misaka
- debian squeeze x64
- puppet managed
local work
mount /home with acls
/etc/skel
.bashrc
# Timestamped shell FTW export HISTTIMEFORMAT='%Y-%m-%d %H:%M:%S '
.screenrc
.vimrc
add self to .ssh/authorized_keys
mkdir -m 0701 public_html
thinking about apache
Our puppet management of apache is still a mess, so we'll do it manually. What do we want to take care of?
install apache2-mpm-itk
a couple of timeout tweaks to apache2.conf
ports.conf (listen only on 202.4.224.31, not ssl, etc.)
- aka. biribiri.meidokon.net
a2enmod ssl
fix ports.conf again for SSL, no generic Listens
conf.d/priv.conf
SetEnvIf Remote_Addr ^202\.4\.235\.109$ priv-group
install libapache2-mod-php5
- start the service
stub out /var/www/html/monitor for the default site
- fix up an index.html
edit mods-enabled/status.conf to get a usable /server-status
fix up an info.php
install libapache2-mod-wsgi
AssignUserId [username] [groupname] for itk
- nice logging
log to homedirs, ~/logs/apache/{access,error}.log
fix up logrotate fragment, apache2-vhost-logs