StuRa Diskussion:Server: Unterschied zwischen den Versionen
(118 dazwischenliegende Versionen von 6 Benutzern werden nicht angezeigt) | |||
Zeile 4: | Zeile 4: | ||
# Backup-Server (2W) | # Backup-Server (2W) | ||
## [[Notfallmanagment]] erstellt (30.8.11 16:00-21:30) | ## [[Notfallmanagment]] erstellt (30.8.11 16:00-21:30) | ||
# Mail-Server * Mailman (1W) | ## Server 2 (Fette Elke) | ||
## Mailingliste erweitert und Struktur angepasst (8.9.11 20:00- 01:15) | ### eingebaut (16.9. 16:00 - 19:00) | ||
### einrichten | |||
#### Betriebssystem mit ZFS installiert (19.9. 13:00 - 1:15) | |||
#### os neu aufgesetzt mit raidz2 (hat bessere redundanz)(20.9. 15:00-19:40) | |||
#### test zfs dateien syncen (20.9. 19:40-20:40, 21.9. 14:00-19:30) | |||
#### einrichten fortgesetzt siehe [[Server/Hauptsystem]] (24.9. 16:00-4:00) | |||
##### Jails (25.9. 14:00-21:30, 26.9. 14:00-20:00, 27.9. 14:00-18:00 , 28.9 14:00-21:30, 29.9. 16:00-21:30, 30.09. 13:00 - 21:00) | |||
## Bacula Dokumentation unter [[Server/Bacula]] (24.9. 14:30-16:00) | |||
# Mail-Server * Mailman (1W) | |||
## Mailingliste erweitert und Struktur angepasst (7.-8.9.11 20:00- 01:15) | |||
## Mailman für testzwecke auf srs8 installiert (9.9. 13:00 - 16:00 , 16:30 - 21:20, 11.9. 15:15- 20:00) (Virtuellhost) | |||
## converting [http://www2.htw-dresden.de/~fsr_lblp/wiki/stura/index.php/Server/mailman#Ansatz_1_.28nicht_getestet.29 Postfix list to Mailman] (16.9. 19:00 - 20:30, 19.9. 15:45 - 16:00) | |||
# Samba-Server (2d) | # Samba-Server (2d) | ||
# Web-Server * Crypto (2d) | # Web-Server * Crypto (2d) | ||
## Plone startup script configurieren (9.9 16:00 - 16:30) | |||
# Wiki-Umzug (2d) | # Wiki-Umzug (2d) | ||
# DNS-Server (2d) | # DNS-Server (2d) | ||
# Mirror-Server (? ... abhängig von den gemirrorten Sachen) | # Mirror-Server (? ... abhängig von den gemirrorten Sachen) | ||
#: = 3W + 8d = (gemäß der Arbeitsdefinition von [[Benutzer:Matthias Jakobi]] (als [[Bereichsleitung Administration Rechentechnik]] entspricht 1W = 5d und 1d = 10h) 3(5d) + 8d = 23d = 23(10h) = 230h | #: = 3W + 8d = (gemäß der Arbeitsdefinition von [[Benutzer:Matthias Jakobi]] (als [[Bereichsleitung Administration Rechentechnik]] entspricht 1W = 5d und 1d = 10h) 3(5d) + 8d = 23d = 23(10h) = 230h | ||
Aktueller zeitlicher Gesamtaufwand: 110H 00MIN | |||
+ 6W um die eingetretene Scheiße wieder loszuwerden | + 6W um die eingetretene Scheiße wieder loszuwerden | ||
=== Mailman test installation srs8 === | === srs8 === | ||
*kopiert von srs21 | |||
** aliases.* | |||
** master.cf | |||
** main.cf (abgeändert) | |||
*** <code> myhostname = srs8.stura.htw-dresden.de </code> | |||
** rc.conf (abgeändert) | |||
*** <code>mailman_enable="YES"</code> | |||
**** nicht konfiguriert | |||
*** <code>apache22_enable="YES"</code> | |||
**** nicht konfiguriert | |||
*** <code>postfix_enable="YES"</code> | |||
**** basiskonfiguration vom srs21 übernommen | |||
** pf.conf konfiguriert | |||
==== Mailman test installation srs8 ==== | |||
| Options for mailman 2.1.14_5 ? | | Options for mailman 2.1.14_5 ? | ||
? ?????????????????????????????????????????????????????????????????? ? | ? ?????????????????????????????????????????????????????????????????? ? | ||
Zeile 26: | Zeile 56: | ||
? ? [X] NAMAZU2 make private archives searchable with namazu2 | | | ? ? [X] NAMAZU2 make private archives searchable with namazu2 | | | ||
? Options for python27 2.7. | ? Options for python27 2.7.* ? | ||
? ?????????????????????????????????????????????????????????????????? ? | ? ?????????????????????????????????????????????????????????????????? ? | ||
? ? [X] THREADS Enable thread support ? ? | ? ? [X] THREADS Enable thread support ? ? | ||
Zeile 39: | Zeile 69: | ||
==== Apache22 srs8 ==== | ==== Apache22 srs8 ==== | ||
? Options for apache 2.2. | ? Options for apache 2.2.* ? | ||
? ?????????????????????????????????????????????????????????????????? ? | ? ?????????????????????????????????????????????????????????????????? ? | ||
? ?[X] THREADS Enable threads support in APR ? ? | ? ?[X] THREADS Enable threads support in APR ? ? | ||
Zeile 65: | Zeile 95: | ||
? ?[X] FILE_CACHE Enable mod_file_cache ? ? | ? ?[X] FILE_CACHE Enable mod_file_cache ? ? | ||
? ?[X] MEM_CACHE Enable mod_mem_cache ? ? | ? ?[X] MEM_CACHE Enable mod_mem_cache ? ? | ||
? ?[ | ? ?[ ] DAV Enable mod_dav ? ? | ||
? ?[ | ? ?[ ] DAV_FS Enable mod_dav_fs ? ? | ||
? ?[ ] BUCKETEER Enable mod_bucketeer ? ? | ? ?[ ] BUCKETEER Enable mod_bucketeer ? ? | ||
? ?[ ] CASE_FILTER Enable mod_case_filter ? ? | ? ?[ ] CASE_FILTER Enable mod_case_filter ? ? | ||
Zeile 104: | Zeile 134: | ||
? ?[X] SPELING Enable mod_speling ? ? | ? ?[X] SPELING Enable mod_speling ? ? | ||
? ?[X] STATUS Enable mod_status ? ? | ? ?[X] STATUS Enable mod_status ? ? | ||
? ?[ | ? ?[ ] UNIQUE_ID Enable mod_unique_id ? ? | ||
? ?[X] USERDIR Enable mod_userdir ? ? | ? ?[X] USERDIR Enable mod_userdir ? ? | ||
? ?[ | ? ?[ ] USERTRACK Enable mod_usertrack ? ? | ||
? ?[X] VHOST_ALIAS Enable mod_vhost_alias ? ? | ? ?[X] VHOST_ALIAS Enable mod_vhost_alias ? ? | ||
? ?[X] FILTER Enable mod_filter ? ? | ? ?[X] FILTER Enable mod_filter ? ? | ||
? ?[ ] SUBSTITUTE Enable mod_substitute ? ? | ? ?[ ] SUBSTITUTE Enable mod_substitute ? ? | ||
? ?[X] VERSION Enable mod_version ? ? | ? ?[X] VERSION Enable mod_version ? ? | ||
? ?[ | ? ?[ ] PROXY Enable mod_proxy ? ? | ||
? ?[ | ? ?[ ] PROXY_CONNECT Enable mod_proxy_connect ? ? | ||
? ?[X] PATCH_PROXY_CONNECT Patch proxy_connect SSL support ? ? | ? ?[X] PATCH_PROXY_CONNECT Patch proxy_connect SSL support ? ? | ||
? ?[ ] PROXY_FTP Enable mod_proxy_ftp ? ? | ? ?[ ] PROXY_FTP Enable mod_proxy_ftp ? ? | ||
? ?[ | ? ?[ ] PROXY_HTTP Enable mod_proxy_http ? ? | ||
? ?[ ] PROXY_AJP Enable mod_proxy_ajp ? ? | ? ?[ ] PROXY_AJP Enable mod_proxy_ajp ? ? | ||
