welcome: please sign in

Diff for "DomTool/Installation"

Differences between revisions 2 and 3
Revision 2 as of 2008-03-15 15:36:52
Size: 1934
Editor: AdamChlipala
Comment: Finishing the process
Revision 3 as of 2008-03-15 15:57:02
Size: 2548
Editor: AdamChlipala
Comment: More instructions
Deletions are marked like this. Additions are marked like this.
Line 3: Line 3:
 * Install these Debian packages: `mlton libssl-dev libpcre3-dev`  * Install these Debian packages: `mlton libssl-dev libpcre3-dev rsync`
Line 34: Line 34:
 * Create subdirectories of `/var/domtool` in the same way, depending on which services this slave will be managing. If this slave manages BIND, create `/var/domtool/zones`. If this slave manages Apache, create `/var/domtool/vhosts` and `/var/domtool/apache2_logs`.
 * If this slave manages BIND, make sure a UNIX group `bind_config` exists, as Domtool will try to `chgrp` all relevant configuration to that group. It doesn't really matter which users belong to the group, as these actions are performed as root. If the group doesn't exist, you can create it with:
{{{
sudo groupadd bind_config
}}}

To deploy DomTool on a new HCoop machine:

  • Install these Debian packages: mlton libssl-dev libpcre3-dev rsync

  • Change to an appropriate directory for your personal check-out of the domtool2 CVS repo and run:

cvs -d$YOU@hcoop.cvs.sourceforge.net:/cvsroot/hcoop co domtool2
cd domtool2
  • Run:

make
  • It will fail at the very end because a shared library hasn't been installed yet. Run:

sudo make install
rm elisp/domtool-tables.el
make
sudo make install
  • To make everyone's Emacs autoload domtool-mode by default, put this in /usr/local/share/emacs/site-lisp/default.el:

(add-to-list 'load-path "/usr/local/share/emacs/site-lisp/domtool-mode")
(require 'domtool-mode-startup)
  • Add a local domtool user:

sudo useradd -d /afs/hcoop.net/common/etc/domtool -s /bin/false domtool
  • Make Domtool's scratch directory:

sudo mkdir /var/domtool
sudo chown domtool.domtool /var/domtool
  • Create subdirectories of /var/domtool in the same way, depending on which services this slave will be managing. If this slave manages BIND, create /var/domtool/zones. If this slave manages Apache, create /var/domtool/vhosts and /var/domtool/apache2_logs.

  • If this slave manages BIND, make sure a UNIX group bind_config exists, as Domtool will try to chgrp all relevant configuration to that group. It doesn't really matter which users belong to the group, as these actions are performed as root. If the group doesn't exist, you can create it with:

sudo groupadd bind_config
  • Create Domtool's log file and set the right permissions on it:

sudo touch /var/log/domtool.log
sudo chown domtool.domtool /var/log/domtool.log
  • Create an SSL certificate and key to stand for the new machine's Domtool server. Where $HOST is the default hostname the machine gives for itself, run this on deleuze. When prompted for field values, only enter a common name ($HOST) and e-mail address (domtool@hcoop.net).

openssl genrsa -out serverkey.pem 
openssl req -new -key serverkey.pem -out newreq.pem -days 365
cat newreq.pem serverkey.pem > new.pem
openssl ca -config /etc/domtool/openssl.cnf -policy policy_anything -out servercert.pem -infiles new.pem
  • Copy the certificate and key into the right places:

mkdir ~domtool/keys/$HOST
cp serverkey.pem ~domtool/keys/$HOST/key.pem
cp servercert.pem ~domtool/certs/$HOST.pem
  • Try starting the slave server:

sudo /etc/init.d/domtool-slave start

DomTool/Installation (last edited 2018-04-19 02:12:01 by ClintonEbadi)