-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathhost-setup.bsh
executable file
·160 lines (125 loc) · 5.35 KB
/
host-setup.bsh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
#!/bin/bash
# __ ___ __ __ __ ___ __ ___ __ ___ __
#/ ` |__| |__ / ` |__/ |__) / \ | |\ | | __ /__` |__ |__) \ / |__ |__)
#\__, | | |___ \__, | \ | \__/ | | \| | .__/ |___ | \ \/ |___ | \
#
#checkpoint-server configuration and setup for Ubuntu 14.04
#these commands are run as root user
#MRAN operates on UTC time zone (which is very similar to GMT.)
#This is important for scientific reproducibility aspects of statistical analyses.
#Type `date` into a shell prompt on your server to see the current time zone.
#If your server is not already on UTC, run the command below as user root
# `dpkg-reconfigure tzdata`
#select "none of the above", then choose UTC.
#set your time manually with ntpdate before installing the ntpd service
ntpdate 0.ubuntu.pool.ntp.org
deluser ubuntu
#Change software sources to desired mirror
#sed -i 's@http://us.archive.ubuntu.com/ubuntu/@http://ubuntu.osuosl.org/ubuntu@g' /etc/apt/sources.list
#add the required system package repositories
aptitude update
aptitude safe-upgrade -y
aptitude install -y python3-software-properties
add-apt-repository --yes ppa:nginx/stable
add-apt-repository --yes ppa:git-core
add-apt-repository --yes ppa:zfs-native/stable
add-apt-repository --yes ppa:chris-lea/node.js
aptitude update
#install the packages we need for this server
#zfs kernel modules will take a long time to build, be patient
aptitude install -y ubuntu-zfs nodejs nginx-full ntp git at htop screen wget curl libcurl-dev
modprobe zfs
dmesg | grep ZFS
#configure the firewall for ssh, http, rsync access
ufw enable
ufw allow 22/tcp
ufw allow 80/tcp
ufw allow 873/tcp
ufw allow 111/tcp
ufw allow 2049/tcp
ufw allow 2049/udp
#Note: Please read about ZFS best practices before putting your system into production.
#create a zpool on a block device
#you will need to determine the correct block device identifier.
#for better reliability on physical Linux systems /dev/disk/by-id/<disk-name>
#is the best disk id method to use.
#using whole disk mirrors or raidz2 on physical systems is highly reccommended.
#on many cloud servers, /dev/disk/by-id does not exist, therefore attach a block
#device to the system and use old /dev identifiers for creating your zpool.
##################################
#CHANGE ME TO CORRECT BLOCK DEVICE(S)
zpool create MRAN /dev/xvdz
##################################
zpool set autoexpand=on MRAN
zfs set atime=off MRAN
zfs set compression=lzjb MRAN
zfs create MRAN/packages
zfs create MRAN/packages/src
zfs create MRAN/packages/bin
zfs create MRAN/packages/bin/windows
zfs create MRAN/packages/bin/macosx
zfs create MRAN/packages/bin/linux
zfs create MRAN/www
zfs create MRAN/staging/src
zfs create MRAN/staging/bin
#zfs create MRAN/bioc/src
#zfs create MRAN/bioc/bin
#create a seperate zpool for storing exports of MRAN file systems
#zpool create exports /dev/xvdd
#create symbolic links to packages file systems snapshot directory
cd /MRAN/www
mkdir snapshots
cd snapshots
ln -s /MRAN/packages/src/.zfs/snapshot/ src
mkdir bin
ln -s /MRAN/packages/win/.zfs/snapshot/ win
ln -s /MRAN/packages/macosx/.zfs/snapshot/ macosx
ln -s /MRAN/packages/linux/.zfs/snapshot/ linux
#turn on rsync deamon and set some options
sed -i 's;RSYNC_ENABLE=false;RSYNC_ENABLE=true;' /etc/default/rsync
sed -i 's;# RSYNC_CONFIG_FILE=;RSYNC_CONFIG_FILE=/etc/rsyncd.conf;' /etc/default/rsync
#copy our config file to /etc
cp rsyncd.conf /etc/rsyncd.conf
#Nginx stuff
cp nginx/sites-available/mran.revolutionanalytics.com /etc/nginx/sites-available/
#remove symlink for unused default vhost
rm /etc/nginx/sites-enabled/default
#create symlink to our vhost files
cd /etc/nginx/sites-enabled
ln -s /etc/nginx/sites-available/mran.revolutionanalytics.com mran.revolutionanalytics.com
ln -s /etc/nginx/sites-available/projects.revolutionanalytics.com projects.revolutionanalytics.com
#add mran-user account for running MRAN update scripts
adduser --disabled-password --gecos "" mran-user
#add mran-user to adm group
usermod -aG adm mran-user
#update sudoers file
echo "%adm ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
aptitude install -y r-base r-base-dev libcurl4-openssl-dev xvfb xauth xfonts-base libcairo-dev libxmu-dev
mkdir $HOME/Downloads
cd $HOME/Downloads
wget http://cran.revolutionanalytics.com/src/base/R-3/R-3.1.1.tar.gz
tar xzf R-3.1.1.tar.gz
cd R-3.1.1
./configure --with-x=yes
make
make install
####Setting up for standard cran mirror####
#this is for cran.revolutionanalytics.com
zfs create -o mountpoint=/cran MRAN/cran
#this is for cran-snapshots.revolutionanalytics.com
zfs create -o mountpoint=/cran-www MRAN/cran-www
#set some permissions for the /cran mountpoint
chown -R mran-user:mran-user /cran
#rsync -rtlzv --delete cran.r-project.org::CRAN /cran/
cp nginx/sites-available/cran.revolutionanalytics.com /etc/nginx/sites-available/
cp nginx/sites-available/cran-snapshots.revolutionanalytics.com /etc/nginx/sites-available/
#make symlinks for turning on Nginx configs
cd /etc/nginx/sites-enabled
ln -s /etc/nginx/sites-available/cran.revolutionanalytics.com cran.revolutionanalytics.com
ln -s /etc/nginx/sites-available/cran-snapshots.revolutionanalytics.com cran-snapshots.revolutionanalytics.com
#Make a symlink to serve snapshots at cran-snapshots.revolutionanalytics.com
cd /cran-www
sudo ln -s /cran/.zfs/snapshot/ snapshots
#configure unattended system upgrades
#set to 'yes' or 'on'
#dpkg-reconfigure unattended-upgrades