wiki:Installation

Portax installation notes

Common setup

/etc/profile

cat >> /etc/profile <<EOF
if [ $(id -u) == 0 ]; then
    export PS1='\[\033[01;31m\]\h\[\033[01;34m\] \w \$\[\033[00m\] '
else
    export PS1='\[\033[01;32m\]\u@\h\[\033[01;34m\] \w \$\[\033[00m\] '
fi
export EDITOR=vim
alias vi=vim
EOF
. /etc/profile

Add portax user/group

pw group add -g 1000 -n portax
pw user add -d /usr/local/portax -u 1000 -n portax -g portax -c portax portax

Add repositories

pkg bootstrap -y
pkg install -y ca_root_nss vim bash screen
mkdir -p /usr/local/etc/pkg/repos
cat > /usr/local/etc/pkg/repos/portax.conf <<EOF
portax: {
  url: "https://pkg.portax.pl/pkg/12-2-amd64-portax",
  enabled: yes
}
EOF
pkg update

VIM config

cat > ~/.vimrc <<EOF
set nocompatible
set exrc
set nojoinspaces
map <F9> :set number!<CR>
set laststatus=2
set statusline=%<%f%h%m%r%=row:%-3.6l\ \ \col:%-2.2c%V\ \ \%2.3p%%
set bs=2
syntax on
set nowrap
inoremap <Up> <Esc>g<Up>a
inoremap <Down> <Esc>g<Down>a
set hlsearch
set incsearch
set tabstop=2
set smartindent
set shiftwidth=2
set background=dark
syntax on
EOF

Datasets

  • /tank/rrd

recordsize=4k, noatime

  • /tank/postgres

recordsize=8k, noatime

Database server

  • PostgreSQL

/mnt/tank/pg -> /data/pg 

createuser -Upostgres -s portax
createdb -Upostgres -O portax -E UTF-8 --lc-collate=cs_CZ.UTF-8 --lc-ctype=cs_CZ.UTF-8 --template=template0 portax
  • MySQL

/mnt/tank/mysql -> /var/db/mysql 

innodb_doublewrite = 0
skip-name-resolve

fix root password 

SET PASSWORD = PASSWORD('your_new_password');
  • redis 
    pkg install -y redis
echo "bind 0.0.0.0" >> /usr/local/etc/redis.conf

DHCP servers

TODO attach slapd.conf, ldap.conf, schema files acme-check-domain.sh

  • openldap-server24 
    pw group add tftp
pw user add -g tftp -c tftp -n tftp -d /var/tftp tftp
pw group add acme
pw user add -g acme -n acme -c acme -d /usr/local/etc/acme -n acme acme
mkdir /var/run/apache && chown www:www /var/run/apache
mkdir -p /www/registrace && mkdir -p /www/nastenka
  • acme crontab 
    MAILTO=""
BASH_ENV="/etc/profile"

@daily	$HOME/acme-check-domain.sh registrace.xgbe.cz
  • TODO /var/unbound/unbound.conf
  • /usr/local/etc/sudoers.d/portax 
    %portax  ALL=NOPASSWD:/usr/sbin/service isc-dhcpd configtest
%portax  ALL=NOPASSWD:/usr/sbin/service isc-dhcpd restart
%portax  ALL=NOPASSWD:/usr/sbin/service isc-dhcpd status
%portax  ALL=NOPASSWD:/usr/sbin/service isc-dhcpd6 configtest
%portax  ALL=NOPASSWD:/usr/sbin/service isc-dhcpd6 restart
%portax  ALL=NOPASSWD:/usr/sbin/service isc-dhcpd6 status
  • /usr/local/etc/newsyslog.conf.d/dhcp-portax.conf 
    /var/log/dhcpd.log  644 7 * @T00  JNC
/var/log/dhcpd6.log  644 7 * @T00  JNC
  • TODO attach dhcp*conf

RRD cache server

  • append /etc/rc.conf 
    sysrc rrdcached_enable="YES"
sysrc rrdcached_flags="-V LOG_INFO -G portax -U portax -w 86400 -z 86400 -t 4 -f 172800 -b /data/rrd -B -R -O -j /data/journal -l 0.0.0.0 -l unix:/tmp/rrdcached.sock"

Application server

  • /var/at/at.allow 
    portax

Genieacs server (TR-069)

  • TODO 
    pw group add -n genieacs
pw user add -d /usr/local/genieacs -n genieacs -g genieacs -c genieacs genieacs

MOTD

http://patorjk.com/software/taag/#p=display&f=ANSI%20Shadow&t=app01

Last modified 2 years ago Last modified on Jan 6, 2022, 8:17:59 AM

Attachments (14)

Download all attachments as: .zip

Note: See TracWiki for help on using the wiki.