? ?[ | ? ?[ ] PROXY_BALANCER Enable mod_proxy_balancer ? ? | ||
? ?[ ] PROXY_SCGI Enable mod_proxy_scgi ? ? | ? ?[ ] PROXY_SCGI Enable mod_proxy_scgi ? ? | ||
? ?[X] SSL Enable mod_ssl ? ? | ? ?[X] SSL Enable mod_ssl ? ? | ||
Zeile 124: | Zeile 154: | ||
? ?[X] REQTIMEOUT Enable mod_reqtimeout ? ? | ? ?[X] REQTIMEOUT Enable mod_reqtimeout ? ? | ||
? ?[ ] CGID Enable mod_cgid ? ? | ? ?[ ] CGID Enable mod_cgid ? ? | ||
* Warum folgende Module? | |||
** [http://www.webdav.org/mod_dav/ mod_dav] & mod_dav_fs ... [https://secure.wikimedia.org/wikipedia/de/wiki/WebDAV WebDAV] für was? | |||
** [https://httpd.apache.org/docs/2.2/mod/mod_actions.html mod_actions] | |||
** [https://httpd.apache.org/docs/2.2/mod/mod_asis.html mod_asis] | |||
** [https://httpd.apache.org/docs/2.2/mod/mod_autoindex.html mod_autoindex] | |||
** [https://httpd.apache.org/docs/2.2/mod/mod_cern_meta.html mod_cern_meta] | |||
** [https://httpd.apache.org/docs/2.2/mod/mod_dumpio.html mod_dumpio] | |||
** [https://httpd.apache.org/docs/2.2/mod/mod_imagemap.html mod_imagemap] | |||
** [https://httpd.apache.org/docs/2.2/mod/mod_include.html mod_include] - [https://secure.wikimedia.org/wikipedia/de/wiki/Server_Side_Includes SSI]? | |||
** [https://httpd.apache.org/docs/2.2/mod/mod_info.html mod_info] | |||
** [https://httpd.apache.org/docs/2.2/mod/mod_negotiation.html mod_negotiation] | |||
** [https://httpd.apache.org/docs/2.2/mod/mod_speling.html mod_speling] | |||
** [https://httpd.apache.org/docs/2.2/mod/mod_status.html mod_status] | |||
** [https://httpd.apache.org/docs/2.2/mod/mod_unique_id.html mod_unique_id] - tracking nötig? datensparsamkeit? | |||
** [https://httpd.apache.org/docs/2.2/mod/mod_userdir.html mod_userdir] | |||
** [https://httpd.apache.org/docs/2.2/mod/mod_usertrack.html mod_usertrack] - tracking nötig? datensparsamkeit? | |||
** [https://httpd.apache.org/docs/2.2/mod/mod_proxy_balancer.html mod_proxy_balancer] | |||
? Options for apr-ipv6-devrandom-gdbm-db42 1.4.5.1.3.12 ? | ? Options for apr-ipv6-devrandom-gdbm-db42 1.4.5.1.3.12 ? | ||
Zeile 159: | Zeile 206: | ||
? ? [X] OTP Enable OTP authentication ? ? | ? ? [X] OTP Enable OTP authentication ? ? | ||
? ? [X] NTLM Enable NTLM authentication ? ? | ? ? [X] NTLM Enable NTLM authentication ? ? | ||
==== Postfix ==== | |||
? Options for postfix 2.8.* ? | |||
? ?????????????????????????????????????????????????????????????????? ? | |||
? ?[X] PCRE Perl Compatible Regular Expressions ? ? | |||
? ?[X] SASL2 Cyrus SASLv2 (Simple Auth. and Sec. Layer) ? ? | |||
? ?[ ] DOVECOT Dovecot 1.x SASL authentication method ? ? | |||
? ?[X] DOVECOT2 Dovecot 2.x SASL authentication method ? ? | |||
? ?[ ] SASLKRB5 If your SASL req. Kerberos5 select this option ? ? | |||
? ?[ ] SASLKMIT If your SASL req. MIT Kerberos5 select this optio? ? | |||
? ?nX] TLS Enable SSL and TLS support ? ? | |||
? ?[ ] BDB Berkeley DB (choose version with WITH_BDB_VER) ? ? | |||
? ?[ ] MYSQL MySQL maps (choose version with WITH_MYSQL_VER) ? ? | |||
? ?[ ] PGSQL PostgreSQL maps (pick ver. with DEFAULT_PGSQL_VER? ? | |||
? ?) ] SQLITE SQLite maps ? ? | |||
? ?[ ] OPENLDAP OpenLDAP maps (choose ver. with WITH_OPENLDAP_VER? ? | |||
? ?)X] LDAP_SASL Enable OpenLDAP client-to-server auth via SASL ? ? | |||
? ?[ ] CDB CDB maps lookups ? ? | |||
? ?[ ] NIS NIS maps lookups ? ? | |||
| ?[ ] VDA VDA (Virtual Delivery Agent 32Bit) ? ? | |||
? ?[ ] TEST SMTP/LMTP test server and generator ? ? | |||
? ?[ ] SPF SPF support (via libspf2 1.2.x) ? ? | |||
? ?[ ] INST_BASE Install into /usr and /etc/postfix ? ? | |||
==== Dovecot ==== | |||
? Options for dovecot 2.0.* ? | |||
? ?????????????????????????????????????????????????????????????????? ? | |||
? ? [X] KQUEUE kqueue(2) support ? ? | |||
? ? [X] SSL SSL support ? ? | |||
? ? [ ] GSSAPI GSSAPI support ? ? | |||
? ? [ ] VPOPMAIL VPopMail support ? ? | |||
? ? [ ] BDB BerkleyDB support ? ? | |||
? ? [ ] LDAP OpenLDAP support ? ? | |||
? ? [ ] PGSQL PostgreSQL support ? ? | |||
? ? [x] MYSQL MySQL support ? ? | |||
? ? [ ] SQLITE SQLite support ? ? | |||
==== Mailman test config ==== | ==== Mailman test config ==== | ||
* Verzeichniss <code>/usr/local/mailman </code> | |||
** Password einstellen <code>./bin/mmsitepass PASSWORD </code> | |||
** Configuration <code> ./Mailman/mm_cfg.py </code> | |||
*** softlink <code> /etc/mailman/mm_cfg.py </code> | |||
<code> | |||
#DEFAULT_URL_HOST = '141.56.50.8' | |||
DEFAULT_EMAIL_HOST = '141.56.50.8' | |||
SMTPHOST = '141.56.50.8' | |||
MTA = 'postfix' | |||
#POSTFIX_STYLE_VIRTUAL_DOMAINS= ['141.56.50.8'] | |||
</code> | |||
*wenn auf srs21 ändern | |||
<code> | |||
DEFAULT_URL_HOST = '141.56.50.21' | |||
DEFAULT_EMAIL_HOST = '141.56.50.21' | |||
SMTPHOST = 'localhost' | |||
MTA = 'postfix' | |||
POSTFIX_STYLE_VIRTUAL_DOMAINS= ['srs21.stura.htw-dresden.de'] | |||
</code> | |||
* weiter config Datein | |||
** Mailmans Verhalten und einstellungen <code>/etc/mailman/sitelist.cfg </code> | |||
*Get Postfix-To-Mailman script | |||
<code> | |||
# cd /usr/local/mailman | |||
# fetch http://www.gurulabs.com/downloads/postfix-to-mailman-2.1.py | |||
# mv postfix-to-mailman-2.1.py postfix-to-mailman.py | |||
# chmod 750 postfix-to-mailman.py | |||
# chown mailman:mailman postfix-to-mailman.py | |||
</code> | |||
*Edit /usr/local/mailman/postfix-to-mailman.py file: | |||
<code> | |||
<b>#! /usr/local/bin/python</b> | |||
# Configuration variables – Change these for your site if necessary. | |||
MailmanHome = “<b>/usr/local/mailman</b>“; # Mailman home directory. | |||
MailmanOwner = “<b>postmaster@domain.tld</b>“; # Postmaster and abuse mail recipient. | |||
</code> | |||
===== postfix/main.cf ===== | |||
*Edit /usr/local/etc/postfix/main.cf file: | |||
<code> | <code> | ||
... | |||
relay_domains = <b>lists.domain.tld</b> | |||
... | |||
