StuRa:Server/Jails
Standart Ports und Konfiguration der Jail
- Standartports sind mit Hilfe des
startup.sh-Scriptes installiert worden.
help2man
OPTIONS_FILE_SET+=NLS
libiconv
OPTIONS_FILE_SET+=EXTRA_ENCODINGS
m4
WITH_LIBSIGSEGV=true
pcre
OPTIONS_FILE_SET+=JIT
perl
OPTIONS_FILE_UNSET+=DEBUGGING
OPTIONS_FILE_UNSET+=GDBM
OPTIONS_FILE_SET+=PERL_MALLOC
OPTIONS_FILE_SET+=PERL_64BITINT
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_SET+=PTHREAD
OPTIONS_FILE_SET+=MULTIPLICITY
OPTIONS_FILE_UNSET+=SITECUSTOMIZE
OPTIONS_FILE_SET+=USE_PERL
portupgrade
OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_SET+=DB_OVERRIDE
OPTIONS_FILE_SET+=BDB4
OPTIONS_FILE_UNSET+=BDB1
ruby
OPTIONS_FILE_UNSET+=ONIGURUMA
OPTIONS_FILE_SET+=RDOC
OPTIONS_FILE_UNSET+=DEBUG
zsh
OPTIONS_FILE_UNSET+=DEBUG
OPTIONS_FILE_SET+=DOCS
OPTIONS_FILE_UNSET+=GDBM
OPTIONS_FILE_SET+=MAILDIR
OPTIONS_FILE_SET+=MEM
OPTIONS_FILE_SET+=MULTIBYTE
OPTIONS_FILE_SET+=PCRE
OPTIONS_FILE_SET+=SECURE_FREE
OPTIONS_FILE_UNSET+=STATIC
SRS1
- Verwendungszweck
Lauft!
Plone
Plone 4.0.5 via UnifiedInstaller installieren.
install.sh --password=<password> standalone
Plone 4.0.5 to 4.1 fehlgeschlagen
- im verzeichnis von …/GenericSetup die rolemap.xml angelegt
link : [1]
<?xml version="1.0" encoding="UTF-8"?>
<rolemap>
<permissions>
<permission name="ATContentTypes Topic: Add ATBooleanCriterion" acquire="True">
<role name="Contributor"/>
</permission>
<permission name="ATContentTypes Topic: Add ATCurrentAuthorCriterion" acquire="True">
<role name="Contributor"/>
</permission>
<permission name="ATContentTypes Topic: Add ATDateCriteria" acquire="True">
<role name="Contributor"/>
</permission>
<permission name="ATContentTypes Topic: Add ATDateRangeCriterion" acquire="True">
<role name="Contributor"/>
</permission>
<permission name="ATContentTypes Topic: Add ATListCriterion" acquire="True">
<role name="Contributor"/>
</permission>
<permission name="ATContentTypes Topic: Add ATPathCriterion" acquire="True">
<role name="Contributor"/>
</permission>
<permission name="ATContentTypes Topic: Add ATPortalTypeCriterion" acquire="True">
<role name="Contributor"/>
</permission>
<permission name="ATContentTypes Topic: Add ATReferenceCriterion" acquire="True">
<role name="Contributor"/>
</permission>
<permission name="ATContentTypes Topic: Add ATRelativePathCriterion" acquire="True">
<role name="Contributor"/>
</permission>
<permission name="ATContentTypes Topic: Add ATSelectionCriterion" acquire="True">
<role name="Contributor"/>
</permission>
<permission name="ATContentTypes Topic: Add ATSimpleIntCriterion" acquire="True">
<role name="Contributor"/>
</permission>
<permission name="ATContentTypes Topic: Add ATSimpleStringCriterion" acquire="True">
<role name="Contributor"/>
</permission>
<permission name="ATContentTypes Topic: Add ATSortCriterion" acquire="True">
<role name="Contributor"/>
</permission>
<permission name="Add portal topics" acquire="True">
<role name="Contributor"/>
</permission>
<permission name="Change portal topics" acquire="True">
<role name="Editor"/>
</permission>
</permissions>
</rolemap>
Ports
installierte Ports
- atk
- autoconf
- autoconf-wrapper
- automake
- automake-wrapper
- bdftopcf
- bigreqsproto
- bison
- bitstream-vera
- ca_root_nss
- cairo
- cmake
- cmake-modules
- compositeproto
- curl
- cvsps
- damageproto
- db41
- dejavu
- dialog4ports
- emacs-nox11
- encodings
- expat
- fixesproto
- font-bh-ttf
- font-misc-ethiopic
- font-misc-meltho
- font-util
- fontconfig
- fontsproto
- freetype2
- gamin
- gdbm
- gdk-pixbuf2
- gettext
- gio-fam-backend
- git
- glib
- gmake
- gnomehier
- gobject-introspection
- help2man
- inputproto
- jasper
- jbigkit
- jpeg
- kbproto
- libICE
- libSM
- libX11
- libXau
- libXcomposite
- libXcursor
- libXdamage
- libXdmcp
- libXext
- libXfixes
- libXfont
- libXi
- libXinerama
- libXrandr
- libXrender
- libXt
- libcheck
- libevent
- libevent2
- libexecinfo
- libffi
- libfontenc
- libgcrypt
- libgpg-error
- libiconv
- libidn
- libpthread-stubs
- libsigsegv
- libtool
- libxcb
- libxml2
- libxslt
- libyaml
- lynx
- m4
- mkfontdir
- mkfontscale
- nano
- p5-Error
- p5-ExtUtils-Constant
- p5-IO-Socket-IP
- p5-IO-Socket-SSL
- p5-Locale-gettext
- p5-Net-SMTP-SSL
- p5-Net-SSLeay
- p5-Socket
- pango
- pcre
- perl-threaded
- pixman
- pkgconf
- png
- portaudit
- portupgrade
- py27-wikitools
- python27
- python33
- randrproto
- renderproto
- ruby
- ruby
- ruby18-bdb
- ruby19-bdb
- ruby19-date2
- tiff
- tmux
- unzip
- vim-lite
- wget
- xcb-proto
- xcb-util
- xcb-util-renderutil
- xcmiscproto
- xextproto
- xf86bigfontproto
- xineramaproto
- xorg-fonts-truetype
- xorg-macros
- xproto
- xtrans
- zsh
konfigurierte Ports
cairo
OPTIONS_FILE_SET+=GLIB OPTIONS_FILE_UNSET+=OPENGL OPTIONS_FILE_SET+=X11 OPTIONS_FILE_SET+=XCB
freetype2
OPTIONS_FILE_UNSET+=CFF_HINTING_ADOBE OPTIONS_FILE_UNSET+=LCD_FILTERING
gamin
OPTIONS_FILE_UNSET+=GAM_POLLER OPTIONS_FILE_UNSET+=LIBINOTIFY OPTIONS_FILE_SET+=RUN_AS_EUID
gdk-pixbuf2
OPTIONS_FILE_SET+=JASPER OPTIONS_FILE_SET+=JPEG OPTIONS_FILE_SET+=NLS OPTIONS_FILE_SET+=PNG OPTIONS_FILE_SET+=TIFF
jasper
OPTIONS_FILE_UNSET+=OPENGL OPTIONS_FILE_UNSET+=UUID
libcheck
OPTIONS_FILE_SET+=DOCS OPTIONS_FILE_UNSET+=EXAMPLES
libevent2
OPTIONS_FILE_SET+=OPENSSL OPTIONS_FILE_SET+=THREADS
libffi
OPTIONS_FILE_UNSET+=TESTS
libxml2
OPTIONS_FILE_UNSET+=MEM_DEBUG OPTIONS_FILE_SET+=SCHEMA OPTIONS_FILE_SET+=THREADS OPTIONS_FILE_UNSET+=THREAD_ALLOC OPTIONS_FILE_UNSET+=XMLLINT_HIST
libxslt
OPTIONS_FILE_SET+=CRYPTO OPTIONS_FILE_UNSET+=MEM_DEBUG
lynx
OPTIONS_FILE_SET+=SSL OPTIONS_FILE_SET+=DEFAULT_COLORS OPTIONS_FILE_SET+=IPV6 OPTIONS_FILE_SET+=NLS
pango
OPTIONS_FILE_SET+=X11
pixman
OPTIONS_FILE_SET+=SIMD
png
OPTIONS_FILE_SET+=APNG
python27
OPTIONS_FILE_SET+=EXAMPLES OPTIONS_FILE_UNSET+=FPECTL OPTIONS_FILE_SET+=IPV6 OPTIONS_FILE_SET+=NLS OPTIONS_FILE_UNSET+=PTH OPTIONS_FILE_SET+=PYMALLOC OPTIONS_FILE_UNSET+=SEM OPTIONS_FILE_SET+=THREADS OPTIONS_FILE_UNSET+=UCS2 OPTIONS_FILE_SET+=UCS4
ruby18-bdb
OPTIONS_FILE_SET+=DOCS OPTIONS_FILE_UNSET+=EXAMPLES
tmux
