Server setup
This page is mostly a todo-list for my self, but maybe somebody else will find it usefull. I you need a more thourgh explanation the some of the topics are described here: The Perfect Server – Ubuntu Hardy Heron (Ubuntu 8.04 LTS Server)
NFS
First I need to install the NFS server:
maxwell:/home/tjansson# aptitude install nfs-kernel-server nfs-common portmap
Next I select the folders to share through NFS by editing the file /etc/exports:
#/etc/exports: the access control list for file systems which may /home/ 192.168.1.151 (rw,no_root_squash)
This line states that /home/ should be shared with the machine 192.168.1.151. The share will be read and write rights (rw) and (no_root_squash) means that the root on the client will have root access on the server. Finally NFS is updated with:
maxwell:/home/tjansson# exportfs -a
On the machine the wishes to mount the NFS share the /etc/fstab file should contain a line like this:
maxwell:/home/tjansson /mnt/nfs nfs defaults 0 0
LAMP
The installation of LAMP is quite easy when running Ubuntu server – it is a install option. After the install I modified to /etc/hosts to yeild:
root@nobel:~# cat /etc/hosts 127.0.0.1 localhost 127.0.1.1 foo.bar.com nobel
Dynamical IP
I use the danish dynamical IP setup and I have a crontab running this script:
#!/bin/ash wget -q 'http://dyndns.dk/opdat.php?name=foobar&domain=dyndns.dk&pw=foobarcode&silent=1' --output-document=/var/log/dyndns.log
My root crontab looks like this:
# m h dom mon dow command 7 0 * * * /usr/bin/updatedb 0 */6 * * * /home/tjansson/bin/dyndns.sh
CUPS server
I wrote an article on the subject earlier:
Printing to a CUPS server from Linux, OS X and Windows
gkrellmd – monitoring
I use the to monitor the server live from other computers. Beside installing the daemon I have to edit the permissions in /etc/gkrellmd.conf to allow computers on the LAN to acces the data:
allow-host localhost allow-host 127.0.0.1 allow-host 192.168.1.*
If I wish to monitor the server from a computer which is not on the local network I use a script which sends the data trough a ssh tunnel:
#!/bin/bash sleep 10 ssh -f -N -L 3043:localhost:19150 foobar.com gkrellm -s localhost -P 3043
3043 is just a random unused port number and 19150 is the default gkrellmd number.
Unison
The server also has the unison server install to provied easy backup. See the article: Unison – Secure synchronization of 2 computers
Users and quota
After a reinstall I need to reactivate old user and provied them with new passwords and quotas. First I add the new users with:
adduser foobarname
Then I provied them with a passwd generated with (pwgen)
passwd foobarname
Next I setup quota
aptitude install quota
/etc/fstab needs to be edited so the partion with quota on contains usrquota and grpquota:
/dev/hda2 /home ext3 defaults,usrquota,grpquota 0 2
Finally the following command needs to be run:
touch /home/quota.user /home/quota.group chmod 600 /home/quota.* mount -o remount /home/ quotacheck -avugm quotaon -avug
Finally edit one of the users:
root@nobel:~# edquota hite Disk quotas for user hite (uid 1004): Filesystem blocks soft hard inodes soft hard /dev/sda3 152752 300000 400000 2768 0 0
Hardlimit is 300 mb and hard limit is 400 mb. Other users should inherit these options:
root@nobel:/# edquota -p hite christian hartvig
NTP
To make sure that the servers clock is always on time I use NTP:
aptitude install ntp ntpdate
/etc/motd
The message of the day: I wish to have a custom welcome screen on my server. So I changed /etc/motd using Zazzybob.com Tips and Tricks Database
^[[7m ^[[0m ^[[7m Welcome to foobar.com ^[[0m ^[[7m Thinkpad T40, 1,5 GHz, 768 mb ram ^[[0m ^[[7m ^[[0m ^[[7m Authorized use only!!! ^[[0m ^[[7m ^[[0m
Other services
To scale the CPU frequency by load I use powernowd and to get rid of bruce force attack I use denyhosts. I had some problems with long longin times through ssh, so I add the following line to the file /etc/ssh/sshd_config
UseDNS no
and restart the ssh server:
root@nobel:~# /etc/init.d/ssh reload
Furthermore I find the sudo hint irritating every time I login through ssh
To run a command as administrator (user "root"), use "sudo <command>". See "man sudo_root" for details.
