StuRa:Server/SRS20/2016: Unterschied zwischen den Versionen

Aus Wiki StuRa HTW Dresden
Zur Navigation springen Zur Suche springen
K (ArturasMiller verschob die Seite Server/SRS20/2016 nach StuRa:Server/SRS20/2016)
 
(6 dazwischenliegende Versionen von 3 Benutzern werden nicht angezeigt)
Zeile 1: Zeile 1:
* für limesurvey (aka [[Umfragen]]-Server)
* für limesurvey (aka [[Umfragen]]-Server)


{{Anpassungsmerker}}
== [[Server/Jails/SRS20/Ports |Ports]] ==


== Ports ==
{{:Server/Jails/SRS20/Ports}}


=== installierte Ports ===
== zusätzliche Konfigurationsdateien ==


* [[#apache22 | apache22]]
=== Jail ===
* [[#apr | apr]]
* autoconf
* autoconf-wrapper
* automake
* automake-wrapper
* bdftopcf
* bigreqsproto
* bison
* bitstream-vera
* cmake
* cmake-modules
* compositeproto
* [[#cups-client | cups-client]]
* damageproto
* db41
* db42
* encodings
* expat
* fixesproto
* font-bh-ttf
* font-misc-ethiopic
* font-misc-meltho
* font-util
* fontconfig
* fontsproto
* freetype2
* [[#gdbm | gdbm]]
* gettext
* [[#glib20 | glib]]
* gmake
* gperf
* [[Server/Jails#help2man | help2man]]
* hicolor-icon-theme
* inputproto
* intltool
* [[#jasper | jasper]]
* jbigkit
* jpeg
* kbproto
* libICE
* libSM
* libX11
* libXau
* libXaw
* libXcomposite
* libXcursor
* libXdamage
* libXdmcp
* libXext
* libXfixes
* libXfont
* libXft
* libXi
* libXinerama
* libXmu
* libXp
* libXpm
* libXrandr
* libXrender
* libXt
* libcheck
* libffi
* libfontenc
* libgcrypt
* libgpg-error
* [[Server/Jails#libiconv | libiconv]]
* libpthread-stubs
* libtool
* libxcb
* libxml2
* [[#libxslt | libxslt]]
* limesurvey
* [[Server/Jails#m4 | m4]]
* mkfontdir
* mkfontscale
* [[#mysql55-client | mysql-client]]
* [[#mysql | mysql-server]]
* oniguruma
* [[#openldap24-client | openldap-client]]
* p5-Locale-gettext
* p5-XML-Parser
* [[Server/Jails#pcre | pcre]]
* [[Server/Jails#perl | perl-threaded]]
* [[#php5 | php5]]
* php5-ctype
* php5-dom
* [[#php5-gd | php5-gd]]
* php5-hash
* php5-iconv
* php5-json
* php5-ldap
* [[#php5-mbstring | php5-mbstring]]
* [[#php5-mysql | php5-mysql]]
* php5-session
* php5-simplexml
* php5-xmlwriter
* php5-zip
* pkgconf
* [[#png | png]]
* portaudit
* [[Server/Jails#portupgrade | portupgrade]]
* printproto
* [[#python27 | python27]]
* randrproto
* renderproto
* [[Server/Jails#ruby |ruby]]
* ruby18-bdb
* t1lib
* tiff
* unzip
* xcb-proto
* xcb-util
* xcmiscproto
* xextproto
* xf86bigfontproto
* xineramaproto
* xorg-fonts-truetype
* xorg-macros
* xproto
* xtrans
* [[Server/Jails#zsh | zsh]]


