StuRa:Server/SRS20/2016
- für limesurvey (aka Umfragen-Server)
Ports
installierte Ports
- atk
- autoconf
- autoconf-wrapper
- automake
- automake-wrapper
- bdftopcf
- bigreqsproto
- bison
- bitstream-vera
- ca_root_nss
- cairo
- cmake
- cmake-modules
- compositeproto
- curl
- cvsps
- damageproto
- db41
- dejavu
- dialog4ports
- emacs-nox11
- encodings
- expat
- fixesproto
- font-bh-ttf
- font-misc-ethiopic
- font-misc-meltho
- font-util
- fontconfig
- fontsproto
- freetype2
- gamin
- gdbm
- gdk-pixbuf2
- gettext
- gio-fam-backend
- git
- glib
- gmake
- gnomehier
- gobject-introspection
- help2man
- inputproto
- jasper
- jbigkit
- jpeg
- kbproto
- libICE
- libSM
- libX11
- libXau
- libXcomposite
- libXcursor
- libXdamage
- libXdmcp
- libXext
- libXfixes
- libXfont
- libXi
- libXinerama
- libXrandr
- libXrender
- libXt
- libcheck
- libevent
- libevent2
- libexecinfo
- libffi
- libfontenc
- libgcrypt
- libgpg-error
- libiconv
- libidn
- libpthread-stubs
- libsigsegv
- libtool
- libxcb
- libxml2
- libxslt
- libyaml
- lynx
- m4
- mkfontdir
- mkfontscale
- nano
- p5-Error
- p5-ExtUtils-Constant
- p5-IO-Socket-IP
- p5-IO-Socket-SSL
- p5-Locale-gettext
- p5-Net-SMTP-SSL
- p5-Net-SSLeay
- p5-Socket
- pango
- pcre
- perl-threaded
- pixman
- pkgconf
- png
- portaudit
- portupgrade
- py27-wikitools
- python27
- python33
- randrproto
- renderproto
- ruby
- ruby18-bdb
- ruby19-bdb
- ruby19-date2
- tiff
- tmux
- unzip
- vim-lite
- wget
- xcb-proto
- xcb-util
- xcb-util-renderutil
- xcmiscproto
- xextproto
- xf86bigfontproto
- xineramaproto
- xorg-fonts-truetype
- xorg-macros
- xproto
- xtrans
- zsh
konfigurierte Ports
freetype2
OPTIONS_FILE_UNSET+=CFF_HINTING_ADOBE OPTIONS_FILE_UNSET+=LCD_FILTERING
jasper
OPTIONS_FILE_UNSET+=OPENGL OPTIONS_FILE_UNSET+=UUID
libcheck
OPTIONS_FILE_SET+=DOCS OPTIONS_FILE_SET+=EXAMPLES
libffi
OPTIONS_FILE_UNSET+=TESTS
libxml2
OPTIONS_FILE_UNSET+=MEM_DEBUG OPTIONS_FILE_SET+=SCHEMA OPTIONS_FILE_SET+=THREADS OPTIONS_FILE_UNSET+=THREAD_ALLOC OPTIONS_FILE_UNSET+=XMLLINT_HIST
libxslt
OPTIONS_FILE_SET+=CRYPTO OPTIONS_FILE_UNSET+=MEM_DEBUG
png
OPTIONS_FILE_UNSET+=APNG
python27
OPTIONS_FILE_SET+=EXAMPLES OPTIONS_FILE_UNSET+=FPECTL OPTIONS_FILE_SET+=IPV6 OPTIONS_FILE_SET+=NLS OPTIONS_FILE_UNSET+=PTH OPTIONS_FILE_SET+=PYMALLOC OPTIONS_FILE_UNSET+=SEM OPTIONS_FILE_SET+=THREADS OPTIONS_FILE_UNSET+=UCS2 OPTIONS_FILE_SET+=UCS4
ruby18-bdb
OPTIONS_FILE_SET+=DOCS OPTIONS_FILE_UNSET+=EXAMPLES
zusätzliche Konfigurationsdateien
Jail
/etc/rc.conf
apache22_enable="YES"
mysql_enable="YES"
Konfiguration der Programme
Apache22
httpd.conf
…
LoadModule php5_module libexec/apache22/libphp5.so
<IfModule php5_module>
DirectoryIndex index.php index.html
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
</IfModule>
...
ServerName <domain>:80
...
Include etc/apache22/extra/httpd-ssl.conf
...
ServerTokens ProductOnly
ServerSignature Off
/extra/httpd-ssl.conf
Listen <IP>:443
...
<VirtualHost <IP>:443>
...
Serveradmin <mailadresse>
...
Servername <domain>
...
SSLEngine on
...
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
...
SSLCertificateFile "/usr/local/www/apache22/data/ssl/certs/cert.pem"
...
SSLCertificateKeyFile "/usr/local/www/apache22/data/ssl/key/key.pem"
...
SSLCACertificateFile "/usr/local/www/apache22/data/ssl/certs/cazertifikate.pem"
...
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
/extra/httpd-vhost.conf
NameVirtualHost <IP>:80
...
<VirtualHost 1<IP>:80>
ServerAdmin webmaster@<domain>
DocumentRoot "/usr/local/www/limesurvey/"
ServerName <domain>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]
RewriteCond %{SERVER_PORT} !443
RewriteRule (.*) https://<domain> [R]
</VirtualHost>
- data/
- impressum.html erstellt
- images/
- image00.jpg
- image01.png
manuelles Starten vom Apache22 ist nötig
Während des Startens von Apache wird das Passwort für das Zertifikat (SSL) angefragt. Es ist manuell einzugeben. Daher kann Apache nie von allein (trotz Eintrag für das Starten von Diensten) ordentlich starten.
service apache22 onestart
Performing sanity check on apache22 configuration:
Syntax OK Starting apache22.
Apache/2.2.26 mod_ssl/2.2.26 (Pass Phrase Dialog) Some of your private key files are encrypted for security reasons. In order to read them you have to provide the pass phrases. Server umfragen.stura.htw-dresden.de:443 (RSA)
Enter pass phrase:
OK: Pass Phrase Dialog successful.
Änderung ab 10.07.2015 - Der Passphrasenzwang wurde aus dem Zertifikateskey entfernt!
Limesurvey
config.php
$databasepass = '<mysqlpassword>';
...
$defaultuser = '<adminusername>';
$defaultpass = '<password>';
...
$siteadminemail = 'umfragen@stura.htw-dresden.de';
$siteadminbounce = 'umfragen@stura.htw-dresden.de';
$siteadminname = 'StuRa HTW Dresden';
SQL Import
- limesurvey/admin/cmdline_importsurvey.php
php cmdline_importsurvey <File to import> [<user> <password>]
Mysql-server
- starten
/usr/local/etc/rc.d/mysql-server onestart
- Password setzen
mysqladmin -u <benutzer> password <password>