Differences

This shows you the differences between two versions of the page.

--- fedora_install_for_my_own_purposes [2018/12/08 12:49] – created 0.0.0.0
+++ fedora_install_for_my_own_purposes [2020/03/06 21:54] (current) – external edit 127.0.0.1
@@ Line 1: / Line 1: @@
-====== Fedora_install_for_my_own_purposes ======
 At time of writing, Fedora 28 is current stable version
-=====Download and install Fedora=====
+==== Download and install Fedora ====
-  * [[https://getfedora.org/en/workstation/download/|Download Fedora Image Writer and burn a live image to a USB drive and install to the actual drive]]
+  *  [[https://getfedora.org/en/workstation/download/|Download Fedora Image Writer and burn a live image to a USB drive and install to the actual drive]]
-=====Configure Fedora=====
+==== Configure Fedora ====
-====Enable SSH====
+=== Enable SSH ===
 To allow remote access
-<code>0@@</code>
+<code>
-====Disable SELinux====
+sudo systemctl enable sshd
+sudo systemctl start sshd
+</code>
+=== Disable SELinux ===
 Use the /usr/sbin/getenforce or /usr/sbin/sestatus commands to check the status of SELinux
-<code>1@@</code>
+<code>
+$ /usr/sbin/getenforce
+Enforcing
+</code>
 or
-<code>2@@</code>
+<code>
+$ /usr/sbin/sestatus
+SELinux status:                 enabled
+SELinuxfs mount:                /selinux
+Current mode:                   enforcing
+Mode from config file:          enforcing
+Policy version:                 23
+Policy from config file:        targeted
+</code>
 Change SELINUX from <tt>enforcing</tt> to <tt>disabled</tt> in /etc/selinux/config
-<code>3@@</code>
+<code>
-<code>4@@</code>
+sudo vi /etc/selinux/config
+  -  This file controls the state of SELinux on the system.
+  -  SELINUX= can take one of these three values:
+  -        enforcing - SELinux security policy is enforced.
+  -        permissive - SELinux prints warnings instead of enforcing.
+  -        disabled - No SELinux policy is loaded.
+SELINUX=enforcing
+  -  SELINUXTYPE= can take one of these two values:
+  -        targeted - Targeted processes are protected,
+  -        mls - Multi Level Security protection.
+SELINUXTYPE=targeted
+</code>
+<code>
+sudo reboot
+</code>
-====Assign hostname====
+=== Assign hostname ===
-<code>5@@</code>
+<code>
-====Assign static IP address====
+hostnamectl set-hostname fedora
+hostnamectl
+</code>
+=== Assign static IP address ===
 Choose the network link to change
-<code>6@@</code>
+<code>
-<code>7@@</code>
+ifconfig -a
+</code>
+<code>
+enp0s25: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
+        inet 192.168.1.206  netmask 255.255.255.0  broadcast 192.168.1.255
+        inet6 2a02:a03f:4ed2:5900:6096:f8fa:91b5:ce6e  prefixlen 64  scopeid 0x0<global>
+        inet6 fe80::1704:4ccd:cf19:ac90  prefixlen 64  scopeid 0x20<link>
+        ether 00:21:cc:65:a3:65  txqueuelen 1000  (Ethernet)
+        RX packets 65231  bytes 96666417 (92.1 MiB)
+        RX errors 0  dropped 0  overruns 0  frame 0
+        TX packets 27570  bytes 2020047 (1.9 MiB)
+        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
+        device interrupt 20  memory 0xf2500000-f2520000
+lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
+        inet 127.0.0.1  netmask 255.0.0.0
+        inet6 ::1  prefixlen 128  scopeid 0x10<host>
+        loop  txqueuelen 1000  (Local Loopback)
+        RX packets 4  bytes 315 (315.0 B)
+        RX errors 0  dropped 0  overruns 0  frame 0
+        TX packets 4  bytes 315 (315.0 B)
+        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
+wlp3s0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
+        ether 92:f0:49:fc:4b:10  txqueuelen 1000  (Ethernet)
+        RX packets 0  bytes 0 (0.0 B)
+        RX errors 0  dropped 0  overruns 0  frame 0
+        TX packets 0  bytes 0 (0.0 B)
+        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
+</code>
 Easiest method is to use the command line!
