Server/SRS1/2017: Unterschied zwischen den Versionen

Aus Wiki StuRa HTW Dresden
Zur Navigation springen Zur Suche springen
K (PaulRiegel verschob die Seite Server/Jails/SRS1 nach Server/SRS1/2017)
 
(28 dazwischenliegende Versionen von 4 Benutzern werden nicht angezeigt)
Zeile 1: Zeile 1:
* die plone-kiste
; Verwendungszweck:
'''Lauffähig'''
* [[Plone]] ([[Website]]) für [http://www.stura.htw-dresden.de www.stura.htw-dresden.de]
noch nen Dump ziehen vom alten Plone4 und dann übertragen
* [[w:de:Webschnittstelle|Webschnittstelle]] [[Chat]] für [http://chat.htw.stura-dresden.de chat.htw.stura-dresden.de]


*noch portaudit installieren
'''Lauft!'''


== Plone ==
== Plone ==
Zeile 15: Zeile 15:
Plone 4.0.5 to 4.1 fehlgeschlagen
Plone 4.0.5 to 4.1 fehlgeschlagen


== Ports ==
* im verzeichnis von …/GenericSetup die rolemap.xml angelegt
link : [https://plone.org/documentation/kb/grant-collection-attopic-permissions-to-contributors-and-editors]


=== Apache22 ===
<?xml version="1.0" encoding="UTF-8"?>
<rolemap>
<code>
  <permissions>
[X] THREADS              Enable threads support in APR
    <permission name="ATContentTypes Topic: Add ATBooleanCriterion" acquire="True">
[ ] MYSQL                Enable MySQL support for apr-dbd
      <role name="Contributor"/>
[ ] PGSQL                Enable PostgreSQL support for apr-dbd
    </permission>
[ ] SQLITE                Enable SQLite support for apr-dbd
    <permission name="ATContentTypes Topic: Add ATCurrentAuthorCriterion" acquire="True">
[X] IPV6                  Enable IPv6 support
      <role name="Contributor"/>
[ ] BDB                  Enable BerkeleyDB dbm
    </permission>
[X] AUTH_BASIC            Enable mod_auth_basic
    <permission name="ATContentTypes Topic: Add ATDateCriteria" acquire="True">
[X] AUTH_DIGEST          Enable mod_auth_digest
      <role name="Contributor"/>
[X] AUTHN_FILE            Enable mod_authn_file
    </permission>
[ ] AUTHN_DBD            Enable mod_authn_dbd
    <permission name="ATContentTypes Topic: Add ATDateRangeCriterion" acquire="True">
[X] AUTHN_DBM            Enable mod_authn_dbm
      <role name="Contributor"/>
[X] AUTHN_ANON            Enable mod_authn_anon
    </permission>
[X] AUTHN_DEFAULT        Enable mod_authn_default
    <permission name="ATContentTypes Topic: Add ATListCriterion" acquire="True">
[X] AUTHN_ALIAS          Enable mod_authn_alias
      <role name="Contributor"/>
[X] AUTHZ_HOST            Enable mod_authz_host
    </permission>
[X] AUTHZ_GROUPFILE       Enable mod_authz_groupfile
    <permission name="ATContentTypes Topic: Add ATPathCriterion" acquire="True">
[X] AUTHZ_USER            Enable mod_authz_user
      <role name="Contributor"/>
[X] AUTHZ_DBM            Enable mod_authz_dbm
    </permission>
[X] AUTHZ_OWNER          Enable mod_authz_owner
    <permission name="ATContentTypes Topic: Add ATPortalTypeCriterion" acquire="True">
[X] AUTHZ_DEFAULT        Enable mod_authz_default
       <role name="Contributor"/>
[X] CACHE                Enable mod_cache
    </permission>
[X] DISK_CACHE            Enable mod_disk_cache
    <permission name="ATContentTypes Topic: Add ATReferenceCriterion" acquire="True">
[X] FILE_CACHE            Enable mod_file_cache
      <role name="Contributor"/>
[X] MEM_CACHE            Enable mod_mem_cache
    </permission>
[X] DAV                  Enable mod_dav
    <permission name="ATContentTypes Topic: Add ATRelativePathCriterion" acquire="True">
[X] DAV_FS                Enable mod_dav_fs
      <role name="Contributor"/>
[ ] BUCKETEER            Enable mod_bucketeer
    </permission>
[ ] CASE_FILTER          Enable mod_case_filter
    <permission name="ATContentTypes Topic: Add ATSelectionCriterion" acquire="True">
[ ] CASE_FILTER_IN        Enable mod_case_filter_in
      <role name="Contributor"/>
[ ] EXT_FILTER            Enable mod_ext_filter
    </permission>
[ ] LOG_FORENSIC          Enable mod_log_forensic
    <permission name="ATContentTypes Topic: Add ATSimpleIntCriterion" acquire="True">
[ ] OPTIONAL_HOOK_EXPORT  Enable mod_optional_hook_export
      <role name="Contributor"/>
[ ] OPTIONAL_HOOK_IMPORT  Enable mod_optional_hook_import
    </permission>
[ ] OPTIONAL_FN_IMPORT    Enable mod_optional_fn_import
    <permission name="ATContentTypes Topic: Add ATSimpleStringCriterion" acquire="True">
[ ] OPTIONAL_FN_EXPORT    Enable mod_optional_fn_export
      <role name="Contributor"/>
[ ] LDAP                  Enable mod_ldap
    </permission>
[ ] AUTHNZ_LDAP          Enable mod_authnz_ldap
    <permission name="ATContentTypes Topic: Add ATSortCriterion" acquire="True">
[X] ACTIONS              Enable mod_actions
      <role name="Contributor"/>
[X] ALIAS                Enable mod_alias
    </permission>
[X] ASIS                  Enable mod_asis
    <permission name="Add portal topics" acquire="True">
[X] AUTOINDEX            Enable mod_autoindex
      <role name="Contributor"/>
[X] CERN_META            Enable mod_cern_meta
    </permission>
  [ ] CGI                  Enable mod_cgi
    <permission name="Change portal topics" acquire="True">
[X] CHARSET_LITE          Enable mod_charset_lite
      <role name="Editor"/>
[ ] DBD                  Enable mod_dbd
    </permission>
[X] DEFLATE              Enable mod_deflate
  </permissions>
[X] DIR                  Enable mod_dir
  </rolemap>
[X] DUMPIO                Enable mod_dumpio
 