# TRANSPORT MAP | |||
# | |||
# See the discussion in the ADDRESS_REWRITING_README document. | |||
transport_maps = hash:/usr/local/etc/postfix/transport | |||
vacation_destination_recipient_limit = 1 | |||
mailman_destination_recipient_limit = 1 | |||
... | |||
alias_maps = | |||
... | |||
recipient_delimiter = + | |||
... | |||
</code> | |||
===== Transportlist ===== | |||
Add transport for list to /usr/local/etc/postfix/transport file: | |||
<code> | |||
# echo 'lists.domain.tld mailman:' >> /usr/local/etc/postfix/transport | |||
</code> | |||
===== postfix/master.cf ===== | |||
*Edit /usr/local/etc/postfix/master.cf file: | |||
<code><b> | |||
mailman unix - n n - - pipe | |||
flags=FR user=mailman:mailman argv=/usr/local/mailman/postfix-to-mailman.py | |||
${nexthop} ${user} | |||
</b></code> | |||
genau hinsehen!!! | |||
===== Create Postfix transport database ===== | |||
<code> | |||
# postmap /usr/local/etc/postfix/transport | |||
</code> | |||
*Reload Postfix: | |||
<code> | |||
# postfix reload | |||
</code> | |||
*Set site password: | |||
<code> | |||
#cd /usr/local/mailman | |||
#bin/mmsitepass | |||
New site password: mailman_password | |||
Again to confirm password: mailman_password | |||
</code> | |||
*Create Mailman list: | |||
<code> | |||
#bin/newlist | |||
Enter the name of the list: mailman | |||
Enter the email of the person running the list: you@domain.tld | |||
Initial mailman password: list_password | |||
</code> | |||
You’ll then see instructions to add aliases for the mailing list. We need not worry about that because everything is virtual. So, proceeding… Hit enter to notify mailman owner… ENTER | |||
===== /usr/local/etc/apache22/extra/httpd-vhosts.conf ===== | |||
<code> | |||
NameVirtualHost *:80 | |||
# | |||
# VirtualHost example: | |||
# Almost any Apache directive may go into a VirtualHost container. | |||
# The first VirtualHost section is used for all requests that do not | |||
# match a ServerName or ServerAlias in any block. | |||
# | |||
# Default domain on this server | |||
# | |||
<Virtualhost *:80> | |||
ServerAdmin webmaster@domain.tld | |||
DocumentRoot "/usr/local/www/apache22/data" | |||
ServerName www.domain.tld | |||
ServerAlias domain.tld www.domain.tld | |||
<Directory "/usr/local/www/apache22/data"> | |||
AllowOverride None | |||
Options None | |||
Order allow,deny | |||
Allow from all | |||
</Directory> | |||
ErrorLog /var/log/httpd-error.log | |||
CustomLog /var/log/httpd-access.log combined | |||
</Virtualhost> | |||
<b> | |||
# Mailman mailing list domain. | |||
# | |||
<Virtualhost *:80> | |||
ServerAdmin webmaster@domain.tld | |||
DocumentRoot "/usr/local/mailman" | |||
ServerName lists.domain.tld | |||
ServerAlias lists.domain.tld | |||
ScriptAlias /cgi-bin/ "/usr/local/mailman/cgi-bin/" | |||
ScriptAlias /mailman/ "/usr/local/mailman/cgi-bin/" | |||
Alias /pipermail "/usr/local/mailman/archives/public" | |||
Alias /icons "/usr/local/mailman/icons" | |||
RedirectMatch ^/$ mailman/listinfo | |||
<Directory "/usr/local/mailman"> | |||
AllowOverride All | |||
Options FollowSymlinks | |||
Order allow,deny | |||
Allow from all | |||
</Directory> | |||
ErrorLog /var/log/httpd-error.log | |||
CustomLog /var/log/httpd-access.log combined | |||
</Virtualhost> </b> | |||
</code> | |||
NOTE: | |||
Notice the addition of the default HTTP directory. The reason for this is due to the fact that once | |||
virtual hosting is enabled, the default directory used by Apache is the first VirtualHost listed in the | |||
httpd-vhosts.conf file. So, make sure that what ever site you plan on using as the default site for that | |||
machine comes first in the list of virtual hosts in the httpd-vhosts.conf file. | |||
After adding the above VirtualHost directive, you can delete or comment out the remaining lines in the | |||
httpd-vhosts.conf file being as they’re just the default examples and pretty much useless. | |||
===== /usr/local/etc/apache22/httpd.conf to include vhosts ===== | |||
<code> | |||
… | |||
# Virtual hosts | |||
Include etc/apache22/extra/httpd-vhosts.conf | |||
… | |||
</code> | |||
===== Reload Apache configuration ===== | |||
<code> | |||
# apachectl graceful | |||
</code> | |||
===== Add list to Mailman configuration file ===== | |||
<code> | |||
# echo "add_virtualhost('lists.domain.tld','lists.domain.tld')" >> /usr/local/mailman/Mailman/mm_cfg.py | |||
</code> | |||
bei geänderter SiteList | |||
<code> | |||
# echo "MAILMAN_SITE_LIST = '<anderer name für die liste>'" >> /usr/local/mailman/Mailman/mm_cfg.py | |||
</code> | |||
== Plone startup script == | |||
* aktuell nur für altes Plone | |||
<b>Problem</b> mit <code>su</code> Meldung: su:Sorry | |||
<b>Lösung</b> noch keine gefunden | |||
<code> | |||
#!/bin/sh | |||
# PROVIDE: plone | |||
# REQUIRE: DAEMON | |||
# KEYWORD: shutdown | |||
# | |||
# Add the following lines to /etc/rc.conf to enable plone | |||
# | |||
# | |||
# plone_enable (bool): Set to "NO" by default, | |||
# Set it to "YES" to enable | |||
# plone | |||
# | |||
# plone_buildout (str): The path to plone buildout env | |||
# file (defaults to | |||
# /usr/local/Plone) | |||
# | |||
# plone_user (str): The username of the user the daemon will | |||
# run as (defaults to www) | |||
# | |||
. /etc/rc.subr | |||
name="plone" | |||
rcvar=`set_rcvar` | |||
load_rc_config $name | |||
eval "${rcvar}=\${${rcvar}:-'NO'}" | |||
plone_buildout=${plone_buildout:-"/usr/local/Plone/zinstance"} | |||
plone_user=${plone_user:-"<b>admin fragen</b>"} | |||
#command="${plone_buildout}/${name}" | |||
#command_interpreter="/bin/sh" | |||
start_cmd="${name}_start" | |||
stop_cmd="${name}_stop" | |||
plone_start() | |||
{ | |||
plone_pid=`pgrep -f "/usr/local/bin/python2.4 ${plone_buildout}"` | |||
if [ ${plone_pid} ] | |||
then | |||
