Difference between revisions of "Charity admin"

From ProgClub
Jump to: navigation, search
Line 1: Line 1:
This page chronicles the administrative changes to [[Charity|charity.progclub.org]]. If you make an administrative change you should document the change here. Changes are logged he in reverse chronological order with a time-stamp in the form YYYY-MM-DD hh:mm. You can use the time from whatever timezone you are in, or UTC if you're cool, but use 24 hour time. Don't worry if the changes you make have a time-stamp that is less than a time-stamp later in the page, put the latest changes at the top.
+
This page chronicles the administrative changes to [[Charity|charity.progclub.org]]. If you make an administrative change you should document the change here. Changes are logged he in reverse chronological order with a time-stamp in the form YYYY-MM-DD hh:mm. You can use the time from whatever timezone you are in, or UTC if you're cool, but use 24 hour time. Don't worry if the changes you make have a time-stamp that is less than a time-stamp later in the page, put the latest changes at the top. Put a link to your wiki user account before the time-stamp so we know who's doing what.
  
 
= [[User:John|John]] 2011-07-26 09:55 =
 
= [[User:John|John]] 2011-07-26 09:55 =

Revision as of 11:09, 26 July 2011

This page chronicles the administrative changes to charity.progclub.org. If you make an administrative change you should document the change here. Changes are logged he in reverse chronological order with a time-stamp in the form YYYY-MM-DD hh:mm. You can use the time from whatever timezone you are in, or UTC if you're cool, but use 24 hour time. Don't worry if the changes you make have a time-stamp that is less than a time-stamp later in the page, put the latest changes at the top. Put a link to your wiki user account before the time-stamp so we know who's doing what.

John 2011-07-26 09:55

Adding user sanguinev

# adduser sanguinev
Adding user `sanguinev' ...
Adding new group `sanguinev' (1002) ...
Adding new user `sanguinev' (1002) with group `sanguinev' ...
Creating home directory `/home/sanguinev' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for sanguinev
Enter the new value, or press ENTER for the default
        Full Name []: Thomas
        Room Number []:
        Work Phone []:
        Home Phone []:
        Other []:
Is the information correct? [Y/n]
# gpasswd -a sanguinev sudo
Adding user sanguinev to group sudo

Added a wiki user too.

John 2011-07-26 09:13

Adding user jj5

root@charity:~# adduser jj5
Adding user `jj5' ...
Adding new group `jj5' (1000) ...
Adding new user `jj5' (1000) with group `jj5' ...
Creating home directory `/home/jj5' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for jj5
Enter the new value, or press ENTER for the default
        Full Name []: John Elliot
        Room Number []:
        Work Phone []:
        Home Phone []:
        Other []:
Is the information correct? [Y/n]
root@charity:~# gpasswd -a jj5 sudo
Adding user jj5 to group sudo

That was easy. PuTTY says it works!

Adding user tasaio

root@charity:~# adduser tasaio
Adding user `tasaio' ...
Adding new group `tasaio' (1001) ...
Adding new user `tasaio' (1001) with group `tasaio' ...
Creating home directory `/home/tasaio' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for tasaio
Enter the new value, or press ENTER for the default
        Full Name []: Justin
        Room Number []:
        Work Phone []:
        Home Phone []:
        Other []:
Is the information correct? [Y/n]
root@charity:~# gpasswd -a tasaio sudo
Adding user tasaio to group sudo

That was easy too! Will create a wiki user for him too.

John 2011-07-26 08:47

I could be accused of ignorance. When I created my key file for the CSR request I nominated a pass-phrase. This phrase is required to be entered every time you restart Apache. Gah! Until I can figure out a way to fix it I've created a script in /sbin called restart-apache which enters the key's pass-phrase automatically.

# cd /sbin
# vim restart-apache
#!/bin/bash
echo <the pass phrase> | apache2ctl graceful
# chmod u+x restart-apache
# restart-apache

Works swimmingly. Will reboot to see what happens when apache tries to load from a boot.

Apache chokes on boot. Found this article, which suggests,

# cd ~
# cp progclub.key progclub.key.pass-phrase
# openssl rsa -in progclub.key.pass-phrase -out progclub.key
# chmod 400 progclub.*
# reboot

Hopefully Apache comes back up this time... yep!

Will keep the restart-apache script in sbin, but will remove the part that specified the key pass-phrase.

John 2011-07-26 06:20

Getting an HTTPS certificate

Searched for certificate sni cheap, found Go Daddy SSL Certificate. Decided on the Multiple Domains UCC - A$82.93/yr setup, which looks like it will suit us. Picked up to 5 domains for 3 years. It offered me free .mobi registration, so I added progclub.mobi. I then also added progclub.biz and progclub.co, I'm a sucker. Registration information recorded in Blackbrick Account Manager. Setup the nameservers for the new domains to point to ns*.slicehost.net via My Account.

