Some notes about installing and configuring the B-Translator server. These are mostly so that I can remember the steps later. But maybe they can help anybody else as well.
| Url | https://console.developers.google.com/project/btranslator2 |
| Tags | http-server, https-server |
| Machine type | g1-small (1 vCPU, 1.7 GB memory) |
| Zone | us-central1-a |
- Update and upgrade packages:
sudo su aptitude update aptitude upgrade - Install vim:
aptitude install vim vim /etc/vim/vimrc # uncomment 'syntax on' etc. - Bash prompt and colors:
vim /etc/bash.bashrc # set a fancy prompt (non-color, overwrite the one in /etc/profile) #PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ ' PS1='${debian_chroot:+($debian_chroot)}\[\033[01;31m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' vim ~/.bashrc # uncomment lines to have a colorized ls - Install docker:
### install docker curl -sSL https://get.docker.io/ | sh ### install the command docker-enter docker run -v /usr/local/bin:/target jpetazzo/nsenter - Install
gdrivefor uploading files to Google Drive:### download gdrive from: https://github.com/prasmussen/gdrive wget -O gdrive https://drive.google.com/uc?id=0B3X9GlR6EmbnTjk4MGNEbEFRRWs chmod +x gdrive mv gdrive /usr/local/sbin/ gdrive list - Install
git:aptitude install git
For making tests, it may be better sometimes to work inside a chroot.
aptitude install debootstrap schroot mkdir /var/chroot/ cd /var/chroot debootstrap --variant=minbase --arch=amd64 wheezy wheezy/ http://gce_debian_mirror.storage.googleapis.com/ cp /etc/apt/sources.list wheezy/etc/apt/ cp /etc/apt/sources.list.d/backports.list wheezy/etc/apt/sources.list.d/ cp /etc/resolv.conf wheezy/etc/resolv.conf mount -o bind /proc wheezy/proc chroot wheezy/ apt-get update apt-get upgrade apt-get -y install language-pack-en update-locale apt-get -y install vim aptitude git openssh-server echo wheezy > /etc/debian_chroot
ln -s /usr/share/debootstrap/scripts/{gutsy,trusty}
cd /var/chroot
debootstrap --variant=minbase --arch=amd64 trusty trusty/ http://archive.ubuntu.com/ubuntu
cat <<EOF > trusty/etc/apt/sources.list
deb http://archive.ubuntu.com/ubuntu trusty main restricted universe multiverse
deb http://archive.ubuntu.com/ubuntu trusty-updates main restricted universe multiverse
deb http://security.ubuntu.com/ubuntu trusty-security main restricted universe multiverse
EOF
cp /etc/resolv.conf trusty/etc/resolv.conf
mount -o bind /proc trusty/proc
chroot trusty/
apt-get update
apt-get -y install ubuntu-minimal
apt-get upgrade
apt-get -y install language-pack-en
update-locale
apt-get -y install vim aptitude git openssh-server docker.io
echo trusty > /etc/debian_chroot
File chroot.sh:
#!/bin/bash
if [ $# -ne 2 ]
then
echo " * Usage: $0 {start|stop} target"
exit 0
fi
CHROOT=/var/chroot/$2
case "$1" in
start)
# mount /proc etc. to the CHROOT
for dir in proc dev sys dev/pts
do
mount -o bind /$dir $CHROOT/$dir
done
chroot $CHROOT/ mount -a
;;
stop)
# kill any processes that are running on CHROOT
chroot_pids=$(for p in /proc/*/root; do ls -l $p; done | grep $CHROOT | cut -d'/' -f3)
test -z "$chroot_pids" || (kill -9 $chroot_pids; sleep 2)
# umount /proc etc. from the CHROOT
chroot $CHROOT/ umount -a
for dir in dev/pts sys dev proc
do
umount $CHROOT/$dir
done
;;
*)
echo " * Usage: $0 {start|stop} target"
esac
I manage my domains with a hidden, master, authoritative-only name-server.
- Get the code from github:
cd /data/ git clone https://github.com/dashohoxha/bind9= - Change any configurations on
config/var/cache/bind/,config/etc/bind/andufw.sh. - Build the docker image with
build.sh. - Create a container with
run.sh. - In case that configuration needs to be changed, update it and do
again:
./rm.sh ; ./build.sh ; ./run.sh. - Backup the configuration of the name server on google drive:
tar cfz bind9.tgz bind9/ gdrive upload -f bind9.tgz
I want to host several domains/subdomains in the same server, in different containers. Usually this is a problem because only one of the containers can use the ports 80/443 of the host. The container wsproxy solves this problem by forwarding HTTPS requests to the other containers, according to the domain, behaving like a kind of HTTP gateway or hub.