OPTIONS_FILE_SET+=BACKSPACE OPTIONS_FILE_SET+=LIBEVENT2 OPTIONS_FILE_UNSET+=LIBEVENT_STATIC
Konfiguration der Programme
Konfiguration Plone
- für Backup aktivierung
- in die buildout.cfg schreiben unter der überschrift [buildout]
########################################## ## # Parts Specification #-------------------- # Specifies the components that should be included in the buildout. # All the basics are in the base.cfg extension; you may add your # own if you need them at the end of this file. parts = instance zopepy zopeskel unifiedinstaller chown backup repozo
- [backup] am Schluss hin schreiben und weitere Parameter eintragen (buildout.cfg)
[backup] recipe = collective.recipe.backup keep = 4 full = true debug = false snapshotlocation = /root/plonebackup/snapshot backup_blobs = true blobsnapshotlocation = /root/plonebackup/blobsnapshots gzip = true enable_snapshotrestore = false
- wenn die Datei repozo.py fehlte (buildout.cfg)
[repozo] recipe = zc.recipe.egg eggs = ZODB3 scripts = repozo
- /etc/crontab
# Plone inkrementelles Backup * 23 * * 6 root <path/to/plone>/zinstance/bin/backup # Plone Fullbackup (snapshot) * 20 5 * * root <path/to/plone>/zinstance/bin/snapshotbackup
Konfiguration Apache22
- httpd.conf
ServerTokens ProductOnly
ServerSignature Off
- extra/httpd-vhost.conf
<VirtualHost *:80>
# A sample VirtualHost section for using Apache as a webserver
# instead of Zope.
# ServerName is the url of your website.
ServerName <domain>
# ServerName 127.0.0.1
# Add serverAlias lines for other domain names that should
# point to this website. They will be rewritten by Apache to
# the ServerName, so that anyone going to www.site.com
# will be invisibly redirected to site.com in their browser.
ServerAlias domain
# ServerAdmin is your email address, which shows up on error
# pages when Apache cannot connect to Zope.
ServerAdmin adminmail
# The ProxyPass and ProxyPassReverse lines are the magic
# ingredients. They rewite requests to http://site.com and
# pass the entire request through to Zope on
# http://site.com:8080. The VirtualHostBase ensures that
# when the page goes back to the browser, it goes out through
# Apache, and appears to have come from http://site.com.
# The line is made up from:
# ProxyPass or ProxyPassReverse
# / is the url at http://site.com that you wish to use to
# point to the Zope site. You could keep http://site.com as a
# flat HTML site in Apache, and replace / with /zope to make
# http://site/com/zope point to your zope site.
# http://site.com:8080 is the address that your zope is
# running on.
# /VirtualHostBase/http/site.com:80 makes sure that zope
# *thinks* it is running at http://site.com instead of at
# http://site.com:8080. You don't have to do anything else
# in Zope to make this work.
# /yourplonesite is the location of your Plone Site within Zope.
# If you added a Plone Site into the root of your Zope with an id
# of 'mysite', then you just change this bit to /mysite
# /VirtualHostRoot/ makes your Plone site think it is the root of the site.
ProxyPass / http://127.0.0.1:8080/VirtualHostBase/http/<domain>:80/Plone/VirtualHostRoot/
ProxyPassReverse / http://127.0.0.1:8080/VirtualHostBase/http/<domain>:80/Plone/VirtualHostRoot/
# CacheRoot is the location on the filesystem to store files that
# Apache caches. This directory must be created, and the user that
# Apache runs as must have full write permissions to it.
# It's a bad idea to create this in the /tmp directory, as the
# directory itself will then be deleted when you reboot.
CacheRoot "/var/cache/www.stura.htw-dresden.de"
CacheEnable disk /
# CacheSize determines how big this cache can get in KB. It's a
# good idea that this number is about 30% less than the available
# space in the CacheRoot directory. Here we choose to cache 100MB
# of data, which is enough for a personal website, but not for
# anything larger.
MCacheSize 524288
MCacheMaxObjectCount 100000
MCacheMinObjectSize 1
MCacheMaxObjectSize 200000
# CacheGcInterval specifies how often (in hours) to examine the
# cache and delete obsolete files.
#CacheGcInterval 2
# CacheLastModifiedFactor allows the estimation of an expiry date
# for a page if it doesn't have an expiry-date specified in the
# HTTP headers returned from Zope. This is based on (time since
# last modification * CacheLastModifiedFactor), so that content
# that is ten hours old would be given an expiry date of 1 hour in
# the future.
CacheLastModifiedFactor 0.1
# CacheDefaultExpire sets a default expiry time of 0,5 hour into the
# future for cached pages.
CacheDefaultExpire 0.5
# CacheDirLength sets the number of characters used in directory
# names for subdirectories of CacheRoot
CacheDirLength 3
# The following definitions set expiry times for various content
# types. In this list, each content type defined is cached for a
# maximum period of 1 hour (3600 seconds) before it must be checked
# again. Non-listed content types are not cached.
ExpiresActive On
expiresByType image/ief A3600
ExpiresByType image/tiff A3600
ExpiresByType image/bmp A3600
ExpiresByType image/gif A3600
ExpiresByType image/png A3600
ExpiresByType image/jpeg A3600
ExpiresByType image/x-cmu-raster A3600
ExpiresByType image/x-portable-anymap A3600
ExpiresByType image/x-portable-bitmap A3600
ExpiresByType image/x-portable-graymap A3600
ExpiresByType image/x-portable-pixmap A3600
ExpiresByType image/x-rgb A3600
ExpiresByType image/x-xbitmap A3600
ExpiresByType image/x-xpixmap A3600
ExpiresByType image/x-xwindowdump A3600
ExpiresByType text/css A3600
ExpiresByType text/javascript A3600
ExpiresByType application/x-javascript A3600
ExpiresByType text/html A3600
ExpiresByType text/xml A3600
# CustomLog "/var/log/www.stura.htw-dresden.de-access_log" common
</VirtualHost>
Konfiguration von Skripten
rc.d scripting Plone
Seit Anbeginn (nun mehrere Jahre) hat der Betrieb von Plone auf srs1 ein großes Manko: Plone startet nicht von allein. Daher musste sich auf srs1 manuell angemeldet werden und Plone musste "von Hand" gestartet werden. Das soll nun anders sein.