-<code>8@@</code>
+<code>
+sudo vi /etc/sysconfig/network-scripts/ifcfg-enp0s25
+</code>
 Before...
-<code>9@@</code>
+<code>
+TYPE=Ethernet
+PROXY_METHOD=none
+BROWSER_ONLY=no
+BOOTPROTO=dhcp
+DEFROUTE=yes
+IPV4_FAILURE_FATAL=no
+IPV6INIT=yes
+IPV6_AUTOCONF=yes
+IPV6_DEFROUTE=yes
+IPV6_FAILURE_FATAL=no
+IPV6_ADDR_GEN_MODE=stable-privacy
+NAME=enp0s25
+UUID=9097eb96-1ce2-38a2-8dd8-29a8bf56aba4
+ONBOOT=yes
+AUTOCONNECT_PRIORITY=-999
+DEVICE=enp0s25
+</code>
 After...
-<code>10@@</code>
+<code>
+TYPE=Ethernet
+PROXY_METHOD=none
+BROWSER_ONLY=no
+  - BOOTPROTO=dhcp
+BOOTPROTO=none
+IPADDR=192.168.1.15
+NETMASK=255.255.255.0
+GATEWAY=192.168.1.1
+DNS1=192.168.1.13
+DNS2=8.8.8.8
+DEFROUTE=yes
+IPV4_FAILURE_FATAL=no
+IPV6INIT=yes
+IPV6_AUTOCONF=yes
+IPV6_DEFROUTE=yes
+IPV6_FAILURE_FATAL=no
+IPV6_ADDR_GEN_MODE=stable-privacy
+NAME=enp0s25
+UUID=a8a3bec5-64b0-34de-9e27-9c732082c94b
+ONBOOT=yes
+AUTOCONNECT_PRIORITY=-999
+DEVICE=enp0s25
+ZONE=FedoraWorkstation
+</code>
-=====Install Applications=====
+==== Install Applications ====
-<code>11@@</code>
+See further down to install Apache instead of lighttpd.
-====Configure directory permissions====
+<code>
-<code>12@@</code>
+sudo dnf clean all
+sudo dnf -y update
-====Configure Lighttpd====
+sudo dnf install -y ksh terminator thunderbird ddclient lighttpd rrdtool
-  * Modify document_root
+</code>
-<code>13@@</code>
+=== Configure directory permissions ===
-  * Enable mod_cgi: uncomment the mod_cgi include
+<code>
-<code>14@@</code>
+sudo su -
-  * Setup Basic Authentication to restrict web server access
+cd /var/www
-  * Enable server to serve perl files from cgi-bin directory
+mkdir html cgi-bin
-<code>15@@</code>
+cd cgi-bin
-  * Bind the local address to port 80
+git clone https://rockingh0rse@bitbucket.org/rockingh0rse/dbahawk_server.git
-  * Disable IPV6
+chmod 770 *
-<code>16@@</code>
+cd /var/www
+chown -R lighttpd:dbahawk *
+cd /home/dbahawk
+chmod 770 spoolfiles
+chgrp lighttpd spoolfiles
+</code>
-====Configure firewall====
+=== Configure Lighttpd ===
-Connection refused on port 80 from hosts on you lan? :-)<br />
+  *  Modify document_root
+<code>
+vi /etc/lighttpd/modules.conf
+server.document-root = server_root + "/html"
+</code>
+  *  Enable mod_cgi: uncomment the mod_cgi include
+<code>
+  -
+  -  plain old CGI (mod_cgi)
+  -
+include "conf.d/cgi.conf"
+</code>
+  *  Setup Basic Authentication to restrict web server access
+  *  Enable server to serve perl files from cgi-bin directory
+<code>
+auth.backend = "htpasswd"
+auth.backend.htpasswd.userfile = "/etc/lighttpd/.htpasswd"