=== konfigurierte Ports ===
==== /etc/rc.conf ====
 
==== apache22 ====


  <code>
  <code>
  OPTIONS_FILE_SET+=AUTH_BASIC
  apache22_enable="YES"
  OPTIONS_FILE_SET+=AUTH_DIGEST
  mysql_enable="YES"
OPTIONS_FILE_SET+=AUTHN_ALIAS
OPTIONS_FILE_SET+=AUTHN_ANON
OPTIONS_FILE_UNSET+=AUTHN_DBD
OPTIONS_FILE_SET+=AUTHN_DBM
OPTIONS_FILE_SET+=AUTHN_DEFAULT
OPTIONS_FILE_SET+=AUTHN_FILE
OPTIONS_FILE_SET+=AUTHZ_DBM
OPTIONS_FILE_SET+=AUTHZ_DEFAULT
OPTIONS_FILE_SET+=AUTHZ_GROUPFILE
OPTIONS_FILE_SET+=AUTHZ_HOST
OPTIONS_FILE_SET+=AUTHZ_OWNER
OPTIONS_FILE_SET+=AUTHZ_USER
OPTIONS_FILE_UNSET+=AUTHNZ_LDAP
OPTIONS_FILE_UNSET+=LDAP
OPTIONS_FILE_UNSET+=DBD
OPTIONS_FILE_SET+=CACHE
OPTIONS_FILE_SET+=DISK_CACHE
OPTIONS_FILE_SET+=FILE_CACHE
OPTIONS_FILE_UNSET+=MEM_CACHE
OPTIONS_FILE_SET+=DAV
OPTIONS_FILE_SET+=DAV_FS
OPTIONS_FILE_UNSET+=DAV_LOCK
OPTIONS_FILE_SET+=ACTIONS
OPTIONS_FILE_SET+=ALIAS
OPTIONS_FILE_SET+=ASIS
OPTIONS_FILE_SET+=AUTOINDEX
OPTIONS_FILE_SET+=CERN_META
OPTIONS_FILE_SET+=CGI
OPTIONS_FILE_UNSET+=CGID
OPTIONS_FILE_SET+=CHARSET_LITE
OPTIONS_FILE_SET+=DEFLATE
OPTIONS_FILE_SET+=DIR
OPTIONS_FILE_SET+=DUMPIO
OPTIONS_FILE_SET+=ENV
OPTIONS_FILE_SET+=EXPIRES
OPTIONS_FILE_SET+=HEADERS
OPTIONS_FILE_SET+=IMAGEMAP
OPTIONS_FILE_SET+=INCLUDE
OPTIONS_FILE_SET+=INFO
OPTIONS_FILE_SET+=LOG_CONFIG
OPTIONS_FILE_SET+=LOGIO
OPTIONS_FILE_SET+=MIME
OPTIONS_FILE_SET+=MIME_MAGIC
OPTIONS_FILE_SET+=NEGOTIATION
OPTIONS_FILE_SET+=REWRITE
OPTIONS_FILE_SET+=SETENVIF
OPTIONS_FILE_SET+=SPELING
OPTIONS_FILE_SET+=STATUS
OPTIONS_FILE_SET+=UNIQUE_ID
OPTIONS_FILE_SET+=USERDIR
OPTIONS_FILE_SET+=USERTRACK
OPTIONS_FILE_SET+=VHOST_ALIAS
OPTIONS_FILE_SET+=FILTER
OPTIONS_FILE_UNSET+=SUBSTITUTE
OPTIONS_FILE_SET+=VERSION
OPTIONS_FILE_SET+=SSL
OPTIONS_FILE_UNSET+=SUEXEC
OPTIONS_FILE_UNSET+=SUEXEC_RSRCLIMIT
OPTIONS_FILE_UNSET+=SUEXEC_USERDIR
OPTIONS_FILE_SET+=REQTIMEOUT
OPTIONS_FILE_UNSET+=PROXY
OPTIONS_FILE_UNSET+=IPV4_MAPPED
OPTIONS_FILE_UNSET+=BUCKETEER
OPTIONS_FILE_UNSET+=CASE_FILTER
OPTIONS_FILE_UNSET+=CASE_FILTER_IN
OPTIONS_FILE_UNSET+=EXT_FILTER
OPTIONS_FILE_UNSET+=LOG_FORENSIC
OPTIONS_FILE_UNSET+=OPTIONAL_HOOK_EXPORT
OPTIONS_FILE_UNSET+=OPTIONAL_HOOK_IMPORT
OPTIONS_FILE_UNSET+=OPTIONAL_FN_IMPORT
OPTIONS_FILE_UNSET+=OPTIONAL_FN_EXPORT
OPTIONS_FILE_UNSET+=PROXY_AJP
OPTIONS_FILE_UNSET+=PROXY_BALANCER
OPTIONS_FILE_UNSET+=PROXY_CONNECT
OPTIONS_FILE_UNSET+=PROXY_FTP
OPTIONS_FILE_UNSET+=PROXY_HTTP
OPTIONS_FILE_UNSET+=PROXY_SCGI
</code>
 