$EDITOR /usr/local/etc/rc.d/plone
#!/bin/sh
# PROVIDE: plone
# REQUIRE: LOGIN
# KEYWORD: shutdown
. /etc/rc.subr
name="plone"
rcvar=plone_enable
start_cmd="${name}_start"
stop_cmd="${name}_stop"
restart_cmd="${name}_restart"
status_cmd="${name}_status"
extra_commands="status"
load_rc_config ${name}
#: ${plone_enable:="NO"}
plone_stop()
{
/usr/local/Plone/zinstance/bin/plonectl stop
}
plone_status()
{
/usr/local/Plone/zinstance/bin/plonectl status
}
plone_start()
{
/usr/local/Plone/zinstance/bin/plonectl start
}
plone_restart()
{
/usr/local/Plone/zinstance/bin/plonectl restart
}
run_rc_command "$1"
Anpassen der Berechtigung für eine Datei für rc.d
chmod 540 /usr/local/etc/rc.d/plone- Kontrollieren der Berechtigung für eine Datei für rc.d
ls -l /usr/local/etc/rc.d/plone
-r-xr----- 1 root wheel 603 Oct 23 18:34 /usr/local/etc/rc.d/plone
Selbstverständlich bedarf es auch noch dem Eintrag in der rc.conf, um Anzuzeigen, dass plone gestartet werden soll kann.
echo 'plone_enable="YES"' >> /etc/rc.conf
Eigentlich ist die Datei für rc.d relativ simpel. (Der Bezug sind die komplexen Varianten, die rc.d und entsprechende Dateien mit sich brinken können.)
- /usr/local/Plone/zinstance/bin/plonectl ist die Stelle und Datei zur Verwaltung des Betriebes von Plone. (Woher die Auswahl dieses Stelle stammt ist nicht näher bekannt.)
- Bei der Entfernung der Auskommentierung bei #: ${plone_enable:="NO"} würde Plone nicht zu Starten der Jail selbst starten. Jedoch wären aber noch alle anderen gewünschten Funktionalitäten von rc.d verfügbar.
- Folgende Befehle sind nun mittels rc.d verfügbar:
service plone stop- Stoppen von Plone
service plone stauts- Status von Plone ausgeben lassen
service plone start- Starten von Plone
service plone restart- Neustarten von Plone
- .
Läuft!
Weblinks
SRS2
Ports
installierte Ports
- atk
- autoconf
- autoconf-wrapper
- automake
- automake-wrapper
- bdftopcf
- bigreqsproto
- bison
- bitstream-vera
- ca_root_nss
- cairo
- cmake
- cmake-modules
- compositeproto
- curl
- cvsps
- damageproto
- db41
- dejavu
- dialog4ports
- emacs-nox11
- encodings
- expat
- fixesproto
- font-bh-ttf
- font-misc-ethiopic
- font-misc-meltho
- font-util
- fontconfig
- fontsproto
- freetype2
- gamin
- gdbm
- gdk-pixbuf2
- gettext
- gio-fam-backend
- git
- glib
- gmake
- gnomehier
- gobject-introspection
- help2man
- inputproto
- jasper
- jbigkit
- jpeg
- kbproto
- libICE
- libSM
- libX11
- libXau
- libXcomposite
- libXcursor
- libXdamage
- libXdmcp
- libXext
- libXfixes
- libXfont
- libXi
- libXinerama
- libXrandr
- libXrender
- libXt
- libcheck
- libevent
- libevent2
- libexecinfo
- libffi
- libfontenc
- libgcrypt
- libgpg-error
- libiconv
- libidn
- libpthread-stubs
- libsigsegv
- libtool
- libxcb
- libxml2
- libxslt
- libyaml
- lynx
- m4
- mkfontdir
- mkfontscale
- nano
- p5-Error
- p5-ExtUtils-Constant
- p5-IO-Socket-IP
- p5-IO-Socket-SSL
- p5-Locale-gettext
- p5-Net-SMTP-SSL
- p5-Net-SSLeay
- p5-Socket
- pango
- pcre
- perl-threaded
- pixman
- pkgconf
- png
- portaudit
- portupgrade
- py27-wikitools
- python27
- python33
- randrproto
- renderproto
- ruby
- ruby18-bdb
- ruby19-bdb
- ruby19-date2
- tiff
- tmux
- unzip
- vim-lite
- wget
- xcb-proto
- xcb-util
- xcb-util-renderutil
- xcmiscproto
- xextproto
- xf86bigfontproto
- xineramaproto
- xorg-fonts-truetype
- xorg-macros
- xproto
- xtrans
- zsh
konfigurierte Ports
dejavu
OPTIONS_FILE_SET+=DOCS OPTIONS_FILE_SET+=LINKS
gdbm
OPTIONS_FILE_UNSET+=COMPAT
libcheck
OPTIONS_FILE_SET+=DOCS OPTIONS_FILE_SET+=EXAMPLES
libxslt
OPTIONS_FILE_UNSET+=MEM_DEBUG OPTIONS_FILE_SET+=CRYPTO
png
OPTIONS_FILE_SET+=APNG
python27
OPTIONS_FILE_SET+=EXAMPLES OPTIONS_FILE_UNSET+=FPECTL OPTIONS_FILE_SET+=IPV6 OPTIONS_FILE_SET+=NLS OPTIONS_FILE_UNSET+=PTH OPTIONS_FILE_SET+=PYMALLOC OPTIONS_FILE_UNSET+=SEM OPTIONS_FILE_SET+=THREADS OPTIONS_FILE_UNSET+=UCS2 OPTIONS_FILE_SET+=UCS4
ruby18-bdb
OPTIONS_FILE_SET+=DOCS OPTIONS_FILE_UNSET+=EXAMPLES
wget
OPTIONS_FILE_SET+=GNUTLS OPTIONS_FILE_SET+=IPV6 OPTIONS_FILE_SET+=NLS OPTIONS_FILE_SET+=OPENSSL OPTIONS_FILE_SET+=IDN
Konfiguration der Programme
SRS13
Verwendungszweck: MediaWiki für wiki.htw.stura-dresden.de
Ports
installierte Ports
- atk
- autoconf
- autoconf-wrapper
- automake
- automake-wrapper
- bdftopcf
- bigreqsproto
- bison
- bitstream-vera
- ca_root_nss
- cairo
- cmake
- cmake-modules
- compositeproto
- curl
- cvsps
- damageproto
- db41
- dejavu
- dialog4ports
- emacs-nox11
- encodings
- expat
- fixesproto
- font-bh-ttf
- font-misc-ethiopic
- font-misc-meltho
- font-util
- fontconfig
- fontsproto
- freetype2
- gamin
- gdbm
- gdk-pixbuf2
- gettext
- gio-fam-backend
- git
- glib
- gmake
- gnomehier
- gobject-introspection
- help2man
- inputproto
- jasper
- jbigkit
- jpeg
- kbproto
- libICE
- libSM
- libX11
- libXau
- libXcomposite
- libXcursor
- libXdamage
- libXdmcp
- libXext
- libXfixes
- libXfont
- libXi
- libXinerama
- libXrandr
- libXrender
- libXt
- libcheck
- libevent
- libevent2
- libexecinfo
- libffi
- libfontenc
- libgcrypt
- libgpg-error
- libiconv
- libidn
- libpthread-stubs
- libsigsegv
- libtool
- libxcb
- libxml2
- libxslt
- libyaml
- lynx
- m4
- mkfontdir
- mkfontscale
- nano
- p5-Error
- p5-ExtUtils-Constant
- p5-IO-Socket-IP
- p5-IO-Socket-SSL
- p5-Locale-gettext
- p5-Net-SMTP-SSL
- p5-Net-SSLeay
- p5-Socket
- pango
- pcre
- perl-threaded
- pixman
- pkgconf
- png
- portaudit
- portupgrade
- py27-wikitools
- python27
- python33
- randrproto
- renderproto
- ruby
- ruby18-bdb
- ruby19-bdb
- ruby19-date2
- tiff
- tmux
- unzip
- vim-lite
- wget
- xcb-proto
- xcb-util
- xcb-util-renderutil
- xcmiscproto
- xextproto
- xf86bigfontproto
- xineramaproto
- xorg-fonts-truetype
- xorg-macros
- xproto
- xtrans
- zsh
konfigurierte Ports
ca_root_nss
OPTIONS_FILE_SET+=ETCSYMLINK
freetype2
OPTIONS_FILE_UNSET+=CFF_HINTING_ADOBE OPTIONS_FILE_UNSET+=LCD_FILTERING
libcheck
OPTIONS_FILE_SET+=DOCS OPTIONS_FILE_SET+=EXAMPLES
libxml2
OPTIONS_FILE_UNSET+=MEM_DEBUG OPTIONS_FILE_SET+=SCHEMA OPTIONS_FILE_SET+=THREADS OPTIONS_FILE_UNSET+=THREAD_ALLOC OPTIONS_FILE_UNSET+=XMLLINT_HIST
libxslt
OPTIONS_FILE_SET+=CRYPTO OPTIONS_FILE_UNSET+=MEM_DEBUG
png
OPTIONS_FILE_SET+=APNG
python27
OPTIONS_FILE_SET+=EXAMPLES OPTIONS_FILE_UNSET+=FPECTL OPTIONS_FILE_SET+=IPV6 OPTIONS_FILE_SET+=NLS OPTIONS_FILE_UNSET+=PTH OPTIONS_FILE_SET+=PYMALLOC OPTIONS_FILE_UNSET+=SEM OPTIONS_FILE_SET+=THREADS OPTIONS_FILE_UNSET+=UCS2 OPTIONS_FILE_SET+=UCS4
ruby18-bdb
OPTIONS_FILE_SET+=DOCS OPTIONS_FILE_UNSET+=EXAMPLES
zusätzliche Konfigurationsdateien
Jail
/etc/rc.conf
apache22_enable="YES"
mysql_enable="YES"
Konfiguration der Programme
apache
httpd.conf
…
LoadModule php5_module libexec/apache22/libphp5.so
<IfModule php5_module>
DirectoryIndex index.php index.php5 index.html
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
</IfModule>
…
ServerAdmin <admin[at]domain.tld>
…
ServerName wiki.htw.stura-dresden.de:80
…
DocumentRoot "</path/to/mediawiki>"
…
#<Directory "/usr/local/www/apache22/data">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
