Nice! I'll copy-and-past this to the wiki Reinier
> -----Oorspronkelijk bericht----- > Van: [email protected] [mailto:tracks- > [email protected]] Namens Orlando Richards > Verzonden: woensdag 27 mei 2009 16:26 > Aan: tracks-discuss ([email protected]) > Onderwerp: [Tracks-discuss] My installation notes > > Hi all, > > I did a fresh install of tracks a while back, and took a copy of my > commands. I've included them here as I thought they might be of use. > > The install is on Scientific Linux 5 (a RedHat 5 clone), and is using > apache as a front end proxy for tracks, using a dedicated virtual host > in apache, with SSL. I imported my existing tracks database as part of > the install. > > It also includes setup for a separate database backup user, and a > cronjob that dumps the database out. > > Apologies for any linewrap weirdness due to email format. > > Hope someone finds this useful! > > -- > Orlando. > > > > > Setting up tracks on RedHat 5 / CentOS 5 / Scientific Linux 5 > > Install mysql-server, ruby, ruby-rdoc, ruby-devel.x86_64, mysql- > devel.x86_64 > > Create tracks user account: > > [r...@mwvm01 ~]# useradd -m tracks > > Set root password in mysql: > > [r...@mwvm01 ~]# /etc/init.d/mysqld start > Initializing MySQL database: Installing MySQL system tables... > OK > Filling help tables... > OK > > To start mysqld at boot time you have to copy > support-files/mysql.server to the right place for your system > > PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER ! > To do so, start the server, then issue the following commands: > /usr/bin/mysqladmin -u root password 'new-password' > /usr/bin/mysqladmin -u root -h mwvm01.mydomain.com password 'new- > password' > See the manual for more instructions. > You can start the MySQL daemon with: > cd /usr ; /usr/bin/mysqld_safe & > > You can test the MySQL daemon with mysql-test-run.pl > cd mysql-test ; perl mysql-test-run.pl > > Please report any problems with the /usr/bin/mysqlbug script! > > The latest information about MySQL is available on the web at > http://www.mysql.com > Support MySQL by buying support/licenses at http://shop.mysql.com > [ OK ] > > Starting MySQL: [ OK ] > [r...@mwvm01 ~]# > [r...@mwvm01 ~]# mysql -u root > Welcome to the MySQL monitor. Commands end with ; or \g. > Your MySQL connection id is 4 > Server version: 5.0.45 Source distribution > > Type 'help;' or '\h' for help. Type '\c' to clear the buffer. > > mysql> use mysql; > Reading table information for completion of table and column names > You can turn off this feature to get a quicker startup with -A > > Database changed > mysql> update user set password=PASSWORD("secret") where User='root'; > Query OK, 3 rows affected (0.00 sec) > Rows matched: 3 Changed: 3 Warnings: 0 > mysql> flush privileges; > Query OK, 0 rows affected (0.00 sec) > > mysql> quit > > Import an existing tracks database: > > [r...@mwvm01 ~]# ls -l ~orichard/tracks.db.2009-03-02.gz > -rw-r--r-- 1 orichard is_iti_ug 62508 Mar 2 11:23 > /home/orichard/tracks.db.2009-03-02.gz > [r...@mwvm01 ~]# cd ~orichard/ > [r...@mwvm01 orichard]# gzip -d tracks.db.2009-03-02.gz > [r...@mwvm01 orichard]# mysql -u root -p > Enter password: > Welcome to the MySQL monitor. Commands end with ; or \g. > Your MySQL connection id is 10 > Server version: 5.0.45 Source distribution > > Type 'help;' or '\h' for help. Type '\c' to clear the buffer. > > mysql> create database tracks; > Query OK, 1 row affected (0.00 sec) > > mysql> Bye > [r...@mwvm01 orichard]# mysql -u root -p tracks < tracks.db.2009-03-02 > Enter password: > [r...@mwvm01 orichard]# > > Set up tracks database accounts: > > mysql> GRANT LOCK TABLES ON tracks.* to 'tracksbackup'@'localhost' > IDENTIFIED BY 'apassword'; > Query OK, 0 rows affected (0.00 sec) > > mysql> GRANT SELECT ON tracks.* to 'tracksbackup'@'localhost' > IDENTIFIED > BY 'apassword'; > Query OK, 0 rows affected (0.00 sec) > > mysql> GRANT ALL ON tracks.* to 'tracks'@'localhost' IDENTIFIED BY > 'thepassword'; > Query OK, 0 rows affected (0.00 sec) > > Download the latest tracks: > > [r...@mwvm01 orichard]# wget > http://bsag.bingodisk.com/public/files/tracks-current.zip > 11:34:32 (406 KB/s) - `tracks-current.zip' saved [6080226/6080226] > [r...@mwvm01 orichard]# unzip tracks-current.zip > [r...@mwvm01 orichard]# mv tracks-1.7/ ~tracks/ > [r...@mwvm01 orichard]# chown -R tracks:tracks ~tracks/tracks-1.7/ > [r...@mwvm01 orichard]# su - tracks > [tra...@mwvm01 ~]$ cd tracks-1.7/config/ > [tra...@mwvm01 config]$ vi database.yml > # Insert: > production: > adapter: mysql > database: tracks > host: localhost > username: tracks > password: thepassword > > [tra...