#!/bin/sh # the command= trick gets screwed up with quotes so be careful echo "Hostname is currently `hostname`" # TODO setup hostname # TODO setup LibertyNet/connectivity echo "Becoming root user" command="sudo su" echo "Running: $command" read -p "Press any key to begin" $command echo "Make it so that the OS doesn't record the read time of every file (an optimization and SSD saver)" read -p "Press any key to begin" cat /etc/fstab | sed -e 's/relatime,errors=remount-ro/relatime,noatime,errors=remount-ro/' > /tmp/fstab mv /tmp/fstab /etc/fstab echo "Reduce swappiness factor so that the swap file is only needed in extreme situations" read -p "Press any key to begin" echo "# Set swappiness to zero to save SSD and maximize use of memory vm.swappiness=0" >> /etc/sysctl.conf echo " ## Install ## See also (http://codeplot.com/documents/3186/edit) #I Installed Ubuntu 8.04 Server #US Keyboard Layout #Zimbabwe region #If this machine was using an SSD drive configure the paritions so that it has no swap #I did a single partition marked as bootable and setup for the root on EXT3+Journaling #I marked the OpenSSH server as an additional option #I did not set it as a DNS server or Mail Server ## Naming # For baobab we name our computers after trees so I called this one Sapele # I added the default user as baobab ## Reboot and login ## Get the stuff you will need (you may want to combine these steps so you can leave the download running) " command="apt-get update" echo "Running: $command" read -p "Press any key to continue" $command command="apt-get install mysql-server nginx build-essential sudo git-core openssl lynx openssh-client vim libmysql irb ruby1.8-dev" echo "Running: $command" read -p "Press any key to continue" $command echo "Downloading and installing rubygems" read -p "Press any key to continue" wget http://rubyforge.org/frs/download.php/35283/rubygems-1.1.1.tgz tar xvzf rubygems-1.1.1.tgz cd rubygems-1.1.1 ruby setup.rb read -p "Press any key to continue" command="sudo gem install mongrel --no-rdoc --no-ri" echo "Running: $command" read -p "Press any key to continue" $command command="sudo gem install mongrel-cluster --no-rdoc --no-ri" echo "Running: $command" read -p "Press any key to continue" $command echo " ## At the end you will need to input the mysql root password # In general we create paswords with a hash of the machine name, a common nonce value and some special characters " ## Ubuntu 8.0.4.1 and beyond don't need to worry about this ## Update the ssh for Debian security vulnerability ## If you are running Ubuntu/Debian locally, you should do this on your machine *before* ## You ssh into the server! ## Check for vulnerable keys # If you are using 8.04 like me (I think that Intrepid will include this fix by default) # Then you will get a message saying that it is correcting the blacklisted keys # When completed, you should run ssh-vulnkey to make sure your root user is # Not blacklisted. You should see two keys listed and both should start with # Not blacklisted: # read -p "Press any key to continue" # ssh-vulnkey echo "## Creating deploy and www users on server" command="adduser --disabled-password deploy" echo "Running: $command" read -p "Press any key to continue" $command command="adduser --system --no-create-home --group --disabled-password www" echo "Running: $command" read -p "Press any key to continue" $command visudo_commands="deploy ALL=(ALL) NOPASSWD:ALL Defaults env_reset, insults" Defaults env_reset, insults" echo "Adding: ----- $visudo_commands ----- to /etc/sudoers" read -p "Press any key to continue" echo "$visudo_commands" >> /etc/sudoers echo " Enter file in which to save the key (/home/YOURLOCALUSER/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: ## On your local scp your public key up (note that I use the baobab user I created when installing Ubuntu on the server) ## Make sure you copy the id_rsa.pub and not the id_rsa, the id_rsa file is your private key and you want to keep it safe! ## If you don't know your server's ip address, type ifconfig on the server scp ~/.ssh/id_rsa.pub baobab@YOURSERVERIP:/tmp