Jump to content

IT:servers

From ChemWiki

Mounting Servers

  • The Macintosh Server contains files relevant to OS X 10.4. To mount this server on a Mac, proceed as follows
  1. In the Finder Window, select Go from the top level menu
  2. Connect to Server (these two steps concatenated with a Apple-K keystroke)
  3. Type afp://deuterium.ch.ic.ac.uk/ into the Server address box, and follow it by a + to make the entry permanent
  4. From the list of volumes that appear, select X-Public Utilities
  5. Login as Guest.
  6. Navigate down to the folder you want.

Configuring Servers

The following is specified for the SGI-based argon server. The location of various library and include paths will vary from machine to machine. The current base for the SGI is argon.ch.ic.ac.uk and /var/www/ This contains Apache, php, MySQL, htDig and various other utilities. Contact Henry Rzepa (rzepa@ic.ac.uk) for further information about these systems.

The new system is to be migrated to neon.ch.ic.ac.uk. Current paths are /var/www/ for installations etc and /mpt/web/ for htdocs. No decision on log files yet made.

Apache

As of October 2007 running version 2.2.3. This is the stock RHEL5 package. RHEL5 provides all modules either built in or as RPMs. So there is no need to build from source. The main http.conf file is now located in /etc/httpd/conf/

Supplementary conf files are stored in the directory /etc/httpd/conf.d. Notably, SSL related configuration is located here in ssl.conf, and mime types are stored in mime-ch.conf.


Up until 2007 running version 2.055, 

 ./configure --prefix=/var/www/apache2055 \
 --enable-dav --enable-ssl --enable-rewrite --enable-ldap \
 --enable-auth-ldap --with-ldap  --with-speling --libdir=/usr/lib \
 --with-ldap-include=/usr/include \
 --with-ldap-lib=/usr/lib/ \
  --with-ssl-include=/usr/include/openssl/ \
 --with-ssl-lib=/usr/lib/ \
 --with-ssl \
 CPPFLAGS=-I/usr/kerberos/include
  1. Configuration files for apache: httpd.conf, mime.types, ssl.conf,
  2. A SSL server certificate needs to be installed for the system.
  3. Authentication uses SSL and LDAP, as specified in the configuration files.
  4. Server started using 
    ./apachectl startssl
  5. Path to htdocs on new server 
    /disk1/www/htdocs/
    --Rzepa 09:29, 20 July 2006 (bst)

MySQL

Currently 4.0.13. Not tested at 4.1.18. The existing databases will have to be backed up using e.g. 

mysqldump –u root –psecret --all-databases > all.sql

and reloaded into the new MySQL. Mysql server installed by Sam Sharpe at 

/usr/bin/mysql

Please contact HSR for MySQL root password.


GRANT ALL PRIVILEGES ON PSS.* TO pss@unixweb1.cc.ic.ac.uk IDENTIFIED BY '*****'

GRANT ALL PRIVILEGES ON PSS.* TO pss@unixweb2.cc.ic.ac.uk IDENTIFIED BY '*****'


The password needed is stored in config.inc.php. Take care; the above line is case sensitive throughout.

PHP

As of October 2007.

Previous to August 2006 using version 4.4.2, 

./configure --with-mysql=/usr/bin/mysql  --with-apxs2=/var/www/apache2055/bin/apxs\
 --with-ldap --with-config-file-path=/disk1/www/htdocs/php/

--Rzepa 09:30, 20 July 2006 (bst)

  1. Configuration files for php: php.ini
  2. Admin utility for php: phpMyAdmin
  3. The current system configuration is summarised here

Wiki

Mediawiki is the current flavour.

  1. The local settings file is here
  2. A Jmol extension is loaded to enable molecule display within the wiki
  3. A local authentication module has been added

Web page counter

Can be replaced by any suitable alternative. 

<img  src="http://origin.ch.ic.ac.uk/cgi-bin/Count.cgi?df=pericyclic.dat&dd=B"  alt="counter" />
  • Recompilation October 2007

Recompiled wwwcount2.6 for x86_64 on its new platform neon2.ch..ic.ac.uk.

Configuration in /usr/local/etc/Counter.