+$HTTP[["url"]] =~ "/cgi-bin/" {
+    auth.require = (
+        "" => (
+        "method"  => "basic",
+        "realm"   => "DbaHawk access",
+        "require" => "valid-user"
+        )
+    )
+    cgi.assign = (
+        ".sh"  => "/bin/sh",
+        ".cgi" => "/usr/bin/perl",
+        ".pl"  => "/usr/bin/perl"
+    )
+}
+alias.url += ( "/cgi-bin/" => "/var/www/cgi-bin/" )
+</code>
+  *  Bind the local address to port 80
+  *  Disable IPV6
+<code>
+server.bind = "0.0.0.0"
+server.use-ipv6 = "disable"
+</code>
+=== Install Apache ===
+Installing Apache is as simple as running just one command
+<code>
+sudo dnf -y install httpd
+</code>
+=== Allow Apache Through the Firewall ===
+Allow the default HTTP and HTTPS port, ports 80 and 443, through firewalld
+<code>
+sudo firewall-cmd --permanent --add-port=80/tcp
+sudo firewall-cmd --permanent --add-port=443/tcp
+sudo firewall-cmd --reload
+</code>
+=== Configure Apache to Start on Boot ===
+<code>
+sudo systemctl enable httpd
+</code>
+and start it now...
+<code>
+sudo systemctl start httpd
+</code>
+=== Check the status of Apache ===
+<code>
+sudo systemctl status httpd
+</code>
+=== To stop Apache ===
+<code>
+sudo systemctl stop httpd
+</code>
+=== Configure firewall (if not configured as part of Apache install) ===
+Connection refused on port 80 from hosts on you lan? :-)\\
 Firewalld is installed and running by default - and it blocks port 80!
-<code>17@@</code>
+<code>
+firewall-cmd --permanent --add-service=http
+systemctl stop firewalld
+systemctl start firewalld
+</code>
-====Install and configure add-on FiltaQuilla====
+=== Install and configure add-on FiltaQuilla ===
-<nowiki>*** not necessary if the whole of the .thunderbird profile is tar'd and gzipped ***</nowiki><br />
+<nowiki>*** not necessary if the whole of the .thunderbird profile is tar'd and gzipped ***</nowiki>\\
-FiltaQuilla is an add-on that adds significant functionality to the filtering of emails in Thunderbird.<br />
+FiltaQuilla is an add-on that adds significant functionality to the filtering of emails in Thunderbird.\\
 Setup the rule
-  * Where subject contains "dbahawk_forward"
+  *  Where subject contains "dbahawk_forward"
-  * Save attachment to "Downloads/dbahawk_forward"
+  *  Save attachment to "Downloads/dbahawk_forward"
-  * Mark as read
+  *  Mark as read
-  * Delete mail
+  *  Delete mail
-====Configure Thunderbird====
+=== Configure Thunderbird ===
 Copy the profile folder from the old machine if still available. While on the new machine, issue this command to copy directory structure between 2 hosts.
