The Debian server -- a non-expert tries to roll his own
I decided to start from scratch with my Debian server project. Last time I was too hasty in adding the open-source version of Movable Type to my installation and intermingling files before I was ready.
This time I'm going to be a lot more methodical and make sure that Apache and MySQL are working properly -- meaning I can run CGI scripts and have a directory dedicated to same -- before I start with Movable Type.
I could've removed Apache, done some cleanup and gone from there, but since I didn't have much "invested" in the install, I wiped the drive and started over.
I did want to change a few things:
Last time I used encrypted LVM. Since I don't have any grasp about how to work with LVM partitions after the fact, and since I'm not confident enough to have an encrypted drive that I can't get to from a live CD rescue disc, I went with a standard partitioning scheme. I initially was going to roll out separate partitions for everything, but since I don't know how extensively I'm going to use /var -- and since the automatic partitioning in Debian tends to make the root partition too small for my taste (and with a 14.5 GB hard drive, I don't have a whole lot of space to waste), I went with a separate /home partition and one big partition for everything else. That way, even if I'm using /var for my Web files, I can always rsync them to the /home partition and then rebuild the whole damn thing if I need to, yet still have all the files right there.
Another thing I learned: When you check off "SQL server" during a Debian Etch install, you get PostgreSQL, not MySQL. I'll write more about this in an upcoming post, but I'm at such an early stage in my interaction with databases (i.e. smack dab at the very beginning) that I'm going to use MySQL just because of its sheer ubiquity (and because that's what Movable Type recommendseven though Movable Type supports PostgreSQL just fine -- and also allows use of SQLite).
I'm not ruling out using PostgreSQL in the future, but since this is my very first installation of a SQL database -- hell, it's the first time I've even used a SQL database and actually knew I was using it, so I'm going with the flow as much as possible.
In the last install, I also selected "file server," and ended up with a lot of stuff loading at boot that I don't need. What I really do need is an ftp server (and preferably a secure one) as well as the OpenSSH server, both of which are easy enough to install and configure (easy since I've successfully done it before).
And while I considered not installing the "Desktop environment," which brings GNOME and everything that goes with it, I didn't want to leave all that GUI goodness behind just yet; I'd rather have Synaptic, especially, at my disposal.
So right now I have the stock Debian Etch install with the desktop environment and Web server options.
And I need to add:
- Anything I'm missing to make Apache work with PHP and CGI/Perl scripts (that was my big stopper in last week's install)
- MySQL and the phpMyAdmin program to help me configure the database
- The ftp and OpenSSH server packages
- Movable Type
At this point, everything is on the local network, not right out there on the Internet, and I just want to see how hard it is to roll one's own blogging-equipped Web server. Would I rather use Drupal, WordPress ... or anything else? Sure, but since our shop makes extensive use of Movable Type, that's where I'm putting my energy.
I'm getting some help setting up Apache2 from this Debian Admin page. And Carla Schroder's "Linux Cookbook" has some good tips on rolling out Apache (look in Chapter 22 -- and if you don't have this book, you really do need it).
One thing that's screwing me up is the presence of multiple configuration files in Apache2 (apache2.conf and httpd.conf), the placement of those and other files in different directories on different systems, and general confusion of what the proper commands are between Apache 1.3, 2.0 and 2.2.
But since I'm being more deliberate this time, I won't move to the next step in the process until everything works with the previous step. That means I need to get CGI working in Apache, then add MySQL, create the database, and then add MovableType. ... and in between I'll get the FTP and SSH servers going.
Update: I installed a bunch of MySQL and PHP stuff that I saw in Synaptic. I also installed phpMyAdmin, which I already confirmed is working. I also added the proftpd ftp server, which has a MySQL-specific version (not sure what I'm getting myself into there). I also put openssh-server on the box, which worked perfectly in my last Debian Etch install.
A very good tip: This is true for most configuration files, as well as for those in Apache2, especially because there are a whole lot of them: SAVE copies of everything before you mess with it. Look at ALL of the configuration files and attempt to understand them before you mess with them.
By looking, I learned that the default Apache2 installation in Debian is already set up to use /usr/lib/cgi-bin as the CGI directory. This information wasn't in /etc/apache2.conf or /etc/httpd.conf (which is empty, with the implication -- for me at least -- being that this configuration file is no longer necessary in Apache 2.2 ... but don't quote me because I could be totally and completely wrong).
I found out about the CGI situation in /etc/apache2/sites-available/default and /etc/apache2/sites-enabled/000-default.
OK, I realize that Apache is a huge deal. It's production-ready, hugely scalable, time-tested, and all that other good stuff that makes for a bullet-hardened app. Did I throw in enough cliches?
But holy crap -- I've got FOUR configuration files in front of me.