==== apr ====
 
<code>
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=DEVRANDOM
OPTIONS_FILE_SET+=BDB
OPTIONS_FILE_SET+=GDBM
OPTIONS_FILE_UNSET+=LDAP
OPTIONS_FILE_SET+=MYSQL
OPTIONS_FILE_UNSET+=NDBM
OPTIONS_FILE_UNSET+=PGSQL
OPTIONS_FILE_UNSET+=SQLITE
</code>
 
==== cups-client ====
 
<code>
OPTIONS_FILE_UNSET+=GNUTLS
  </code>
  </code>
==== gdbm ====
<code>
WITHOUT_COMPAT=true
</code>
==== glib20 ====
<code>
WITHOUT_COLLATION_FIX=true
</code>
==== [[Server/Jails#help2man | help2man]] ====
==== jasper ====
<code>
WITHOUT_OPENGL=true
WITHOUT_UUID=true
</code>
==== [[Server/Jails#libiconv | libiconv]] ====
==== libxslt ====
<code>
WITHOUT_MEM_DEBUG=true
WITH_CRYPTO=true
</code>
==== [[Server/Jails#m4 | m4]] ====
==== mysql ====
<code>
OPTIONS_FILE_SET+=SSL
OPTIONS_FILE_UNSET+=FASTMTX
</code>
==== mysql55-client ====
<code>
OPTIONS_FILE_SET+=SSL
OPTIONS_FILE_UNSET+=FASTMTX
</code>
==== openldap24-client ====
<code>
OPTIONS_FILE_UNSET+=FETCH
OPTIONS_FILE_UNSET+=SASL
</code>
==== [[Server/Jails#pcre | pcre]] ====
==== [[Server/Jails#perl | perl-threaded]] ====
==== php5 ====
<code>
OPTIONS_FILE_SET+=CLI
OPTIONS_FILE_SET+=CGI
OPTIONS_FILE_UNSET+=FPM
OPTIONS_FILE_SET+=APACHE
OPTIONS_FILE_UNSET+=AP2FILTER
OPTIONS_FILE_UNSET+=EMBED
OPTIONS_FILE_UNSET+=DEBUG
OPTIONS_FILE_UNSET+=DTRACE
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_UNSET+=MAILHEAD
OPTIONS_FILE_UNSET+=LINKTHR
</code>
==== php5-gd ====
<code>
OPTIONS_FILE_SET+=T1LIB
OPTIONS_FILE_SET+=TRUETYPE
OPTIONS_FILE_UNSET+=JIS
OPTIONS_FILE_SET+=X11
OPTIONS_FILE_UNSET+=VPX
</code>
==== php5-mbstring ====
<code>
OPTIONS_FILE_SET+=REGEX
</code>
==== php5-mysql ====
<code>
OPTIONS_FILE_UNSET+=MYSQLND
</code>
==== png ====
<code>
OPTIONS_FILE_UNSET+=APNG
</code>
==== [[Server/Jails#portupgrade | portupgrade]] ====
==== python27 ====
<code>
OPTIONS_FILE_SET+=EXAMPLES
OPTIONS_FILE_UNSET+=FPECTL
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_UNSET+=PTH
OPTIONS_FILE_SET+=PYMALLOC
OPTIONS_FILE_UNSET+=SEM
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=UCS2
OPTIONS_FILE_SET+=UCS4
</code>
==== [[Server/Jails#ruby |ruby]] ====
==== [[Server/Jails#zsh | zsh]] ====
== ohne config ==
* www/limesurvey