echo "${name} already running (pid: ${plone_pid})" | |||
else | |||
echo "Starting ${name}." | |||
su ${plone_user} -c "${plone_buildout}/bin/instance start" | |||
fi | |||
# ensure the server is started | |||
plone_pid=`pgrep -f "/usr/local/bin/python2.4 ${plone_buildout}"` | |||
if [ ${plone_pid} ] | |||
then | |||
echo "${name} started." | |||
else | |||
echo "${name} could not be started, please check the log files (${plone_buildout}/var/log/)" | |||
fi | |||
} | |||
plone_stop() | |||
{ | |||
plone_pid=`pgrep -f "/usr/local/bin/python2.4 ${plone_buildout}"` | |||
if [ ${plone_pid} ] | |||
then | |||
echo "Stopping ${name}." | |||
su ${plone_user} -c "${plone_buildout}/bin/instance stop" | |||
else | |||
echo "${name} not running?" | |||
fi | |||
# ensure the server is stopped | |||
plone_pid=`pgrep -f "/usr/local/bin/python2.4 ${plone_buildout}"` | |||
if [ ${plone_pid} ] | |||
then | |||
echo "${name} could not be stopped" | |||
fi | |||
} | |||
load_rc_config $name | |||
run_rc_command "$1" | |||
</code> | |||
== Webmail == | |||
Webmail bietet keine (verlässliche) Verschlüsselung. Selbst wenn die Software es kann, so werden die Schlüssel bei einem Einbruch kompromittiert und können genutzt werden, um die daneben liegenden Emails zu entschlüsseln. (ergo sinnfrei) Der StuRa sollte allerdings die Möglichkeit zur verschlüsselten Kontaktaufnahme bieten (z.B. für das Referat Soziales ... denn wer will sich schon gerne bloßstellen?) | |||
[[Benutzer:JohannesSchneemann|JohannesSchneemann]] 13:43, 15. Sep 2011 (CEST) | |||
== Samba Server == | |||
=== Important Files === | |||
* /usr/local/sbin/smbd | |||
* /usr/local/sbin/nmbd | |||
* /usr/local/etc/smb.conf - smbd configuration file | |||
* /etc/inetd.conf - Internet daemon (starts smbd and nmbd) | |||
* /usr/local/private/smbpasswd - encrypted samba passwd file | |||
=== Steps === | |||
* Make sure smbd and nmbd are installed (in /usr/local/sbin/). | |||
* Add (or uncomment) the following lines from /etc/inetd.conf: | |||
<code> | |||
netbios-ssn stream tcp nowait root /usr/local/sbin/smbd smbd | |||
netbios-ns dgram udp wait root /usr/local/sbin/nmbd nmbd | |||
</code> | |||
* Setup /usr/local/etc/smb.conf. Here's tyagi's file: | |||
<code> | |||
[global] | |||
# workgroup = NT-Domain-Name or Workgroup-Name | |||
workgroup = DIRT | |||
# This option is important for security. It allows you to restrict | |||
# connections to machines which are on your local network. The | |||
# following example restricts access to 152.2.137, selected | |||
# machines (my office PC and my home PC), and the "loopback" interface. | |||
# For more examples of the syntax see the smb.conf man page | |||
allow hosts = 152.2.137. 152.2.142.123 152.2.129.140 localhost | |||
# This enables or disables logging of connections to a status file that | |||
# smbstatus can read | |||
status = yes | |||
# You may wish to use password encryption. Please read | |||
# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. | |||
# Do not enable this option unless you have read those documents | |||
encrypt passwords = yes | |||
# this tells Samba to use a one log file | |||
log file = /var/log/smb.log | |||
# Put a capping on the size of the log files (in Kb). | |||
max log size = 100 | |||
# To make this one look like the smb.conf on topsecret | |||
[homes] | |||
guest ok = no | |||
browesable = yes | |||
read only = no | |||
create mode = 0750 | |||
</code> | |||
* Setup users. (note: You can only add users who exist in /etc/passwd) | |||
<code> | |||
# cd /usr/local/private | |||
# cp smbpasswd smbpasswd.old | |||
# addtosmbpass [username] < smbpasswd.old > smbpasswd.new | |||
# mv smbpasswd.new smbpasswd | |||
</code> | </code> | ||
* | * Change existing users' passwords. | ||
<code> | <code> | ||
# smbpasswd [username] | |||
</code> | </code> | ||
* Reboot the machine to start the server. | |||
=== Notes === | |||
* There's some way to be able to access directories other than your home directory, but I haven't found it yet. The easiest way to set this up is to create symbolic links from your home directory to your favorite directories (like /usr/dirt/src, /playpen, ...). | |||
* To access the server from a department Windows NT box, you'll have to use the server's IP address rather than its hostname (security reasons). For example, I'd access my home directory on tyagi by mapping a network drive to \\152.2.137.54\clark. | |||
=== Link === | |||
[http://us1.samba.org/samba/samba.html http://us1.samba.org/samba/samba.html] | |||
== Skripte == | |||
[http://sourceforge.net/projects/bsdadminscripts/ SourceForge: Projekt ''BSD Administration Scripts''] | |||
== Uhrzeit == | |||
Salve Beastie, | |||
lebst du in der [http://de.wikipedia.org/wiki/UTC UTC]-Zeitzone? | |||
Die Weiber wohnen doch aber alle in der [[wikipedia:de:MEZ|CET]], oder? | |||
Kollegiale | |||
--[[Benutzer:PaulRiegel|PaulRiegel]] 14:14, 18. Sep 2012 (UTC) | |||
== [https://en.wikipedia.org/wiki/Category:Web_server_management_software Web server management software] == | |||
Salvete Gemeinde,<br /> | |||
insbesondere lieber [[Bereich Administration Rechentechnik]], | |||
Gibt es eine Bewertung zur Verwendung von Tool wie [https://de.wikipedia.org/wiki/Webmin Webmin] und dergleichen? Ferner sei das hiermit ein Gedankenanstoß. :-) | |||
: Für [[FreeBSD]]-Ports orientierte Menschen: https://www.freebsd.org/cgi/ports.cgi?query=webmin webmin | |||
--[[Benutzer:PaulRiegel|PaulRiegel]] ([[Benutzer Diskussion:PaulRiegel|Diskussion]]) 02:31, 1. Aug. 2013 (CEST) | |||
---- | |||
Hey Ho (let's Go), | |||
Bewertung von [[Benutzer:Matthias Jakobi|Matthias Jakobi]] ([[Benutzer Diskussion:Matthias Jakobi|Diskussion]]) ([[Bereichsleitung Administration Rechentechnik]]): | |||
