Sysadmin Documentation/gold

From UGCS
Jump to: navigation, search

Return to Server Setup

Cadmium is the web server. It provides website hosting and mysql(mariadb)

Stats

Rackable Systems 2U Intel server, dual Xeon processors, 16 GB RAM, 2x 300 GB drives.

Roles

  • Web Server
  • SQL server

Configuration

Apache + PHP

First we need to install apache and php and supporting libraries

sudo apt-get install apache2 php5-fpm php5-xcache imagemagick

Now we enable the proxy_fcgi module

sudo a2enmod proxy_fcgi

The php runner listens on the socket /var/run/php5-fpm.sock by default. We need to point the proxy to this. In the vhost for the site, we just do:

<FilesMatch "\.php$">
    # Note: The only part that varies is /path/to/app.sock
    SetHandler  "proxy:unix:/var/run/php5-fpm.sock|fcgi://"
</FilesMatch>

for userdirs we enable the module

sudo a2enmod userdir

We then remove the stuff in /etc/apache2/mods-enabled/userdir.conf, since we need to have it vhosted. Instead we copy that shit to the sites vhost

https

UGCS5_Server_Setup/SSL

mysql

Instead of using mysql we are using mariadb. We do this by installing the package

sudo apt-get install mariadb-server

TODO: sql database security?

Mediawiki

We are using the mediawiki from the debian repos. We are using mariadb, so we can't have regular mysql installed. We also install other shit mediawiki wants

sudo apt-get install --no-install-recommends mediawiki mediawiki-extensions-ldapauth php5-xcache imagemagick

We grab the latest mediawiki LTS from the mediawiki website and drop it on the proper folder in /var/www

for now we have CACHE_ACCEL enabled, and that requires sessioncache to be set to CACHE_DB.

TODO: memcached

We just configure this to allow only ldap users and do the other stuff reasonably. We also want to edit the apache vhost stuff. See 000-default.conf

Python shit

So we gotta support that python shit since erry1 jacks off to that We'll install the python-flask and libapache2-mod-wsgi packages to allow for that