[X] ENV                  Enable mod_env
== [[Server/Jails/SRS1/Ports |Ports]] ==
[X] EXPIRES              Enable mod_expires
{{:Server/Jails/SRS1/Ports}}
[X] HEADERS              Enable mod_headers
 
[X] IMAGEMAP              Enable mod_imagemap
== Konfiguration der Programme ==
[X] INCLUDE              Enable mod_include
 
[X] INFO                  Enable mod_info
=== Konfiguration Plone ===
  [X] LOG_CONFIG            Enable mod_log_config
; für Backup aktivierung
  [X] LOGIO                Enable mod_logio
* in die buildout.cfg schreiben unter der überschrift [buildout]
  [X] MIME                  Enable mod_mime
  ########################################## ##
  [X] MIME_MAGIC            Enable mod_mime_magic
  # Parts Specification
  [X] NEGOTIATION          Enable mod_negotiation
  #--------------------
  [X] REWRITE              Enable mod_rewrite
  # Specifies the components that should be included in the buildout.
  [X] SETENVIF              Enable mod_setenvif
  # All the basics are in the base.cfg extension; you may add your
[X] SPELING              Enable mod_speling
  # own if you need them at the end of this file.
[X] STATUS                Enable mod_status
  parts =
[ ] UNIQUE_ID            Enable mod_unique_id
    instance
[ ] USERDIR              Enable mod_userdir
    zopepy
[ ] USERTRACK            Enable mod_usertrack
    zopeskel
[X] VHOST_ALIAS          Enable mod_vhost_alias
    unifiedinstaller
[X] FILTER                Enable mod_filte
    chown
[ ] SUBSTITUTE            Enable mod_substitute
    '''backup'''
[X] VERSION              Enable mod_version
    '''repozo'''
[X] PROXY                Enable mod_proxy
 
