User Tools

Site Tools


silverhold

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

silverhold [2014/11/24 01:14] (current)
0.0.0.0 created
Line 1: Line 1:
 +====== Silverhold ======
  
 +[[Category:​Hosts]]
 +[[Category:​Hosts/​Servers]]
 +[[Category:​Hosts/​Gentoo]]
 +[[Category:​KVM]]
 +
 +===== Overview =====
 +  * Type: Virtual machine
 +  * Location: [[Badger]]
 +  * URL: http://​silverhold.jellybean.sihnon.net/​
 +  * Provides:
 +    * Cacti (//todo//)
 +    * Nagios (//todo//)
 +
 +*Specs:
 +    * 512Mb Ram
 +    * 1x virtio Ethernet
 +    * 20Gb Virtual Disk
 +
 +===== Filesystems =====
 +{| class="​wikitable"​ cellspacing="​10"​
 +|+ /dev/sda (20Gb qcow2 image)
 +|- 
 +! Partition Number
 +! Size
 +! Filesystem
 +! Mount point
 +! Notes
 +|-
 +| 1
 +| ~20Gb
 +| lvm
 +| //none//
 +
 +|}
 +
 +And the logical filesystems are:
 +
 +{| class="​wikitable"​ cellspacing="​10"​
 +|+ Logical volumes
 +|- 
 +! Volume Name
 +! Size
 +! Filesystem
 +! Mount point
 +! Notes
 +|- 
 +| system/root
 +| 8 GB
 +| ext3
 +| /
 +
 +|-
 +| system/home
 +| 11.5 GB
 +| ext3
 +| /home
 +
 +|-
 +| swap
 +| 512 MB
 +| ext3
 +| /var
 +
 +|}
 +
 +===== Installation =====
 +Silverhold was installed using the [[Gentoo/​Template]] KVM image.
 +
 +==== Installed software ====
 +Also see:
 +  * [[Gentoo/​KVM]]
 +
 +=== Hosting ===
 +  * {{Package|direct=yes|dev-lang/​php}}
 +  * {{Package|direct=yes|www-servers/​apache}}
 +
 +=== Monitoring ===
 +  * //todo//
 +
 +===== Configuration =====
 +==== Network ====
 +{| class="​wikitable"​ cellspacing="​10"​
 +|+ Network adapters
 +|- 
 +! Hardware
 +! Driver
 +! Device
 +! Mac
 +! IP
 +! DHCP/Static
 +|-
 +| virtio
 +| virtio_net
 +| eth0
 +| 54:​52:​00:​2e:​d3:​e3
 +| 10.0.0.7
 +| dhcp
 +|}
 +
 +The network configuration is stored in subversion, under [[https://​dev.sihnon.net/​svnpriv/​configs/​network/​silverhold|configs:/​network/​silverhold]].
 +
 +==== Apache ====
 +Apache needs to be compiled with various extensions enabled. Make sure the following useflags are enabled:
 +  * {{Package|direct=yes|dev-lang/​php}} {{USEFlag|{{EnableFlag|apache2}} {{EnableFlag|cli}} {{EnableFlag|gd}} {{EnableFlag|inifile}} {{EnableFlag|json}} {{EnableFlag|ldap}} {{EnableFlag|mysql}} {{EnableFlag|mysqli}} {{EnableFlag|pcre}} {{EnableFlag|posix}} {{EnableFlag|session}} {{EnableFlag|simplexml}} {{EnableFlag|snmp}} {{EnableFlag|sockets}} {{EnableFlag|ssl}} {{EnableFlag|xml}} {{EnableFlag|xmlreader}} {{EnableFlag|xmlrpc}} {{EnableFlag|xmlwriter}} {{EnableFlag|xsl}} }}
 +
 +Set up permissions on the webroot so that apache can access all files that exist, and are later created using acls. Same for the web users.
 +{{Root|<​source lang="​bash">​
 +setfacl -R -m u:​apache:​rX,​d:​u:​apache:​rX,​g:​web:​rwX,​d:​g:​apache:​rwX /var/www
 +</​source>​}}
 +
 +For LDAP authentication to work, Apache must be set to use TLS connections by default. Add the following configuration:​
 +{{File|/​etc/​apache2/​modules.d/​46_mod_ldap.conf|<​source lang="​apache">​
 +LDAPTrustedMode TLS
 +LDAPVerifyServerCert On
 +</​source>​}}
 +
 +See also:
 +  * [[Cacti]] - setting up cacti
 +  * [[Nagios]] - setting up nagios
silverhold.txt · Last modified: 2014/11/24 01:14 by 0.0.0.0