Home server - AMD, Debian x64, Bind9, Apache 2, PHP5, MySQL5, Trac, Subversion and a lot of fun
Shilo in a famous place still does not give me rest.
And I decided to experiment with installing the server at home.
So, given:
1. Home Internet with external ip on the router, back / forth channel - 8 Mbps, provider - QWERTY *
2. The budget is not more than 10 thousand rubles - the less, the better. **
3. The burning desire of experiments and something like that ***
')
* Unfortunately, my house does not connect Corbin, which has wider channels. It is necessary to be content with what is
** It turned out by more or less real calculation of the cost of components on an average computer
*** For those who hmyknet and say - "Eka nevidal, I do this regularly" - I do not so often tune something, write more under the already tuned, and for me it is pure entertainment - do something with your own hands =)
Well, all the procedures here, under the cut.
Just want to say that it works for me - the way it is. Additionally, I didn’t dance with a tambourine - but here I’m drawing from my googling and manual smoking.
Probably, something can be customized more flexibly or efficiently, and I will be extremely happy with tips or solutions =)
I thought I should buy:
1. Motherboard
2. Processor
3. Hard disk
4. Memory
5. Housing
6. CPU cooler
I chose the Oldi store, assembled online components for an amount of just about 10 thousand - putting it on Intel. I turned over all night, I thought, and the next morning I re-assembled the order, resting on AMD. The difference in money turned out to be about two thousand, and the AMD configuration is more susceptible to future upgrades. For example, on Socket 775 in Oldi there were no motherboards up to 2k, allowing to finish the RAM up to 16 gigabytes. In general, I decided to try it - because I have not dealt with AMD for a long time.
Prots - AMD x64 2.4 GHz, the hard disk took one, SATAII 320 gigabytes (as an option - I will buy another expansion to raid 1), memory - Kingston 800 MHz, two strips of 2 gigabytes (put in Dual), the cheapest case and cooler Igloo is not very expensive, but it is quite cooling (for several days the temperature did not exceed 60 degrees, judging by the sensors).
Solemnly, with all this, I came home, assembled, connected to a monitor, connected a keyboard, a wire from a router, an external USB drive, and after half an hour I already looked at the newly released Debian.
Configured port forwarding on the router:
After that, he executed three commands:
and lay down on the sofa with the laptop, continuing the dialogue with the server already through Putty.
The goals were prosaic:
1. Bind9
2. Apache2
3. PHP5
4. MySQL 5
5. SVN
6. Trac
All this was supposed to be done on one recently purchased domain (suppose, habr.ru), which has not been implemented anywhere yet.
Considering that I only heard about setting up Bind9, I immediately got into manuals and examples.
As a result, the configuration was made according to this instruction , changing only the configuration of a specific zone for the domain.
In addition, I wanted to immediately connect Google Applications for the domain, in order not to have to deal with the configuration of sendmail - they are easily observed in the settings below.
It turned out the following:
1. Created the / etc / bind / sites folder
2. In the /etc/bind/named.conf settings, at the very end:
3. In /etc/bind/named.conf.skazkin:
4. In /etc/bind/sites/habr.ru:
What is enough understanding of the manual.
It was not clear that when I tried to register everything without the @ -sign, the bandage ceased to understand what they wanted from him - another breakthrough by Google, I suspect that this was due to incorrect indents (* hic *)?
In general, here I somehow got out of here - the fact remains that the domain has been moved. But more about that later.
In addition to the primary zone, I also needed to create a Slave. I went to the VDS I bought a long time ago with a strangely installed debian, I registered there:
1. /etc/bind/named.conf
2. Accordingly, in /var/cache/bind/habr.ru everything is the same as on the home server:
After that, both at home and on VDS did
From lukapa should get a successful resolv:
After that, with the following changes on the home server, I only did
On the VDS for some reason this was not, I had to restart the demon. Well, really, there is Bind8.
After 6 hours, at 23 o'clock, having received a successful delegation and having had time to have dinner, drink tea and watch TV, went to tune everything attached.
To install Apache in Debian is easier than easy.
In the end, I caught up with the heat - with the heat running Apache2, MySQL 5, PHP5 with the right modules.