[X] PROXY_CONNECT        Enable mod_proxy_connect
* [backup] am Schluss hin schreiben und weitere Parameter eintragen (buildout.cfg)
  [X] PATCH_PROXY_CONNECT  Patch proxy_connect SSL support
  [backup]
  [ ] PROXY_FTP            Enable mod_proxy_ftp
  recipe = collective.recipe.backup
  [X] PROXY_HTTP            Enable mod_proxy_http
  keep = 4
  [ ] PROXY_AJP            Enable mod_proxy_ajp
  full = true
  [X] PROXY_BALANCER        Enable mod_proxy_balancer
  debug = false
  [ ] PROXY_SCGI            Enable mod_proxy_scgi
  snapshotlocation = /root/plonebackup/snapshot
  [X] SSL                  Enable mod_ssl
  backup_blobs = true
  [ ] SUEXEC                Enable mod_suexec
  blobsnapshotlocation = /root/plonebackup/blobsnapshots
  [ ] SUEXEC_RSRCLIMIT      SuEXEC rlimits based on login class
  gzip = true
  [X] REQTIMEOUT            Enable mod_reqtimeout
  enable_snapshotrestore = false
[ ] CGID                  Enable mod_cgid
 
</code>
; wenn die Datei repozo.py fehlte (buildout.cfg)


=== apr-ipv6-devrandom-gdbm-db42 ===
[repozo]
recipe = zc.recipe.egg
eggs = ZODB3
scripts = repozo


<code>
; /etc/crontab
[X] THREADS    Enable Threads in apr
[X] IPV6      Enable IPV6 Support in apr
[X] BDB        Enable Berkley BDB support in apr-util
[X] GDBM      Enable GNU dbm support in apr-util
[ ] LDAP      Enable LDAP support in apr-util
[ ] MYSQL      Enable MySQL suport in apr-util
[ ] NDBM      Enable NDBM support in apr-util
[ ] PGSQL      Enable Postgresql suport in apr-util
[ ] SQLITE    Enable SQLite3 support in apr-util
[X] DEVRANDOM  Use /dev/random or compatible in apr
</code>


=== gdbm ===
# Plone inkrementelles Backup
*      23      *      *      6      root    <path/to/plone>/zinstance/bin/backup
# Plone Fullbackup (snapshot)
*      20      5      *      *      root    <path/to/plone>/zinstance/bin/snapshotbackup


<code>
=== Konfiguration Apache22 ===
[ ] COMPAT  dbm/ndbm compatibility
</code>


=== python27 ===
* httpd.conf


  <code>
  <code>
  [X] THREADS          Enable thread support
  ServerTokens ProductOnly
  [ ] HUGE_STACK_SIZE  Use a larger thread stack
  ServerSignature Off
[ ] SEM              Use POSIX semaphores (experimental)
[ ] PTH              Use GNU Pth for threading/multiprocessing
[X] UCS4            Use UCS4 for unicode support
[X] PYMALLOC        Use python's internal malloc
[X] IPV6            Enable IPv6 support
[ ] FPECTL          Enable floating point exception handling
  </code>
  </code>
== Konfiguration der Programme ==
=== Apache22 ===


* extra/httpd-vhost.conf
* extra/httpd-vhost.conf
Zeile 263: Zeile 247:
  ExpiresByType text/xml A3600
  ExpiresByType text/xml A3600
   
   
  CustomLog "/var/log/www.stura.htw-dresden.de-access_log" common
  # CustomLog "/var/log/www.stura.htw-dresden.de-access_log" common
   
