server/setup/05-service-settings/README.txt


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158

All template files are .. underneath in ./etc

Debian 7.00 (Wheezy)

01 stop all running services ..
    /etc/init.d/apache2 stop
    /etc/init.d/sendmail stop
    /etc/init.d/dovecot stop
    /etc/init.d/mysql stop
    /etc/init.d/saslauthd stop

01 logging
    - firewall logging:
      /etc/rsyslog.conf: firewall rules, kern.debug / kern.=!debug
      /etc/init.d/rsyslog restart

    - logrotate
      /etc/logrotate.conf: compress, 48 weeks
      /etc/logrotate.d/rsyslog: Add /var/log/firewall and /var/log/dovecot.log
      
03 move all users
    - mv /data/backup/home/* /home/
    - for all groups: groupadd -g GID groupname
    - for all users:  useradd -M -N -u UID -g GID username
    - for all users:  usermod -a -G GID1,GID2,.. username
    - cd /data/backup/var/spool/mail ; (check names, remove unused ..) ; mv * /var/spool/mail/

04 move other stuff
    - Old Logs
        - mv /data/backup/var/log /var/log/old_logs

    - MySQL
        - old server: backup DB
          - run backup-mysql.sh on old server, result is e.g. backup-mysqldb-20130605162509.sql
          - !!! strip all system-DB's (schema's) from the backup,
            i.e. all which are not created for applications, e.g.: 
            - mysql
            - users
            - test
            - t_*

        - new server: import DB
          - get backup backup-mysqldb-20130605162509.sql
          - /etc/init.d/mysql start
          - backup-1: backup-mysql.sh
          - mysql --user=root --password  < backup-mysqldb-20130605162509.sql
          - backup-2: backup-mysql.sh
          - mysqlcheck --user=root --password --all-databases

        - if things go wrong: re-install mysql
          dpkg -P mysql-server mysql-server-5.5 mysql-server-core-5.5
          rm -rf /var/lib/mysql/*
          apt-get install mysql-server mysql-server-5.5 mysql-server-core-5.5

    - Services
        - mv /data/backup/srv/* /srv/

05 config procmail
    copy /etc/procmailrc

06 bogofilter
    copy /etc/bogofilter.cf
    Init empty wordlist.db:
        touch nope
        cat nope  | bogoutil -l /var/spool/bogofilter/wordlist.db
        rm nope

07 sasl2
    /etc/sasl2/Sendmail.conf
    /etc/default/saslauthd: start=yes
    /etc/init.d/saslauthd start

08 dovecot 2.1.7-7
    - features:
      - requires ssl
      - ipv4 / ipv6
      - smtps
      - pop3s
      - sieve (tls)

    - Sync config files in /etc/dovecot/
      with etc/dovecot/dovecot.conf.diff and etc/dovecot/conf.d.diff

    - mkdir -p /var/lib/dovecot/sieve/global/
    - chmod ugo+rx /var/lib/dovecot
    - copy /var/lib/dovecot/sieve/global/default.sieve
        - cd /var/lib/dovecot/sieve/global ; sievec default.sieve
    - copy /var/lib/dovecot/sieve/prologue.sieve
        - cd /var/lib/dovecot/sieve ; sievec prologue.sieve

    - migrate old INBOX:
        for each user:
          dsync mirror mbox:~/mail:INBOX=/var/mail/USERNAME
          su dstrohlein -c "dsync mirror mbox:~/mail:INBOX=/var/mail/dstrohlein ; echo OK"

    - /etc/init.d/dovecot start


09 sendmail 8.14.4-4
    - features:
      - requires ssl for auth
      - ipv4 / ipv6

    - /etc/mail
    - Sync config files in /etc/mail with: etc/mail/mail.diff
        - sendmail.mc
        - submit.mc
        - access
        - local-host-names
        - virtusertable

    - /etc
        - aliases

    - cd /etc/mail
        - make

    /etc/init.d/sendmail start
    
10 GIT
    xinetd for git
        apt-get install xinetd
        cp /etc/xinetd.d/git
        /etc/init.d/xinetd restart

    gitweb
        We use deployed gitweb now, and simply deploy gitweb.conf
        - ln -s /usr/share/gitweb DocumentRoot/git
        - cp srv/scm/gitweb.conf

11 apache2
    - php
        apt-get install php5-pgsql php5-ldap php5-imap php5-odbc php5-dev php5-common php5 php5-mysql php5-gd php5-xmlrpc \
                        php5-xsl php5-cli php5-intl php5-pspell php5-snmp php5-sasl

    - misc for perl/bugzilla
        - Perl: redo init (find closest mirror ..)
            - perl -MCPAN -e shell
                - o conf init
        - Packages
            - apt-get install libgd-gd2-perl libgd-graph-perl libgd-tools libgdal-perl libgdal-dev libgdata-dev libgd2-xpm-dev

    - Sync config files in /etc/apache2/ with: etc/apache2/apache2.diff
        - see also etc/apache2/mods-enabled.lst, etc ..

    /etc/init.d/apache2 start

12 jabot
    As user jabot:
        cd /srv/jabot ; git clone file:///srv/scm/users/sgothel/jabot.git
        cd jabot ; ant

    As user root:
        cp -a /srv/jabot/jabot/scripts/jabot-init-debian /etc/init.d/jabot
        update-rc.d jabot defaults

13 jenkins
    ..