Ignore:
Timestamp:
Apr 3, 2009, 11:53:25 PM (14 years ago)
Author:
quentin
Message:
Make the install process be a shell script
File:
1 moved

Legend:

Unmodified
Added
Removed
  • server/doc/install-howto.sh

    r1057 r1058  
    1 This document is a how-to for installing a Fedora scripts.mit.edu server.
     1# This document is a how-to for installing a Fedora scripts.mit.edu server.
    22
    3 Helper files for the install are located in server/fedora/config.
     3# Helper files for the install are located in server/fedora/config.
    44
    5 * Start with a normal install of Fedora.
     5# Start with a normal install of Fedora.
    66
    7 * When the initial configuration screen comes up, under "Firewall
    8   configuration", disable the firewall, and under "System services", leave
    9   enabled (as of Fedora 9) acpid, anacron, atd, cpuspeed, crond,
    10   firstboot, fuse, haldaemon, ip6tables, iptables, irqbalance,
    11   kerneloops, mdmonitor, messagebus, microcode_ctl, netfs, network, nscd, ntpd,
    12   sshd, udev-post, and nothing else.
     7# When the initial configuration screen comes up, under "Firewall
     8# configuration", disable the firewall, and under "System services", leave
     9# enabled (as of Fedora 9) acpid, anacron, atd, cpuspeed, crond,
     10# firstboot, fuse, haldaemon, ip6tables, iptables, irqbalance,
     11# kerneloops, mdmonitor, messagebus, microcode_ctl, netfs, network, nscd, ntpd,
     12# sshd, udev-post, and nothing else.
    1313
    14 * Edit /etc/selinux/config so it has SELINUX=disabled and reboot.
     14# Edit /etc/selinux/config so it has SELINUX=disabled and reboot.
    1515
    16 * Check out the scripts.mit.edu svn repository. Configure svn not to cache
    17   credentials.
     16# Check out the scripts.mit.edu svn repository. Configure svn not to cache
     17# credentials.
    1818
    19 * cd to server/fedora in the svn repository.
     19# cd to server/fedora in the svn repository.
    2020
    21 * Run "make install-deps" to install various prereqs.  Nonstandard
    22   deps are in /mit/scripts/rpm.
     21# Run "make install-deps" to install various prereqs.  Nonstandard
     22# deps are in /mit/scripts/rpm.
    2323
    24 * Check out the scripts /etc configuration, which is done most easily by
    25   $ svn co svn://scripts.mit.edu/server/fedora/config/etc
    26   # \cp -a etc /
     24# Check out the scripts /etc configuration, which is done most easily by
     25# $ svn co svn://scripts.mit.edu/server/fedora/config/etc
     26# # \cp -a etc /
    2727
    28 * Create a scripts-build user account, and set up rpm to build in
    29   $HOME by doing a
    30   cp config/home/scripts-build/.rpmmacros /home/scripts-build/
    31   (If you just use the default setup, it will generate packages
    32   in /usr/src/redhat.)
     28# Create a scripts-build user account, and set up rpm to build in
     29# $HOME by doing a
     30# cp config/home/scripts-build/.rpmmacros /home/scripts-build/
     31# (If you just use the default setup, it will generate packages
     32# in /usr/src/redhat.)
    3333
    34 * su scripts-build -
     34# su scripts-build -
    3535
    36 * Make sure that server/fedora (where you currently are) is writable
    37   by user scripts-build.
     36# Make sure that server/fedora (where you currently are) is writable
     37# by user scripts-build.
    3838
    39 * env NSS_NONLOCAL_IGNORE=1 yum install scripts-base
     39# env NSS_NONLOCAL_IGNORE=1 yum install scripts-base
    4040
    41 * Rebuild mit-zephyr on a 32-bit machine, like the one at Joe's home.
     41# Rebuild mit-zephyr on a 32-bit machine, like the one at Joe's home.
    4242
    43 * Run "make suexec" and "make install-suexec" to overwrite
    44   /usr/sbin/suexec with one that works. The one installed by the
    45   newly-built Apache RPM is misconfigured.
    46   ... Except Anders claims he fixed this.