- Get the code from github:
cd /data/ git clone https://github.com/dashohoxha/wsproxy= - Create the container:
wsproxy/build.sh wsproxy/run.sh - Customize the configuration of sites. Create a site for the
subdomains
devandtestof each domain.cd wsproxy/ cd config/etc/apache2/sites-available/ vim btr.conf vim btr-ssl.conf vim bcl.conf vim bcl-ssl.conf cp btr.conf btr_dev.conf cp btr-ssl.conf btr_dev-ssl.conf vim btr_dev.conf vim btr_dev-ssl.conf cp btr.conf btr_test.conf cp btr-ssl.conf btr_test-ssl.conf vim btr_test.conf vim btr_test-ssl.conf cp bcl.conf bcl_dev.conf cp bcl-ssl.conf bcl_dev-ssl.conf vim bcl_dev.conf vim bcl_dev-ssl.conf cp bcl.conf bcl_test.conf cp bcl-ssl.conf bcl_test-ssl.conf vim bcl_test.conf vim bcl_test-ssl.conf cp bcl.conf sq.conf cp bcl-ssl.conf sq-ssl.conf vim sq.conf vim sq-ssl.conf cp sq.conf sq_dev.conf cp sq-ssl.conf sq_dev-ssl.conf vim sq_dev.conf vim sq_dev-ssl.conf cp sq.conf sq_test.conf cp sq-ssl.conf sq_test-ssl.conf vim sq_test.conf vim sq_test-ssl.conf - Enable each site:
cd ../sites-enabled/ for site in btr btr_dev btr_test bcl bcl_dev bcl_test sq sq_dev sq_test do ln -s ../sites-available/$site.conf . ln -s ../sites-available/$site-ssl.conf . done - Modify hosts and restart:
cd /data/ vim wsproxy/hosts.txt wsproxy/restart.sh - Backup the configuration of wsproxy on google drive:
cd /data/ tar cfz wsproxy.tgz wsproxy/ gdrive upload -f wsproxy.tgz
We need a container for btr_server and one or more containers for btr_client (one for each language).
- Get the docker images of btr_server and btr_client:
docker pull btranslator/btr_client:v2.2 docker pull btranslator/btr_server:v2.2 - Create the containers:
docker run -d --name=btr --hostname=btranslator.org \ -v /data:/data btranslator/btr_server:v2.2 docker run -d --name=sq --hostname=sq.btranslator.org \ btranslator/btr_client:v2.2 - Customize the configuration of btr:
docker-enter btr cd /usr/local/src/btr_server/ vim install/setting.sh install/{config.sh,settings.sh} - Customize the configuration of sq:
docker-enter sq cd /usr/local/src/btr_client/ vim install/setting.sh install/{config.sh,settings.sh} - Customize the configuration of wsproxy and restart it.
- Make sure that containers start automatically on reboot. Add this
line at
/etc/rc.local:docker start bind9 wsproxy btr sq wsproxy
I have installed SSL certificates for the domains btranslator.org
and l10n.org.al both on wsproxy and on btr containers. They
are placed on the directories etc/ssl/certs/ and
etc/ssl/private/, like this:
cp btranslator_org.crt wsproxy/config/etc/ssl/certs/ cp btranslator_org.ca-bundle wsproxy/config/etc/ssl/certs/ cp btranslator_org.key wsproxy/config/etc/ssl/private/ cp l10n_org_al.crt wsproxy/config/etc/ssl/certs/ cp l10n_org_al.ca-bundle wsproxy/config/etc/ssl/certs/ cp l10n_org_al.key wsproxy/config/etc/ssl/private/
The private keys should not be readable for everyone:
chmod 600 wsproxy/config/etc/ssl/private/btranslator_org.key chmod 600 wsproxy/config/etc/ssl/private/l10n_org_al.key
Apache directives on the config file
wsproxy/config/etc/apache2/sites-available/btr-ssl.conf:
SSLCertificateFile /etc/ssl/certs/btranslator_org.crt SSLCertificateKeyFile /etc/ssl/private/btranslator_org.key SSLCertificateChainFile /etc/ssl/certs/btranslator_org.ca-bundle
Apache directives on the config file
wsproxy/config/etc/apache2/sites-available/bcl-ssl.conf:
SSLCertificateFile /etc/ssl/certs/l10n_org_al.crt SSLCertificateKeyFile /etc/ssl/private/l10n_org_al.key SSLCertificateChainFile /etc/ssl/certs/l10n_org_al.ca-bundle
Then restart container wsproxy: docker restart wsproxy.
drush @btr sql-dump --database=btr_db --result-file=$(pwd)/data.sql --gzip gdrive upload -f data.sql.gz gdrive download --pop gunzip data.sql.gz drush @btr sql-query --database=btr_db --file=$(pwd)/data.sql
cd /var/www/data/db/ ./users-export-btr.sh ./users-export-bcl.sh cd /var/www/data/db/ ./users-import.sh @btr $(pwd)/users-btr-20141002.sql.gz ./users-import.sh @bcl $(pwd)/users-bcl-20141002.sql.gz
- Format the disk with XFS:
apt-get install xfs xfsprogs mkfs.xfs /dev/sdb - Stop docker and backup its data:
/etc/init.d/docker stop mv /var/lib/docker /docker-backup - Add a line like this to
/etc/fstabfor mounting it automatically on reboot:UUID=be840c0d-91f8-41fa-bb40-82e1c4e2e985 /var/lib/docker xfs defaults 1 1The UUID of the disk can be found with:
blkid /dev/sdb. - Copy the backup-ed data to
/var/lib/docker/:mkdir /var/lib/docker mount -a cp -a /docker-backup/* /var/lib/docker/ - Start the docker service and check that everything is ok:
/etc/init.d/docker start docker images docker ps -a - Cleanup the backup data:
rm -rf /docker-backup/
Referencies:
Update the function btr_get_sites() on
modules/custom/btrCore/includes/sites.inc:
cd /var/www/btr/profiles/btr_server/ vim modules/custom/btrCore/includes/sites.inc
aptitude install fortunes ls /usr/share/games/fortunes/ vim /var/www/btr/profiles/btr_server/utils/fortune.sh