So I commented out the lines in /etc/bash.bashrc
Noisy fan
The server is an old Thinkpad T40 and even though the fan isn’t that loud it is annoying. The server idles most of the time and should scale down the cpu. First I check the fan speed:
root@nobel:~# cat /proc/acpi/ibm/fan status: enabled speed: 2988 level: auto
The installed powernowd didn’t appeal to me and chose to install cpufreqd instead:
root@nobel:~# aptitude remove powernowd root@nobel:~# aptitude install cpufreqd cpufrequtils
And afterwards inserting these lines into the file /etc/modules which will load them on startup.
cpufreq_conservative cpufreq_ondemand cpufreq_powersave cpufreq_stats cpufreq_userspace
Instead of restarting the modules can be load by using modprobe.
The next thing to do is to check if it works.
root@nobel:~# cpufreq-info
cpufrequtils 002: cpufreq-info (C) Dominik Brodowski 2004-2006
Report errors and bugs to linux@brodo.de, please.
analyzing CPU 0:
driver: acpi-cpufreq
CPUs which need to switch frequency at the same time: 0
hardware limits: 600 MHz - 1.50 GHz
available frequency steps: 1.50 GHz, 1.40 GHz, 1.20 GHz, 1000 MHz, 800 MHz, 600 MHz
available cpufreq governors: userspace, powersave, ondemand, conservative, performance
current policy: frequency should be within 1.50 GHz and 1.50 GHz.
The governor "powersave" may decide which speed to use
within this range.
current CPU frequency is 1.50 GHz (asserted by call to hardware).Now I set the govenor to the one I think will be the least intensive and the max cpu speed to 1.2 GHz:
root@nobel:~# cpufreq-set --governor powersave root@nobel:~# cpufreq-set --max 1.20 GHz
Update: I just found the program ThinkPad Fan Control which is both really easy to install under Ubuntu. Add the repository to /etc/apt/sources.list
deb http://ppa.launchpad.net/surban/ubuntu hardy main
and install the daemon as well as the admin tool:
aptitude install tpfand tpfan-admin
and finally I run the program through a X-forwarded ssh
tjansson@bohr:~$ ssh -X root@nobel tpfan-admin
Editing grub the smart way
I wish to see as much information as possible while booting Ubuntu, so I edited the file:
/boot/grub/menu.lst
and changed the line
# defoptions=quiet splash
to
# defoptions=splash
Setting up samba
Setting up samba is quite easy. Edit the file /etc/samba/smb.conf to block like this in the bottom of the file and setup the password by using “smbpasswd tjansson”.
[tjansson]
path = /home/tjansson
writeable = yes
; browseable = yes
valid users = tjanssonStopping GDM from starting at boot
To remove it
root@server:~# update-rc.d -f gdm remove
To restore it to the normal state
root@server:~# update-rc.d -f gdm defaults
Disable the WIFI
Find the name of the wifi kernel module with
root@server:~# lshw -class network
and add it to /etc/modprobe.d/blacklist:
# I don't use WIFI blacklist ipw2100
Sending mail through the ISP SMTP server
http://newbiedoc.sourceforge.net/networking/exim.html
and create a .forward file with the mail all the local mails should be forwarded to.
Use logwatch to monitor logfiles
root@server:~# aptitude install logwatch
Edit the file /usr/share/logwatch/default.conf/logwatch.conf such that
Mailto = root
is changed to my gmail account
Mailto = tjansson...@gmail.com
Finally in /usr/share/logwatch/scripts/logwatch.pl change
$Config{'output'} = "html";
#$Config{'output'} = "unformatted";Such that the reports are send as html.
Only registered users can comment.
Comments are closed.