Had to generated a Certificate Signing Request (CSR) per these instructions (for Apache 2.x).

# cd ~
# openssl genrsa -des3 -out progclub.key 2048
# openssl req -new -key progclub.key -out progclub.csr

See Blackbrick Account Manager for full details.

Certificate Type

  • Hosting: Third Party Hosting
  • Domain Name: www.progclub.org
  • Certificate Issuing Organization: Go Daddy
  • Subject Alt Names: www.progclub.net www.progclub.mobi www.progclub.info www.progclub.co
You're through!
Your certificate will be issued shortly.
You can monitor the progress of your certificate application by going to the
Pending Requests folder and clicking your Common Name. When we are through
verifying your application, you will receive an email with further instructions.

Downloaded the progclub.org.zip that was eventually generated, and used WinSCP to copy it to root's home directory on charity. Found info about Installing an SSL Certificate in Apache.

# cd /etc/apache2/sites-available/
# vim default-ssl

Set,

ServerAdmin jj5@jj5.net
DocumentRoot /var/www/www.progclub.org
# cd ~
# ls
progclub.csr  progclub.key  progclub.org.zip
# unzip progclub.org.zip
-bash: unzip: command not found
# apt-get install unzip
Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
  zip
The following NEW packages will be installed:
  unzip
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 189kB of archives.
After this operation, 406kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu/ lucid/main unzip 6.0-1build1 [189kB]
Fetched 189kB in 0s (195kB/s)
Selecting previously deselected package unzip.
(Reading database ... 15343 files and directories currently installed.)
Unpacking unzip (from .../unzip_6.0-1build1_amd64.deb) ...
Processing triggers for man-db ...
Setting up unzip (6.0-1build1) ...
# unzip progclub.org.zip
Archive:  progclub.org.zip
  inflating: gd_bundle.crt
  inflating: progclub.org.crt
# ls
gd_bundle.crt  progclub.csr  progclub.key  progclub.org.crt  progclub.org.zip
# cd /etc/apache2/sites-available/
# vim default-ssl
#SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateFile /root/progclub.org.crt
#SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
SSLCertificateKeyFile /root/progclub.key
#SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt
SSLCertificateChainFile /root/gd_bundle.crt

Saved changes.

# a2ensite default-ssl
# /etc/init.d/apache2 reload
 * Reloading web server config apache2                                   [ OK ]
# a2enmod ssl
Enabling module ssl.
See /usr/share/doc/apache2.2-common/README.Debian.gz on how to configure SSL and create self-signed certificates.
Run '/etc/init.d/apache2 restart' to activate new configuration!
# /etc/init.d/apache2 restart

Navigated to https://www.progclub.org/, and it worked!

# cd /etc/apache2/sites-enabled/
# vim 000-default-ssl
Alias /pc /var/www/www.progclub.org/mediawiki-1.17.0/index.php

The secure wiki is now working!

John 2011-07-25 17:53

Installing MediaWiki

Found the MediaWiki download page, which references mediawiki-1.17.0.tar.gz.

# cd /var/www/www.progclub.org/
# wget http://download.wikimedia.org/mediawiki/1.17/mediawiki-1.17.0.tar.gz
# ls
index.html  mediawiki-1.17.0.tar.gz  test.php
# tar xzf mediawiki-1.17.0.tar.gz
# ls
index.html  mediawiki-1.17.0  mediawiki-1.17.0.tar.gz  test.php
# rm mediawiki-1.17.0.tar.gz
# cd mediawiki-1.17.0/
# ls
COPYING               bin            languages             redirect.php5
CREDITS               cache          load.php              redirect.phtml
FAQ                   config         load.php5             resources
HISTORY               docs           maintenance           serialized
INSTALL               extensions     math                  skins
README                images         mw-config             thumb.php
RELEASE-NOTES         img_auth.php   opensearch_desc.php   thumb.php5
StartProfiler.sample  img_auth.php5  opensearch_desc.php5  trackback.php
UPGRADE               includes       php5.php5             trackback.php5
api.php               index.php      profileinfo.php       wiki.phtml
api.php5              index.php5     redirect.php

Didn't find a LocalSettings.php, which is what I was expecting, so reading INSTALL.

# less INSTALL

It told me to navigate to the setup page. The setup page complained about a missing LocalSettings.php, so they haven't changed that after all. Clicked on setup the wiki.