I somehow in my previous installation was able to get the "home" of my Web server out of /apache2-default/, and now that I know where the cgi-bin area is (and presumably how to move it) ... I just might get this thing off the ground.
All I do know is that the online Apache docs led me astray (and were extremely vague about where exactly to put the various configuration lines I needed).
Here's what I'm going to do now: NOTHING. I'm going to sit on this for a day or so and think about how to proceed without screwing the whole thing up.
6 Comments
Leave a comment
About this blog
New ways to sign in to comment: I just added the ability for prospective commenters on this blog to sign in using their AOL, Yahoo! and Wordpress.com accounts (for the past 200 posts anyway ... more than that will take an extensive, middle-of-the-night rebuild). That's in addition to the other sign-in choices, which include starting a Movable Type account on this blog, Typekey, OpenID, Live Journal and Vox. If you have trouble getting your Movable Type account verified, or any of the other sign-in options are not working properly, please e-mail me. With these added ways of signing in, there's more reason than ever for you to make a comment (or several!).
Steven Rosenberg aims to learn what he does not know. He writes about it here.
Steven Rosenberg aims to learn what he does not know. He writes about it here.
Steve,
you might want to check something like SysCP. It's usually installed on a "naked" Etch system, and brings everything you need. Make sure to read the installation Howto, and you'll have a fine tool afterwards. I used it initially for our lonien.de site (where my wife is the owner and admin-c), but during the time I got used to it and can recommend it.
The Hannover (Germany) based howtoforge.com is also a good first resource for aspiring server admins ;-) Our former co-writer Tom is a friend of those guys I think.
cheers,
Wolfgang
Forgot:
if you want tips from the *real* gurus, have a look at Steve Kemp's debian-administration.org (don't mix that one with .com!). Steve is on Debian Planet, and also on Planet Sysadmin - he's one of those Debian Developers, without which we wouldn't have much to write about... ;-)
cheers,
wjl
Yes, some of the Debian-specific configs of specific apps, while almost always logical, aren't documented the best and require one to wade in knee-deep. Asking questions on sites such as debianHELP.org can sort things out.
But I agree with Wolfgang -- for your task a web hosting setup is exactly what's called for. It'll make setting web sites, beta test sites and/or fake domains as easy as possible.
My favorite in this realm is ISPConfig. It has rock-solid and mindless ("just type this and that") how-to directions that are specific to Debian (and many other distros).
You'll find ISPConfig or another (e.g. GPLHost) web hosting software a real boon for taming Apache (and even -- my favorite -- BIND:-).
AFAIK, httpd.conf is a leftover file from Apache 1.0. In apache2, apache2.conf is the main configuration file, and it includes everything that you put into httpd.conf when it is read. This means that any changes you make can be just put in apache2.conf and you can safely ignore httpd.conf. Or if you're happy with everything in apache2.conf and just want to add more options, you can put them in httpd.conf and leave apache2.conf at it's default configuration. This helps to keep everything clean and easy to remember what you've changed.
As far as sites-available/default and sites-enabled/000-default go, these are actually the same file. sites-enabled/000-default is simply a symlink to sites-available/default. When starting, apache2 will look in the sites-enabled directory and load each configuration file. This way, you can add another site to sites-available, but not actually serve it to the outside world until you add the symlink in sites-enabled. This makes it easy to take a site offline without having to mess around with moving (and possibly losing) the configuration file you spent so much time making.
The same available/enabled thing is also used for the apache mods. If you think you have a mod enabled, but it isn't working for you, make sure that there are the correct symlinks in the mods-enabled directory.
Now you're down to just two configuration files. I hope this makes it a little easier to stomach. Good luck.
FYI - These series of commands are what I used with a Ubuntu LiveCD to access a LUKS/dm-crypt volume (lv0_crypt) in a LVM (vg0-lv0) on a RAID system in order to fix a broken Grub menu. I also did a chroot for convenience:
apt-get install mdadm lvm2 cryptsetup && modprobe dm-mod && mdadm -As && vgchange -ay && cryptsetup luksOpen /dev/mapper/vg0-lv0 lv0_crypt && mkdir /ubuntu && mount /dev/mapper/lv0_crypt /ubuntu && mount /dev/md0 /ubuntu/boot && mount -t proc none /ubuntu/proc && mount -o bind /dev /ubuntu/dev && chroot /ubuntu && cd /boot/grub
I certainly wouldn't agree that Debian's way of configuring things is not logical. It is logical, very logical, it's just different than the way other distros do things and thus requires a learning curve on "the Debian way".
Take a look in /usr/share/doc/package_name for how things are done in Debian. Use apt-cache search to search for documentation packages for the packages you're installing if there aren't any good README.Debian files in the previous file system path. These README.Debian files are something I have found to be extremely useful in learning how to administer Debian servers.