== Konfiguration der Programme ==
== Konfiguration der Programme ==
Zeile 367: Zeile 20:
=== Apache22 ===
=== Apache22 ===


*httpd.conf
==== httpd.conf ====


<code>
LoadModule php5_module        libexec/apache22/libphp5.so
  <IfModule php5_module>
  <IfModule php5_module>
   DirectoryIndex index.php index.html
   DirectoryIndex index.php index.html
Zeile 381: Zeile 38:
  ServerTokens ProductOnly
  ServerTokens ProductOnly
  ServerSignature Off
  ServerSignature Off
</code>


*/extra/httpd-ssl.conf
==== /extra/httpd-ssl.conf ====


<code>
  Listen <IP>:443
  Listen <IP>:443
  ...
  ...
Zeile 405: Zeile 64:
  nokeepalive ssl-unclean-shutdown \
  nokeepalive ssl-unclean-shutdown \
  downgrade-1.0 force-response-1.0
  downgrade-1.0 force-response-1.0
</code>


*/extra/httpd-vhost.conf
==== /extra/httpd-vhost.conf ====


  <code>
  <code>
Zeile 423: Zeile 83:
  </code>
  </code>


*data/
* data/
**impressum.html erstellt
** impressum.html erstellt
**images/
** images/
***image00.jpg
*** image00.jpg
***image01.png
*** image01.png
 
==== manuelles Starten vom Apache22 ist nötig ====
 
Während des Startens von Apache wird das Passwort für das Zertifikat (SSL) angefragt. Es ist manuell einzugeben. Daher kann Apache nie von allein (trotz Eintrag für das Starten von Diensten) ordentlich starten.
 
: <code>service apache22 onestart</code>
<pre>
Performing sanity check on apache22 configuration:
</pre>
<pre>
Syntax OK
Starting apache22.
</pre>
<pre>
Apache/2.2.26 mod_ssl/2.2.26 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.
 
Server umfragen.stura.htw-dresden.de:443 (RSA)
</pre>
<pre>
Enter pass phrase:
</pre>
<pre>
OK: Pass Phrase Dialog successful.
</pre>
 
'''Änderung ab 10.07.2015''' - Der Passphrasenzwang wurde aus dem Zertifikateskey entfernt!


=== Limesurvey ===
=== Limesurvey ===


*config.php
==== config.php ====


<code>
  $databasepass      =  '<mysqlpassword>';
  $databasepass      =  '<mysqlpassword>';
  ...
  ...
Zeile 441: Zeile 130:
  $siteadminbounce = 'umfragen@stura.htw-dresden.de';
  $siteadminbounce = 'umfragen@stura.htw-dresden.de';
  $siteadminname = 'StuRa HTW Dresden';
  $siteadminname = 'StuRa HTW Dresden';
</code>


==== SQL Import ====
==== SQL Import ====


*limesurvey/admin/cmdline_importsurvey.php
; limesurvey/admin/cmdline_importsurvey.php


  <code>
  <code>
Zeile 452: Zeile 142:
=== Mysql-server ===
=== Mysql-server ===


starten
; starten


  <code>
  <code>
Zeile 458: Zeile 148:
  </code>
  </code>


Password setzen
; Password setzen


  <code>
  <code>
  mysqladmin -u <benutzer> password <password>
  mysqladmin -u <benutzer> password <password>
  </code>
  </code>
== Konfiguration des System ==
=== rc.conf ===
apache22_enable="YES"
mysql_enable="YES"