-<code>18@@</code>
+<code>
+ssh dbahawk@fedora "cd $HOME/.thunderbird && tar -cf - . | gzip " | ( cd $HOME/.thunderbird && gunzip -c | tar -xvf - . ) | tee -a  $HOME/copy_thunderbird_profile.log
+</code>
-====Configure ddclient====
+=== Configure ddclient ===
-To get the ddns for the domain name working, make sure ddclient is running in daemon mode.<br />
+To get the dynamic dns (ddns) for the domain name working, make sure ddclient is running in daemon mode.\\
 Make sure use=web is uncommented in <tt>/etc/ddclient/ddclient.conf</tt> or <tt>/etc/ddclient.conf</tt>
-<code>19@@</code>
+<code>
+use=web, web=checkip.dyndns.org/, web-skip='IP Address'
+</code>
 and put these details in the zoneedit section
-<code>20@@</code>
+<code>
+server=dynamic.zoneedit.com,  \\
+protocol=zoneedit1,           \\
+login=<username>,             \\
+password=<password>           \\
+stuartbarkley.com</code>
-====Create user dbahawk====
+=== Create user dbahawk ===
-<code>21@@</code>
+<code>
-Copy the contents of the old spoolfiles directory if possible as it contains the .rrd files.<br />
+sudo su -
-<br />
+useradd -G wheel dbahawk
+su - dbahawk
+passwd
+mkdir -p Downloads/dbahawk_forward spoolfiles
+exit
+</code>
+Copy the contents of the old spoolfiles directory if possible as it contains the .rrd files.\\
-====Install CPAN====
+=== Install CPAN ===
 Some of the dbahawk perl scripts need modules not installed by default (eg. Switch.pm)
-<code>22@@</code>
+<code>
+sudo dnf install -y perl-CPAN
+</code>
 or if Fedora already has it installed, try
-<code>23@@</code>
+<code>
+sudo dnf install -y 'perl(Switch)'
+sudo dnf install -y 'perl(DBI)'
+sudo dnf install -y 'perl(CGI)'
+sudo dnf install -y 'perl(DBD::SQLite)'
+</code>
+==== Install Dokuwiki ====
+Pretty simple install but default install does not configure the apache config file correctly :-)
+<code>
+dnf install -y dokuwiki
+</code
+The edit the Apache config file for dokuwiki
+<code>
+vi /etc/httpd/conf.d/dokuwiki.conf
+</code>
+Change
+<code>
+<Directory /usr/share/dokuwiki>
+        <IfModule mod_authz_core.c>
+                # Apache 2.4
+                Require local
+        </IfModule>
+        <IfModule !mod_authz_core.c>
+                # Apache 2.2
+                Options +FollowSymLinks
+                Order Allow,Deny
+                Allow from 127.0.0.1 ::1
+        </IfModule>
+</Directory>
+</code>
+to
+<code>
+<Directory /usr/share/dokuwiki>
+        <IfModule mod_authz_core.c>
+                # Apache 2.4
+                AllowOverride None
+                Require all granted
+        </IfModule>
+        <IfModule !mod_authz_core.c>
+                # Apache 2.2
+                Options +FollowSymLinks
+                Order Allow,Deny
+                Allow from 127.0.0.1 ::1
+        </IfModule>
+</Directory>
+</code>
+=== Add entries to crontab ===
+<code>
+crontab -e
+</code>
+<code>
+  * /5 *  * * * /var/www/cgi-bin/dbahawk_collector.ksh1            >/tmp/dbahawk_collector.log            2>&1
+   *  * * * /var/www/cgi-bin/dbahawk_archive.pl                >/tmp/dbahawk_archive.log              2>&1
+  *  * * * /var/www/cgi-bin/dbahawk_dbsize_grapher.ksh        >/tmp/dbahawk_dbsize_grapher.log       2>&1
+  *  * * * /var/www/cgi-bin/dbahawk_fssize_grapher.ksh        >/tmp/dbahawk_fssize_grapher.log       2>&1
+  *  * * * /var/www/cgi-bin/dbahawk_rmansize_grapher.ksh      >/tmp/dbahawk_rmansize_grapher.log     2>&1
+  *  * * * /var/www/cgi-bin/dbahawk_rmanduration_grapher.ksh  >/tmp/dbahawk_rmanduration_grapher.log 2>&1
+</code>
-====Add entries to crontab====
+==== Other goodies ====
-<code>24@@</code>
+  *  [[https://www.itzgeek.com/how-tos/linux/fedora-how-tos/22-things-to-do-after-fresh-installation-of-fedora-27-fedora-26.html|22-things-to-do-after-fresh-installation-of-fedora-27 - itzgeek.com]]
-<code>25@@</code>
-=====Other goodies=====
-  * [[https://www.itzgeek.com/how-tos/linux/fedora-how-tos/22-things-to-do-after-fresh-installation-of-fedora-27-fedora-26.html|22-things-to-do-after-fresh-installation-of-fedora-27 - itzgeek.com]]