
− | | |
− | BrowserMatch "Mozilla/2" nokeepalive
| |
− | BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
| |
− | BrowserMatch "RealPlayer 4\.0" force-response-1.0
| |
− | BrowserMatch "Java/1\.0" force-response-1.0
| |
− | BrowserMatch "JDK/1\.0" force-response-1.0
| |
− | BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
| |
− | BrowserMatch "MS FrontPage" redirect-carefully
| |
− | BrowserMatch "^WebDrive" redirect-carefully
| |
− | BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
| |
− | BrowserMatch "^gnome-vfs/1.0" redirect-carefully
| |
− | BrowserMatch "^XML Spy" redirect-carefully
| |
− | BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
| |
− | | |
− | <VirtualHost 128.153.145.18>
| |
− | ServerName kernelmirror.clarkson.edu
| |
− | ServerAdmin mccarrms@cslabs.clarkson.edu
| |
− | DocumentRoot "/var/www/html/"
| |
− | ErrorLog logs/error_log
| |
− | CustomLog logs/access_log combined
| |
− | Redirect permanent / http://mirror.clarkson.edu/
| |
− | </VirtualHost>
| |
− | | |
− | <VirtualHost 128.153.145.44>
| |
− | ServerName mirror.dev.cslabs.clarkson.edu
| |
− | ServerAdmin mccarrms@cslabs.clarkson.edu
| |
− | DocumentRoot "/var/www/html/"
| |
− | ErrorLog logs/error_log
| |
− | CustomLog logs/access_log combined
| |
− | Redirect permanent / http://mirror.clarkson.edu/
| |
− | </VirtualHost>
| |
− | </pre></code>
| |
− | | |
− | *Removed unneeded files
| |
− | **<code>rm /etc/httpd/conf.d/welcome.conf /etc/httpd/conf.d/proxy_ajp.conf</code>
| |
− | | |
− | *Configured Apache to start on boot
| |
− | **<code>/sbin/chkconfig --levels 345 httpd on</code>
| |
− | | |
− | *Started Apache
| |
− | **<code>/etc/init.d/httpd start</code>
| |
− | | |
− | ===Configure rsync to run as a daemon===
| |
− | *Installed <code>xinetd</code>
| |
− | **<code>yum install xinetd</code>
| |
− | | |
− | *Enabled rsync <code>/etc/xinetd.d/rsync</code>
| |
− | <code><pre>
| |
− | # default: off
| |
− | # description: The rsync server is a good addition to an ftp server, as it # allows crc checksumming etc.
| |
− | service rsync
| |
− | {
| |
− | disable = no
| |
− | socket_type = stream
| |
− | wait = no
| |
− | user = root
| |
− | server = /usr/bin/rsync
| |
− | server_args = --daemon
| |
− | log_on_failure += USERID
| |
− | }
| |
| </pre></code> | | </pre></code> |
| | | |
− | *Created configuration and shares for rsync daemon <code>/etc/rsyncd.conf</code> | + | *Added cron entries for root |
| <code><pre> | | <code><pre> |
− | uid = nobody
| + | # Dir sizes |
− | gid = nobody
| + | 0 0 * * * /usr/local/bin/dir_sizes.sh |
− | use chroot = yes
| |
− | max connections = 20
| |
− | pid file = /var/run/rsyncd.pid
| |
− | motd file = /etc/rsyncd.motd
| |
− | log file = /var/log/rsync.log
| |
− | transfer logging = yes
| |
− | log format = %t %a %m %f %b
| |
− | syslog facility = local3
| |
− | timeout = 300
| |
− | | |
− | [archlinux]
| |
− | comment = Arch Linux
| |
− | path = /mnt/storage1/archlinux
| |
− | read only = true
| |
− | | |
− | [centos]
| |
− | comment = CentOS
| |
− | path = /mnt/raid/centos
| |
− | read only = true
| |
− | | |
− | [dag]
| |
− | comment = Dag
| |
− | path = /mnt/storage1/dag
| |
− | read only = true
| |
− | | |
− | [debian-cd]
| |
− | comment = Debian CD
| |
− | path = /mnt/storage2/debian-cd
| |
− | read only = true
| |
− | | |
− | [debian]
| |
− | comment = Debian
| |
− | path = /mnt/storage2/debian
| |
− | read only = true
| |
| | | |
− | [fedora]
| + | # backup |
− | comment = Fedora
| + | 45 0 * * * /bin/nice -n 19 /usr/bin/ionice -c2 -n7 /usr/local/bin/backup.sh |
− | path = /mnt/lvg_storage/fedora
| |
− | read only = true
| |
| | | |
− | [gentoo]
| + | 10 0 * * * /usr/local/sbin/report_mirror |
− | comment = Gentoo
| |
− | path = /mnt/storage1/gentoo
| |
− | read only = true
| |
− | | |
− | [gentoo-portage]
| |
− | comment = Gentoo Portage
| |
− | path = /mnt/storage1/gentoo-portage
| |
− | read only = true
| |
− | | |
− | [linux]
| |
− | comment = Linux Kernel
| |
− | path = /mnt/storage1/linux
| |
− | read only = true
| |
− | | |
− | [software]
| |
− | comment = Software
| |
− | path = /mnt/storage1/software
| |
− | read only = true
| |
− | | |
− | [ubuntu-releases]
| |
− | comment = Ubuntu Releases
| |
− | path = /mnt/raid/ubuntu-releases
| |
− | read only = true
| |
− | | |
− | [ubuntu]
| |
− | comment = Ubuntu
| |
− | path = /mnt/raid/ubuntu
| |
− | read only = true
| |
| </pre></code> | | </pre></code> |
| | | |
− | *Created rsync motd
| |
− | <code><pre>
| |
− | #########################################################################################
| |
− | _______ __
| |
− | / ___/ /__ _____/ /__ ___ ___ ___
| |
− | / /__/ / _ `/ __/ '_/(_-</ _ \/ _ \
| |
− | \___/_/\_,_/_/ /_/\_\/___/\___/_//_/
| |
− |
| |
− | __ __ _ _ __
| |
− | / / / /__ (_) _____ _______ (_) /___ __
| |
− | / /_/ / _ \/ / |/ / -_) __(_-</ / __/ // /
| |
− | \____/_//_/_/|___/\__/_/ /___/_/\__/\_, /
| |
− | /___/
| |
− | __ ____
| |
− | / |/ (_)__________ ____
| |
− | / /|_/ / / __/ __/ _ \/ __/
| |
− | /_/ /_/_/_/ /_/ \___/_/
| |
− |
| |
− | Welcome to the Clarkson University mirror located in Potsdam, NY.
| |
− |
| |
− | This mirror is operated by the Clarkson Open Source Institute.
| |
− | http://cosi.clarkson.edu/
| |
− |
| |
− | If you have any questions or problems, please email mirror-admin@cslabs.clarkson.edu.
| |
− |
| |
− | #########################################################################################
| |
− | </pre></code>
| |
− |
| |
− | *Secured rsync
| |
− | **<code>chown root.root /etc/rsyncd.*</code>
| |
− | **<code>chmod 600 /etc/rsyncd.*</code>
| |
− |
| |
− | *Restarted xinetd
| |
− | **<code>/etc/init.d/xinetd restart</code>
| |
| | | |
− | [[Category:Documentation]] | + | [[mirror rsync setup|Setup Rsync Scripts]] |
− | [[Category:Infrastructure]]
| |