#
# Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
# AllowOverride None
#
# Controls who can get stuff from this server.
#
# Order allow,deny
# Allow from all
#</Directory>
…
# Virtual hosts
Include etc/apache22/extra/httpd-vhosts.conf
…
# CustomLog "/var/log/httpd-access.log" combined # comment out Der StuRa speichert nicht!
…
extra/httpd-vhosts.conf
…
NameVirtualHost 141.56.50.13:80
…
<VirtualHost wiki.htw.stura-dresden.de:80>
Redirect permanent / http://wiki.stura.htw-dresden.de/
</VirtualHost>
<VirtualHost wiki.stura.htw-dresden.de:80>
ServerAdmin webmaster@stura.htw-dresden.de
DocumentRoot "/usr/local/www/sturawiki_1_19_2"
ServerName wiki.stura.htw-dresden.de
ServerAlias www.wiki.stura.htw-dresden.de
<Directory "/usr/local/www/sturawiki_1_19_2">
Options Indexes FollowSymLinks
DirectoryIndex index.php index.php5 index.html
AllowOverride none
Order allow,deny
Allow from all
</Directory>
ErrorLog "/var/log/wiki-error_log"
# CustomLog "/var/log/wiki-access_log" common
</VirtualHost>
<VirtualHost wiki.hs-abc.htw.stura-dresden.de:80>
ServerAdmin webmaster@stura.htw-dresden.de
DocumentRoot "/usr/local/www/hs-abcwiki_1_19_4"
ServerName wiki.hs-abc.htw.stura-dresden.de
ServerAlias www.wiki.hs-abc.htw.stura-dresden.de
<Directory "/usr/local/www/hs-abcwiki_1_19_4">
Options Indexes FollowSymLinks
DirectoryIndex index.php index.php5 index.html
AllowOverride none
Order allow,deny
Allow from all
</Directory>
ErrorLog "/var/log/wiki-error_log"
# CustomLog "/var/log/wiki-access_log" common
</VirtualHost>
<VirtualHost wiki.fzs.stura-dresden.de:80>
ServerAdmin webmaster@stura.htw-dresden.de
DocumentRoot "/usr/local/www/fzswiki_1_19_4"
ServerName wiki.fzs.stura-dresden.de
ServerAlias www.wiki.fzs.htw.stura-dresden.de
<Directory "/usr/local/www/fzswiki_1_19_4">
Options Indexes FollowSymLinks
DirectoryIndex index.php index.php5 index.html
AllowOverride none
Order allow,deny
Allow from all
</Directory>
ErrorLog "/var/log/fzswiki-error_log"
# CustomLog "/var/log/fzswiki-access_log" common
</VirtualHost>
<VirtualHost fzs-wiki.de:80>
DocumentRoot "/usr/local/www/fzswiki_1_19_4"
ServerName wiki.fzs.stura-dresden.de
ServerAlias www.wiki.fzs.htw.stura-dresden.de
<Directory "/usr/local/www/fzswiki_1_19_4">
Options Indexes FollowSymLinks
DirectoryIndex index.html index.php
AllowOverride none
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
mediawiki
Wiki
</path/to/mediawiki-stura>/LocalSettings.php
…
$wgLogo = "$wgStylePath/common/images/stura.jpg";
$wgFavicon = "$wgStylePath/common/images/stura_ohne_typo.favicon32.jpg";
…
$wgDefaultSkin = 'vector';
…
##############################
## Ausnahmen Details zeigen ##
##############################
$wgShowExceptionDetails = false;
###################
## Mail Settings ##
###################
$wgSMTP = array (
'IDHost' => 'wiki.stura.htw-dresden.de', //this is used to build the Message-ID mail header
'host' => 'mail.stura.htw-dresden.de', //this is the outgoing mail server name (SMTP server)
'port' => 25, //this is the port used by the SMTP server
'auth' => false, //in my case, authentication is not required by the mail server for outgoing mail
);
################
## Namespaces ##
################
define("NS_STURA", 100);
define("NS_STURA_TALK", 101);
define("NS_INTERN", 102);
define("NS_INTERN_TALK", 103);
define("NS_ADMIN", 104);
define("NS_ADMIN_TALK", 105);
define("NS_PERSON", 106);
define("NS_PERSON_TALK", 107);
$wgExtraNamespaces[NS_STURA] = "StuRa";
$wgExtraNamespaces[NS_STURA_TALK] = "StuRa_Diskussion";
$wgExtraNamespaces[NS_INTERN] = "Intern";
$wgExtraNamespaces[NS_INTERN_TALK] = "Intern_Diskussion";
$wgExtraNamespaces[NS_ADMIN] = "Admin";
$wgExtraNamespaces[NS_ADMIN_TALK] = "Admin_Diskussion";
$wgExtraNamespaces[NS_PERSON] = "Person";
$wgExtraNamespaces[NS_PERSON_TALK] = "Person_Diskussion";
################
## Extensions ##
################
$wgAllowExternalImages = true #Externe Bilder einbinden
require_once "$IP/extensions/ConfirmEdit/QuestyCaptcha.php";
$wgCaptchaClass = 'QuestyCaptcha';
$arr = array (
'Frage' => 'An answer!',
);
foreach ( $arr as $key => $value ) {
$wgCaptchaQuestions[] = array( 'question' => $key, 'answer' => $value );
};
$wgCaptchaTriggers['edit'] = true;
$wgCaptchaTriggers['create'] = true;
require_once( "$IP/extensions/Renameuser/Renameuser.php" );
require_once( "$IP/extensions/WikiEditor/WikiEditor.php" );
require_once( "$IP/extensions/Lockdown/Lockdown.php" );
require_once( "$IP/extensions/Interwiki/Interwiki.php" );
require_once( "$IP/extensions/ContributionScores/ContributionScores.php" );
#################################
## ContributionScores settings ##
#################################
$wgContribScoreIgnoreBots = true; // Exclude Bots from the reporting - Can be omitted.
