Content Cleanup Required
Candidate for Deletion
I will be creating a series of documents for setting up various types of servers. My goal is to be tutorial-esque, but still be general enough to be applicable in a wide variety of environments. There are already, in my opinion, great information pages on the same subjects in the server documentation, however I find my self repeating the same step-by-step instructions for how to implement the information on those pages, time and time again to new Ubuntu users, hence the decision to start this series of documents. The goal is to show you every necessary command to run to set up your servers and have all your servers communicating and working together.
Bare with me as I am learning how to format the wiki and converting my collection of notes into a human readable format...
This first page will be about setting up a base server system. It will focus on being a secure, stable, and compact foundation that my other server guides will build on. A prerequisite for this guide will also be that you are setting this up in a VMWare Server virtual machine. I will eventually create similar guide on how to set up the VMWare Server on Ubuntu.
Creating the Virtual Machine
This is how to create the virtual machine, what settings I recommend, and why, etc.. For instance, you only need a 4 GB harddrive. Additional space will be put on additional virtual harddrives, but for now, only create a 4 GB harddrive, allocate all space immediately, and do not split into 2GB chunks.
After the virtual machine is created, you can delete the floppy drive, you won't need it.
After creating the virtual machine, boot to a GParted LiveCD and create an aligned /boot and swap partition.
Open a terminal and type
Type ‘n’ for new partition Type ‘p’ for primary Type ‘1’ for partition 1 Just hit enter to start at the first cylinder If this is linux, type ‘+102M’ to create the /boot partition; for Windows, just hit [enter] Type ‘x’ for expert mode Type ‘b’ to specify starting block Type ‘1’ to select partition 1 Type ‘128’ to make partition 1 align on 64KB boundary Type ‘r’ to return to main menu Type ‘w’ to write changes
Refresh GParted and create a swap partition after the first partition and go ahead and format it.
Install Ubuntu from the latest version with LTS (Ubuntu 6.06 at the time of this writing, as 6.10 does not have LTS).
Choose manual partitioning and create a 1.7 GB / partition and the rest for the /var partition. Delete the first partition and recreate it, mounting it at /boot. Be sure to set the /boot partition as flagged bootable, and do not touch the swap so the other partitions are aligned. When /boot is recreated, this means it will NOT be aligned, but there is a bug with the grub installer and having an aligned /boot partition.
I would also suggest formatting all partitions as XFS due to it’s excellent performance over the default ext3. The only time I would use ext3 is if you may need to mount the partition on a Windows computer (as is the case with our file server data partition). Also, go ahead and use ext3 for the /boot partition, so you can use Grub (otherwise you will have to use Lilo).
Log in as the user you set up and use “sudo“ to use root privileges.
sudo apt-get update && sudo apt-get –y install openssh-server
This will allow you to log in via ssh and follow the rest of the guide. This is easier, since you can copy-paste from this guide into the ssh window (shift-insert will paste in ssh).
Take note of the IP address assigned to eth0. You’ll need this to log in via ssh. Now exit the su with “exit” and logout with “logout”. Connect into the server via ssh. This makes things easier.
You’ll want to create the clock=pit kernel option so that all current and updated kernels get this option.
sudo nano /boot/grub/menu.lst
Change the line defoptions=quiet splash to read defoptions=quiet splash clock=pit (do not uncomment the line). This will make sure that after a kernel upgrade, your kernel gets the clock pit option which is necessary for proper time keeping in a virtual machine.
Update and Upgrade
sudo mv /etc/apt/sources.list /etc/apt/sources.list.original sudo nano /etc/apt/sources.list
I prefer to remove all the documentation and you must enable the universe repo in order to install all the requirements for Webmin. Here is my sources.list:
deb http://us.archive.ubuntu.com/ubuntu/ dapper main restricted universe deb-src http://us.archive.ubuntu.com/ubuntu/ dapper main restricted universe deb http://us.archive.ubuntu.com/ubuntu/ dapper-updates main restricted universe deb-src http://us.archive.ubuntu.com/ubuntu/ dapper-updates main restricted universe # deb http://us.archive.ubuntu.com/ubuntu/ dapper-backports main restricted universe multiverse # deb-src http://us.archive.ubuntu.com/ubuntu/ dapper-backports main restricted universe multiverse deb http://security.ubuntu.com/ubuntu dapper-security main restricted universe deb-src http://security.ubuntu.com/ubuntu dapper-security main restricted universe
sudo apt-get update && sudo apt-get –y dist-upgrade && sudo shutdown –r now sudo apt-get –y install gcc make screen libnet-ssleay-perl openssl libauthen-pam-perl libio-pty-perl libmd5-perl linux-headers-server
BTW: gcc, make, and the linux-headers are needed to compile a kernel module for vmware tools. The rest is for Webmin.
sudo mv /etc/securetty /etc/securetty.original && sudo touch /etc/securetty
This will deny direct root logins, even if somebody does know the root password (it is possible).
wget http://superb-west.dl.sourceforge.net/sourceforge/webadmin/webmin_1.380_all.deb sudo dpkg –i webmin_1.380_all.deb rm webmin_1.380_all.deb
This will download webmin and install it. You can also upgrade Webmin and it's modules from within Webmin itself.
You can now login to webmin at https://serverip:1000 and use your user account and password. First things to do are change the ssh server to NOT allow root login, set up a new firewall allowing incoming ports 10000:tcp, 22:tcp, and of course the lo incoming adapter and established,related connections. You will also need to change the ip address (also be sure to set “Activate at boot”) and gateway and then re-login using the new address.
Install Vmware Tools
This best done from the vmware console, not ssh, as it does reset the network and will kill your ssh connection, therefore killing the installation. *It appears the new version just leaves out the vmxnet installation if run remotely, which is not good, even if run from within screen. This section needs cleaned up and testing done on it.
Be sure you have already added ‘clock=pit’ to your kernel boot parameters.
Right-click on the virtual machine and choose “Install Vmware Tools”
sudo mount /media/cdrom0 tar –xzf /media/cdrom/VMwareTools-whatever.tar.gz cd vmware-tools-distrib sudo /etc/init.d/networking stop sudo rmmod pcnet32 sudo ./vmware-install.pl
Pretty much just [enter] your way through the install. Seriously, when I do this, I hit nothing but [enter].
sudo /etc/init.d/networking stop sudo rmmod pcnet32 sudo rmmod vmxnet sudo depmod –a sudo modprobe vmxnet sudo /etc/init.d/network start cd .. rm -rdf vmware-tools-distrib/ sudo shutdown –h now
In the VI client, after the virtual machine is off, right-click the virtual machine and choose “Edit settings…” Go to the “Options” tab, click Advanced and click “Configuration Parameters…” Next to tools.syncTime, change “FALSE” to “TRUE”. Now would probably also be a good time to take a vm snapshot. I also like to change the Vmware Tools options to shutdown and restart the guest instead of killing the power.
You can set up a web server: DinkelVersus/ApacheServer You can set up a database server: DinkelVersus/MySQLServer more to come...
Appendix A - Webmin modules
You can remove most all of the Webmin modules. The ones I want to keep are: Webmin Configuration, Bootup and Shutdown, Scheduled Cron Jobs, Software Packages, Users and Groups, Disk and Network Filesystems, Read User Mail, SSH Server, Linux Firewall, Network Configuration, Partitions on Local Disk, Logical Volume Management,