== Siehe auch ==
== Siehe auch ==

Aktuelle Version vom 23. Februar 2020, 18:18 Uhr

Ports[Bearbeiten]

installierte Ports[Bearbeiten]

  • atk
  • autoconf
  • autoconf-wrapper
  • automake
  • automake-wrapper
  • bdftopcf
  • bigreqsproto
  • bison
  • bitstream-vera
  • ca_root_nss
  • cairo
  • cmake
  • cmake-modules
  • compositeproto
  • curl
  • cvsps
  • damageproto
  • db41
  • dejavu
  • dialog4ports
  • emacs-nox11
  • encodings
  • expat
  • fixesproto
  • font-bh-ttf
  • font-misc-ethiopic
  • font-misc-meltho
  • font-util
  • fontconfig
  • fontsproto
  • freetype2
  • gamin
  • gdbm
  • gdk-pixbuf2
  • gettext
  • gio-fam-backend
  • git
  • glib
  • gmake
  • gnomehier
  • gobject-introspection
  • help2man
  • inputproto
  • jasper
  • jbigkit
  • jpeg
  • kbproto
  • libICE
  • libSM
  • libX11
  • libXau
  • libXcomposite
  • libXcursor
  • libXdamage
  • libXdmcp
  • libXext
  • libXfixes
  • libXfont
  • libXi
  • libXinerama
  • libXrandr
  • libXrender
  • libXt
  • libcheck
  • libevent
  • libevent2
  • libexecinfo
  • libffi
  • libfontenc
  • libgcrypt
  • libgpg-error
  • libiconv
  • libidn
  • libpthread-stubs
  • libsigsegv
  • libtool
  • libxcb
  • libxml2
  • libxslt
  • libyaml
  • lynx
  • m4
  • mkfontdir
  • mkfontscale
  • nano
  • p5-Error
  • p5-ExtUtils-Constant
  • p5-IO-Socket-IP
  • p5-IO-Socket-SSL
  • p5-Locale-gettext
  • p5-Net-SMTP-SSL
  • p5-Net-SSLeay
  • p5-Socket
  • pango
  • pcre
  • perl-threaded
  • pixman
  • pkgconf
  • png
  • portaudit
  • portupgrade
  • py27-wikitools
  • python27
  • python33
  • randrproto
  • renderproto
  • ruby
  • ruby18-bdb
  • ruby19-bdb
  • ruby19-date2
  • tiff
  • tmux
  • unzip
  • vim-lite
  • wget
  • xcb-proto
  • xcb-util
  • xcb-util-renderutil
  • xcmiscproto
  • xextproto
  • xf86bigfontproto
  • xineramaproto
  • xorg-fonts-truetype
  • xorg-macros
  • xproto
  • xtrans
  • zsh

konfigurierte Ports[Bearbeiten]

freetype2[Bearbeiten]

OPTIONS_FILE_UNSET+=CFF_HINTING_ADOBE
OPTIONS_FILE_UNSET+=LCD_FILTERING

jasper[Bearbeiten]

OPTIONS_FILE_UNSET+=OPENGL
OPTIONS_FILE_UNSET+=UUID

libcheck[Bearbeiten]

OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_SET+=EXAMPLES

libffi[Bearbeiten]

OPTIONS_FILE_UNSET+=TESTS

libxml2[Bearbeiten]

OPTIONS_FILE_UNSET+=MEM_DEBUG
OPTIONS_FILE_SET+=SCHEMA
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=THREAD_ALLOC
OPTIONS_FILE_UNSET+=XMLLINT_HIST

libxslt[Bearbeiten]

OPTIONS_FILE_SET+=CRYPTO
OPTIONS_FILE_UNSET+=MEM_DEBUG

png[Bearbeiten]

OPTIONS_FILE_UNSET+=APNG

python27[Bearbeiten]