$wgContribScoreIgnoreBlockedUsers = true; // Exclude Blocked Users from the reporting - Can be omitted.
$wgContribScoresUseRealName = true; // Use real user names when available - Can be omitted. Only for MediaWiki 1.19 and later.
$wgContribScoreDisableCache = false; // Set to true to disable cache for parser function and inclusion of table.
//Each array defines a report - 7,50 is "past 7 days" and "LIMIT 50" - Can be omitted.
$wgContribScoreReports = array(
array(7,50),
array(30,50),
array(0,50)
) ;
####################
## costume groups ##
####################
// Implicit group for intern (copy of group user)
$wgGroupPermissions['intern']['move'] = true;
$wgGroupPermissions['intern']['move-subpages'] = true;
$wgGroupPermissions['intern']['move-rootuserpages'] = true; // can move root userpages
//$wgGroupPermissions['intern']['movefile'] = true; // Disabled for now due to possible bugs and security concerns
$wgGroupPermissions['intern']['read'] = true;
$wgGroupPermissions['intern']['edit'] = true;
$wgGroupPermissions['intern']['createpage'] = true;
$wgGroupPermissions['intern']['createtalk'] = true;
$wgGroupPermissions['intern']['writeapi'] = true;
$wgGroupPermissions['intern']['upload'] = true;
$wgGroupPermissions['intern']['reupload'] = true;
$wgGroupPermissions['intern']['reupload-shared'] = true;
$wgGroupPermissions['intern']['minoredit'] = true;
$wgGroupPermissions['intern']['purge'] = true; // can use ?action=purge without clicking "ok"
$wgGroupPermissions['intern']['sendemail'] = true;
// To grant sysops permissions to edit interwiki data
$wgGroupPermissions['sysop']['interwiki'] = true;
###########################
## Restricted namespaces ##
###########################
$wgNamespacePermissionLockdown[NS_INTERN]['*'] = array('intern');
$wgNamespacePermissionLockdown[NS_INTERN_TALK]['*'] = array('intern');
$wgNamespacePermissionLockdown[NS_PERSON]['*'] = array('intern');
$wgNamespacePermissionLockdown[NS_PERSON_TALK]['*'] = array('intern');
Wiki Extensions
Wiki Extension Asirra
Die Extension:Asirra wird nicht mehr verwendet!
- Die Extension:Asirra
- wurde seit 2014-10 nicht mehr unterstützt;
- funktionierte Ende 2014 nicht mehr;
- musst Ende 2014 ersetzt werden;
- wurde Anfang 2015 durch Tom durch #Wiki Extension QuestyCaptcha ersetzt;
- diente als CAPTCHA.
- Asirra/ConfirmEdit.php
Wiki Extension Lockdown
- Installation
wget https://codeload.github.com/wikimedia/mediawiki-extensions-Lockdown/legacy.tar.gz/REL1_19
tar -xzf wikimedia-mediawiki-extensions-Lockdown-84fca94.tar.gz -C /var/www/mediawiki/extensions
Wiki Extension QuestyCaptcha
Die Extension:QuestyCaptcha
- dient als CAPTCHA;
- wurde 2015-01 installiert;
- ersetzte #Wiki Extension Asirra.
HS-ABC Wiki
</path/to/mediawiki-hsabc>/LocalSettings.php
require_once( "$IP/extensions/Asirra/Asirra.php" ); require_once( "$IP/extensions/Renameuser/Renameuser.php" ); require_once( "$IP/extensions/WikiEditor/WikiEditor.php" ); ################### ## Mail Settings ## ################### $wgSMTP = array ( 'IDHost' => 'wiki.hs-abc.htw.stura-dresden.de', //this is used to build the Message-ID mail header 'host' => 'mail.stura.htw-dresden.de', //this is the outgoing mail server name (SMTP server) 'port' => 25, //this is the port used by the SMTP server 'auth' => false, //in my case, authentication is not required by the mail server for outgoing mail );
</path/to/mediawiki-hsabc>/extensions/Asirra/ConfirmEdit.php
…
$wgGroupPermissions['user' ]['skipcaptcha'] = true;
$wgGroupPermissions['autoconfirmed']['skipcaptcha'] = false;
…
$wgCaptchaTriggers['edit'] = true; // Would check on every edit
$wgCaptchaTriggers['create'] = false; // Check on page creation.
$wgCaptchaTriggers['sendemail'] = true; // Special:Emailuser
…
Siehe auch
- Wiki
- mediawikiwiki:Manual:Upgrading MediaWiki
- Server/MediaWiki
- mediawikiwiki:Manual:Running MediaWiki on FreeBSD
- mediawikiwiki:Extension:User Merge and Delete
SRS15
- Verwendungszweck
- ansatzweise Anwendung von verschiedener Software für ein potentielles AUS
- Accounts
Django
Django Installation
cd /usr/ports/www/py-django/ && sudo make install clean
┌──────────────────────────── py27-django-1.5.1 ───────────────────────────────┐
│ ┌──────────────────────────────────────────────────────────────────────────┐ │
│ │+[ ] FASTCGI FastCGI support │ │
│ │+[ ] HTMLDOCS Install the HTML documentation (requires Sphinx) │ │
│ │───────────────────────────────── DATABASE ───────────────────────────────│ │
│ │+[ ] PGSQL PostgreSQL database support │ │
│ │+[ ] MYSQL MySQL database support │ │
│ │+[x] SQLITE SQLite database support │ │
│ └──────────────────────────────────────────────────────────────────────────┘ │
├──────────────────────────────────────────────────────────────────────────────┤
│ < OK > <Cancel> │
└──────────────────────────────────────────────────────────────────────────────┘
===> Cleaning for py27-django-1.5.1
- Done!
OTRS
OTRS Installation
cd /usr/ports/devel/otrs/ && sudo make install clean
trac
trac Installation
cd /usr/ports/www/trac/ && sudo make install clean
┌──────────────────────────────── trac-1.0.1 ──────────────────────────────────┐
│ ┌──────────────────────────────────────────────────────────────────────────┐ │
│ │+[x] DOCUTILS Allow additional text markup │ │
│ │+[ ] PGSQL PostgreSQL database support │ │
│ │+[x] PYGMENTS Use generic syntax highlighter │ │
│ │+[x] SILVERCITY Silvercity for syntax highlighting │ │
│ │+[x] SVN Subversion support │ │
│ │+[x] TZ Process Time Zones │ │
│ └──────────────────────────────────────────────────────────────────────────┘ │
├──────────────────────────────────────────────────────────────────────────────┤
│ < OK > <Cancel> │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────────────────── py27-Genshi-0.7 ────────────────────────────────┐
│ ┌──────────────────────────────────────────────────────────────────────────┐ │
│ │+[x] BABEL I18n support through the Babel plugin │ │
│ └──────────────────────────────────────────────────────────────────────────┘ │
├──────────────────────────────────────────────────────────────────────────────┤
│ < OK > <Cancel> │
└──────────────────────────────────────────────────────────────────────────────┘
┌──────────────────────────── subversion-1.8.0_3 ──────────────────────────────┐
│ ┌──────────────────────────────────────────────────────────────────────────┐ │
│ │+[ ] BDB Berkeley DB support │ │
│ │+[ ] BOOK Install the Subversion Book │ │
│ │+[x] DOCS Build and/or install documentation │ │
│ │+[x] FREEBSD_TEMPLATE FreeBSD Project log template │ │
│ │+[ ] GNOME_KEYRING Build with GNOME Keyring auth support │ │
│ │+[ ] KDE_KWALLET Build with KDE KWallet auth support │ │
│ │+[ ] MAINTAINER_DEBUG Build debug version │ │
│ │+[ ] MOD_DAV_SVN mod_dav_svn module for Apache 2.X │ │
│ │+[x] NLS Native Language Support │ │
│ │+[x] P4_STYLE_MARKERS Perforce-style conflict markers │ │
│ │+[ ] SASL SASL support │ │
│ │+[x] SERF WebDAV/Delta-V (HTTP/HTTPS) repo access module │ │
│ │+[ ] STATIC Build static version (no shared libs) │ │
│ │+[ ] SVNSERVE_WRAPPER Enable svnserve wrapper (umask setter) │ │
│ │+[ ] TEST Run subversion test suite │ │
│ │+[ ] TOOLS Install several tools (svnauthz-validate and mod_d)│ │
│ └──────────────────────────────────────────────────────────────────────────┘ │
├──────────────────────────────────────────────────────────────────────────────┤
│ < OK > <Cancel> │
└──────────────────────────────────────────────────────────────────────────────┘
┌─────────────────────────────── serf-1.2.1_1 ─────────────────────────────────┐
│ ┌──────────────────────────────────────────────────────────────────────────┐ │
│ │+[x] DOCS Build and/or install documentation │ │
│ └──────────────────────────────────────────────────────────────────────────┘ │
├──────────────────────────────────────────────────────────────────────────────┤
│ < OK > <Cancel> │
└──────────────────────────────────────────────────────────────────────────────┘
===> Cleaning for trac-1.0.1
Sonstiges
Lynx
Lynx Zweck
- Browser für den localhost
- PaulRiegel (Diskussion) wollte bei #Django (gemäß Tutorial) den development server testen.