Considering the fact that MySQL is set with a blank password by default -
Well, configure virtual hosts.
I decide to keep everything in / home / sites /
I'm going to / etc / apache2 / sites-availible
I create there
And in habr.ru:
Then - restart apache
There remained what I already wrote about earlier , but about VDS and setting it up for the first time - namely -
As usual -
Truck pulled up his dependencies, and I proceeded.
I chose the /home/sites/habr.ru folder for the site’s storage, so I decided to spin around this:
Started with SVN, focusing on this manual.
Having omitted the lines about authorization and generation of authorization keys, I immediately got into Apache
Again I go to / etc / apache2 / sites-availible
In svn.habr.ru:
Again I restart Apache:
And - according to svn.habr.ru - I have a repository.
I drank tea, proceeded to Trac.
Trak decided to put in / home / sites / trac
First create the base and user:
SVN indicates the one that has already been done: / home / sites / svn
And when the trac asked about the DB storage, he replied:
I corrected my hands /home/sites/trac/conf/trac.ini - all sorts of small parameters, and in the [trac] section I indicated:
Then I got into the Apache config - create a host.
In trac.habr.ru itself:
After that - restart apache
And in the end, we have non -password- protected (carefully with this, I later logged in globally - and who will set up - do not forget about security) of the SVN and Trac at the appropriate addresses:
svn.habr.ru
trac.habr.ru
As a result, I have a working (in the near future on mezzanine) server on which I have raised Trac, SVN, Apache2, MySQL, PHP, Bind9 and several websites are spinning.
And also I had a lot of fun and brought benefits not only to myself, but also to my family - by outweighing the home mail on one of my domains on google.apps.
In addition, I got rid of the need to pay for a slow VDS (I will soon transfer the secondary-zone to a friend), now I know what happens when my sites are unavailable (and not “we have technical problems”), and I can also do so many domains, subdomains and Other things you want, and not how much it costs in the limits of the host account.
And also, now the torrent shakes without "technical" pauses (when I'm at work with a laptop).
The only minus of all this is a narrow return channel. But this QWERTY, in which I’m watching, has traffic-limiting “wide” channels - so maybe in the near future I will be able to unfasten them another 300 rubles per 100 Mbps (if the reverse traffic is not charged), and I will experiment with the second network card (so that the torrent from the server poured without limits on another wire)
Here, somehow.) A lot of fun for me and a good mood for a week =)
Additionally, a question for TV viewers: which blog is better to move for the general public - “I am smart”, or “Linux for all”, or “System administration”? =) Considering not very deep instructions for use?)
UPDATE: That's just that the little gray has turned gray - the server has stopped responding. I forgot to configure the most important thing - static ip!
I called my wife, gave instructions about new redirects, and - voila -
One problem less =)
Today I will come home and plug in Wi-Fi there - and update this post taking into account Wi-Fi-settings =)
UPDATE2:
I did not check the performance of ProFTPD from the outside!
You need to open /etc/proftpd/proftpd.conf and go there:
And make the appropriate port forwarding on the router! (for passive ports.). I have 10 of them - because not many connections are expected.
And I decided to experiment with installing the server at home.
So, given:
1. Home Internet with external ip on the router, back / forth channel - 8 Mbps, provider - QWERTY *
2. The budget is not more than 10 thousand rubles - the less, the better. **
3. The burning desire of experiments and something like that ***
')
* Unfortunately, my house does not connect Corbin, which has wider channels. It is necessary to be content with what is
** It turned out by more or less real calculation of the cost of components on an average computer
*** For those who hmyknet and say - "Eka nevidal, I do this regularly" - I do not so often tune something, write more under the already tuned, and for me it is pure entertainment - do something with your own hands =)
Well, all the procedures here, under the cut.
Just want to say that it works for me - the way it is. Additionally, I didn’t dance with a tambourine - but here I’m drawing from my googling and manual smoking.