: Generell halte ich von solchen "Klicki bunti" Administrationsoberflächen ja nicht viel (aus mehrerlei Gründen, wenn erwünscht würde ich diese auch noch stichpunktartig aufführen), aber ich komme nicht drumherrum zu erkenn das für Personen, welche neu in dem [[Bereich Administration Rechentechnik | Bereich Rechentechnik]] sind, Hürden mit dem Umgang von "neuartigen" Betriebssystemen bestehen. Daher würde dieses Tool zumindestens als Monitoringsystem in Betracht gezogen werden (genauere Analyse des Programmes ist noch erforderlich). | |||
--[[Benutzer:Matthias Jakobi|Matthias Jakobi]] ([[Benutzer Diskussion:Matthias Jakobi|Diskussion]]) 18:41, 1. Aug. 2013 (CEST) | |||
---- | |||
Salve [[Benutzer:Matthias Jakobi|Matthias Jakobi]],<br /> | |||
Ave [[Bereichsleitung Administration Rechentechnik | Admin]], | |||
dabei ist, aus meiner Perspektive, nicht das "klicki bunti" entscheidend, sondern die "Automatisierung". Daher die "Gegenfrage": Gibt es aktuell vergleichbare Scripte? Sofern die "Funktionalitäten" der sogenannten server management software vorhanden ist, ist alles gut. Ich möchte mich nur für "zweckmäßige" Vereinfachung ausgesprochen haben. Daher würde ich bitten, dass auch alle interessanten "Features" in Betracht gezogen werden. | |||
Gern "konzeptioniere" ich gern mit. :-) | |||
--[[Benutzer:PaulRiegel|PaulRiegel]] ([[Benutzer Diskussion:PaulRiegel|Diskussion]]) 21:09, 1. Aug. 2013 (CEST) | |||
== Arbeitsspeicher == | |||
X x [http://www.kingston.com/us/memory/search/Default.aspx?DisPartId=KVR1333D3S8R9S/2G Kingston KVR1333D3S8R9S/2G] | |||
== Übersicht zu [[Server]]n durch grafische Darstellung mit [[W:de:Topologie (Rechnernetz)|Topologie]] == | |||
* [[c3d2:Server#Topologie]] als "praktisches" Beispiel | |||
** [[c3d2:HQ/Netz]] als Ergänzung | |||
zum Schreiben: | |||
* http://www.texample.net/tikz/examples/area/networking/ | |||
* http://www.texample.net/tikz/examples/area/computer-science/ | |||
zum Klicken: | |||
* [[wikipedia:de:Dia (Software)]] | |||
--[[Benutzer:PaulRiegel|Paul]] 13:44, 14. Sep. 2015 (CEST) | |||
== alte IP-Adressen == | |||
es fand sich ein dokument von 2007 welches 141.56.201.181 - 184 für die einzelnen [[Computer]]/[[Server]] erwähnt | |||
== [[FreeNAS]] 10 is coming up! == | |||
* http://www.freenas.org/blog/freenas-910-released/ | |||
--[[Benutzer:PaulRiegel|Paul]] 04:04, 27. Mär. 2016 (CEST) | |||
== Primergy RX Cluster == | |||
* https://www.ebay-kleinanzeigen.de/s-anzeige/857480834 | |||
** RX 300 S6 3,5 Zoll | |||
* https://www.ebay-kleinanzeigen.de/s-anzeige/806481297 | |||
** Einschübe mit 2 x 1 TB | |||
* https://www.ebay-kleinanzeigen.de/s-anzeige/828457335 | |||
** 2 x RX 100 S6 | |||
* https://www.ebay-kleinanzeigen.de/s-anzeige/861258924 | |||
** Platten | |||
* https://www.ebay-kleinanzeigen.de/s-anzeige/844123461 | |||
** Einschübe | |||
=== Alternativen === | |||
; Lenovo ThinkSystem HR630X | |||
* https://www.ebay.de/itm/175774318706 | |||
* https://www.ebay.de/itm/175785639983 |
Aktuelle Version vom 24. Juni 2023, 17:14 Uhr
Schätzung des zeitlichen Arbeitsaufwandes für die Erstellung der geforderten Dienste[Bearbeiten]
super-optimistische Schätzung (Vollzeit)
- Backup-Server (2W)
- Notfallmanagment erstellt (30.8.11 16:00-21:30)
- Server 2 (Fette Elke)
- eingebaut (16.9. 16:00 - 19:00)
- einrichten
- Betriebssystem mit ZFS installiert (19.9. 13:00 - 1:15)
- os neu aufgesetzt mit raidz2 (hat bessere redundanz)(20.9. 15:00-19:40)
- test zfs dateien syncen (20.9. 19:40-20:40, 21.9. 14:00-19:30)
- einrichten fortgesetzt siehe Server/Hauptsystem (24.9. 16:00-4:00)
- Jails (25.9. 14:00-21:30, 26.9. 14:00-20:00, 27.9. 14:00-18:00 , 28.9 14:00-21:30, 29.9. 16:00-21:30, 30.09. 13:00 - 21:00)
- Bacula Dokumentation unter Server/Bacula (24.9. 14:30-16:00)
- Mail-Server * Mailman (1W)
- Mailingliste erweitert und Struktur angepasst (7.-8.9.11 20:00- 01:15)
- Mailman für testzwecke auf srs8 installiert (9.9. 13:00 - 16:00 , 16:30 - 21:20, 11.9. 15:15- 20:00) (Virtuellhost)
- converting Postfix list to Mailman (16.9. 19:00 - 20:30, 19.9. 15:45 - 16:00)
- Samba-Server (2d)
- Web-Server * Crypto (2d)
- Plone startup script configurieren (9.9 16:00 - 16:30)
- Wiki-Umzug (2d)
- DNS-Server (2d)
- Mirror-Server (? ... abhängig von den gemirrorten Sachen)
- = 3W + 8d = (gemäß der Arbeitsdefinition von Benutzer:Matthias Jakobi (als Bereichsleitung Administration Rechentechnik entspricht 1W = 5d und 1d = 10h) 3(5d) + 8d = 23d = 23(10h) = 230h
Aktueller zeitlicher Gesamtaufwand: 110H 00MIN
+ 6W um die eingetretene Scheiße wieder loszuwerden
srs8[Bearbeiten]
- kopiert von srs21
- aliases.*
- master.cf
- main.cf (abgeändert)
myhostname = srs8.stura.htw-dresden.de
- rc.conf (abgeändert)
mailman_enable="YES"
- nicht konfiguriert
apache22_enable="YES"
- nicht konfiguriert
postfix_enable="YES"
- basiskonfiguration vom srs21 übernommen
- pf.conf konfiguriert
Mailman test installation srs8[Bearbeiten]
| Options for mailman 2.1.14_5 ? ? ?????????????????????????????????????????????????????????????????? ? ? ? [ ] SENDMAIL for use with sendmail ? ? ? ? [ ] EXIM3 for use with exim3 ? ? ? ? [ ] EXIM4 for use with exim4 ? ? ? ? [X] POSTFIX for use with postfix ? ? ? ? [ ] COURIER for use with courier ? ? ? ? [ ] CHINESE support for Chinese mailing lists ? ? ? ? [ ] HTDIG htdig integration patches ? ? ? ? [X] NAMAZU2 make private archives searchable with namazu2 | |
? Options for python27 2.7.* ? ? ?????????????????????????????????????????????????????????????????? ? ? ? [X] THREADS Enable thread support ? ? ? ? [ ] HUGE_STACK_SIZE Use a larger thread stack ? ? ? ? [ ] SEM Use POSIX semaphores (experimental) ? ? ? ? [ ] PTH Use GNU Pth for threading/multiprocessing ? ? ? ? [X] UCS4 Use UCS4 for unicode support ? ? ? ? [X] PYMALLOC Use python's internal malloc ? ? ? ? [X] IPV6 Enable IPv6 support ? ? ? ? [ ] FPECTL Enable floating point exception handling ? ?