   
  </VirtualHost>
  </VirtualHost>
  </code>
  </code>
== Konfiguration von Skripten ==
==== rc.d scripting Plone ====
Seit Anbeginn (nun mehrere Jahre) hat der Betrieb von [[Plone]] auf [[srs1]] ein großes Manko: Plone startet nicht von allein. Daher musste sich auf [[srs1]] manuell angemeldet werden und [[Plone]] musste "von Hand" gestartet werden. Das soll nun anders sein.
: <code>$EDITOR /usr/local/etc/rc.d/plone</code>
<pre>
#!/bin/sh
# PROVIDE: plone
# REQUIRE: LOGIN
# KEYWORD: shutdown
. /etc/rc.subr
name="plone"
rcvar=plone_enable
start_cmd="${name}_start"
stop_cmd="${name}_stop"
restart_cmd="${name}_restart"
status_cmd="${name}_status"
extra_commands="status"
load_rc_config ${name}
#: ${plone_enable:="NO"}
plone_stop()
{
        /usr/local/Plone/zinstance/bin/plonectl stop
}
plone_status()
{
        /usr/local/Plone/zinstance/bin/plonectl status
}
plone_start()
{
        /usr/local/Plone/zinstance/bin/plonectl start
}
plone_restart()
{
        /usr/local/Plone/zinstance/bin/plonectl restart
}
run_rc_command "$1"
</pre>
Anpassen der Berechtigung für eine Datei für ''rc.d''
: <code>chmod 540 /usr/local/etc/rc.d/plone</code>
: Kontrollieren der Berechtigung für eine Datei für ''rc.d''
:: <code>ls -l /usr/local/etc/rc.d/plone</code>
<pre>
-r-xr-----  1 root  wheel  603 Oct 23 18:34 /usr/local/etc/rc.d/plone
</pre>
Selbstverständlich bedarf es auch noch dem Eintrag in der ''rc.conf'', um Anzuzeigen, dass ''plone '' gestartet werden soll kann.
: <code>echo 'plone_enable="YES"' >> /etc/rc.conf</code>
Eigentlich ist die Datei für ''rc.d'' relativ simpel. (Der Bezug sind die komplexen Varianten, die ''rc.d'' und entsprechende Dateien mit sich brinken können.)
* ''/usr/local/Plone/zinstance/bin/plonectl'' ist die Stelle und Datei zur Verwaltung des Betriebes von Plone. (Woher die Auswahl dieses Stelle stammt ist nicht näher bekannt.)
* Bei der Entfernung der Auskommentierung bei '''''#''': ${plone_enable:="NO"}'' würde Plone nicht zu Starten der Jail selbst starten. Jedoch wären aber noch alle anderen gewünschten Funktionalitäten von ''rc.d'' verfügbar.
* Folgende Befehle sind nun mittels ''rc.d'' verfügbar:
** <code>service plone stop</code>
**: Stoppen von Plone
** <code>service plone stauts</code>
**: Status von Plone ausgeben lassen
** <code>service plone start</code>
**: Starten von Plone
** <code>service plone restart</code>
**: Neustarten von Plone
*:.
Läuft!
== Weblinks ==
* [http://www.imn.htwk-leipzig.de/~mfrank/lehre/osem_10/CBecker_Backup_Datensicherung_Vortrag.pdf PDF File für Plone 4 Backup]
* [https://plone.org/documentation/manual/upgrade-guide Upgrade Manual]
[[Kategorie:Rechentechnik]]
[[Kategorie:Software]]
[[Kategorie:Jail]]

Aktuelle Version vom 25. Februar 2018, 16:22 Uhr

Verwendungszweck

Lauft!

Plone[Bearbeiten]

Plone 4.0.5 via UnifiedInstaller installieren.


install.sh --password=<password>  standalone

Plone 4.0.5 to 4.1 fehlgeschlagen

  • im verzeichnis von …/GenericSetup die rolemap.xml angelegt

link : [1]

<?xml version="1.0" encoding="UTF-8"?>
<rolemap>
 <permissions>
   <permission name="ATContentTypes Topic: Add ATBooleanCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATCurrentAuthorCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATDateCriteria" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATDateRangeCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATListCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATPathCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATPortalTypeCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATReferenceCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATRelativePathCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATSelectionCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATSimpleIntCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATSimpleStringCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="ATContentTypes Topic: Add ATSortCriterion" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="Add portal topics" acquire="True">
     <role name="Contributor"/>
   </permission>
   <permission name="Change portal topics" acquire="True">
      <role name="Editor"/>
    </permission>
 </permissions>
</rolemap>

Ports[Bearbeiten]

installierte Ports[Bearbeiten]

