System processes for maintaining the website
Updating a module
- Download the file into $HOME
- cd $HOME
- wget http://ftp.drupal.org/files/projects/advanced_help-6.x-1.2.tar.gz
- untar it - tar xvzf advanced_help-6.x-1.2.tar.gz
- rm advanced_help-6.x-1.2.tar.gz
- cp -rv advanced_help /var/sub/mys/sites/all/modules/
- Update the Modules (http://mys.metcarob.com/update.php http://mys.metcarob.com/update.php)
Update Drupal Version
- Download new drupal into $HOME
- cd $HOME
- wget http://ftp.drupal.org/files/projects/drupal-6.14.tar.gz
- untar it - tar xvzf drupal-6.14.tar.gz
- cp -r $HOME/drupal-6.14/. /var/sub/code/
- cp -r $HOME/drupal-6.14/. /var/sub/mys/
- cp -r $HOME/drupal-6.14/. /var/sub/kieran/
- Update the databases (http://site.com/update.php)
- Remember to delete downloaded tar.gz file
Stuck Cron
- delete from variable where name like 'cron_sem%';
- delete from variable where name like 'cron_last%';
System info
Mail reciever group name: mailreciever
Re-Setup process
18-Sep-2014 Set up from 14.04 Ubuntu Server
Utils
sudo apt-get install openssh-server
Change SSH Port
Change /etc/ssh/sshd_config
/etc/init.d/ssh reload
Or
-
relaod shh
http://techie-buzz.com/foss/change-default-ssh-port-in-linux.html
Change root password
-
passwd
Setup auth key for login
Use putty gen goes in $HOME/.ssh/authorized_keys
Config IPTABLES
List all rules
-
iptables -L -nv
Delkete all rules
-
iptables -F
Set up rules
-
iptables -F
-
#accept estblashied conns
-
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-
#accept local host
-
iptables -A INPUT -i lo -j ACCEPT
-
#accept services
-
iptables -A INPUT -p tcp --dport XX -j ACCEPT **Replace XX with SSH port
-
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
-
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
-
#memset pings
-
iptables -A INPUT -p icmp -s 141.0.32.124 -j ACCEPT
-
iptables -A INPUT -p icmp -s 141.0.32.125 -j ACCEPT
-
iptables -A INPUT -p icmp -s 5.153.254.13 -j ACCEPT
-
iptables -A INPUT -p icmp -s 5.153.255.250 -j ACCEPT
-
iptables -A INPUT -p icmp -s 5.153.255.251 -j ACCEPT
-
iptables -A INPUT -p icmp -s 5.153.255.252 -j ACCEPT
-
iptables -A INPUT -p icmp -s 78.31.107.85 -j ACCEPT
-
iptables -A INPUT -p icmp -s 89.200.136.31 -j ACCEPT
-
iptables -A INPUT -p icmp -s 89.200.136.76 -j ACCEPT
-
-
#memset remote monitoring program
-
iptables -A INPUT -p tcp --dport 5666 -s 141.0.32.124 -j ACCEPT
-
iptables -A INPUT -p tcp --dport 5666 -s 141.0.32.125 -j ACCEPT
-
iptables -A INPUT -p tcp --dport 5666 -s 5.153.254.13 -j ACCEPT
-
iptables -A INPUT -p tcp --dport 5666 -s 5.153.255.250 -j ACCEPT
-
iptables -A INPUT -p tcp --dport 5666 -s 5.153.255.251 -j ACCEPT
-
iptables -A INPUT -p tcp --dport 5666 -s 5.153.255.252 -j ACCEPT
-
iptables -A INPUT -p tcp --dport 5666 -s 78.31.107.85 -j ACCEPT
-
iptables -A INPUT -p tcp --dport 5666 -s 89.200.136.31 -j ACCEPT
-
iptables -A INPUT -p tcp --dport 5666 -s 89.200.136.76 -j ACCEPT
-
-
#only put the next line in when you are sure the SSH port is right
-
###iptables -A INPUT -j DROP
Test these rules then setup a file /etc/iptables.rules
make it a bash script
-
#!/bin/bash
-
-
RULES
-
-
-
exit 0
chmod the file so root can execute it.
-
chmod 700 iptables.rules
Create a file /etc/init.d/firewall as follows:
-
#!/bin/bash
-
if [[ $1 == start ]] ; then
-
/etc/iptables.rules
-
else
-
iptables -F
-
fi
chmod the script so it is executable
Test the script works
/etc/init.d/firewall start
/etc/init.d/firewall stop
Finally set it to start automaticaly on boot
-
update-rc.d firewall start 20 2 3 4 5 . stop 99 0 1 6 .
