source: server/doc/install-howto.sh @ 1059

Last change on this file since 1059 was 1058, checked in by quentin, 17 years ago
Make the install process be a shell script
File size: 5.0 KB
RevLine 
[1058]1# This document is a how-to for installing a Fedora scripts.mit.edu server.
[181]2
[1058]3# Helper files for the install are located in server/fedora/config.
[861]4
[1058]5# Start with a normal install of Fedora.
[861]6
[1058]7# When the initial configuration screen comes up, under "Firewall
8# configuration", disable the firewall, and under "System services", leave
9# enabled (as of Fedora 9) acpid, anacron, atd, cpuspeed, crond,
10# firstboot, fuse, haldaemon, ip6tables, iptables, irqbalance,
11# kerneloops, mdmonitor, messagebus, microcode_ctl, netfs, network, nscd, ntpd,
12# sshd, udev-post, and nothing else.
[1056]13
[1058]14# Edit /etc/selinux/config so it has SELINUX=disabled and reboot.
[861]15
[1058]16# Check out the scripts.mit.edu svn repository. Configure svn not to cache
17# credentials.
[387]18
[1058]19# cd to server/fedora in the svn repository.
[387]20
[1058]21# Run "make install-deps" to install various prereqs.  Nonstandard
22# deps are in /mit/scripts/rpm.
[387]23
[1058]24# Check out the scripts /etc configuration, which is done most easily by
25# $ svn co svn://scripts.mit.edu/server/fedora/config/etc
26# # \cp -a etc /
[934]27
[1058]28# Create a scripts-build user account, and set up rpm to build in
29# $HOME by doing a
30# cp config/home/scripts-build/.rpmmacros /home/scripts-build/
31# (If you just use the default setup, it will generate packages
32# in /usr/src/redhat.)
[785]33
[1058]34# su scripts-build -
[861]35
[1058]36# Make sure that server/fedora (where you currently are) is writable
37# by user scripts-build.
[861]38
[1058]39# env NSS_NONLOCAL_IGNORE=1 yum install scripts-base
[387]40
[1058]41# Rebuild mit-zephyr on a 32-bit machine, like the one at Joe's home.
[796]42
[1058]43# Run "make suexec" and "make install-suexec" to overwrite
44# /usr/sbin/suexec with one that works. The one installed by the
45# newly-built Apache RPM is misconfigured.
46# ... Except Anders claims he fixed this.
[562]47
[1058]48# Remember to set NSS_NONLOCAL_IGNORE=1 anytime you're setting up
49# anything, e.g. using yum. Otherwise useradd will query LDAP in a stupid way
50# that makes it hang forever.
[881]51
[1058]52# Install and configure bind
53# - env NSS_NONLOCAL_IGNORE=1 yum install bind
54# - chkconfig named on
55# - service named start
[861]56
[1058]57# Reload the iptables config to take down the restrictive firewall
58# service iptables restart
[862]59
[1058]60# Copy over root's dotfiles from one of the other machines.
[803]61
[1058]62# Replace rsyslog with syslog-ng by doing:
63# # rpm -e --nodeps rsyslog
64# # yum install syslog-ng
[861]65
[1058]66# Install various dependencies of the scripts system, including syslog-ng,
67# glibc-devel.i386, python-twisted-core, mod_fcgid, nrpe, nagios-plugins-all.
[788]68
[1058]69# Disable NetworkManager with chkconfig NetworkManager off. Configure
70# networking on the front end and back end, and the routing table to send
71# traffic over the back end. Make sure that chkconfig reports "network" on, so
72# that the network will still be configured at next boot.
[788]73
[1058]74# Fix the openafs /usr/vice/etc <-> /etc/openafs mapping by changing
75#  /usr/vice/etc/cacheinfo to contain:
76#       /afs:/usr/vice/cache:10000000
[788]77
[1058]78# Figure out why Zephyr isn't working. Most recently, it was because there
79# was a 64-bit RPM installed; remove it and install Joe's 32-bit one
[861]80
[1058]81# Install the full list of RPMs that users expect to be on the
82# scripts.mit.edu servers.  See server/doc/rpm and
83# server/doc/rpm_snapshot.  (Note that this is only a snapshot, and not
84# all packages may in fact be in use.)
[387]85
[1058]86# Install the full list of perl modules that users expect to be on the
87# scripts.mit.edu servers.  See server/doc/perl and
88# server/doc/perl_snapshot.
[387]89
[1058]90# - export PERL_MM_USE_DEFAULT=1
91# - Run 'cpan', accept the default configuration, and do 'o conf
92#   prerequisites_policy follow'.
93# - Parse the output of perldoc -u perllocal | grep head2 on an existing
94#   server, and "notest install" them from the cpan prompt.
[812]95
[1058]96# Install the Python eggs and Ruby gems and PEAR/PECL doohickeys that are on
97# the other scripts.mit.edu servers and do not have RPMs.
98# - Look at /usr/lib/python2.5/site-packages for Python eggs and modules.
99# - Look at `gem list` for Ruby gems.
100# - Look at `pear list` for Pear fruits (or whatever they're called).
[785]101
[1058]102# echo 'import site, os.path; site.addsitedir(os.path.expanduser("~/lib/python2.5/site-packages"))' > /usr/lib/python2.5/site-packages/00scripts-home.pth
[812]103
[1058]104# Install the credentials (machine keytab, daemon.scripts keytab, SSL
105# certs).
[387]106
[1058]107# If you are setting up a test server, pay attention to
108# /etc/sysconfig/network-scripts and do not bind scripts' IP address.
109# You will also need to modify /etc/ldap.conf, /etc/nss-ldapd.conf,
110# /etc/openldap/ldap.conf, and /etc/httpd/conf.d/vhost_ldap.conf to
111# use scripts.mit.edu instead of localhost.
[562]112
[1058]113# Install fedora-ds-base and set up replication (see ./HOWTO-SETUP-LDAP
114#   and ./fedora-ds-enable-ssl-and-kerberos.diff).
[785]115
[1058]116# Make the services dirsrv, nslcd, nscd, postfix, and httpd start at
117# boot. Run chkconfig to make sure the set of services to be run is
118# correct.
[818]119
[1058]120# Run fmtutil-sys --all, which does something that makes TeX work.
[803]121
[1058]122# Ensure that PHP isn't broken:
123# # mkdir /tmp/sessions
124# # chmod 01777 /tmp/sessions
[954]125
[1058]126# Reboot the machine to restore a consistent state, in case you
127# changed anything.
[875]128
[1058]129# (Optional) Beat your head against a wall.
[562]130
[1058]131# Possibly perform other steps that I've neglected to put in this
132# document.
Note: See TracBrowser for help on using the repository browser.