Specified,

* Your language: en - English
* Wiki language: en - English

Clicked continue, and amoung it's checks was a complaint:

Could not find a suitable database driver! You need to install a database driver for PHP. The following
database types are supported: MySQL, PostgreSQL, Oracle, SQLite.
If you are on shared hosting, ask your hosting provider to install a suitable database driver. If you compiled
PHP yourself, reconfigure it with a database client enabled, for example using ./configure --with-mysql. 
If you installed PHP from a Debian or Ubuntu package, then you also need install the php5-mysql module.

So,

# apt-get install php5-mysql
# apache2ctl graceful

Then reloaded the config page,

The environment has been checked. You can install MediaWiki.

Clicked continue, and got the Connect to database page. Looks like I'm going to need a database user for the wiki, so

# mysql -h localhost -u root --password=<password>
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 36
Server version: 5.1.41-3ubuntu12.10 (Ubuntu)
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> create user 'pcwiki'@'localhost' identified by '<password>';
Query OK, 0 rows affected (0.00 sec)
mysql> exit
Bye

Back on the config page:

* Database type: MySQL
* Database host: localhost
* Database name: pcwiki
* Database table prefix: pcwiki__
* Database username: pcwiki
* Database password: <password>

Clicked continue, and got the Database settings page. Specified,

* Database account for web access: Use the same account as for installation
* Storage engine: InnoDB (the default, other choice was MyISAM)
* Database character set: UTF-8 (not the default, the default choice was Binary)

Clicked continue, and got the Name page. Specified,

* Name of wiki: ProgClub
* Project namespace: Same as the wiki name: ProgClub

Configuration for the Administrator account,

* Your name: John
* Password: <password>
* Password again: <password>
* E-mail address: jj5@jj5.net
You are almost done! You can now skip the remaining configuration and install the wiki right now.

Chose Ask me more questions, and got the Options page. Specified,

* User rights profile: Traditional wiki
* Copyright and license: No license footer
* Enable outbound e-mail: true
* Return e-mail address: wiki@progclub.org
* Enable user-to-user e-mail: true
* Enable user talk page notification: true
* Enable watchlist notification: true
* Enable e-mail authentication: true
* Enable file uploads: true
* Directory for deleted files: /var/www/www.progclub.org/mediawiki-1.17.0/images/deleted
* Logo URL: /res/img/logo.png
* Settings for object caching: No caching

Clicked Continue, and got the confirmation page. Clicked Continue again. Got an error because the database user couldn't create the database. Created the database manually,

# mysql -h localhost -u root --password=<password>
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 43
Server version: 5.1.41-3ubuntu12.10 (Ubuntu)
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> create database `pcwiki`;
Query OK, 1 row affected (0.00 sec)
mysql> exit
Bye

Decided it would be easier to let MediaWiki create the database, so went back and specified the database config details to use the root user. I will change this to be the pcwiki user manually after the database has been created.

Setting up database... done
Creating tables... done
Creating database user... done
Populating default interwiki table... done
Initializing statistics... done
Generating secret keys... done
Creating administrator user account... done
Creating main page with default content... done

Clicked continue,

Congratulations! You have successfully installed MediaWiki.
The installer has generated a LocalSettings.php file. It contains all your configuration.
You will need to download it and put it in the base of your wiki installation (the same
directory as index.php). The download should have started automatically.
If the download was not offered, or if you cancelled it, you can restart the download by
clicking the link below: Download LocalSettings.php
Note: If you do not do this now, this generated configuration file will not be available
to you later if you exit the installation without downloading it.
When that has been done, you can enter your wiki.

Downloaded the LocalSettings.php file and copied it to /var/www/www.blackbrick.com/mediawiki.1.17.0

Edited LocalSettings.php and changed the database user:

$wgDBuser           = "pcwiki";
$wgDBpassword       = "<password>";

Also added an article path:

$wgArticlePath      = "/pc/$1";

Also need to grant access for pcwiki user:

# mysql -h localhost -u root --password=<password>
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 54
Server version: 5.1.41-3ubuntu12.10 (Ubuntu)
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> grant all privileges on pcwiki.* to pcwiki@localhost;
Query OK, 0 rows affected (0.11 sec)
mysql> exit
Bye

Then need to edit apache conf file to include the pc alias:

# cd /etc/apache2/sites-enabled/
# vim 000-default

added,

Alias /pc /var/www/www.progclub.org/mediawiki-1.17.0/index.php

then,

# apache2ctl graceful

Also,

# cd /var/www/www.progclub.org/
# mkdir res
# mkdir res/img

Then uploaded a logo.png to there with WinSCP. The logo settings hadn't been properly specified in the generated LocalSettings.php file, so,

# cd /var/www/www.progclub.org/mediawiki-1.17.0/
# vim LocalSettings.php

and changed the logo setting,

$wgLogo             = "/res/img/logo.png";

Checked the wiki, and it's all working nicely.