  • atk
  • autoconf
  • autoconf-wrapper
  • automake
  • automake-wrapper
  • bdftopcf
  • bigreqsproto
  • bison
  • bitstream-vera
  • ca_root_nss
  • cairo
  • cmake
  • cmake-modules
  • compositeproto
  • curl
  • cvsps
  • damageproto
  • db41
  • dejavu
  • dialog4ports
  • emacs-nox11
  • encodings
  • expat
  • fixesproto
  • font-bh-ttf
  • font-misc-ethiopic
  • font-misc-meltho
  • font-util
  • fontconfig
  • fontsproto
  • freetype2
  • gamin
  • gdbm
  • gdk-pixbuf2
  • gettext
  • gio-fam-backend
  • git
  • glib
  • gmake
  • gnomehier
  • gobject-introspection
  • help2man
  • inputproto
  • jasper
  • jbigkit
  • jpeg
  • kbproto
  • libICE
  • libSM
  • libX11
  • libXau
  • libXcomposite
  • libXcursor
  • libXdamage
  • libXdmcp
  • libXext
  • libXfixes
  • libXfont
  • libXi
  • libXinerama
  • libXrandr
  • libXrender
  • libXt
  • libcheck
  • libevent
  • libevent2
  • libexecinfo
  • libffi
  • libfontenc
  • libgcrypt
  • libgpg-error
  • libiconv
  • libidn
  • libpthread-stubs
  • libsigsegv
  • libtool
  • libxcb
  • libxml2
  • libxslt
  • libyaml
  • lynx
  • m4
  • mkfontdir
  • mkfontscale
  • nano
  • p5-Error
  • p5-ExtUtils-Constant
  • p5-IO-Socket-IP
  • p5-IO-Socket-SSL
  • p5-Locale-gettext
  • p5-Net-SMTP-SSL
  • p5-Net-SSLeay
  • p5-Socket
  • pango
  • pcre
  • perl-threaded
  • pixman
  • pkgconf
  • png
  • portaudit
  • portupgrade
  • py27-wikitools
  • python27
  • python33
  • randrproto
  • renderproto
  • ruby
  • ruby
  • ruby18-bdb
  • ruby19-bdb
  • ruby19-date2
  • tiff
  • tmux
  • unzip
  • vim-lite
  • wget
  • xcb-proto
  • xcb-util
  • xcb-util-renderutil
  • xcmiscproto
  • xextproto
  • xf86bigfontproto
  • xineramaproto
  • xorg-fonts-truetype
  • xorg-macros
  • xproto
  • xtrans
  • zsh

konfigurierte Ports[Bearbeiten]

cairo[Bearbeiten]

OPTIONS_FILE_SET+=GLIB
OPTIONS_FILE_UNSET+=OPENGL
OPTIONS_FILE_SET+=X11
OPTIONS_FILE_SET+=XCB

freetype2[Bearbeiten]

OPTIONS_FILE_UNSET+=CFF_HINTING_ADOBE
OPTIONS_FILE_UNSET+=LCD_FILTERING

gamin[Bearbeiten]

OPTIONS_FILE_UNSET+=GAM_POLLER
OPTIONS_FILE_UNSET+=LIBINOTIFY
OPTIONS_FILE_SET+=RUN_AS_EUID

gdk-pixbuf2[Bearbeiten]

OPTIONS_FILE_SET+=JASPER
OPTIONS_FILE_SET+=JPEG
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_SET+=PNG
OPTIONS_FILE_SET+=TIFF

jasper[Bearbeiten]

OPTIONS_FILE_UNSET+=OPENGL
OPTIONS_FILE_UNSET+=UUID

libcheck[Bearbeiten]

OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_UNSET+=EXAMPLES

libevent2[Bearbeiten]

OPTIONS_FILE_SET+=OPENSSL
OPTIONS_FILE_SET+=THREADS

libffi[Bearbeiten]

OPTIONS_FILE_UNSET+=TESTS

libxml2[Bearbeiten]

OPTIONS_FILE_UNSET+=MEM_DEBUG
OPTIONS_FILE_SET+=SCHEMA
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=THREAD_ALLOC
OPTIONS_FILE_UNSET+=XMLLINT_HIST

libxslt[Bearbeiten]

OPTIONS_FILE_SET+=CRYPTO
OPTIONS_FILE_UNSET+=MEM_DEBUG

lynx[Bearbeiten]

OPTIONS_FILE_SET+=SSL
OPTIONS_FILE_SET+=DEFAULT_COLORS
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=NLS

pango[Bearbeiten]

OPTIONS_FILE_SET+=X11

pixman[Bearbeiten]

OPTIONS_FILE_SET+=SIMD

png[Bearbeiten]

OPTIONS_FILE_SET+=APNG

python27[Bearbeiten]

OPTIONS_FILE_SET+=EXAMPLES
OPTIONS_FILE_UNSET+=FPECTL
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_UNSET+=PTH
OPTIONS_FILE_SET+=PYMALLOC
OPTIONS_FILE_UNSET+=SEM
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=UCS2
OPTIONS_FILE_SET+=UCS4

ruby18-bdb[Bearbeiten]

OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_UNSET+=EXAMPLES

tmux[Bearbeiten]

OPTIONS_FILE_SET+=BACKSPACE
OPTIONS_FILE_SET+=LIBEVENT2
OPTIONS_FILE_UNSET+=LIBEVENT_STATIC

Konfiguration der Programme[Bearbeiten]