     43# Run "make suexec" and "make install-suexec" to overwrite
     44# /usr/sbin/suexec with one that works. The one installed by the
     45# newly-built Apache RPM is misconfigured.
     46# ... Except Anders claims he fixed this.
    4747
    48 * Remember to set NSS_NONLOCAL_IGNORE=1 anytime you're setting up
    49   anything, e.g. using yum. Otherwise useradd will query LDAP in a stupid way
    50   that makes it hang forever.
     48# Remember to set NSS_NONLOCAL_IGNORE=1 anytime you're setting up
     49# anything, e.g. using yum. Otherwise useradd will query LDAP in a stupid way
     50# that makes it hang forever.
    5151
    52 * Install and configure bind
    53   - env NSS_NONLOCAL_IGNORE=1 yum install bind
    54   - chkconfig named on
    55   - service named start
     52# Install and configure bind
     53# - env NSS_NONLOCAL_IGNORE=1 yum install bind
     54# - chkconfig named on
     55# - service named start
    5656
    57 * Reload the iptables config to take down the restrictive firewall
    58   service iptables restart
     57# Reload the iptables config to take down the restrictive firewall
     58# service iptables restart
    5959
    60 * Copy over root's dotfiles from one of the other machines.
     60# Copy over root's dotfiles from one of the other machines.
    6161
    62 * Replace rsyslog with syslog-ng by doing:
    63   # rpm -e --nodeps rsyslog
    64   # yum install syslog-ng
     62# Replace rsyslog with syslog-ng by doing:
     63# # rpm -e --nodeps rsyslog
     64# # yum install syslog-ng
    6565
    66 * Install various dependencies of the scripts system, including syslog-ng,
    67   glibc-devel.i386, python-twisted-core, mod_fcgid, nrpe, nagios-plugins-all.
     66# Install various dependencies of the scripts system, including syslog-ng,
     67# glibc-devel.i386, python-twisted-core, mod_fcgid, nrpe, nagios-plugins-all.
    6868
    69 * Disable NetworkManager with chkconfig NetworkManager off. Configure
    70   networking on the front end and back end, and the routing table to send
    71   traffic over the back end. Make sure that chkconfig reports "network" on, so
    72   that the network will still be configured at next boot.
     69# Disable NetworkManager with chkconfig NetworkManager off. Configure
     70# networking on the front end and back end, and the routing table to send
     71# traffic over the back end. Make sure that chkconfig reports "network" on, so
     72# that the network will still be configured at next boot.
    7373
    74 * Fix the openafs /usr/vice/etc <-> /etc/openafs mapping by changing
    75    /usr/vice/etc/cacheinfo to contain:
    76         /afs:/usr/vice/cache:10000000
     74# Fix the openafs /usr/vice/etc <-> /etc/openafs mapping by changing
     75#  /usr/vice/etc/cacheinfo to contain:
     76#       /afs:/usr/vice/cache:10000000
    7777
    78 * Figure out why Zephyr isn't working. Most recently, it was because there
    79   was a 64-bit RPM installed; remove it and install Joe's 32-bit one
     78# Figure out why Zephyr isn't working. Most recently, it was because there
     79# was a 64-bit RPM installed; remove it and install Joe's 32-bit one
    8080
    81 * Install the full list of RPMs that users expect to be on the
    82   scripts.mit.edu servers.  See server/doc/rpm and
    83   server/doc/rpm_snapshot.  (Note that this is only a snapshot, and not
    84   all packages may in fact be in use.)
     81# Install the full list of RPMs that users expect to be on the
     82# scripts.mit.edu servers.  See server/doc/rpm and
     83# server/doc/rpm_snapshot.  (Note that this is only a snapshot, and not
     84# all packages may in fact be in use.)
    8585
    86 * Install the full list of perl modules that users expect to be on the
    87   scripts.mit.edu servers.  See server/doc/perl and
    88   server/doc/perl_snapshot.
     86# Install the full list of perl modules that users expect to be on the
     87# scripts.mit.edu servers.  See server/doc/perl and
     88# server/doc/perl_snapshot.
    8989
    90   - export PERL_MM_USE_DEFAULT=1
    91   - Run 'cpan', accept the default configuration, and do 'o conf
    92     prerequisites_policy follow'.
