source: server/doc/install-howto.sh @ 1058

Last change on this file since 1058 was 1058, checked in by quentin, 13 years ago
Make the install process be a shell script
File size: 5.0 KB
Line 
1# This document is a how-to for installing a Fedora scripts.mit.edu server.
2
3# Helper files for the install are located in server/fedora/config.
4
5# Start with a normal install of Fedora.
6
7# When the initial configuration screen comes up, under "Firewall
8# configuration", disable the firewall, and under "System services", leave
9# enabled (as of Fedora 9) acpid, anacron, atd, cpuspeed, crond,
10# firstboot, fuse, haldaemon, ip6tables, iptables, irqbalance,
11# kerneloops, mdmonitor, messagebus, microcode_ctl, netfs, network, nscd, ntpd,
12# sshd, udev-post, and nothing else.
13
14# Edit /etc/selinux/config so it has SELINUX=disabled and reboot.
15
16# Check out the scripts.mit.edu svn repository. Configure svn not to cache
17# credentials.
18
19# cd to server/fedora in the svn repository.
20
21# Run "make install-deps" to install various prereqs.  Nonstandard
22# deps are in /mit/scripts/rpm.
23
24# Check out the scripts /etc configuration, which is done most easily by
25# $ svn co svn://scripts.mit.edu/server/fedora/config/etc
26# # \cp -a etc /
27
28# Create a scripts-build user account, and set up rpm to build in
29# $HOME by doing a
30# cp config/home/scripts-build/.rpmmacros /home/scripts-build/
31# (If you just use the default setup, it will generate packages
32# in /usr/src/redhat.)
33
34# su scripts-build -
35
36# Make sure that server/fedora (where you currently are) is writable
37# by user scripts-build.
38
39# env NSS_NONLOCAL_IGNORE=1 yum install scripts-base
40
41# Rebuild mit-zephyr on a 32-bit machine, like the one at Joe's home.
42
43# Run "make suexec" and "make install-suexec" to overwrite
44# /usr/sbin/suexec with one that works. The one installed by the
45# newly-built Apache RPM is misconfigured.
46# ... Except Anders claims he fixed this.
47
48# Remember to set NSS_NONLOCAL_IGNORE=1 anytime you're setting up
49# anything, e.g. using yum. Otherwise useradd will query LDAP in a stupid way
50# that makes it hang forever.
51
52# Install and configure bind
53# - env NSS_NONLOCAL_IGNORE=1 yum install bind
54# - chkconfig named on
55# - service named start
56
57# Reload the iptables config to take down the restrictive firewall
58# service iptables restart
59
60# Copy over root's dotfiles from one of the other machines.
61
62# Replace rsyslog with syslog-ng by doing:
63# # rpm -e --nodeps rsyslog
64# # yum install syslog-ng
65
66# Install various dependencies of the scripts system, including syslog-ng,
67# glibc-devel.i386, python-twisted-core, mod_fcgid, nrpe, nagios-plugins-all.
68
69# Disable NetworkManager with chkconfig NetworkManager off. Configure
70# networking on the front end and back end, and the routing table to send
71# traffic over the back end. Make sure that chkconfig reports "network" on, so
72# that the network will still be configured at next boot.
73
74# Fix the openafs /usr/vice/etc <-> /etc/openafs mapping by changing
75#  /usr/vice/etc/cacheinfo to contain:
76#       /afs:/usr/vice/cache:10000000
77
78# Figure out why Zephyr isn't working. Most recently, it was because there
79# was a 64-bit RPM installed; remove it and install Joe's 32-bit one
80
81# Install the full list of RPMs that users expect to be on the
82# scripts.mit.edu servers.  See server/doc/rpm and
83# server/doc/rpm_snapshot.  (Note that this is only a snapshot, and not
84# all packages may in fact be in use.)
85
86# Install the full list of perl modules that users expect to be on the
87# scripts.mit.edu servers.  See server/doc/perl and
88# server/doc/perl_snapshot.
89
90# - export PERL_MM_USE_DEFAULT=1
91# - Run 'cpan', accept the default configuration, and do 'o conf
92#   prerequisites_policy follow'.
93# - Parse the output of perldoc -u perllocal | grep head2 on an existing
94#   server, and "notest install" them from the cpan prompt.
95
96# Install the Python eggs and Ruby gems and PEAR/PECL doohickeys that are on
97# the other scripts.mit.edu servers and do not have RPMs.
98# - Look at /usr/lib/python2.5/site-packages for Python eggs and modules.
99# - Look at `gem list` for Ruby gems.
100# - Look at `pear list` for Pear fruits (or whatever they're called).
101
102# echo 'import site, os.path; site.addsitedir(os.path.expanduser("~/lib/python2.5/site-packages"))' > /usr/lib/python2.5/site-packages/00scripts-home.pth
103
104# Install the credentials (machine keytab, daemon.scripts keytab, SSL
105# certs).
106
107# If you are setting up a test server, pay attention to
108# /etc/sysconfig/network-scripts and do not bind scripts' IP address.
109# You will also need to modify /etc/ldap.conf, /etc/nss-ldapd.conf,
110# /etc/openldap/ldap.conf, and /etc/httpd/conf.d/vhost_ldap.conf to
111# use scripts.mit.edu instead of localhost.
112
113# Install fedora-ds-base and set up replication (see ./HOWTO-SETUP-LDAP
114#   and ./fedora-ds-enable-ssl-and-kerberos.diff).
115
116# Make the services dirsrv, nslcd, nscd, postfix, and httpd start at
117# boot. Run chkconfig to make sure the set of services to be run is
118# correct.
119
120# Run fmtutil-sys --all, which does something that makes TeX work.
121
122# Ensure that PHP isn't broken:
123# # mkdir /tmp/sessions
124# # chmod 01777 /tmp/sessions
125
126# Reboot the machine to restore a consistent state, in case you
127# changed anything.
128
129# (Optional) Beat your head against a wall.
130
131# Possibly perform other steps that I've neglected to put in this
132# document.
Note: See TracBrowser for help on using the repository browser.