Konfiguration Plone[Bearbeiten]

für Backup aktivierung
  • in die buildout.cfg schreiben unter der überschrift [buildout]
########################################## ##
# Parts Specification
#--------------------
# Specifies the components that should be included in the buildout.
# All the basics are in the base.cfg extension; you may add your
# own if you need them at the end of this file.
parts =
   instance
   zopepy
   zopeskel
   unifiedinstaller
   chown
   backup
   repozo
  • [backup] am Schluss hin schreiben und weitere Parameter eintragen (buildout.cfg)
[backup]
recipe = collective.recipe.backup
keep = 4
full = true
debug = false
snapshotlocation = /root/plonebackup/snapshot
backup_blobs = true
blobsnapshotlocation = /root/plonebackup/blobsnapshots
gzip = true
enable_snapshotrestore = false
wenn die Datei repozo.py fehlte (buildout.cfg)
[repozo]
recipe = zc.recipe.egg
eggs = ZODB3
scripts = repozo
/etc/crontab
# Plone inkrementelles Backup
*       23      *       *       6       root    <path/to/plone>/zinstance/bin/backup
# Plone Fullbackup (snapshot)
*       20      5       *       *       root    <path/to/plone>/zinstance/bin/snapshotbackup

Konfiguration Apache22[Bearbeiten]

  • httpd.conf

ServerTokens ProductOnly
ServerSignature Off

  • extra/httpd-vhost.conf

<VirtualHost *:80>

# A sample VirtualHost section for using Apache as a webserver
# instead of Zope.
# ServerName is the url of your website.

ServerName <domain>
# ServerName 127.0.0.1
# Add serverAlias lines for other domain names that should
# point to this website. They will be rewritten by Apache to
# the ServerName, so that anyone going to www.site.com
# will be invisibly redirected to site.com in their browser.

ServerAlias domain

# ServerAdmin is your email address, which shows up on error
# pages when Apache cannot connect to Zope.

ServerAdmin adminmail

# The ProxyPass and ProxyPassReverse lines are the magic
# ingredients. They rewite requests to http://site.com and
# pass the entire request through to Zope on
# http://site.com:8080. The VirtualHostBase ensures that
# when the page goes back to the browser, it goes out through
# Apache, and appears to have come from http://site.com.

# The line is made up from:

# ProxyPass or ProxyPassReverse

# / is the url at http://site.com that you wish to use to
# point to the Zope site. You could keep http://site.com as a
# flat HTML site in Apache, and replace / with /zope to make
# http://site/com/zope point to your zope site.
# http://site.com:8080 is the address that your zope is
# running on.

# /VirtualHostBase/http/site.com:80 makes sure that zope
# *thinks* it is running at http://site.com instead of at
# http://site.com:8080. You don't have to do anything else
# in Zope to make this work.

# /yourplonesite is the location of your Plone Site within Zope.
# If you added a Plone Site into the root of your Zope with an id
# of 'mysite', then you just change this bit to /mysite

# /VirtualHostRoot/ makes your Plone site think it is the root of the site.

ProxyPass / http://127.0.0.1:8080/VirtualHostBase/http/<domain>:80/Plone/VirtualHostRoot/
ProxyPassReverse / http://127.0.0.1:8080/VirtualHostBase/http/<domain>:80/Plone/VirtualHostRoot/

# CacheRoot is the location on the filesystem to store files that
# Apache caches. This directory must be created, and the user that
# Apache runs as must have full write permissions to it.
# It's a bad idea to create this in the /tmp directory, as the
# directory itself will then be deleted when you reboot.

CacheRoot "/var/cache/www.stura.htw-dresden.de"
CacheEnable disk /

# CacheSize determines how big this cache can get in KB. It's a
# good idea that this number is about 30% less than the available
# space in the CacheRoot directory. Here we choose to cache 100MB
# of data, which is enough for a personal website, but not for
# anything larger.
MCacheSize 524288
MCacheMaxObjectCount 100000
MCacheMinObjectSize 1
MCacheMaxObjectSize 200000
# CacheGcInterval specifies how often (in hours) to examine the
# cache and delete obsolete files.
#CacheGcInterval 2

# CacheLastModifiedFactor allows the estimation of an expiry date
# for a page if it doesn't have an expiry-date specified in the
# HTTP headers returned from Zope. This is based on (time since
# last modification * CacheLastModifiedFactor), so that content
# that is ten hours old would be given an expiry date of 1 hour in
# the future.
CacheLastModifiedFactor 0.1

# CacheDefaultExpire sets a default expiry time of 0,5 hour into the
# future for cached pages.
CacheDefaultExpire 0.5

# CacheDirLength sets the number of characters used in directory
# names for subdirectories of CacheRoot
CacheDirLength 3

# The following definitions set expiry times for various content
# types. In this list, each content type defined is cached for a
# maximum period of 1 hour (3600 seconds) before it must be checked
# again. Non-listed content types are not cached.