password: Generating keys for the deploy user now... Press enter twice when asked for a passphrase (we want an empty passphrase) " read -p "Press any key to continue" echo "Running: su deploy -c \"ssh-keygen -t rsa\"" read -p "Press any key to continue" su deploy -c "ssh-keygen -t rsa" echo "## Adding public keys for all Baobab programmers This should be safe to do - public keys are only have of the authentication puzzle - hence private and public keys. " read -p "Press any key to continue" echo "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAyUvMIvhJUYs7nIaiLBnUcs03XuOeHiw1JGh1M/ovbKc9YO4SJsl9CYxpyDeh9jSyvdNhNdeUSg7PBSSyAYpVXeK6WXN9LnqKOWRu8n5rXGNSycM2tenaADiS/xtMkHmIFYOE/QFQF+Amg5lKR1DjsfZXzscdtYsmAT09j6GFYfgY/KIP/gxSsEDzOGSIxYqJwpCzV+/nwub72ElzVcW9EJu2HpSD8jhKF6XrZ3VExsCk9v86qrTGWeVOyFubRb7+V6Db4xc+x2HirdyMW7hZceDfTpB0xX1GXd4PYZ023gfvNkGbIj/aOSDeJtDIJyQhzCbIXY+CiLkU556e0rg2Nw== njero@alexandria.local ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAzFtSLwtu0GoHLWG8X5ScMBX0xYtxjlWiEhEJRPWoIq+e4MQg34mtSEUtVt9lyeiAx9PfrmFhcbFeL72Y1bRi7bxEy+9Nu72bEPicVibukTuiFz1M0snoHVCtr6FnHd8q29+hcfeaqFwn2lIyE11DiH5aHOd2hAPNAVQ/p1CPY5HCmIerIuuE+QgEQTE6Zm3Lp8L4LvyFhZl4kZ5CLx8mOQWIj8ZVh3HUvCCh2b3AZdZzOE4E2Jk0ST4QJ7IlenRQ+9E6RKQ6pVOYgYunfhD0IIaXrd9UiGTGm+G/3YfKHhIznF3QyBv5lW06A5BKz37v8rXil7zu0jKLh5Kf41BiAQ== ace@lalanje ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAzb5cQe46LoJB5PQou+Rc+BNyRLC5iMILS8/KddZUJGdQobzzx6pxyvS6Wq9i6EGj6X8WzGTa9FLgFUNI1EGg0wLMANTpDwiMYyBLZQ8oLwbUkTrQaDKw8Bf/FwLQiaUjx0DB7U7YNJlGMZBtUgshD/4Z7KjThsB5ZA7dhtGiWws= crazy@sequoyah ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAyEB1sXJNJxzoUd4XZlwPBjmcnpyM1L6DWOHXgN/i/duVsqJrotxwtg9Qs0n5N9i8NxydzuwcMAb18RbtbSsGNxEcufOrNWyCHnBCDYfnt13eXjY+hpB4mMREg8xe5hzWdrQyCwdOHwqxDWOLmIsWrvfCrKtXH29+v3DvaFiJ1ndPx0wxrZ4hptRsnwuMyiNLRhuD616YzbSEASus+CKIKiVTtm/AvGr+YMS5vDt3bQsiRfvbp5dktUOZH+4Wsi4W93BQ2+bGFfNgu3BrtqKCsCb9K7UPFORyADVmgqD3vvcB8QCO3NRjOgq+9quVoynr9PAwxEONfVTFCg0gOgLXDQ== soyapi@masau ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq7R5LvOBW5U1Vgn8ce/WDYr6A2/stqDvMwCAlZFqpBZExjWcFDC30aNX7bjdESwJ+BJTSZ6P7pCe4N+uia8nFLvxfUCMSXTvQ+cmOKnpmRbMDvctAafuk5fSLuPS9bReY/sh76ax135jrQejbGW4q+pLpUV3D0Ff9vgo905OCVjpCx+QrYMr4bqQ38h/a/GvdLx8Ow6c7fHJPDzJx+lxXQ6YUhm1AIzJFAgtVg1JXs0tkC4/9TxreRUnHyIWH7h4c+lzdPoJT8a2QV4IkHf3xMhki/mCYRFx7GBk3N8pnTO9b2PWlTN6dZtDYixrnVpkGxp4zKAmAa3i6G3IQ9QBkQ== bond@nkungudza " >> /home/deploy/.ssh/authorized_keys chmod 600 /home/deploy/.ssh/authorized_keys echo "## On the server, create the root project folder (our project is called 'bart')" $command="mkdir /var/www/bart" echo "Running: $command" read -p "Press any key to continue" $command $command="chown deploy:deploy /var/www/bart" echo "Running: $command" read -p "Press any key to continue" $command $command="mkdir /etc/mongrel_cluster" echo "Running: $command" read -p "Press any key to continue" $command echo "Creating mongrel user" $command="sudo adduser --system --no-create-home --group --disabled-password mongrel" echo "Running: $command" read -p "Press any key to continue" $command echo " ## On the server, setup the database ## We should be calling the database openmrs, with the user openmrs ## The password should be common probably Enter the password you want to use for the openmrs database" read -e PASSWORD echo "Creating the openmrs database and the openmrs user" read -p "Press any key to continue" echo "CREATE DATABASE openmrs; GRANT ALL on openmrs to 'openmrs'@'localhost' IDENTIFIED BY '$PASSWORD'" | mysql -u root -p echo " ## On your LOCAL MACHINE (NOT THE SERVER), cross your fingers and deploy (cap -T if you want to see all tasks) ## I have noticed that the deploy and deploy:setup tasks rely on each other ## So you have to run cap deploy first and let it fail... ## then run setup, then run deploy again cap deploy cap deploy:setup cap deploy cap nginx:setup cap nginx:start * run the db/migrate scripts * run the bootstrap cap deploy:restart # ------------- Firefox # READ the firefox README # If you don't have the firefox daemon it is here https://github.com/baobab/firefox-daemon "