Apache22 srs8[Bearbeiten]
? Options for apache 2.2.* ? ? ?????????????????????????????????????????????????????????????????? ? ? ?[X] THREADS Enable threads support in APR ? ? ? ?[ ] MYSQL Enable MySQL support for apr-dbd ? ? ? ?[ ] PGSQL Enable PostgreSQL support for apr-dbd ? ? ? ?[ ] SQLITE Enable SQLite support for apr-dbd ? ? ? ?[X] IPV6 Enable IPv6 support ? ? ? ?[ ] BDB Enable BerkeleyDB dbm ? ? ? ?[X] AUTH_BASIC Enable mod_auth_basic ? ? ? ?[X] AUTH_DIGEST Enable mod_auth_digest ? ? ? ?[X] AUTHN_FILE Enable mod_authn_file ? ? ? ?[ ] AUTHN_DBD Enable mod_authn_dbd ? ? ? ?[X] AUTHN_DBM Enable mod_authn_dbm ? ? ? ?[X] AUTHN_ANON Enable mod_authn_anon ? ? ? ?[X] AUTHN_DEFAULT Enable mod_authn_default ? ? ? ?[X] AUTHN_ALIAS Enable mod_authn_alias ? ? ? ?[X] AUTHZ_HOST Enable mod_authz_host ? ? ? |[X] AUTHZ_GROUPFILE Enable mod_authz_groupfile ? ? ? ?[X] AUTHZ_USER Enable mod_authz_user ? ? ? ?[X] AUTHZ_DBM Enable mod_authz_dbm ? ? ? ?[X] AUTHZ_OWNER Enable mod_authz_owner ? ? ? ?[X] AUTHZ_DEFAULT Enable mod_authz_default ? ? ? ?[X] CACHE Enable mod_cache ? ? ? ?[X] DISK_CACHE Enable mod_disk_cache ? ? ? ?[X] FILE_CACHE Enable mod_file_cache ? ? ? ?[X] MEM_CACHE Enable mod_mem_cache ? ? ? ?[ ] DAV Enable mod_dav ? ? ? ?[ ] DAV_FS Enable mod_dav_fs ? ? ? ?[ ] BUCKETEER Enable mod_bucketeer ? ? ? ?[ ] CASE_FILTER Enable mod_case_filter ? ? ? ?[ ] CASE_FILTER_IN Enable mod_case_filter_in ? ? ? ?[ ] EXT_FILTER Enable mod_ext_filter ? ? ? ?[ ] LOG_FORENSIC Enable mod_log_forensic ? ? ? ?[ ] OPTIONAL_HOOK_EXPORT Enable mod_optional_hook_export ? ? ? ?[ ] OPTIONAL_HOOK_IMPORT Enable mod_optional_hook_import ? ? ? ?[ ] OPTIONAL_FN_IMPORT Enable mod_optional_fn_import ? ? ? ?[ ] OPTIONAL_FN_EXPORT Enable mod_optional_fn_export ? ? ? ?[X] LDAP Enable mod_ldap ? ? ? ?[X] AUTHNZ_LDAP Enable mod_authnz_ldap ? ? ? ?[X] ACTIONS Enable mod_actions ? ? ? ?[X] ALIAS Enable mod_alias ? ? ? ?[X] ASIS Enable mod_asis ? ? ? ?[X] AUTOINDEX Enable mod_autoindex ? ? ? ?[X] CERN_META Enable mod_cern_meta ? ? ? ?[X] CGI Enable mod_cgi ? ? ? ?[X] CHARSET_LITE Enable mod_charset_lite ? ? ? ?[ ] DBD Enable mod_dbd ? ? ? ?[X] DEFLATE Enable mod_deflate ? ? ? ?[X] DIR Enable mod_dir ? ? ? ?[X] DUMPIO Enable mod_dumpio ? ? ? ?[X] ENV Enable mod_env ? ? ? ?[X] EXPIRES Enable mod_expires ? ? ? ?[X] HEADERS Enable mod_headers ? ? ? ?[X] IMAGEMAP Enable mod_imagemap ? ? ? ?[X] INCLUDE Enable mod_include ? ? ? ?[X] INFO Enable mod_info ? ? ? ?[X] LOG_CONFIG Enable mod_log_config ? ? ? ?[X] LOGIO Enable mod_logio ? ? ? ?[X] MIME Enable mod_mime ? ? ? ?[X] MIME_MAGIC Enable mod_mime_magic ? ? ? ?[X] NEGOTIATION Enable mod_negotiation ? ? ? ?[X] REWRITE Enable mod_rewrite ? ? ? ?[X] SETENVIF Enable mod_setenvif ? ? ? ?[X] SPELING Enable mod_speling ? ? ? ?[X] STATUS Enable mod_status ? ? ? ?[ ] UNIQUE_ID Enable mod_unique_id ? ? ? ?[X] USERDIR Enable mod_userdir ? ? ? ?[ ] USERTRACK Enable mod_usertrack ? ? ? ?[X] VHOST_ALIAS Enable mod_vhost_alias ? ? ? ?[X] FILTER Enable mod_filter ? ? ? ?[ ] SUBSTITUTE Enable mod_substitute ? ? ? ?[X] VERSION Enable mod_version ? ? ? ?[ ] PROXY Enable mod_proxy ? ? ? ?[ ] PROXY_CONNECT Enable mod_proxy_connect ? ? ? ?[X] PATCH_PROXY_CONNECT Patch proxy_connect SSL support ? ? ? ?[ ] PROXY_FTP Enable mod_proxy_ftp ? ? ? ?[ ] PROXY_HTTP Enable mod_proxy_http ? ? ? ?[ ] PROXY_AJP Enable mod_proxy_ajp ? ? ? ?[ ] PROXY_BALANCER Enable mod_proxy_balancer ? ? ? ?[ ] PROXY_SCGI Enable mod_proxy_scgi ? ? ? ?[X] SSL Enable mod_ssl ? ? ? ?[ ] SUEXEC Enable mod_suexec ? ? ? ?[ ] SUEXEC_RSRCLIMIT SuEXEC rlimits based on login class ? ? ? ?[X] REQTIMEOUT Enable mod_reqtimeout ? ? ? ?[ ] CGID Enable mod_cgid ? ?
- Warum folgende Module?
- mod_dav & mod_dav_fs ... WebDAV für was?
- mod_actions
- mod_asis
- mod_autoindex
- mod_cern_meta
- mod_dumpio
- mod_imagemap
- mod_include - SSI?
- mod_info
- mod_negotiation
- mod_speling
- mod_status
- mod_unique_id - tracking nötig? datensparsamkeit?
- mod_userdir
- mod_usertrack - tracking nötig? datensparsamkeit?
- mod_proxy_balancer
? Options for apr-ipv6-devrandom-gdbm-db42 1.4.5.1.3.12 ? ? ?????????????????????????????????????????????????????????????????? ? ? ? [X] THREADS Enable Threads in apr ? ? ? ? [X] IPV6 Enable IPV6 Support in apr ? ? ? ? [X] BDB Enable Berkley BDB support in apr-util ? ? ? ? [X] GDBM Enable GNU dbm support in apr-util ? ? ? ? [X] LDAP Enable LDAP support in apr-util ? ? ? ? [ ] MYSQL Enable MySQL suport in apr-util ? ? ? ? [ ] NDBM Enable NDBM support in apr-util ? ? ? ? [ ] PGSQL Enable Postgresql suport in apr-util ? ? ? ? [ ] SQLITE Enable SQLite3 support in apr-util ? ? ? ? [X] DEVRANDOM Use /dev/random or compatible in apr ? ?
? Options for openldap-client 2.4.26 ? ? ?????????????????????????????????????????????????????????????????? ? ? ? [X] SASL With (Cyrus) SASL2 support ? ? ? ? [X] FETCH Enable fetch(3) support ? ?
? Options for cyrus-sasl 2.1.23_3 ? ? ?????????????????????????????????????????????????????????????????? ? ? ? [ ] BDB Use Berkeley DB ? ? ? ? [ ] MYSQL Use MySQL ? ? ? ? [ ] PGSQL Use PostgreSQL ? ? ? ? [ ] SQLITE Use SQLite ? ? ? ? [X] DEV_URANDOM Use /dev/urandom ? ? ? ? [ ] ALWAYSTRUE Enable the alwaystrue password verifier ? ? ? ? [ ] KEEP_DB_OPEN Keep handle to Berkeley DB open ? ? ? ? [X] AUTHDAEMOND Enable use of authdaemon ? ? ? ? [X] LOGIN Enable LOGIN authentication ? ? ? ? [X] PLAIN Enable PLAIN authentication ? ? ? ? [X] CRAM Enable CRAM-MD5 authentication ? ? ? ? [X] DIGEST Enable DIGEST-MD5 authentication ? ? ? ? [X] OTP Enable OTP authentication ? ? ? ? [X] NTLM Enable NTLM authentication ? ?
Postfix[Bearbeiten]
? Options for postfix 2.8.* ? ? ?????????????????????????????????????????????????????????????????? ? ? ?[X] PCRE Perl Compatible Regular Expressions ? ? ? ?[X] SASL2 Cyrus SASLv2 (Simple Auth. and Sec. Layer) ? ? ? ?[ ] DOVECOT Dovecot 1.x SASL authentication method ? ? ? ?[X] DOVECOT2 Dovecot 2.x SASL authentication method ? ? ? ?[ ] SASLKRB5 If your SASL req. Kerberos5 select this option ? ? ? ?[ ] SASLKMIT If your SASL req. MIT Kerberos5 select this optio? ? ? ?nX] TLS Enable SSL and TLS support ? ? ? ?[ ] BDB Berkeley DB (choose version with WITH_BDB_VER) ? ? ? ?[ ] MYSQL MySQL maps (choose version with WITH_MYSQL_VER) ? ? ? ?[ ] PGSQL PostgreSQL maps (pick ver. with DEFAULT_PGSQL_VER? ? ? ?) ] SQLITE SQLite maps ? ? ? ?[ ] OPENLDAP OpenLDAP maps (choose ver. with WITH_OPENLDAP_VER? ? ? ?)X] LDAP_SASL Enable OpenLDAP client-to-server auth via SASL ? ? ? ?[ ] CDB CDB maps lookups ? ? ? ?[ ] NIS NIS maps lookups ? ? | ?[ ] VDA VDA (Virtual Delivery Agent 32Bit) ? ? ? ?[ ] TEST SMTP/LMTP test server and generator ? ? ? ?[ ] SPF SPF support (via libspf2 1.2.x) ? ? ? ?[ ] INST_BASE Install into /usr and /etc/postfix ? ?
