Notes for how I like to set up ubuntu & misc other sysadmin / system architecture notes. Edit: this is years old and I can do much better nowadays :-)
Common
sudo apt update
sudo apt install denyhosts
sudo apt full-upgrade
sudo nano /var/lib/denyhosts/allowed-hosts # add line with ip address
sudo /etc/init.d/denyhosts restart
sudo bash -c 'HOSTNAME=whatevor echo "$HOSTNAME" > /etc/hostname && echo "127.0.0.1 $HOSTNAME" >> /etc/hosts && /etc/init.d/hostname start && hostname $HOSTNAME'
bash # to make the new hostname show up at the prompt
sudo aptitude install ack-grep etckeeper mercurial ssh
sudo nano /etc/etckeeper/etckeeper.conf
Comment bzr and uncomment hg.
sudo etckeeper init
sudo etckeeper commit
sudo ufw allow ssh
sudo ufw enable
#sudo dpkg-divert --local --divert /usr/bin/ack --rename --add /usr/bin/ack-grep
hg clone ssh://hg@bitbucket.org/dbenamy/configs
mv .bashrc .bashrc.orig
ln -s configs/.bashrc .
bash
ln -s configs/.gitconfig .
ln -s configs/.nanorc .
ln -s configs/.screenrc .
Rails with nginx and passenger
This is from early 2013. Hopefully there’s a better way by now.
sudo adduser rails # a user for deploying and running the rails site
visudo
# Add a line at the bottom (uncommented):
# rails ALL=(ALL) NOPASSWD: /etc/init.d/nginx
sudo su - rails
curl -L get.rvm.io | bash -s stable
source ~/.rvm/scripts/rvm
rvm requirements
exit # out of rails user shell
# Install requirements listed by rvm requirements + libreadline5 (use sudo).
sudo su - rails # back to rails
rvm install 1.9.3
rvm use 1.9.3 --default
gem install rails passenger
passenger-install-nginx-module # change prefix to /home/rails/nginx
nano nginx/conf/nginx.conf
Uncomment user line and change to “user rails;” In “location /” block, replace what’s there with root /home/rails/PROJECT/public; # be sure to point to public passenger_enabled on;
exit # out of rails user shell
wget -O init-deb.sh 'https://library.linode.com/assets/660-init-deb.sh'
#Take a look at the file to make sure it's still good
sudo mv init-deb.sh /etc/init.d/nginx
sudo chmod +x /etc/init.d/nginx
sudo sed -i 's/\/opt\/nginx/\/home\/rails\/nginx/g' /etc/init.d/nginx
sudo /etc/init.d/nginx start
sudo /usr/sbin/update-rc.d -f nginx defaults
sudo ufw allow http
Robust Infrastructure
DNS failover- http://kvz.io/blog/2013/03/27/poormans-way-to-decent-dns-failover/ or https://news.ycombinator.com/item?id=5450140:
dnsmasq --interface=lo --all-servers --server=172.16.0.23 --server=8.8.8.8 --server=4.2.2.2
echo "prepend domain-name-servers 127.0.0.1;" >> /etc/dhcp/dhcplient.conf
HA and/or non-overlapping cron jobs: http://kvz.io/blog/2012/12/31/lock-your-cronjobs/
- solo
- timeout
- cronlock
Puppet
Fabric
Note to self: take a look at my Good Tech Tools doc for more high level tools to set up.