Debian Sarge (3.1) with Ruby on Rails and Apache 2 with FastCGI - Page 2

Install Quota

apt-get install quota quotatool

- To the prompt: Send Daily reminders to users over quota answer No

Edit /etc/fstab to look like this (I added ,usrquota,grpquota to the partition with the mount point / -- This assumes that everything needing quota support is under /):

joe /etc/fstab

# /etc/fstab: static file system information.
#
# <file system> <mount point> <type> <options> <dump> <pass>
proc /proc proc defaults 0 0
/dev/sda1 / ext3 defaults,errors=remount-ro,usrquota,grpquota 0 1
/dev/sda5 none swap sw 0 0
/dev/hdc /media/cdrom0 iso9660 ro,user,noauto 0 0
/dev/fd0 /media/floppy0 auto rw,user,noauto 0 0

Then run:

touch /quota.user /quota.group
chmod 600 /quota.*
mount -o remount /
quotacheck -avugm


Install DNS-Server

apt-get install bind9

For security reasons we want to run BIND chrooted so we have to do the following steps:

/etc/init.d/bind9 stop

Edit the file /etc/default/bind9 so that the daemon will run as the unprivileged user 'bind', chrooted to /var/lib/named. Modify the line: OPTS="-u bind" so that it reads OPTS="-u bind -t /var/lib/named":

joe /etc/default/bind9

OPTS="-u bind -t /var/lib/named"

Create the necessary directories under /var/lib:

mkdir -p /var/lib/named/etc
mkdir /var/lib/named/dev
mkdir -p /var/lib/named/var/cache/bind
mkdir -p /var/lib/named/var/run/bind/run

Then move the config directory from /etc to /var/lib/named/etc:

mv /etc/bind /var/lib/named/etc

Create a symlink to the new config directory from the old location (to avoid problems when bind is upgraded in the future):

ln -s /var/lib/named/etc/bind /etc/bind

Make null and random devices, and fix permissions of the directories:

mknod /var/lib/named/dev/null c 1 3
mknod /var/lib/named/dev/random c 1 8
chmod 666 /var/lib/named/dev/null /var/lib/named/dev/random
chown -R bind:bind /var/lib/named/var/*
chown -R bind:bind /var/lib/named/etc/bind

We need to modify the startup script /etc/init.d/sysklogd of sysklogd so that we can still get important messages logged to the system logs. Modify the line: SYSLOGD="" so that it reads: SYSLOGD="-a /var/lib/named/dev/log"

joe /etc/init.d/sysklogd

#! /bin/sh
# /etc/init.d/sysklogd: start the system log daemon.

PATH=/bin:/usr/bin:/sbin:/usr/sbin

pidfile=/var/run/syslogd.pid
binpath=/sbin/syslogd

test -x $binpath || exit 0

# Options for start/restart the daemons
# For remote UDP logging use SYSLOGD="-r"
#
SYSLOGD="-a /var/lib/named/dev/log"

create_xconsole()
{
if [ ! -e /dev/xconsole ]; then
mknod -m 640 /dev/xconsole p
else
chmod 0640 /dev/xconsole
fi
chown root:adm /dev/xconsole
}

running()
{
# No pidfile, probably no daemon present
#
if [ ! -f $pidfile ]
then
return 1
fi

pid=`cat $pidfile`

# No pid, probably no daemon present
#
if [ -z "$pid" ]
then
return 1
fi

if [ ! -d /proc/$pid ]
then
return 1
fi

cmd=`cat /proc/$pid/cmdline | tr "\000" "\n"|head -n 1`

# No syslogd?
#
if [ "$cmd" != "$binpath" ]
then
return 1
fi

return 0
}

case "$1" in
start)
echo -n "Starting system log daemon: syslogd"
create_xconsole
start-stop-daemon --start --quiet --exec $binpath -- $SYSLOGD
echo "."
;;
stop)
echo -n "Stopping system log daemon: syslogd"
start-stop-daemon --stop --quiet --exec $binpath --pidfile $pidfile
echo "."
;;
reload|force-reload)
echo -n "Reloading system log daemon: syslogd"
start-stop-daemon --stop --quiet --signal 1 --exec $binpath --pidfile $pidfile
echo "."
;;
restart)
echo -n "Restarting system log daemon: syslogd"
start-stop-daemon --stop --quiet --exec $binpath --pidfile $pidfile
sleep 1
start-stop-daemon --start --quiet --exec $binpath -- $SYSLOGD
echo "."
;;
reload-or-restart)
if running
then
echo -n "Reloading system log daemon: syslogd"
start-stop-daemon --stop --quiet --signal 1 --exec $binpath --pidfile $pidfile
else
echo -n "Restarting system log daemon: syslogd"
start-stop-daemon --start --quiet --exec $binpath -- $SYSLOGD
fi
echo "."
;;
*)
echo "Usage: /etc/init.d/sysklogd {start|stop|reload|restart|force-reload|reload-or-restart}"
exit 1
esac

exit 0

Restart the logging daemon:

/etc/init.d/sysklogd restart

Start up BIND, and check /var/log/syslog for any errors:

/etc/init.d/bind9 start
less /var/log/syslog

Share this page:

6 Comment(s)

Add comment

Comments

From: Ka1N at: 2006-10-27 06:40:55

/bin/hostname -f /etc/hostname

 should be

/bin/hostname -F /etc/hostname

... with a capital F

From: Anonymous at: 2006-05-15 18:27:52

I find that many rails problems revolve around permissions and setting fcgi/cgi

Permissions:

chmod -R 755 public
chmod -R 755 log

# triple check your .htaccess file that .fcgi is selected
# replace this line
RewriteRule ^(.*)$ dispatch.cgi [QSA,L]
# with
RewriteRule ^(.*)$ dispatch.fcgi [QSA,L]
# make sure you've used the ispconfig control panel to make a database for this site
# fill out the database name, username, and password in your database.yml
# ~/config/database.yml
#example configuration

development:
adapter: mysql
database: web1_db1
username: web1_u1
password: <yourpassword>
socket:

# make sure you set the path to ruby in files ~/public/dispatch.fcgi and dispatch.cgi
# use the command which ruby to identify the correct path
root@ubuntu:/# which ruby
/usr/local/bin/ruby
#if this is your path then the first line of your dispatch files would look like this

#!/usr/local/bin/ruby/

From: Anonymous at: 2006-05-30 21:51:59

Tim, just working through your how-to and found that I get an error on the following command:

root@vps:/etc/postfix/ssl# mv -f smtpd.key.unencrypted smtpd.key openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
mv: invalid option -- n
Try `mv --help' for more information.

From: tomw at: 2006-06-08 15:24:25

Thats because there was an error in the formatting. It should have been two lines thus:

mv -f smtpd.key.unencrypted smtpd.key

openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650


Fixed it sorry.

From: Anonymous at: 2006-06-27 03:36:04


From: at: 2007-04-07 03:04:26

ISPConfig's default directory is now /var/www, No need to use expert mode or change it.