Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100644 235 lines (139 sloc) 5.448 kb
174896c debian installation
daniele authored
1 ##############################################
2 Setting up an Arkestra web server from scratch
3 ##############################################
4
5 ************************
6 Basic Debian Linux setup
7 ************************
8
9
10 Obtain Debian Linux
11 ===================
12
13 Get a Debian network installer from http://www.debian.org (I used debian-6.0.5-amd64-netinst.iso).
14
15 Copy it onto a USB flash drive:
16
17 diskutil unmountDisk /dev/disk1 # unmount the volume
18 cat Desktop/debian-6.0.5-amd64-netinst.iso | dd of=/dev/disk1 # copy the disk image
19
20 Boot up the machine from the flash drive, and let Debian use its suggested defaults.
21
22 When it comes to ask what software to install, tell it to install only the basic system utilities.
23
24
25 Configure the system
26 ====================
27
28 You'll need to login as root.
29
30 apt-get install openssh-server
31
32 Now you can login as from another machine instead of from the console. So do that now.
33
34 As root:
35
36 apt-get install sudo # now you can use sudo
37 adduser daniele sudo # add your user account to the sudoers file
38
39 Login as daniele:
40
41 sudo locale-gen en_GB.UTF-8 # set up locales
42 sudo /usr/sbin/update-locale LANG=en_GB.UTF-8
43
44
45 sudo apt-get update # shouldn't really be necessary, as this is a new install
46 sudo aptitude safe-upgrade
47
48 # installing handy things for compiling and building
49 sudo aptitude install build-essential linux-headers-`uname -r`
50
51 Make your life easier: having /sbin on the path provides access to commands otherwise reserved for root, and makes it possible to run stop-start-daemon in the fcgi script below.
52
53 pico ~/.profile # edit the user's profile
54
55 # add:
56 PATH=$PATH:/new/path/one:/new/path/two
57 export PATH
58
59
60 ***************************
61 Install the server software
62 ***************************
63
64
65 OpenSSH
66 =======
67
68 ssh-keygen # generate server keys
69
70 Paste your own public key(s) into .ssh/authorized_keys.
71
72 chmod 600 .ssh/authorized_keys
73
74 sudo pico /etc/ssh/sshd_config # edit the sshd_config
75
76 The following 3 lines
77
78 * Port 22
79 * PermitRootLogin yes
80 * PasswordAuthentication yes
81
82 Become
83
84 * Port 8888
85 * PermitRootLogin no
86 * PasswordAuthentication no
87
88
89 The firewall
90 ============
91
92 sudo apt-get install ufw
93
94 sudo ufw allow 8000/tcp # web dev
95 sudo ufw allow 8001/tcp # web dev
96 sudo ufw allow 8002/tcp # web dev
97 sudo ufw allow 8003/tcp # web dev
98 sudo ufw allow 8004/tcp # web dev
99 sudo ufw allow 8005/tcp # web dev
100 sudo ufw allow 8082/tcp # munin
101 sudo ufw allow 8888/tcp # for ssh
102 sudo ufw allow 80/tcp # standard http
103 sudo ufw allow 22/tcp # ssh
104 sudo ufw enable
105
106 # restart sshd
107 # make sure you do this as root, using sudo
108 sudo /etc/init.d/ssh restart
109
110
111 MySQL server
112 ============
113
114 # install mysql server and python interface
115 sudo apt-get install mysql-server python-mysqldb
116
117 sudo pico /etc/mysql/my.cnf # edit system-wide MySQL conf
118
119 add/change in the [mysqld] section:
120
121 skip-character-set-client-handshake
122 collation_server = utf8_unicode_ci
123 character_set_server = utf8
124
125 # restart the server
126 sudo /etc/init.d/mysql restart
127
128 # test the server
129 mysql -u root -p
130 create database bongo; # create a database
131 show create database bongo; # see what's been created
132
133 You need to see that it's using the correct character set:
134
135 CREATE DATABASE `bongo` /*!40100 DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci *
136
137 # drop the database
138 drop database bongo;
139
140
141 Nginx
142 =====
143
144 The version of Nginx from Debian stable is rather old. We'll install from backports.
145
146 sudo pico /etc/apt/sources.list # edit the sources list
147
148 Add:
149
150 # backports
151 deb http://backports.debian.org/debian-backports squeeze-backports main
152
153 sudo apt-get -t squeeze-backports install nginx
154
155 sudo /etc/init.d/nginx start # start nginx
156
157 And now check that the server is serving by visiting it in a web browser.
158
159 **************
160 Other software
161 **************
162
163 Version control
164 ===============
165
166 sudo apt-get install git mercurial
167
168 Give the machine's public keys to GitHub and Bitbucket:
169
170 less ~/.ssh/id_rsa.pub # get the key
171
172 If you don't have access to GitHub/Bitbucket accounts, then you'll have to make do with anonymous access later on.
173
174
175 Python
176 ======
177
178 sudo apt-get install python-virtualenv python-dev # install virtualenv & development version of Python
179
180 sudo apt-get install python-ldap
181
182
183 Video
184 =====
185
186 We install Handbrake and ffmpeg2theora:
187
188 sudo pico /etc/apt/sources.list # edit the sources list (because handbrake isn't otherwise available)
189
190 Add:
191
192 #Handbrake
193 deb http://www.debian-multimedia.org squeeze main # use this multmedia repository
194
195 sudo apt-get update
196
197 sudo apt-get install handbrake-cli ffmpeg2theora
198
199
200
201 Miscellaneous libraries
202 =======================
203
204 sudo apt-get install libxml2-dev libxslt-dev libjpeg8-dev # install some libraries
205
206
207 Django & Arkestra
208 =================
209
210 cd
211 virtualenv arkestra_test
212 cd arkestra_test
213 source bin/activate
214
215 pip install -e git+git@github.com:evildmp/Arkestra.git@pip#egg=Arkestra # install Arkestra & dependencies
216
217 Install the right versions of Semantic Editor, Django Widgetry and Django Filer:
218
219 pip install -r src/arkestra/REQUIREMENTS.txt # install the things that pip can't do automatically
220
221
222 Test the example site
223 =====================
224
225 cd src/arkestra/example
226
227 python manage.py syncdb # answer "no"
228
229 python manage.py reset contenttypes # answer "yes"
230
231 python manage.py loaddata example_database.json
232 python manage.py runserver 0.0.0.0:8000
233
234 The admin username and password are both "arkestra"
Something went wrong with that request. Please try again.