Dovecot[Bearbeiten]
? Options for dovecot 2.0.* ? ? ?????????????????????????????????????????????????????????????????? ? ? ? [X] KQUEUE kqueue(2) support ? ? ? ? [X] SSL SSL support ? ? ? ? [ ] GSSAPI GSSAPI support ? ? ? ? [ ] VPOPMAIL VPopMail support ? ? ? ? [ ] BDB BerkleyDB support ? ? ? ? [ ] LDAP OpenLDAP support ? ? ? ? [ ] PGSQL PostgreSQL support ? ? ? ? [x] MYSQL MySQL support ? ? ? ? [ ] SQLITE SQLite support ? ?
Mailman test config[Bearbeiten]
- Verzeichniss
/usr/local/mailman
- Password einstellen
./bin/mmsitepass PASSWORD
- Configuration
./Mailman/mm_cfg.py
- softlink
/etc/mailman/mm_cfg.py
- softlink
- Password einstellen
#DEFAULT_URL_HOST = '141.56.50.8'
DEFAULT_EMAIL_HOST = '141.56.50.8'
SMTPHOST = '141.56.50.8'
MTA = 'postfix'
#POSTFIX_STYLE_VIRTUAL_DOMAINS= ['141.56.50.8']
- wenn auf srs21 ändern
DEFAULT_URL_HOST = '141.56.50.21'
DEFAULT_EMAIL_HOST = '141.56.50.21'
SMTPHOST = 'localhost'
MTA = 'postfix'
POSTFIX_STYLE_VIRTUAL_DOMAINS= ['srs21.stura.htw-dresden.de']
- weiter config Datein
- Mailmans Verhalten und einstellungen
/etc/mailman/sitelist.cfg
- Mailmans Verhalten und einstellungen
- Get Postfix-To-Mailman script
# cd /usr/local/mailman
# fetch http://www.gurulabs.com/downloads/postfix-to-mailman-2.1.py
# mv postfix-to-mailman-2.1.py postfix-to-mailman.py
# chmod 750 postfix-to-mailman.py
# chown mailman:mailman postfix-to-mailman.py
- Edit /usr/local/mailman/postfix-to-mailman.py file:
#! /usr/local/bin/python
# Configuration variables – Change these for your site if necessary.
MailmanHome = “/usr/local/mailman“; # Mailman home directory.
MailmanOwner = “postmaster@domain.tld“; # Postmaster and abuse mail recipient.
postfix/main.cf[Bearbeiten]
- Edit /usr/local/etc/postfix/main.cf file:
...
relay_domains = lists.domain.tld
...
# TRANSPORT MAP
#
# See the discussion in the ADDRESS_REWRITING_README document.
transport_maps = hash:/usr/local/etc/postfix/transport
vacation_destination_recipient_limit = 1
mailman_destination_recipient_limit = 1
...
alias_maps =
...
recipient_delimiter = +
...
Transportlist[Bearbeiten]
Add transport for list to /usr/local/etc/postfix/transport file:
# echo 'lists.domain.tld mailman:' >> /usr/local/etc/postfix/transport
postfix/master.cf[Bearbeiten]
- Edit /usr/local/etc/postfix/master.cf file:
mailman unix - n n - - pipe
flags=FR user=mailman:mailman argv=/usr/local/mailman/postfix-to-mailman.py
${nexthop} ${user}
genau hinsehen!!!
Create Postfix transport database[Bearbeiten]
# postmap /usr/local/etc/postfix/transport
- Reload Postfix:
# postfix reload
- Set site password:
#cd /usr/local/mailman
#bin/mmsitepass
New site password: mailman_password
Again to confirm password: mailman_password
- Create Mailman list:
#bin/newlist
Enter the name of the list: mailman
Enter the email of the person running the list: you@domain.tld
Initial mailman password: list_password
You’ll then see instructions to add aliases for the mailing list. We need not worry about that because everything is virtual. So, proceeding… Hit enter to notify mailman owner… ENTER
/usr/local/etc/apache22/extra/httpd-vhosts.conf[Bearbeiten]
NameVirtualHost *:80
#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for all requests that do not
# match a ServerName or ServerAlias in any block.
#
# Default domain on this server
#
<Virtualhost *:80>
ServerAdmin webmaster@domain.tld
DocumentRoot "/usr/local/www/apache22/data"
ServerName www.domain.tld
ServerAlias domain.tld www.domain.tld
<Directory "/usr/local/www/apache22/data">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/httpd-error.log
CustomLog /var/log/httpd-access.log combined
</Virtualhost>
# Mailman mailing list domain.
#
<Virtualhost *:80>
ServerAdmin webmaster@domain.tld
DocumentRoot "/usr/local/mailman"
ServerName lists.domain.tld
ServerAlias lists.domain.tld
ScriptAlias /cgi-bin/ "/usr/local/mailman/cgi-bin/"
ScriptAlias /mailman/ "/usr/local/mailman/cgi-bin/"
Alias /pipermail "/usr/local/mailman/archives/public"
Alias /icons "/usr/local/mailman/icons"
RedirectMatch ^/$ mailman/listinfo
<Directory "/usr/local/mailman">
AllowOverride All
Options FollowSymlinks
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/httpd-error.log
CustomLog /var/log/httpd-access.log combined
</Virtualhost>
NOTE: Notice the addition of the default HTTP directory. The reason for this is due to the fact that once virtual hosting is enabled, the default directory used by Apache is the first VirtualHost listed in the httpd-vhosts.conf file. So, make sure that what ever site you plan on using as the default site for that machine comes first in the list of virtual hosts in the httpd-vhosts.conf file. After adding the above VirtualHost directive, you can delete or comment out the remaining lines in the httpd-vhosts.conf file being as they’re just the default examples and pretty much useless.
/usr/local/etc/apache22/httpd.conf to include vhosts[Bearbeiten]
…
# Virtual hosts
Include etc/apache22/extra/httpd-vhosts.conf
…
Reload Apache configuration[Bearbeiten]
# apachectl graceful
Add list to Mailman configuration file[Bearbeiten]
# echo "add_virtualhost('lists.domain.tld','lists.domain.tld')" >> /usr/local/mailman/Mailman/mm_cfg.py
bei geänderter SiteList
# echo "MAILMAN_SITE_LIST = '<anderer name für die liste>'" >> /usr/local/mailman/Mailman/mm_cfg.py
Plone startup script[Bearbeiten]
- aktuell nur für altes Plone
Problem mit su
Meldung: su:Sorry
Lösung noch keine gefunden
#!/bin/sh
# PROVIDE: plone
# REQUIRE: DAEMON
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf to enable plone
#
#
# plone_enable (bool): Set to "NO" by default,
# Set it to "YES" to enable
# plone
#
# plone_buildout (str): The path to plone buildout env
# file (defaults to
# /usr/local/Plone)
#
# plone_user (str): The username of the user the daemon will
# run as (defaults to www)
#
. /etc/rc.subr
name="plone"
rcvar=`set_rcvar`
load_rc_config $name
eval "${rcvar}=\${${rcvar}:-'NO'}"
plone_buildout=${plone_buildout:-"/usr/local/Plone/zinstance"}
plone_user=${plone_user:-"admin fragen"}
#command="${plone_buildout}/${name}"
#command_interpreter="/bin/sh"
start_cmd="${name}_start"
stop_cmd="${name}_stop"
plone_start()
{
plone_pid=`pgrep -f "/usr/local/bin/python2.4 ${plone_buildout}"`
if [ ${plone_pid} ]
then
echo "${name} already running (pid: ${plone_pid})"
else
echo "Starting ${name}."