Install and setup mysql
-
apt-get install mysql-server
Note free memory then change mysql config file
Add lines /etc/mysql/my.cnf
-
#added by RJM
-
skip-innodb
-
skip-bdb ***DIDN'T WORK LAST TIEM
Make sure you add them to the [mysqld] section of the file. The following commands will help check memory use.
-
top
-
service mysql stop/start
Apache setup
List enabled modules apache2ctl -l
-
apt-get install apache2
-
a2enmod rewrite
-
a2enmod ssl
Edit /etc/apache2/apache2.conf
-
SNIPITS
-
<IfModule mpm_worker_module>
-
StartServers 1
-
MinSpareThreads 1
-
MaxSpareThreads 4
-
ThreadLimit 64
-
ThreadsPerChild 25
-
MaxClients 10
-
MaxRequestsPerChild 0
-
</IfModule>
Get ssl working here
Get initial file in place
upload and untar the last datafile:
-
tar xvzf $FILETORESTORE
Set up and enable apache sites
-
/etc/init.d/apache2 stop
-
cd /var
-
rm -rf www
-
mv $HOME/backup/www /var/.
-
mv $HOME/backup/sub /var/.
-
chown -R www-data /var/www
-
chown -R www-data /var/sub
-
chgrp -R www-data /var/www
-
chgrp -R www-data /var/sub
-
cd /etc/apache2/sites-available/
-
rm *
-
cp $HOME/backup/config_files/apache2/sites-available/* /etc/apache2/sites-available/.
-
rm apache2-doc
-
rm default.dpkg-dist
-
rm phpmyadmin.conf
-
a2ensite default
-
a2ensite code
-
a2ensite food
-
a2ensite kieran
-
a2ensite main_site
-
a2ensite music
-
a2ensite mys
-
a2ensite scouts-orig
-
a2ensite awards
-
a2ensite stpeter
-
/etc/init.d/apache2 start
delete NameVirtualHost *:80 from /etc/apache2/ports.conf
Install PHP
-
apt-get install php5 libapache2-mod-php5
-
apt-get install php5-mysql
-
apt-get install php5-gd
-
apt-get install php5-cli
Test add host redirect
-
77.73.7.95 kieran.metcarob.com
Setup Mysql
-
mysql -pXXX
-
-
source /root/backup/databases/code.sql
-
source /root/backup/databases/food.sql
-
source /root/backup/databases/kieran.sql
-
source /root/backup/databases/mys.sql
-
source /root/backup/databases/scouts_orig.sql
-
source /root/backup/databases/awards.sql
-
-
grant ALL on kieran.* TO kieran_ro3p5cs@localhost IDENTIFIED BY 'PASS';
-
grant ALL on code.* TO code_dge@localhost IDENTIFIED BY 'PASS';
-
grant ALL on mys.* TO mys_fde@localhost IDENTIFIED BY 'PASS';
-
grant ALL on food.* TO food_yfn@localhost IDENTIFIED BY 'PASS';
-
grant ALL on scouts_orig.* TO scouts_orig_fde@localhost IDENTIFIED BY 'PASS';
-
grant X on scouts_orig TO scouts_orig_roo@localhost IDENTIFIED BY 'PASS';
Setup backup d
-
mv /$HOME/backup/config_files/bk_up_d $HOME/.
Setup scripts
mv $HOME/backup/config_files/other/backup.sh $HOME/.
mv $HOME/backup/config_files/other/drupal_cron.sh $HOME/.
mv $HOME/backup/config_files/other/restore.sh $HOME/.
mv $HOME/backup/config_files/other/run_backup.sh $HOME/.
mv $HOME/backup/config_files/other/run_scouts.sh $HOME/.
mv $HOME/backup/config_files/other/unstick_cron.sh $HOME/.
Test Sites
stpeter.co.uk
code
mys
scouts-orig
DO CRON
Delete backup directory
Run backup and test it works ok - including the email
download.mylinkedthings.com
Add user for auto-uploading:
sudo adduser dwn_mlt
Use a random password
Blank everything else
-
sudo mkdir /home/dwn_mlt/.ssh
-
sudo echo ssh-rsa **REP_WITH_PUB_KEY** robert@yearbook > /home/dwn_mlt/.ssh/authorized_keys
-
sudo chown dwn_mlt /home/dwn_mlt/.ssh
-
sudo chgrp dwn_mlt /home/dwn_mlt/.ssh
-
sudo chown dwn_mlt /home/dwn_mlt/.ssh/*
-
sudo chgrp dwn_mlt /home/dwn_mlt/.ssh/*
-
sudo chown dwn_mlt /var/sub/download_mylinkedthings
-
sudo chgrp dwn_mlt /var/sub/download_mylinkedthings
-
sudo chown dwn_mlt /var/sub/download_mylinkedthings/*
-
sudo chgrp dwn_mlt /var/sub/download_mylinkedthings/*
See also Lets Encrypt
See also Maven Repo Site