Lynx Installation
cd /usr/ports/www/py-django/ && sudo make install clean
┌────────────────────────────── lynx-2.8.7.2,1 ────────────────────────────────┐
│ ┌──────────────────────────────────────────────────────────────────────────┐ │
│ │+[x] DEFAULT_COLORS Colors support │ │
│ │+[x] IPV6 IPv6 protocol support │ │
│ │+[x] NLS Native Language Support │ │
│ │+[x] SSL SSL protocol support │ │
│ └──────────────────────────────────────────────────────────────────────────┘ │
├──────────────────────────────────────────────────────────────────────────────┤
│ < OK > <Cancel> │
└──────────────────────────────────────────────────────────────────────────────┘
===> Cleaning for lynx-2.8.7.2,1
- Done!
SRS17
Ports
installierte Ports
- apr
- asciidoc
- atk
- autoconf
- autoconf-wrapper
- automake
- automake-wrapper
- bash
- bdftopcf
- bigreqsproto
- bison
- bitstream-vera
- boehm-gc+fulldebug
- bsdadminscripts
- ca_root_nss
- cairo
- cmake
- cmake-modules
- compositeproto
- curl
- cvsps
- damageproto
- db41
- db42
- dejavu
- dialog4ports
- docbook
- docbook-sk
- docbook-xml
- docbook-xsl
- encodings
- expat
- fixesproto
- font-bh-ttf
- font-misc-ethiopic
- font-misc-meltho
- font-util
- fontconfig
- fontsproto
- freetype2
- gamin
- gdbm
- gdk-pixbuf2
- getopt
- gettext
- gio-fam-backend
- git
- glib
- gmake
- gnomehier
- gobject-introspection
- gtk
- gtk-update-icon-cache
- help2man
- hicolor-icon-theme
- icu
- inputproto
- intltool
- iso8879
- jasper
- jbigkit
- jpeg
- kbproto
- libICE
- libSM
- libX11
- libXau
- libXcomposite
- libXcursor
- libXdamage
- libXdmcp
- libXext
- libXfixes
- libXfont
- libXft
- libXi
- libXinerama
- libXrandr
- libXrender
- libXt
- libcheck
- libevent
- libevent2
- libexecinfo
- libffi
- libfontenc
- libgcrypt
- libgpg-error
- libiconv
- libpaper
- libpthread-stubs
- libsigsegv
- libssh2
- libtool
- libxcb
- libxml2
- libxslt
- libyaml
- lynx
- m4
- mkfontdir
- mkfontscale
- neon29
- p5-Error
- p5-IO-Socket-IP
- p5-IO-Socket-SSL
- p5-Locale-gettext
- p5-Net-SMTP-SSL
- p5-Net-SSLeay
- p5-Socket
- p5-Term-ReadKey
- p5-URI
- p5-XML-Parser
- p5-subversion
- pango
- pcre
- perl-threaded
- pixman
- pkgconf
- png
- portaudit
- portupgrade
- python27
- python33
- randrproto
- renderproto
- ruby
- ruby18-bdb
- ruby19-bdb
- ruby19-date2
- shared-mime-info
- sqlite3
- subversion
- tiff
- tmux
- unzip
- vim-lite
- w3m
- xcb-proto
- xcb-util
- xcb-util-renderutil
- xcmiscproto
- xextproto
- xf86bigfontproto
- xineramaproto
- xmlcatmgr
- xmlcharent
- xmlto
- xorg-fonts-truetype
- xorg-macros
- xproto
- xtrans
- zsh
konfigurierte Ports
icu
OPTIONS_FILE_SET+=THREADS
libxml2
OPTIONS_FILE_UNSET+=MEM_DEBUG OPTIONS_FILE_SET+=SCHEMA OPTIONS_FILE_SET+=THREADS OPTIONS_FILE_UNSET+=THREAD_ALLOC OPTIONS_FILE_UNSET+=XMLLINT_HIST
zusätzliche Konfigurationsdateien
Jail
/etc/rc.conf
sshd_enable="YES"
ejabberd_enable="YES"
/etc/ssh/sshd_config
…
ListenAddress 141.56.50.17
…
PasswordAuthentication no
…
UsePAM no
…
Konfiguration der Programme
/usr/local/etc/ejabberd/ejabberd.cfg
...
{loglevel, 3}.
...
{watchdog_admins, ["foo@srs17.stura.htw-dresden.de", "bar@srs17.stura.htw-dresden.de"]}.
...
{hosts, ["srs17.stura.htw-dresden.de"]}.
...
starttls, {certfile, "/root/ejabberd.pem"},
starttls_required,
...
%%captcha,
%%http_bind,
%%http_poll,
...
{s2s_use_starttls, required}.
...
{s2s_certfile, "/root/ejabberd.pem"}.
...
{acl, admin, {user, "foo", "srs17.stura.htw-dresden.de"}}.
{acl, admin, {user, "bar", "srs17.stura.htw-dresden.de"}}.
...
{acl, blocked, {user, "test"}}.
{acl, blocked, {user, "root"}}.
{acl, blocked, {user, "r00t"}}.
{acl, blocked, {user, "r0ot"}}.
{acl, blocked, {user, "ro0t"}}.
{acl, blocked, {user, "adm1n"}}.
{acl, blocked, {user, "admin"}}.
{acl, blocked, {user, "kss"}}.
{acl, blocked, {user, "administrator"}}.
{acl, blocked, {user, "administrat0r"}}.
{acl, blocked, {user, "adm1n1strat0r"}}.
{acl, blocked, {user, "adm1nistrat0r"}}.
{acl, blocked, {user, "admin1strat0r"}}.
{acl, blocked, {user, "adm1nistrator"}}.
{acl, blocked, {user, "admin1strator"}}.
...
{access, max_user_sessions, [{2, all}]}.
...
{language, "de"}.
...
%%{mod_irc, []},
...
%%{mod_pubsub, [
%%{access_createnode, pubsub_createnode},
%%{ignore_pep_from_offline, true}, % reduces resource comsumption, but XEP incompliant
...
%%{last_item_cache, false},
%%{plugins, ["flat", "hometree", "pep"]} % pep requires mod_caps
%%]},
...