su ${plone_user} -c "${plone_buildout}/bin/instance start"
fi
# ensure the server is started
plone_pid=`pgrep -f "/usr/local/bin/python2.4 ${plone_buildout}"`
if [ ${plone_pid} ]
then
echo "${name} started."
else
echo "${name} could not be started, please check the log files (${plone_buildout}/var/log/)"
fi
}
plone_stop()
{
plone_pid=`pgrep -f "/usr/local/bin/python2.4 ${plone_buildout}"`
if [ ${plone_pid} ]
then
echo "Stopping ${name}."
su ${plone_user} -c "${plone_buildout}/bin/instance stop"
else
echo "${name} not running?"
fi
# ensure the server is stopped
plone_pid=`pgrep -f "/usr/local/bin/python2.4 ${plone_buildout}"`
if [ ${plone_pid} ]
then
echo "${name} could not be stopped"
fi
}
load_rc_config $name
run_rc_command "$1"
Webmail[Bearbeiten]
Webmail bietet keine (verlässliche) Verschlüsselung. Selbst wenn die Software es kann, so werden die Schlüssel bei einem Einbruch kompromittiert und können genutzt werden, um die daneben liegenden Emails zu entschlüsseln. (ergo sinnfrei) Der StuRa sollte allerdings die Möglichkeit zur verschlüsselten Kontaktaufnahme bieten (z.B. für das Referat Soziales ... denn wer will sich schon gerne bloßstellen?) JohannesSchneemann 13:43, 15. Sep 2011 (CEST)
Samba Server[Bearbeiten]
Important Files[Bearbeiten]
- /usr/local/sbin/smbd
- /usr/local/sbin/nmbd
- /usr/local/etc/smb.conf - smbd configuration file
- /etc/inetd.conf - Internet daemon (starts smbd and nmbd)
- /usr/local/private/smbpasswd - encrypted samba passwd file
Steps[Bearbeiten]
- Make sure smbd and nmbd are installed (in /usr/local/sbin/).
- Add (or uncomment) the following lines from /etc/inetd.conf:
netbios-ssn stream tcp nowait root /usr/local/sbin/smbd smbd
netbios-ns dgram udp wait root /usr/local/sbin/nmbd nmbd
- Setup /usr/local/etc/smb.conf. Here's tyagi's file:
[global]
# workgroup = NT-Domain-Name or Workgroup-Name
workgroup = DIRT
# This option is important for security. It allows you to restrict
# connections to machines which are on your local network. The
# following example restricts access to 152.2.137, selected
# machines (my office PC and my home PC), and the "loopback" interface.
# For more examples of the syntax see the smb.conf man page
allow hosts = 152.2.137. 152.2.142.123 152.2.129.140 localhost
# This enables or disables logging of connections to a status file that
# smbstatus can read
status = yes
# You may wish to use password encryption. Please read
# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation.
# Do not enable this option unless you have read those documents
encrypt passwords = yes
# this tells Samba to use a one log file
log file = /var/log/smb.log
# Put a capping on the size of the log files (in Kb).
max log size = 100
# To make this one look like the smb.conf on topsecret
[homes]
guest ok = no
browesable = yes
read only = no
create mode = 0750
- Setup users. (note: You can only add users who exist in /etc/passwd)
# cd /usr/local/private
# cp smbpasswd smbpasswd.old
# addtosmbpass [username] < smbpasswd.old > smbpasswd.new
# mv smbpasswd.new smbpasswd
- Change existing users' passwords.
# smbpasswd [username]
- Reboot the machine to start the server.
Notes[Bearbeiten]
- There's some way to be able to access directories other than your home directory, but I haven't found it yet. The easiest way to set this up is to create symbolic links from your home directory to your favorite directories (like /usr/dirt/src, /playpen, ...).
- To access the server from a department Windows NT box, you'll have to use the server's IP address rather than its hostname (security reasons). For example, I'd access my home directory on tyagi by mapping a network drive to \\152.2.137.54\clark.
Link[Bearbeiten]
http://us1.samba.org/samba/samba.html
Skripte[Bearbeiten]
SourceForge: Projekt BSD Administration Scripts
Uhrzeit[Bearbeiten]
Salve Beastie,
lebst du in der UTC-Zeitzone?
Die Weiber wohnen doch aber alle in der CET, oder?
Kollegiale
--PaulRiegel 14:14, 18. Sep 2012 (UTC)
Web server management software[Bearbeiten]
Salvete Gemeinde,
insbesondere lieber Bereich Administration Rechentechnik,
Gibt es eine Bewertung zur Verwendung von Tool wie Webmin und dergleichen? Ferner sei das hiermit ein Gedankenanstoß. :-)
- Für FreeBSD-Ports orientierte Menschen: https://www.freebsd.org/cgi/ports.cgi?query=webmin webmin
--PaulRiegel (Diskussion) 02:31, 1. Aug. 2013 (CEST)
Hey Ho (let's Go),
Bewertung von Matthias Jakobi (Diskussion) (Bereichsleitung Administration Rechentechnik):
- Generell halte ich von solchen "Klicki bunti" Administrationsoberflächen ja nicht viel (aus mehrerlei Gründen, wenn erwünscht würde ich diese auch noch stichpunktartig aufführen), aber ich komme nicht drumherrum zu erkenn das für Personen, welche neu in dem Bereich Rechentechnik sind, Hürden mit dem Umgang von "neuartigen" Betriebssystemen bestehen. Daher würde dieses Tool zumindestens als Monitoringsystem in Betracht gezogen werden (genauere Analyse des Programmes ist noch erforderlich).
--Matthias Jakobi (Diskussion) 18:41, 1. Aug. 2013 (CEST)
Salve Matthias Jakobi,
Ave Admin,
dabei ist, aus meiner Perspektive, nicht das "klicki bunti" entscheidend, sondern die "Automatisierung". Daher die "Gegenfrage": Gibt es aktuell vergleichbare Scripte? Sofern die "Funktionalitäten" der sogenannten server management software vorhanden ist, ist alles gut. Ich möchte mich nur für "zweckmäßige" Vereinfachung ausgesprochen haben. Daher würde ich bitten, dass auch alle interessanten "Features" in Betracht gezogen werden.
Gern "konzeptioniere" ich gern mit. :-)
--PaulRiegel (Diskussion) 21:09, 1. Aug. 2013 (CEST)
Arbeitsspeicher[Bearbeiten]
X x Kingston KVR1333D3S8R9S/2G
Übersicht zu Servern durch grafische Darstellung mit Topologie[Bearbeiten]
- c3d2:Server#Topologie als "praktisches" Beispiel
- c3d2:HQ/Netz als Ergänzung
zum Schreiben:
- http://www.texample.net/tikz/examples/area/networking/
- http://www.texample.net/tikz/examples/area/computer-science/
zum Klicken:
--Paul 13:44, 14. Sep. 2015 (CEST)
alte IP-Adressen[Bearbeiten]
es fand sich ein dokument von 2007 welches 141.56.201.181 - 184 für die einzelnen Computer/Server erwähnt
FreeNAS 10 is coming up![Bearbeiten]
--Paul 04:04, 27. Mär. 2016 (CEST)
Primergy RX Cluster[Bearbeiten]
- https://www.ebay-kleinanzeigen.de/s-anzeige/857480834
- RX 300 S6 3,5 Zoll
- https://www.ebay-kleinanzeigen.de/s-anzeige/806481297
- Einschübe mit 2 x 1 TB
- https://www.ebay-kleinanzeigen.de/s-anzeige/828457335
- 2 x RX 100 S6
- https://www.ebay-kleinanzeigen.de/s-anzeige/861258924
- Platten
- https://www.ebay-kleinanzeigen.de/s-anzeige/844123461
- Einschübe
Alternativen[Bearbeiten]
- Lenovo ThinkSystem HR630X