OPTIONS_FILE_SET+=EXAMPLES
OPTIONS_FILE_UNSET+=FPECTL
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_UNSET+=PTH
OPTIONS_FILE_SET+=PYMALLOC
OPTIONS_FILE_UNSET+=SEM
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=UCS2
OPTIONS_FILE_SET+=UCS4

ruby18-bdb[Bearbeiten]

OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_UNSET+=EXAMPLES

zusätzliche Konfigurationsdateien[Bearbeiten]

Jail[Bearbeiten]

/etc/rc.conf[Bearbeiten]


apache22_enable="YES"
mysql_enable="YES"

Konfiguration der Programme[Bearbeiten]

Apache22[Bearbeiten]

httpd.conf[Bearbeiten]


…
LoadModule php5_module        libexec/apache22/libphp5.so

<IfModule php5_module>
 DirectoryIndex index.php index.html
 AddType application/x-httpd-php .php
 AddType application/x-httpd-php-source .phps
</IfModule>
...
ServerName <domain>:80
...
Include etc/apache22/extra/httpd-ssl.conf
...
ServerTokens ProductOnly
ServerSignature Off

/extra/httpd-ssl.conf[Bearbeiten]


Listen <IP>:443
...
<VirtualHost <IP>:443>
...
Serveradmin <mailadresse>
...
Servername <domain>
...
SSLEngine on
...
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
...
SSLCertificateFile  "/usr/local/www/apache22/data/ssl/certs/cert.pem"
...
SSLCertificateKeyFile "/usr/local/www/apache22/data/ssl/key/key.pem"
...
SSLCACertificateFile  "/usr/local/www/apache22/data/ssl/certs/cazertifikate.pem"
...
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

/extra/httpd-vhost.conf[Bearbeiten]


NameVirtualHost <IP>:80
...
<VirtualHost 1<IP>:80>
   ServerAdmin webmaster@<domain>
   DocumentRoot "/usr/local/www/limesurvey/"
   ServerName <domain>
   RewriteEngine On
   RewriteCond %{REQUEST_METHOD} ^TRACE
    RewriteRule .* - [F]
   RewriteCond %{SERVER_PORT} !443
    RewriteRule (.*) https://<domain> [R]
</VirtualHost>

  • data/
    • impressum.html erstellt
    • images/
      • image00.jpg
      • image01.png

manuelles Starten vom Apache22 ist nötig[Bearbeiten]

Während des Startens von Apache wird das Passwort für das Zertifikat (SSL) angefragt. Es ist manuell einzugeben. Daher kann Apache nie von allein (trotz Eintrag für das Starten von Diensten) ordentlich starten.

service apache22 onestart
Performing sanity check on apache22 configuration:
Syntax OK
Starting apache22.
Apache/2.2.26 mod_ssl/2.2.26 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.

Server umfragen.stura.htw-dresden.de:443 (RSA)
Enter pass phrase:
OK: Pass Phrase Dialog successful.

Änderung ab 10.07.2015 - Der Passphrasenzwang wurde aus dem Zertifikateskey entfernt!

Limesurvey[Bearbeiten]

config.php[Bearbeiten]


$databasepass       =   '<mysqlpassword>';
...
$defaultuser        =   '<adminusername>';
$defaultpass        =   '<password>'; 
... 
$siteadminemail = 'umfragen@stura.htw-dresden.de';
$siteadminbounce = 'umfragen@stura.htw-dresden.de';
$siteadminname = 'StuRa HTW Dresden';

SQL Import[Bearbeiten]

limesurvey/admin/cmdline_importsurvey.php

php cmdline_importsurvey <File to import> [<user> <password>]

Mysql-server[Bearbeiten]

starten

/usr/local/etc/rc.d/mysql-server onestart

Password setzen

mysqladmin -u <benutzer> password <password>

Siehe auch[Bearbeiten]

Media:Beispiel.mp3