Probably, something can be customized more flexibly or efficiently, and I will be extremely happy with tips or solutions =)
I thought I should buy:
1. Motherboard
2. Processor
3. Hard disk
4. Memory
5. Housing
6. CPU cooler
I chose the Oldi store, assembled online components for an amount of just about 10 thousand - putting it on Intel. I turned over all night, I thought, and the next morning I re-assembled the order, resting on AMD. The difference in money turned out to be about two thousand, and the AMD configuration is more susceptible to future upgrades. For example, on Socket 775 in Oldi there were no motherboards up to 2k, allowing to finish the RAM up to 16 gigabytes. In general, I decided to try it - because I have not dealt with AMD for a long time.
Prots - AMD x64 2.4 GHz, the hard disk took one, SATAII 320 gigabytes (as an option - I will buy another expansion to raid 1), memory - Kingston 800 MHz, two strips of 2 gigabytes (put in Dual), the cheapest case and cooler Igloo is not very expensive, but it is quite cooling (for several days the temperature did not exceed 60 degrees, judging by the sensors).
Solemnly, with all this, I came home, assembled, connected to a monitor, connected a keyboard, a wire from a router, an external USB drive, and after half an hour I already looked at the newly released Debian.
Configured port forwarding on the router:
53 => Bind9
80 => Apache
21 => FTP
22 => SSH
After that, he executed three commands:
apt-get update
apt-get upgrade
apt-get install ssh
and lay down on the sofa with the laptop, continuing the dialogue with the server already through Putty.
The goals were prosaic:
1. Bind9
2. Apache2
3. PHP5
4. MySQL 5
5. SVN
6. Trac
All this was supposed to be done on one recently purchased domain (suppose, habr.ru), which has not been implemented anywhere yet.
Bind9. Set up the kettle.
Considering that I only heard about setting up Bind9, I immediately got into manuals and examples.
As a result, the configuration was made according to this instruction , changing only the configuration of a specific zone for the domain.
In addition, I wanted to immediately connect Google Applications for the domain, in order not to have to deal with the configuration of sendmail - they are easily observed in the settings below.
It turned out the following:
1. Created the / etc / bind / sites folder
2. In the /etc/bind/named.conf settings, at the very end:
include "/etc/bind/named.conf.skazkin";
3. In /etc/bind/named.conf.skazkin:
zone "habr.ru" {
type master;
file "/etc/bind/sites/habr.ru";
};
4. In /etc/bind/sites/habr.ru:
$ORIGIN habr.ru.
$TTL 86400 ; 1 day
@ IN SOA habr.ru. master.habr.com. (
2008291104; serial
10800 ; refresh (3 hours)
3600 ; retry (15 minutes)
3600000 ; expire (1 week)
86400 ; minimum (1 day)
)
@ IN NS ns.habr.ru.
@ IN NS ns.vds.ru.
@ IN A 111.222.333.444
@ IN MX 10 ASPMX.L.GOOGLE.COM.
@ IN MX 20 ALT1.ASPMX.L.GOOGLE.COM.
@ IN MX 20 ALT2.ASPMX.L.GOOGLE.COM.
@ IN MX 30 ASPMX2.GOOGLEMAIL.COM.
@ IN MX 30 ASPMX3.GOOGLEMAIL.COM.
@ IN MX 30 ASPMX4.GOOGLEMAIL.COM.
@ IN MX 30 ASPMX5.GOOGLEMAIL.COM.
ns IN A 111.222.333.444
svn IN CNAME habr.ru.
trac IN CNAME habr.ru.
www IN CNAME habr.ru.
What is enough understanding of the manual.
It was not clear that when I tried to register everything without the @ -sign, the bandage ceased to understand what they wanted from him - another breakthrough by Google, I suspect that this was due to incorrect indents (* hic *)?
In general, here I somehow got out of here - the fact remains that the domain has been moved. But more about that later.
In addition to the primary zone, I also needed to create a Slave. I went to the VDS I bought a long time ago with a strangely installed debian, I registered there:
1. /etc/bind/named.conf
zone "habr.ru" {
type slave;
file "/var/cache/bind/habr.ru";
masters {
111.222.333.444;
};
};
2. Accordingly, in /var/cache/bind/habr.ru everything is the same as on the home server:
$ORIGIN habr.ru.