    93   - Parse the output of perldoc -u perllocal | grep head2 on an existing
    94     server, and "notest install" them from the cpan prompt.
     90# - export PERL_MM_USE_DEFAULT=1
     91# - Run 'cpan', accept the default configuration, and do 'o conf
     92#   prerequisites_policy follow'.
     93# - Parse the output of perldoc -u perllocal | grep head2 on an existing
     94#   server, and "notest install" them from the cpan prompt.
    9595
    96 * Install the Python eggs and Ruby gems and PEAR/PECL doohickeys that are on
    97   the other scripts.mit.edu servers and do not have RPMs.
    98   - Look at /usr/lib/python2.5/site-packages for Python eggs and modules.
    99   - Look at `gem list` for Ruby gems.
    100   - Look at `pear list` for Pear fruits (or whatever they're called).
     96# Install the Python eggs and Ruby gems and PEAR/PECL doohickeys that are on
     97# the other scripts.mit.edu servers and do not have RPMs.
     98# - Look at /usr/lib/python2.5/site-packages for Python eggs and modules.
     99# - Look at `gem list` for Ruby gems.
     100# - Look at `pear list` for Pear fruits (or whatever they're called).
    101101
    102 * echo 'import site, os.path; site.addsitedir(os.path.expanduser("~/lib/python2.5/site-packages"))' > /usr/lib/python2.5/site-packages/00scripts-home.pth
     102# echo 'import site, os.path; site.addsitedir(os.path.expanduser("~/lib/python2.5/site-packages"))' > /usr/lib/python2.5/site-packages/00scripts-home.pth
    103103
    104 * Install the credentials (machine keytab, daemon.scripts keytab, SSL
    105   certs).
     104# Install the credentials (machine keytab, daemon.scripts keytab, SSL
     105# certs).
    106106
    107 * If you are setting up a test server, pay attention to
    108   /etc/sysconfig/network-scripts and do not bind scripts' IP address.
    109   You will also need to modify /etc/ldap.conf, /etc/nss-ldapd.conf,
    110   /etc/openldap/ldap.conf, and /etc/httpd/conf.d/vhost_ldap.conf to
    111   use scripts.mit.edu instead of localhost.
     107# If you are setting up a test server, pay attention to
     108# /etc/sysconfig/network-scripts and do not bind scripts' IP address.
     109# You will also need to modify /etc/ldap.conf, /etc/nss-ldapd.conf,
     110# /etc/openldap/ldap.conf, and /etc/httpd/conf.d/vhost_ldap.conf to
     111# use scripts.mit.edu instead of localhost.
    112112
    113 * Install fedora-ds-base and set up replication (see ./HOWTO-SETUP-LDAP
    114     and ./fedora-ds-enable-ssl-and-kerberos.diff).
     113# Install fedora-ds-base and set up replication (see ./HOWTO-SETUP-LDAP
     114#   and ./fedora-ds-enable-ssl-and-kerberos.diff).
    115115
    116 * Make the services dirsrv, nslcd, nscd, postfix, and httpd start at
    117   boot. Run chkconfig to make sure the set of services to be run is
    118   correct.
     116# Make the services dirsrv, nslcd, nscd, postfix, and httpd start at
     117# boot. Run chkconfig to make sure the set of services to be run is
     118# correct.
    119119
    120 * Run fmtutil-sys --all, which does something that makes TeX work.
     120# Run fmtutil-sys --all, which does something that makes TeX work.
    121121
    122 * Ensure that PHP isn't broken:
    123   # mkdir /tmp/sessions
    124   # chmod 01777 /tmp/sessions
     122# Ensure that PHP isn't broken:
     123# # mkdir /tmp/sessions
     124# # chmod 01777 /tmp/sessions
    125125
    126 * Reboot the machine to restore a consistent state, in case you
    127   changed anything.
     126# Reboot the machine to restore a consistent state, in case you
     127# changed anything.
    128128
    129 * (Optional) Beat your head against a wall.
     129# (Optional) Beat your head against a wall.
    130130
    131 * Possibly perform other steps that I've neglected to put in this
    132   document.
     131# Possibly perform other steps that I've neglected to put in this
     132# document.
Note: See TracChangeset for help on using the changeset viewer.