John 2011-07-25 17:12

Preparing WWW hosting

# cd /var/www
# mkdir www.progclub.org
# mv index.html test.php www.progclub.org/
# ls
# cd www.progclub.org/
# ls
index.html  test.php

Everything is in order.

# cd /etc/apache2/sites-enabled/
# ls
000-default
# vim 000-default

Specified ServerAdmin,

ServerAdmin jj5@progclub.org

Changed document root,

DocumentRoot /var/www/www.progclub.org/

Changed the <Directory /var/www/> section to,

<Directory /var/www/www.progclub.org/>

Saved changes and quit vim. Restarted apache,

# apache2ctl graceful

Apache complained,

apache2: Could not reliably determine the server's fully qualified domain name, using charity.progclub.org for ServerName

Searched for "apache2: Could not reliably determine the server's fully qualified domain name, using " and found an answer.

Ran,

# hostname charity.progclub.org

which I guess is a better way to set the hostname than editing /etc/hostname like I did. :P

Ran,

# apache2ctl graceful

again, and got the same error,

apache2: Could not reliably determine the server's fully qualified domain name, using charity.progclub.org for ServerName

Tried a reboot to see if the hostname is updated after that,

# reboot

Still having problems with,

# apache2ctl graceful

So read more of the answer, and then,

# hostname charity
# vim /etc/hosts

Specified the file contents as

127.0.0.1          localhost localhost.localdomain
67.207.128.184     charity charity.progclub.org

Then rebooted,

# reboot

Ran hostname and got,

# hostname
charity.progclub.org

So edited /etc/hostname and specified

charity

Rebooted,

# reboot

Searched for "/etc/hostname", and found an answer. Short name goes in /etc/hostname, so we should be configured correctly now. Apache is still complaining though,

# apache2ctl graceful
apache2: Could not reliably determine the server's fully qualified domain name, using 67.207.128.184 for ServerName

and it's using the IP address rather than charity.progclub.org now. Will manually specify ServerName in /etc/apache2/sites-enabled/000-default

# cd /etc/apache2/sites-enabled/
# vim 000-default

Added,

ServerName  charity.progclub.org

Ran,

# apache2ctl graceful

again, and got the same friggin' error! More web-searching... found a different answer, tried editing /etc/hosts to put the names the other way around,

# vim /etc/hosts
127.0.0.1          localhost.localdomain localhost
67.207.128.184     charity.progclub.org charity

Rebooted,

# reboot

Tried apache2ctl again,

# apache2ctl graceful

And got no error! Yay!

Checked

* www.progclub.org

and found everything to be working. Web hosting is now configured.

John 2011-07-25 17:11

PHP software installation

I created a test.php file at /var/www/test.php to see if PHP was working out-of-the-box. I navigated to test.php to check, and it tried to download the PHP file, so I guess PHP isn't installed.

The test.php file I used was,

<? phpinfo(); ?>

Searched for PHP installation candidate,

# apt-cache search php5 | less

Found php5, which looks promising.