$TTL 86400 ; 1 day
@ IN SOA habr.ru. master.habr.com. (
2008291104; serial
10800 ; refresh (3 hours)
3600 ; retry (15 minutes)
3600000 ; expire (1 week)
86400 ; minimum (1 day)
)
@ IN NS ns.habr.ru.
@ IN NS ns.vds.ru.
@ IN A 111.222.333.444
@ IN MX 10 ASPMX.L.GOOGLE.COM.
@ IN MX 20 ALT1.ASPMX.L.GOOGLE.COM.
@ IN MX 20 ALT2.ASPMX.L.GOOGLE.COM.
@ IN MX 30 ASPMX2.GOOGLEMAIL.COM.
@ IN MX 30 ASPMX3.GOOGLEMAIL.COM.
@ IN MX 30 ASPMX4.GOOGLEMAIL.COM.
@ IN MX 30 ASPMX5.GOOGLEMAIL.COM.
ns IN A 111.222.333.444
svn IN CNAME habr.ru.
trac IN CNAME habr.ru.
www IN CNAME habr.ru.
After that, both at home and on VDS did
/etc/init.d/bind9 restart # -
nslookup habr.ru 127.0.0.1
From lukapa should get a successful resolv:
bash:/etc/bind# nslookup habr.ru 127.0.0.1
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: habr.ru
Address: 111.222.333.444
After that, with the following changes on the home server, I only did
rnds reload
On the VDS for some reason this was not, I had to restart the demon. Well, really, there is Bind8.
After 6 hours, at 23 o'clock, having received a successful delegation and having had time to have dinner, drink tea and watch TV, went to tune everything attached.
Apache2, PHP, MySQL
To install Apache in Debian is easier than easy.
apt-get install apache2
apt-get install mysql-client mysql-server
apt-get install php5 php5-mysql php5-xmlrpc php5-cli php5-gd php5-curl php5-xsl
In the end, I caught up with the heat - with the heat running Apache2, MySQL 5, PHP5 with the right modules.
Considering the fact that MySQL is set with a blank password by default -
mysqladmin -uroot password
Well, configure virtual hosts.
I decide to keep everything in / home / sites /
mkdir /home/sites
mkdir /home/sites/habr.ru
I'm going to / etc / apache2 / sites-availible
I create there
touch habr.ru
ln -s /etc/apache2/sites-availible/habr.ru /etc/apache2/sites-enabled/habr.ru
And in habr.ru:
<VirtualHost *>
ServerAdmin master@habr.ru
DocumentRoot "/home/sites/habr.ru"
ServerName habr.ru
ServerAlias www.habr.ru
ErrorLog "/var/log/apache2/habr.ru.error.log"
CustomLog "/var/log/apache2/habr.ru.access.log" common
</VirtualHost>
Then - restart apache
/etc/init.d/apache2 restart
There remained what I already wrote about earlier , but about VDS and setting it up for the first time - namely -
SVN + TRAC
As usual -
apt-get install subversion
apt-get install libapache2-svn
apt-get install trac
Truck pulled up his dependencies, and I proceeded.
I chose the /home/sites/habr.ru folder for the site’s storage, so I decided to spin around this:
Started with SVN, focusing on this manual.
mkdir /home/sites/svn
svnadmin create --fs-type fsfs /home/sites/svn
groupadd subversion
adduser svn_user --ingroup subversion
Having omitted the lines about authorization and generation of authorization keys, I immediately got into Apache
Again I go to / etc / apache2 / sites-availible
cd /etc/apache2/sites-availible
touch svn.habr.ru
ln -s /etc/apache2/sites-availible/svn.habr.ru /etc/apache2/sites-enabled/svn.habr.ru
In svn.habr.ru:
<VirtualHost *>
ServerAdmin master@habr.ru
DocumentRoot "/home/sites/svn"
ServerName svn.habr.ru
ErrorLog "/var/log/apache2/svn.habr.ru.error.log"
CustomLog "/var/log/apache2/svn.habr.ru.access.log" common
<Location />
DAV svn
SVNPath /home/sites/svn
</Location>
</VirtualHost>
Again I restart Apache:
/etc/init.d/apache2 restart
And - according to svn.habr.ru - I have a repository.