It was compiled via its build script with these options to mimic previous installations:

./build --with-cgi-bin-dir=/var/www/cgi-bin --with-sdbm --without-ttf

The option --with-sdbm enables its own built in database, otherwise it will look for a berkeley db installation and fail if it is not installed. No need for truetype fonts.

Count-install is an interactive install script.

The counter picks up the old .dat files without any need for modification. e.g. http://neon2.ch.ic.ac.uk/local/it/

htDig 3.1.6 Index and Search Engine.

It employs external parsers for chemical files. UltraSeek might be useable, but would need to be configured for these external file types. The output templates are also special, invoking the Jmol applet to display certain types of file found by the search. For an example of the latter, see the symmetry site. Invoke the default search, and select load molecule.

  1. Configuration file for building htdig CONFIG
  2. Configuration files for indexing entire server: origin.conf motm.conf sym.conf it.conf pericyclic.conf
  3. External parsers for htdig: runchemdig.sh doc2html
  4. Output templates for htdig: header.html long.html nomatch.html footer.html

Analog log file analyzer

Currently set up as a crontab job, to run weekly. Used in conjuction with ReportMagic to generate reports.

Tomcat

Currently not installed, but should be.

Sesame

Currently not installed, but should be.

--Rzepa 08:42, 19 April 2006 (bst)

openAFS for OS X

  • Install the openafs package
  • sudo edit /private/var/db/openAFS/etc/CellServDB and add the ic.ac.uk domain
>ic.ac.uk               #Imperial College London
155.198.63.149                  #icafs1.cc.ic.ac.uk
155.198.63.148                  #icafs2.cc.ic.ac.uk
  • sudo edit /private/var/db/openAFS/etc/ThisCell and replace entry with
ic.ac.uk
  • sudo edit /etc/krb5.conf and add the following:
[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 ticket_lifetime = 24000
 default_realm = IC.AC.UK
 dns_lookup_realm = false
 dns_lookup_kdc = false
#supported_enctypes = des3-cbc-sha1:normal des-cbc-md5:normal des-cbc-crc:afs3

#    default_tkt_enctypes = des-cbc-md5
#    default_tgs_enctypes =des-cbc-md5
#    default_etypes = des-cbc-md5
#    default_etypes_des = des-cbc-md5

[realms]
 IC.AC.UK = {
  kdc = icads11.ic.ac.uk:88
  kdc = icads1.ic.ac.uk:88
  kdc = icads2.ic.ac.uk:88
  kdc = icads4.ic.ac.uk:88
#  kdc = icafs2.cc.ic.ac.uk:88
 }

[domain_realm]
 .ic.ac.uk = IC.AC.UK
 ic.ac.uk  = IC.AC.UK

[kdc]
 profile = /var/kerberos/krb5kdc/kdc.conf

[appdefaults]
 pam = {
   debug = false
   ticket_lifetime = 3600000
   renew_lifetime = 3600000
   forwardable = true
   krb4_convert = false
 }
  • to login do
kinit username

followed by 

aklog
  • to logout do
kdestroy

to destroy your kerberos ticket and unlog to drop your afs token

Brief list of useful commands.

login
------
kinit <USERNAME>        ## get kerberos tickets
kdestroy                ## drop kerberos tickets
aklog                   ## get AFS token
unlog                   ## drop afs token
------------------------------------------------------
Setting up a group
---------------------
pts creategroup <groupname>         ## create a group (will be a negative number)
pts chown <groupname> <username>    ## change the owner of the group (you will be the owner by default)
pts listowned <username>            ## list groups you own
pts adduser -user <name> -group <groupname>    ## add another user to a group
-------------------------------------------------------
ACLS
-----
fs listacl /afs/ic.ac.uk/software   ## list acls on a directory
fs setacl /afs/ic.ac.uk/software <user> none. ## remove user access to a folder
fs setacl /afs/ic.ac.uk/software <user> rl  ## grant read and list permissions
fs setacl /afs/ic.ac.uk/software <user> all  ## grant all permissions to a user.

Adding/Modifying MIME types

An include file called /etc/httpd/conf.d/rdf-ch.conf should be edited on neon.ch.ic.ac.uk

To restart the httpd demon, "sudo /etc/init.d/httpd reload"


Apache restart

Retrieved from "https://chemwiki.ch.ic.ac.uk/index.php?title=IT:servers&oldid=182584"