# apt-get install php5
The following extra packages will be installed:
 apache2-mpm-prefork libapache2-mod-php5 php5-common
Suggested packages:
 php-pear php5-suhosin
The following packages will be REMOVED:
 apache2-mpm-worker
The following NEW packages will be installed:
 apache2-mpm-prefork libapache2-mod-php5 php5 php5-common
0 upgraded, 4 newly installed, 1 to remove and 0 not upgraded.
Need to get 3544kB of archives.
After this operation, 9568kB of additional disk space will be used.
Do you want to continue [Y/n]?
Get:1 http://archive.ubuntu.com/ubuntu/ lucid-updates/main apache2-mpm-prefork 2.2.14-5ubuntu8.4 [2420B]
Get:2 http://archive.ubuntu.com/ubuntu/ lucid-updates/main php5-common 5.3.2-1ubuntu4.9 [551kB]
Get:3 http://archive.ubuntu.com/ubuntu/ lucid-updates/main libapache2-mod-php5 5.3.2-1ubuntu4.9 [2990kB]
Get:4 http://archive.ubuntu.com/ubuntu/ lucid-updates/main php5 5.3.2-1ubuntu4.9 [1112B]
Fetched 3544kB in 1s (1913kB/s)
dpkg: apache2-mpm-worker: dependency problems, but removing anyway as you requested:
 apache2 depends on apache2-mpm-worker (= 2.2.14-5ubuntu8.4) | apache2-mpm-prefork (= 2.2.14-5ubuntu8.4) | apache2-mpm-event (= 2.2.14-5ubuntu8.4) | apache2-mpm-itk (= 2.2.14-5ubuntu8.4); however:
 Package apache2-mpm-worker is to be removed.
 Package apache2-mpm-prefork is not installed.
 Package apache2-mpm-event is not installed.
 Package apache2-mpm-itk is not installed.
(Reading database ... 15291 files and directories currently installed.)
Removing apache2-mpm-worker ...
 * Stopping web server apache2                                                  apache2: Could not reliably determine the server's fully qualified domain name, using 67.207.128.184 for ServerName
... waiting .                                                           [ OK ]
Selecting previously deselected package apache2-mpm-prefork.
(Reading database ... 15283 files and directories currently installed.)
Unpacking apache2-mpm-prefork (from .../apache2-mpm-prefork_2.2.14-5ubuntu8.4_amd64.deb) ...
Selecting previously deselected package php5-common.
Unpacking php5-common (from .../php5-common_5.3.2-1ubuntu4.9_amd64.deb) ...
Selecting previously deselected package libapache2-mod-php5.
Unpacking libapache2-mod-php5 (from .../libapache2-mod-php5_5.3.2-1ubuntu4.9_amd64.deb) ...
Selecting previously deselected package php5.
Unpacking php5 (from .../php5_5.3.2-1ubuntu4.9_all.deb) ...
Setting up apache2-mpm-prefork (2.2.14-5ubuntu8.4) ...
 * Starting web server apache2                                                  apache2: Could not reliably determine the server's fully qualified domain name, using 67.207.128.184 for ServerName
                                                                        [ OK ]
Setting up php5-common (5.3.2-1ubuntu4.9) ...
Setting up libapache2-mod-php5 (5.3.2-1ubuntu4.9) ...
Creating config file /etc/php5/apache2/php.ini with new version
 * Reloading web server config apache2                                          apache2: Could not reliably determine the server's fully qualified domain name, using 67.207.128.184 for ServerName
                                                                        [ OK ]
Setting up php5 (5.3.2-1ubuntu4.9) ...

Noticed the complaining about the server's fully qualified domain name, so

# vim /etc/hostname

and changed from

charity

to

charity.progclub.org

Then I rebooted,

# reboot

Logged in again and checked the hostname,

# hostname

which was correctly reported as,

charity.progclub.org

Then I navigated to the test.php page, and got back the phpinfo().

John 2011-07-25 16:40

Apache and MySQL software installation

Searched for MySQL software,

# apt-cache search mysql | less

Found mysql-server, which looks like a good candidate.

Searched for Apache software,

# apt-cache search apache2 | less

Found apache2, which looks like a good candidate.

# apt-get install apache2 mysql-server
The following extra packages will be installed:
 apache2-mpm-worker apache2-utils apache2.2-bin apache2.2-common libapr1
 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap libdbd-mysql-perl
 libdbi-perl libexpat1 libhtml-template-perl libmysqlclient16
 libnet-daemon-perl libplrpc-perl mysql-client-5.1 mysql-client-core-5.1
 mysql-common mysql-server-5.1 mysql-server-core-5.1 psmisc ssl-cert
Suggested packages:
 www-browser apache2-doc apache2-suexec apache2-suexec-custom ufw dbishell
 libipc-sharedcache-perl tinyca mailx
The following NEW packages will be installed:
 apache2 apache2-mpm-worker apache2-utils apache2.2-bin apache2.2-common
 libapr1 libaprutil1 libaprutil1-dbd-sqlite3 libaprutil1-ldap
 libdbd-mysql-perl libdbi-perl libexpat1 libhtml-template-perl
 libmysqlclient16 libnet-daemon-perl libplrpc-perl mysql-client-5.1
 mysql-client-core-5.1 mysql-common mysql-server mysql-server-5.1
 mysql-server-core-5.1 psmisc ssl-cert

Configuring mysql-server-5.1

Dpkg showed a configuration screen for configuring the root password. I set one.

Apache and MySQL software installation, continued

I rebooted after installing the above software,

# reboot

I checked the Apache installation by navigating to www.progclub.org and It Works!

John 2011-07-25 16:34

SSH'ed in as root and ran:

# apt-get update
# apt-get dist-upgrade
# reboot

John 2011-07-25 16:00

Had to stuff around with resetting the root password on charity, but remote logins via SSH are working now for root.

John 2011-07-25 15:52

Configured the name server with progclub.org, progclub.net and progclub.info DNS zones on slicehost. The SliceManager should be used to maintain the DNS records for progclub.