@mwvm01 config]$ vi site.yml > salt: "mysalt" > time_zone: "Edinburgh" > secure_cookies: true > > [tra...@mwvm01 config]$ cd > [tra...@mwvm01 ~]$ ln -s tracks-1.7/ tracks > [tra...@mwvm01 ~]$ cd tracks > [orich...@espresso tracks]$ cat > start_tracks.sh > #!/bin/bash > > cd ~tracks/tracks > ./script/server -e production --binding=127.0.0.1 -d > [tra...@mwvm01 tracks]$ chmod +x start_tracks.sh > > Set up rubygems: > > [tra...@mwvm01 ~]$ wget > http://rubyforge.org/frs/download.php/45905/rubygems-1.3.1.tgz > 11:45:42 (530 KB/s) - `rubygems-1.3.1.tgz' saved [263748/263748] > [tra...@mwvm01 ~]$ tar -zxf rubygems-1.3.1.tgz > > > [r...@mwvm01 rubygems-1.3.1]# ruby setup.rb > Building native extensions. This could take a while... > Successfully installed mysql-2.7 > 1 gem installed > > [r...@mwvm01 ~]# gem install rake > Successfully installed rake-0.8.3 > 1 gem installed > Installing ri documentation for rake-0.8.3... > Installing RDoc documentation for rake-0.8.3... > > And start up: > > [tra...@mwvm01 tracks]$ ./start_tracks.sh > => Booting WEBrick... > > => Rails 2.2.2 application started on http://127.0.0.1:3000 > [2009-03-02 11:53:29] INFO WEBrick 1.3.1 > [2009-03-02 11:53:29] INFO ruby 1.8.5 (2006-08-25) [x86_64-linux] > > [tra...@mwvm01 tracks]$ netstat -l -n | grep 3000 > tcp 0 0 127.0.0.1:3000 0.0.0.0:* > LISTEN > > Configure apache: > > [r...@mwvm01 certs]# cd /etc/pki/tls/certs/ > [r...@mwvm01 certs]# make certreq > umask 77 ; \ > /usr/bin/openssl req -utf8 -new -key > /etc/pki/tls/private/localhost.key -out > /etc/pki/tls/certs/localhost.csr > You are about to be asked to enter information that will be > incorporated > into your certificate request. > What you are about to enter is what is called a Distinguished Name or a > DN. > There are quite a few fields but you can leave some blank > For some fields there will be a default value, > If you enter '.', the field will be left blank. > ----- > Country Name (2 letter code) [GB]: > State or Province Name (full name) [Berkshire]:Lothian > Locality Name (eg, city) [Newbury]:Edinburgh > Organization Name (eg, company) [My Company Ltd]:MyCompany > Organizational Unit Name (eg, section) []:My Section > Common Name (eg, your name or your server's hostname) > []:tracks.mydomain.com > Email Address []:[email protected] > > Please enter the following 'extra' attributes > to be sent with your certificate request > A challenge password []: > An optional company name []: > > [r...@mwvm01 certs]# mv localhost.csr tracks.mydomain.com.csr > > # Once you have your cert, copy it in to > /etc/pki/tls/private/tracks.mydomain.com.crt > > [r...@mwvm01 ~]# cat > /etc/httpd/conf.d/tracks.conf > NameVirtualHost tracks.mydomain.com:443 > Listen IP_ADDRESS_OF_tracks.mydomain.com:443 > <VirtualHost tracks.mydomain.com:443> > > SSLEngine on > SSLProtocol all -SSLv2 > SSLCipherSuite > ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW > SSLCertificateFile /etc/pki/tls/certs/tracks.mydomain.com.crt > SSLCertificateKeyFile /etc/pki/tls/private/localhost.key > RequestHeader set X_FORWARDED_PROTO 'https' > ProxyPass / http://127.0.0.1:3000/ > ProxyPassReverse / http://127.0.0.1:3000/ > ProxyRequests Off > > </VirtualHost> > > > [r...@mwvm01 conf.d]# vi /etc/httpd/conf/httpd.conf > > # Set to listen on loopback only: > Listen 127.0.0.1:80 > > # Similarly for ssl: > Listen 127.0.0.1:443 > > Set up the interface: > > [r...@mwvm01 conf.d]# ifconfig eth0:1 IP_ADDRESS_OFtracks.mydomain.com > > Start up apache: > > [r...@mwvm01 conf.d]# /etc/init.d/httpd configtest > Syntax OK > [r...@mwvm01 conf.d]# /etc/init.d/httpd start > Starting httpd: [ OK ] > > Set everything to come up on boot: > > [r...@mwvm01 ~]# chkconfig mysqld on > [r...@mwvm01 ~]# chkconfig httpd on > [r...@mwvm01 etc]# cat >> /etc/rc.local > > su - tracks -c /home/tracks/tracks/start_tracks.sh > > Update /etc/sysconfig/iptables with: > > # Allow HTTPS to tracks.mydomain.com > -A RH-Firewall-1-INPUT -m state --state NEW -d tracks.mydomain.com -m > tcp -p tcp --dport 443 -j ACCEPT > > Set up database backups: > > [tra...@mwvm01 ~]$ mkdir backups > > [tra...@mwvm01 ~]$ crontab -e > 01 9 * * * /usr/bin/mysqldump -u tracksbackup -p'apassword' tracks > > /home/tracks/backups/tracks.db.`date \+\%F`; gzip > /home/tracks/backups/tracks.db.`date \+\%F` > > > > > -- > The University of Edinburgh is a charitable body, registered in > Scotland, with registration number SC005336. > _______________________________________________ > Tracks-discuss mailing list > [email protected] > http://lists.rousette.org.uk/mailman/listinfo/tracks-discuss _______________________________________________ Tracks-discuss mailing list [email protected] http://lists.rousette.org.uk/mailman/listinfo/tracks-discuss
