= misaka =

{{attachment:misaka_imouto.jpg}}

 * debian squeeze x64
 * puppet managed

== local work ==
 * mount `/home` with `acl`s
 * `/etc/skel`
  * `.bashrc` {{{
# Timestamped shell FTW
export HISTTIMEFORMAT='%Y-%m-%d %H:%M:%S  '
}}}
  * `.screenrc`
  * `.vimrc`
  * add self to `.ssh/authorized_keys`
  * `mkdir -m 0701 public_html`


== thinking about apache ==

Our puppet management of apache is still a mess, so we'll do it manually. What do we want to take care of?

 * install `apache2-mpm-itk`
 * a couple of timeout tweaks to `apache2.conf`
 * `ports.conf` (listen only on 202.4.224.31, ''not'' ssl, etc.)
  * aka. biribiri.meidokon.net
 * `a2enmod ssl`
  * fix `ports.conf` again for SSL, no generic Listens
 * conf.d/priv.conf {{{
SetEnvIf Remote_Addr ^202\.4\.235\.109$ priv-group
}}}
 * install `libapache2-mod-php5`
 * start the service
 * stub out `/var/www/html/monitor` for the default site
  * fix up an index.html
  * edit `mods-enabled/status.conf` to get a usable `/server-status`
  * fix up an `info.php`
 * install `libapache2-mod-wsgi`
 * `AssignUserId [username] [groupname]` for itk
 * nice logging
  * log to homedirs, `~/logs/apache/{access,error}.log`
  * fix up logrotate fragment, `apache2-vhost-logs`