ExpiresActive On
expiresByType image/ief A3600
ExpiresByType image/tiff A3600
ExpiresByType image/bmp A3600
ExpiresByType image/gif A3600
ExpiresByType image/png A3600
ExpiresByType image/jpeg A3600
ExpiresByType image/x-cmu-raster A3600
ExpiresByType image/x-portable-anymap A3600
ExpiresByType image/x-portable-bitmap A3600
ExpiresByType image/x-portable-graymap A3600
ExpiresByType image/x-portable-pixmap A3600
ExpiresByType image/x-rgb  A3600
ExpiresByType image/x-xbitmap A3600
ExpiresByType image/x-xpixmap A3600
ExpiresByType image/x-xwindowdump A3600
ExpiresByType text/css A3600
ExpiresByType text/javascript A3600
ExpiresByType application/x-javascript A3600
ExpiresByType text/html A3600
ExpiresByType text/xml A3600

# CustomLog "/var/log/www.stura.htw-dresden.de-access_log" common

</VirtualHost>

Konfiguration von Skripten[Bearbeiten]

rc.d scripting Plone[Bearbeiten]

Seit Anbeginn (nun mehrere Jahre) hat der Betrieb von Plone auf srs1 ein großes Manko: Plone startet nicht von allein. Daher musste sich auf srs1 manuell angemeldet werden und Plone musste "von Hand" gestartet werden. Das soll nun anders sein.

$EDITOR /usr/local/etc/rc.d/plone
#!/bin/sh
# PROVIDE: plone
# REQUIRE: LOGIN
# KEYWORD: shutdown

. /etc/rc.subr

name="plone"
rcvar=plone_enable

start_cmd="${name}_start"
stop_cmd="${name}_stop"
restart_cmd="${name}_restart"
status_cmd="${name}_status"

extra_commands="status"

load_rc_config ${name}
#: ${plone_enable:="NO"}

plone_stop()
{
        /usr/local/Plone/zinstance/bin/plonectl stop
}

plone_status()
{
        /usr/local/Plone/zinstance/bin/plonectl status
}

plone_start()
{
        /usr/local/Plone/zinstance/bin/plonectl start
}

plone_restart()
{
        /usr/local/Plone/zinstance/bin/plonectl restart
}

run_rc_command "$1"

Anpassen der Berechtigung für eine Datei für rc.d

chmod 540 /usr/local/etc/rc.d/plone
Kontrollieren der Berechtigung für eine Datei für rc.d
ls -l /usr/local/etc/rc.d/plone
-r-xr-----  1 root  wheel  603 Oct 23 18:34 /usr/local/etc/rc.d/plone

Selbstverständlich bedarf es auch noch dem Eintrag in der rc.conf, um Anzuzeigen, dass plone gestartet werden soll kann.

echo 'plone_enable="YES"' >> /etc/rc.conf

Eigentlich ist die Datei für rc.d relativ simpel. (Der Bezug sind die komplexen Varianten, die rc.d und entsprechende Dateien mit sich brinken können.)

  • /usr/local/Plone/zinstance/bin/plonectl ist die Stelle und Datei zur Verwaltung des Betriebes von Plone. (Woher die Auswahl dieses Stelle stammt ist nicht näher bekannt.)
  • Bei der Entfernung der Auskommentierung bei #: ${plone_enable:="NO"} würde Plone nicht zu Starten der Jail selbst starten. Jedoch wären aber noch alle anderen gewünschten Funktionalitäten von rc.d verfügbar.
  • Folgende Befehle sind nun mittels rc.d verfügbar:
    • service plone stop
      Stoppen von Plone
    • service plone stauts
      Status von Plone ausgeben lassen
    • service plone start
      Starten von Plone
    • service plone restart
      Neustarten von Plone
    .

Läuft!

Weblinks[Bearbeiten]