I drank tea, proceeded to Trac.
Trak decided to put in / home / sites / trac
First create the base and user:
mysqladmin -uroot -p create trac
: GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON trac.* TO 'trac'@'localhost' IDENTIFIED BY 'tracmegapassword';
mkdir /home/sites/trac
trac-admin initenv /home/sites/trac
SVN indicates the one that has already been done: / home / sites / svn
And when the trac asked about the DB storage, he replied:
mysql://trac:tracmegapassword@localhost:3306/trac
I corrected my hands /home/sites/trac/conf/trac.ini - all sorts of small parameters, and in the [trac] section I indicated:
[trac]
...
htdocs_location = /tracdocs/
Then I got into the Apache config - create a host.
cd /etc/apache2/sites-availible/
touch trac.habr.ru
ln -s /etc/apache2/sites-availible/trac.habr.ru /etc/apache2/sites-enabled/trac.habr.ru
In trac.habr.ru itself:
<VirtualHost *>
ServerAdmin master@habr.ru
DocumentRoot "/home/sites/trac/htdocs"
ServerName trac.habr.ru
ErrorLog "/var/log/apache2/trac.habr.ru.error.log"
CustomLog "/var/log/apache2/trac.habr.ru.access.log" common
<Location />
SetHandler mod_python
PythonInterpreter main_interpreter
PythonHandler trac.web.modpython_frontend
PythonOption TracEnv /home/sites/trac
PythonOption TracUriRoot /
</Location>
Alias /tracdocs /usr/share/trac/htdocs
<Location /tracdocs>
SetHandler None
</Location>
</VirtualHost>
After that - restart apache
/etc/init.d/apache2 restart
And in the end, we have non -password- protected (carefully with this, I later logged in globally - and who will set up - do not forget about security) of the SVN and Trac at the appropriate addresses:
svn.habr.ru
trac.habr.ru
As a result, I have a working (in the near future on mezzanine) server on which I have raised Trac, SVN, Apache2, MySQL, PHP, Bind9 and several websites are spinning.
And also I had a lot of fun and brought benefits not only to myself, but also to my family - by outweighing the home mail on one of my domains on google.apps.
In addition, I got rid of the need to pay for a slow VDS (I will soon transfer the secondary-zone to a friend), now I know what happens when my sites are unavailable (and not “we have technical problems”), and I can also do so many domains, subdomains and Other things you want, and not how much it costs in the limits of the host account.
And also, now the torrent shakes without "technical" pauses (when I'm at work with a laptop).
The only minus of all this is a narrow return channel. But this QWERTY, in which I’m watching, has traffic-limiting “wide” channels - so maybe in the near future I will be able to unfasten them another 300 rubles per 100 Mbps (if the reverse traffic is not charged), and I will experiment with the second network card (so that the torrent from the server poured without limits on another wire)
Here, somehow.) A lot of fun for me and a good mood for a week =)
Additionally, a question for TV viewers: which blog is better to move for the general public - “I am smart”, or “Linux for all”, or “System administration”? =) Considering not very deep instructions for use?)
UPDATE: That's just that the little gray has turned gray - the server has stopped responding. I forgot to configure the most important thing - static ip!
I called my wife, gave instructions about new redirects, and - voila -
mcedit /etc/network/interfaces
# , eth1 :
auto eth1
iface eth1 inet static
address 192.168.1.5
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.0.255
gateway 192.168.1.1
#, ...
/etc/init.d/networking restart
One problem less =)
Today I will come home and plug in Wi-Fi there - and update this post taking into account Wi-Fi-settings =)
UPDATE2:
I did not check the performance of ProFTPD from the outside!
You need to open /etc/proftpd/proftpd.conf and go there:
DefaultAddress 111.222.333.444
Port 21
PassivePorts 60000 60010
MasqueradeAddress 111.222.333.444
And make the appropriate port forwarding on the router! (for passive ports.). I have 10 of them - because not many connections are expected.
Source: https://habr.com/ru/post/45921/
All Articles