Arran administration
This page describes various common admin tasks on arran.fi.muni.cz, as well assome other arran-related info.
MediawikiMoinmoin wiki
Subversion
Tomcat
Apache and SSL
Monitoring PAM/LDAP
Running services
new wikimedia wiki
mkdir /var/wwww/xwiki
Configure a database in mysql:
CREATE DATABASE mywiki; GRANT ALL ON mywiki.* TO myuser@localhost IDENTIFIED BY 'mypasswd'; FLUSH PRIVILEGES;
Import database
mysql -u myuser -p mydatabase < db.dump
nakopirovat images/ a LocalSettings.php
edit LocalSettings.php
chown -R www-data:www-data /var/www/xwiki
new moinmoin wiki
As per /usr/share/doc/python-moinmoin/README.Debian.gz
1) Create and populate /var/www/xxx
# mkdir /var/www/xxx
# cp -r /usr/share/moin/server/moin.cgi /var/www/xxx
# mkdir /var/wiki/xxx
# cp -r /usr/share/moin/data /usr/share/moin/underlay /var/wiki/xxx
2) Pass on the wiki to Apache:
# chown -R www-data: /var/www/xxx /var/wiki/xxx
3) Configure Apache2:
edit /etc/apache2/sites-enabled/ssl, copy e.g. gtwiki template
block non-ssl access in /etc/apache2/sites-enabled/000-default
4) Configure MoinMoin:
Edit /etc/moin/farmconfig.py
# cp /etc/moin/mywiki.py /etc/moin/xxx.py
Edit /etc/moin/xxx.py to include these lines:
sitename = u'Fancy xxx name' # [Unicode]
interwikiname = 'xxx'
data_dir = '/var/wiki/xxx/data'
data_underlay_dir = '/var/wiki/xxx/underlay'
Edit /etc/moin/wikilist
5) Activate wiki:
# invoke-rc.d apache2 force-reload
*) Authentication
# authentication
from MoinMoin.auth.http import HTTPAuth
auth = [HTTPAuth(autocreate=True)]
superuser = [u"xobdrzal", ]
6) configure language
https://arran.fi.muni.cz/xxx/LanguageSetup
new Subversion repository
mkdir /var/svn/xxx svnadmin create /var/svn/xxx chown -R www-data:www-data /var/svn/xxx
Zeditovat /etc/apache2/mods-enabled/dav_svn.conf
tomcat5 over SSL
mod_jk
package libapache2-mod-jk /etc/libapache2-mod-jk/workers.properties --opraveno na tomcat5 /etc/apache2/mods-available/jk.load --zeditovano - pridana conf z /usr/share/doc/libapache2-mod-jk/httpd_example_apache2.conf
tomcat5
/etc/tomcat6/server.xml -- odkomentovat connector pro 8009 -- zakomentovat 8180 /etc/tomcat6/tomcat-users.xml -- sprava uzivatelu
apache2
zeditovan site ssl:
# FJA application - Tomcat5 connector
JkMount /fja/* ajp13_worker
<Location /fja/>
AuthType Basic
AuthName "FJA"
AuthPAM_Enabled on
AuthPAM_FallThrough on
# disable new basic
AuthBasicAuthoritative Off
SSLRequireSSL
Require valid-user
</Location>
Generate a new key for SSL and Apache2
Do /usr/sbin/make-ssl-cert dat k openssl argument -days 365.
arran:/etc/apache2/ssl# make-ssl-cert /usr/share/ssl-cert/ssleay.cnf apache.pem --force-overwrite
PAM/LDAP
See http://www.jukie.net/~bart/ldap/ldap-authentication-on-debian/
/etc/libnss-ldap.conf, /etc/pam_ldap.conf
base dc=fi,dc=muni,dc=cz ldap_version 3 uri ldap://ldap.fi.muni.cz ldap://ldap1.fi.muni.cz bind_policy soft nss_base_passwd ou=People,dc=fi,dc=muni,dc=cz?one?host=iti nss_base_group ou=Group,dc=fi,dc=muni,dc=cz?one pam_password md5
/etc/nsswitch.conf
passwd: files ldap group: files ldap shadow: files ldap
Monitoring
RAID
cat /proc/mdstat
munin
http://arran.fi.muni.cz/munin/
monit
SW running on arran
FJA - vyhodnocovaci služba k regulárním jazykům
- Bronislav Houdek mail
- Tomcat/Apache/mod_jk
- /var/lib/tomcat5/webapps/
Jan Obdržálek
Last modified: Thursday, 29-Sep-2011 13:06:54 CEST