{registration_watchers, ["foo@srs17.stura.htw-dresden.de", "bar@srs17.stura.htw-dresden.de"]},
...
{ip_access, [
{allow, "0.0.0.0/8"}
%%{allow, "127.0.0.0/8"},
%%{deny, "0.0.0.0/0"}
]},
...
Siehe auch
SRS18
Auf die Schnelle:
- Jail, die auf srs2342 (mit veraltetem FreeBSD)
- Dataset (für ZFS) liegt vielleicht schon woanders
- ist nicht in Betrieb
- altes Plone (aka Plone 3)
Plone
Plone 3.3 via UnifiedInstaller installieren.
install.sh --password=<password> standalone
Ports
installierte Ports
- atk
- autoconf
- autoconf-wrapper
- automake
- automake-wrapper
- bdftopcf
- bigreqsproto
- bison
- bitstream-vera
- ca_root_nss
- cairo
- cmake
- cmake-modules
- compositeproto
- curl
- cvsps
- damageproto
- db41
- dejavu
- dialog4ports
- emacs-nox11
- encodings
- expat
- fixesproto
- font-bh-ttf
- font-misc-ethiopic
- font-misc-meltho
- font-util
- fontconfig
- fontsproto
- freetype2
- gamin
- gdbm
- gdk-pixbuf2
- gettext
- gio-fam-backend
- git
- glib
- gmake
- gnomehier
- gobject-introspection
- help2man
- inputproto
- jasper
- jbigkit
- jpeg
- kbproto
- libICE
- libSM
- libX11
- libXau
- libXcomposite
- libXcursor
- libXdamage
- libXdmcp
- libXext
- libXfixes
- libXfont
- libXi
- libXinerama
- libXrandr
- libXrender
- libXt
- libcheck
- libevent
- libevent2
- libexecinfo
- libffi
- libfontenc
- libgcrypt
- libgpg-error
- libiconv
- libidn
- libpthread-stubs
- libsigsegv
- libtool
- libxcb
- libxml2
- libxslt
- libyaml
- lynx
- m4
- mkfontdir
- mkfontscale
- nano
- p5-Error
- p5-ExtUtils-Constant
- p5-IO-Socket-IP
- p5-IO-Socket-SSL
- p5-Locale-gettext
- p5-Net-SMTP-SSL
- p5-Net-SSLeay
- p5-Socket
- pango
- pcre
- perl-threaded
- pixman
- pkgconf
- png
- portaudit
- portupgrade
- py27-wikitools
- python27
- python33
- randrproto
- renderproto
- ruby
- ruby18-bdb
- ruby19-bdb
- ruby19-date2
- tiff
- tmux
- unzip
- vim-lite
- wget
- xcb-proto
- xcb-util
- xcb-util-renderutil
- xcmiscproto
- xextproto
- xf86bigfontproto
- xineramaproto
- xorg-fonts-truetype
- xorg-macros
- xproto
- xtrans
- zsh
konfigurierte Ports
python27
OPTIONS_FILE_SET+=EXAMPLES OPTIONS_FILE_UNSET+=FPECTL OPTIONS_FILE_SET+=IPV6 OPTIONS_FILE_SET+=NLS OPTIONS_FILE_UNSET+=PTH OPTIONS_FILE_SET+=PYMALLOC OPTIONS_FILE_UNSET+=SEM OPTIONS_FILE_SET+=THREADS OPTIONS_FILE_UNSET+=UCS2 OPTIONS_FILE_SET+=UCS4
ruby18-bdb
OPTIONS_FILE_SET+=DOCS OPTIONS_FILE_UNSET+=EXAMPLES
Konfiguration von Skripten
rc.d scripting Plone
Achtung! Eigentlich handelte es sich nur um ein direktes Nachahmen von Server/Jails/SRS1#rc.d scripting Plone. Die Funktionalität wurde erfolgreich getestet.
$EDITOR /usr/local/etc/rc.d/plone
#!/bin/sh
# PROVIDE: plone
# REQUIRE: LOGIN
# KEYWORD: shutdown
. /etc/rc.subr
name="plone"
rcvar=plone_enable
start_cmd="${name}_start"
stop_cmd="${name}_stop"
restart_cmd="${name}_restart"
status_cmd="${name}_status"
extra_commands="status"
load_rc_config ${name}
#: ${plone_enable:="NO"}
plone_stop()
{
/usr/local/Plone/zinstance/bin/plonectl stop
}
plone_status()
{
/usr/local/Plone/zinstance/bin/plonectl status
}
plone_start()
{
/usr/local/Plone/zinstance/bin/plonectl start
}
plone_restart()
{
/usr/local/Plone/zinstance/bin/plonectl restart
}
run_rc_command "$1"
Anpassen der Berechtigung für eine Datei für rc.d
chmod 540 /usr/local/etc/rc.d/plone- Kontrollieren der Berechtigung für eine Datei für rc.d
ls -l /usr/local/etc/rc.d/plone
-r-xr----- 1 root wheel 603 Oct 23 18:34 /usr/local/etc/rc.d/plone
Selbstverständlich bedarf es auch noch dem Eintrag in der rc.conf, um Anzuzeigen, dass plone gestartet werden soll kann.
echo 'plone_enable="YES"' >> /etc/rc.conf
Eigentlich ist die Datei für rc.d relativ simpel. (Der Bezug sind die komplexen Varianten, die rc.d und entsprechende Dateien mit sich brinken können.)
- /usr/local/Plone/zinstance/bin/plonectl ist die Stelle und Datei zur Verwaltung des Betriebes von Plone. (Woher die Auswahl dieses Stelle stammt ist nicht näher bekannt.)
- Bei der Entfernung der Auskommentierung bei #: ${plone_enable:="NO"} würde Plone nicht zu Starten der Jail selbst starten. Jedoch wären aber noch alle anderen gewünschten Funktionalitäten von rc.d verfügbar.
- Folgende Befehle sind nun mittels rc.d verfügbar:
service plone stop- Stoppen von Plone
service plone stauts- Status von Plone ausgeben lassen
service plone start- Starten von Plone
service plone restart- Neustarten von Plone
- .
Läuft!
