[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-cvs] [206] Continuing SavannahHosts documentation.
From: |
bob |
Subject: |
[Savannah-cvs] [206] Continuing SavannahHosts documentation. |
Date: |
Thu, 28 Jul 2016 00:41:18 +0000 (UTC) |
Revision: 206
http://svn.sv.gnu.org/viewvc/?view=rev&root=administration&revision=206
Author: rwp
Date: 2016-07-28 00:41:16 +0000 (Thu, 28 Jul 2016)
Log Message:
-----------
Continuing SavannahHosts documentation.
Modified Paths:
--------------
trunk/sviki/SavannahHosts.mdwn
Modified: trunk/sviki/SavannahHosts.mdwn
===================================================================
--- trunk/sviki/SavannahHosts.mdwn 2016-07-27 20:59:18 UTC (rev 205)
+++ trunk/sviki/SavannahHosts.mdwn 2016-07-28 00:41:16 UTC (rev 206)
@@ -28,8 +28,8 @@
* Fresh installation free of legacy
* Upgrades will then work reliably again
-Common Elements
----------------
+Host Common Elements
+--------------------
After pristine installation sevaral tasks are needed on any new host.
Some things are common to all hosts. These common elements are
@@ -77,6 +77,14 @@
dpkg-reconfigure locales
+The /etc/resolv.conf file should be managed by resolvconf but isn't
+apparently set correctly. Initially set this to bootstrap.
+
+ search savannah.gnu.org fsf.org
+ nameserver 208.118.235.95
+ nameserver 208.118.235.134
+ nameserver 46.43.37.71
+
The VMs were handed to us including a `/usr/sbin/policy-rc.d` file
that prevents services from starting during package upgrades. (It has
no effect during boot time.) That was likely a mistake. That file is
@@ -85,6 +93,13 @@
rm -f /usr/sbin/policy-rc.d
+Also the cloned ntpdate clock jumping script. Eventually need to set
+up a local tightly coupled peer pool.
+
+ rm -f /usr/local/bin/clock-sync.sh /etc/cron.d/ntpdate
+ apt-get install -y --purge ntp ntpdate-
+ echo peer mgt0 iburst >>
+
Install generally useful utilities.
apt-get install less screen htop wget dnsutils heirloom-mailx
@@ -155,25 +170,31 @@
127.0.0.1 localhost
- # The following lines are desirable for IPv6 capable hosts
- ::1 ip6-localhost ip6-loopback
- fe00::0 ip6-localnet
- ff00::0 ip6-mcastprefix
+ ::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
- ff02::3 ip6-allhosts
127.0.1.1 mgt0.savannah.gnu.org mgt0
+Install BIND caching nameserver. Ensure resolvconf installed.
+
+ apt-get install bind9 resolvconf
+ ... install fixed /etc/resolvconf/update.d/resolvconf-update-bind
+ ... fixed with a "forward only" statement
+ ln -sfn /run/resolvconf/resolv.conf /etc/resolv.conf
+ ... This may be best to let happen automatically after a reboot
+
Fixup /etc/network/interfaces for both IPv4 and IPv6. Also at the
present time a simple iptables firewall is loaded with a pre-up rule.
- auto lo eth0
+ auto lo
iface lo inet loopback
+ auto eth0
iface eth0 inet static
address 208.118.235.XX/24
gateway 208.118.235.1
+ dns-search savannah.gnu.org fsf.org
pre-up iptables-restore < /etc/default/iptables-rules || :
The above is incomplete as it only has the IPv4 address template and
@@ -286,12 +307,14 @@
This is also okay since the management node only very few public
services.
- auto lo eth0
+ auto lo
iface lo inet loopback
+ auto eth0
iface eth0 inet static
address 208.118.235.77/24
gateway 208.118.235.1
+ dns-search savannah.gnu.org fsf.org
pre-up iptables-restore < /etc/default/iptables-rules || :
Install utilities useful on the management node.
@@ -312,12 +335,14 @@
address. This is also okay since the management node only very few
public services.
- auto lo eth0
+ auto lo
iface lo inet loopback
+ auto eth0
iface eth0 inet static
address 208.118.235.77/24
gateway 208.118.235.1
+ dns-search savannah.gnu.org fsf.org
pre-up iptables-restore < /etc/default/iptables-rules || :
Install MySQL server. In the future use MariaDB when it is available.
@@ -355,12 +380,14 @@
private LAN address and a floating WAN IPv4 address also yet to be
allocated.
- auto lo eth0
+ auto lo
iface lo inet loopback
+ auto eth0
iface eth0 inet static
address 208.118.235.77/24
gateway 208.118.235.1
+ dns-search savannah.gnu.org fsf.org
pre-up iptables-restore < /etc/default/iptables-rules || :
The web frontend sends email. Configure the mailname to be the
@@ -406,5 +433,7 @@
/etc/ssl/private installed from frontend
+FIXME: Document max client limitations and configuration here.
+
FIXME: Need to reference installing Savane here. Perhaps referencing
[[RunningSavaneLocally]]?
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Savannah-cvs] [206] Continuing SavannahHosts documentation.,
bob <=