Siehe auch
SRS19
- FSRs
Ports
installierte Ports
- atk
- autoconf
- autoconf-wrapper
- automake
- automake-wrapper
- bdftopcf
- bigreqsproto
- bison
- bitstream-vera
- ca_root_nss
- cairo
- cmake
- cmake-modules
- compositeproto
- curl
- cvsps
- damageproto
- db41
- dejavu
- dialog4ports
- emacs-nox11
- encodings
- expat
- fixesproto
- font-bh-ttf
- font-misc-ethiopic
- font-misc-meltho
- font-util
- fontconfig
- fontsproto
- freetype2
- gamin
- gdbm
- gdk-pixbuf2
- gettext
- gio-fam-backend
- git
- glib
- gmake
- gnomehier
- gobject-introspection
- help2man
- inputproto
- jasper
- jbigkit
- jpeg
- kbproto
- libICE
- libSM
- libX11
- libXau
- libXcomposite
- libXcursor
- libXdamage
- libXdmcp
- libXext
- libXfixes
- libXfont
- libXi
- libXinerama
- libXrandr
- libXrender
- libXt
- libcheck
- libevent
- libevent2
- libexecinfo
- libffi
- libfontenc
- libgcrypt
- libgpg-error
- libiconv
- libidn
- libpthread-stubs
- libsigsegv
- libtool
- libxcb
- libxml2
- libxslt
- libyaml
- lynx
- m4
- mkfontdir
- mkfontscale
- nano
- p5-Error
- p5-ExtUtils-Constant
- p5-IO-Socket-IP
- p5-IO-Socket-SSL
- p5-Locale-gettext
- p5-Net-SMTP-SSL
- p5-Net-SSLeay
- p5-Socket
- pango
- pcre
- perl-threaded
- pixman
- pkgconf
- png
- portaudit
- portupgrade
- py27-wikitools
- python27
- python33
- randrproto
- renderproto
- ruby
- ruby18-bdb
- ruby19-bdb
- ruby19-date2
- tiff
- tmux
- unzip
- vim-lite
- wget
- xcb-proto
- xcb-util
- xcb-util-renderutil
- xcmiscproto
- xextproto
- xf86bigfontproto
- xineramaproto
- xorg-fonts-truetype
- xorg-macros
- xproto
- xtrans
- zsh
konfigurierte Ports
ca_root_nss
OPTIONS_FILE_UNSET+=ETCSYMLINK
freetype2
OPTIONS_FILE_UNSET+=CFF_HINTING_ADOBE OPTIONS_FILE_UNSET+=LCD_FILTERING
libcheck
OPTIONS_FILE_SET+=DOCS OPTIONS_FILE_SET+=EXAMPLES
libxml2
OPTIONS_FILE_UNSET+=MEM_DEBUG OPTIONS_FILE_SET+=SCHEMA OPTIONS_FILE_SET+=THREADS OPTIONS_FILE_UNSET+=THREAD_ALLOC OPTIONS_FILE_UNSET+=XMLLINT_HIST
libxslt
OPTIONS_FILE_SET+=CRYPTO OPTIONS_FILE_UNSET+=MEM_DEBUG
png
OPTIONS_FILE_SET+=APNG
python27
OPTIONS_FILE_SET+=EXAMPLES OPTIONS_FILE_UNSET+=FPECTL OPTIONS_FILE_SET+=IPV6 OPTIONS_FILE_SET+=NLS OPTIONS_FILE_UNSET+=PTH OPTIONS_FILE_SET+=PYMALLOC OPTIONS_FILE_UNSET+=SEM OPTIONS_FILE_SET+=THREADS OPTIONS_FILE_UNSET+=UCS2 OPTIONS_FILE_SET+=UCS4
ruby18-bdb
OPTIONS_FILE_SET+=DOCS OPTIONS_FILE_UNSET+=EXAMPLES
zusätzliche Konfigurationsdateien
Konfiguration der Programme
nginx
nginx.conf
lies: http://elasticdog.com/2008/02/howto-install-wordpress-on-nginx/
sudo
/usr/local/etc/sudoers
…
## Uncomment to allow members of group wheel to execute any command
# %wheel ALL=(ALL) ALL
%<username> ALL=(ALL) ALL
%<username> ALL=(ALL) ALL
…
Siehe auch
SRS20
- WEITERLEITUNG StuRa:Server/SRS20/2016
SRS21
- WEITERLEITUNG StuRa:Server/SRS14/2018
SRS28
Auf die Schnelle:
- Jail, die auf srs2342 (mit veraltetem FreeBSD)
- ist nicht in Betrieb
- diente für das hosting von Websites zu Projekten, auch mit anderen StuRä
Ports
installierte Ports
- atk
- autoconf
- autoconf-wrapper
- automake
- automake-wrapper
- bdftopcf
- bigreqsproto
- bison
- bitstream-vera
- ca_root_nss
- cairo
- cmake
- cmake-modules
- compositeproto
- curl
- cvsps
- damageproto
- db41
- dejavu
- dialog4ports
- emacs-nox11
- encodings
- expat
- fixesproto
- font-bh-ttf
- font-misc-ethiopic
- font-misc-meltho
- font-util
- fontconfig
- fontsproto
- freetype2
- gamin
- gdbm
- gdk-pixbuf2
- gettext
- gio-fam-backend
- git
- glib
- gmake
- gnomehier
- gobject-introspection
- help2man
- inputproto
- jasper
- jbigkit
- jpeg
- kbproto
- libICE
- libSM
- libX11
- libXau
- libXcomposite
- libXcursor
- libXdamage
- libXdmcp
- libXext
- libXfixes
- libXfont
- libXi
- libXinerama
- libXrandr
- libXrender
- libXt
- libcheck
- libevent
- libevent2
- libexecinfo
- libffi
- libfontenc
- libgcrypt
- libgpg-error
- libiconv
- libidn
- libpthread-stubs
- libsigsegv
- libtool
- libxcb
- libxml2
- libxslt
- libyaml
- lynx
- m4
- mkfontdir
- mkfontscale
- nano
- p5-Error
- p5-ExtUtils-Constant
- p5-IO-Socket-IP
- p5-IO-Socket-SSL
- p5-Locale-gettext
- p5-Net-SMTP-SSL
- p5-Net-SSLeay
- p5-Socket
- pango
- pcre
- perl-threaded
- pixman
- pkgconf
- png
- portaudit
- portupgrade
- py27-wikitools
- python27
- python33
- randrproto
- renderproto
- ruby
- ruby
- ruby18-bdb
- ruby19-bdb
- ruby19-date2
- tiff
- tmux
- unzip
- vim-lite
- wget
- xcb-proto
- xcb-util
- xcb-util-renderutil
- xcmiscproto
- xextproto
- xf86bigfontproto
- xineramaproto
- xorg-fonts-truetype
- xorg-macros
- xproto
- xtrans
- zsh
konfigurierte Ports
ca_root_nss
OPTIONS_FILE_UNSET+=ETCSYMLINK
freetype2
OPTIONS_FILE_UNSET+=CFF_HINTING_ADOBE OPTIONS_FILE_UNSET+=LCD_FILTERING
libcheck
OPTIONS_FILE_SET+=DOCS OPTIONS_FILE_SET+=EXAMPLES
libxml2
OPTIONS_FILE_UNSET+=MEM_DEBUG OPTIONS_FILE_SET+=SCHEMA OPTIONS_FILE_SET+=THREADS OPTIONS_FILE_UNSET+=THREAD_ALLOC OPTIONS_FILE_UNSET+=XMLLINT_HIST
libxslt
OPTIONS_FILE_SET+=CRYPTO OPTIONS_FILE_UNSET+=MEM_DEBUG
png
OPTIONS_FILE_SET+=APNG
python27
OPTIONS_FILE_SET+=EXAMPLES OPTIONS_FILE_UNSET+=FPECTL OPTIONS_FILE_SET+=IPV6 OPTIONS_FILE_SET+=NLS OPTIONS_FILE_UNSET+=PTH OPTIONS_FILE_SET+=PYMALLOC OPTIONS_FILE_UNSET+=SEM OPTIONS_FILE_SET+=THREADS OPTIONS_FILE_UNSET+=UCS2 OPTIONS_FILE_SET+=UCS4
ruby18-bdb
OPTIONS_FILE_SET+=DOCS OPTIONS_FILE_UNSET+=EXAMPLES
zusätzliche Konfigurationsdateien
Jail
/etc/rc.conf
apache22_enable="YES"
sshd_enable="YES"
Konfiguration der Programme
apache
httpd.conf
…
LoadModule php5_module libexec/apache22/libphp5.so
<IfModule php5_module>
DirectoryIndex index.php index.php5 index.html
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
</IfModule>
…
ServerAdmin <admin[at]domain.tld>
…
ServerName <Jail-IP>
…
DocumentRoot "/usr/local/www/data"
…
<Directory "/usr/local/www/data/website">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks
DirectoryIndex index.php index.php5 index.html
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride All
#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all
</Directory>
…
sshd
sshd_config
…
Port <PORTNUMMER>
…
ListenAddress 0.0.0.0
…
LoginGraceTime 1m
PermitRootLogin no
StrictModes yes
MaxAuthTries 3
MaxSessions 4
AllowUsers <die mit der richtigen permisse> #nur durch leerzeichen trennen
…
Match User <Username>
ChrootDirectory /usr/local/www/data
ForceCommand internal-sftp
AllowTcpForwarding no
X11Forwarding no
…