System administration: Difference between revisions

dump from oldwiki
add mysql link
dump from oldwiki
Line 16: Line 16:


[[Category:System administration]]
[[Category:System administration]]
= System administration =
== Initial setup (for Ubuntu distribution) ==
=== SSH keys ===
Create private/public SSH key file using 2048 bit encryption and with a comment. The command creates files under ~/.ssh folder.
<source lang="bash">
$ ssh-keygen -b 2048 -C user@host.domain
</source>
=== SSH config for connection ===
The config file ~/.ssh/config stores information about various SSH connections, and allows the definition of hostname, username, ports, and other settings.
<source lang="html5">
Host hostname1
    HostName hostname1.domain.com
    User username1
    Port 1234
</source>
=== Adding a user to sudoers list ===
<code>#includedir /etc/sudoers.d</code> should be at the end of /etc/sudoers file.
Create a file under this directory (i.e. localusers) and add entries.
* <code>jsmith ALL=(ALL) NOPASSWD:ALL</code> would allow a user to sudo without entering a password.
* <code>jpocahontas ALL=(ALL) ALL</code> would force password entry
Run <code>$ chmod 0440 filename</code> afterwards.
=== Enable color prompt ===
On Ubuntu distribution of GNU/Linux, you can uncomment force_color_prompt = yes line to use color prompts. The following is my personal favorite color configuration for the prompt.
<source lang="bash">
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u\[\033[01;30m\]@\[\033[00;36m\]\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
</source>
=== Enable byobu ===
<source lang="bash">
$ byobu-enable
</source>
=== Update .vimrc ===
<source lang="vim">
syntax on
set noexpandtab
set wrap
set tabstop=4
set shiftwidth=4
set smartindent
set autoindent
set encoding=utf-8 fileencodings=
set mouse=a
set fo=cqlro
set tags=tags,../tags,../../tags,../../../tags,../../../../tags,../../../../../tags,../../../../../../tags
color elflord
" set foldmethod=marker
set foldmethod=indent
set foldnestmax=15
set nofoldenable
set foldlevel=1
" filetype plugin on
imap <c-k> <esc>:r! zdump GMT <bar> tail -c29 <bar> xargs -0 date +"\%-m/\%-d/\%-Y \%-l:\%M:\%S \%p" -d<enter>$i<right>
" PHP documenter script bound to Control-P
autocmd FileType php inoremap <C-p> <ESC>:call PhpDocSingle()<CR>i
autocmd FileType php nnoremap <C-p> :call PhpDocSingle()<CR>
autocmd FileType php vnoremap <C-p> :call PhpDocRange()<CR>
</source>
=== Set up environment for web development ===
Install the LAMP stack
<source lang="bash">
$ sudo apt-get install tasksel
$ sudo tasksel install lamp-server
</source>
Install git and other PHP related extensions
<source lang="bash">
$ sudo apt-get install git php5-mcrypt php5-xdebug php5-intl
</source>
==== .gitconfig ====
<source lang="html5">
[core]
  editor = vim
  excludesfile = /home/mhan/.gitignore_global
# autocrlf = input
# safecrlf = true
[color]
  ui = always
[alias]
  co = checkout
  ci = commit
  st = status
  br = branch
  df = difftool
  hist = log --pretty=format:\"%C(yellow)%h %C(green)%ad %Creset| %s%C(red)%d %C(blue)[%an]\" --graph --date=short
  histall = log --pretty=format:\"%C(yellow)%h %C(green)%ad %Creset| %s%C(red)%d %C(blue)[%an]\" --graph --date=short --all
  hist10 = !git log --pretty=format:\"%C(yellow)%h %C(green)%ad %Creset| %s%C(red)%d %C(blue)[%an]\" --graph --date=short | head -n 10
  hist10all = !git log --pretty=format:\"%C(yellow)%h %C(green)%ad %Creset| %s%C(red)%d %C(blue)[%an]\" --graph --date=short --all | head -n 10
  type = cat-file -t
  dump = cat-file -p
  ignore = update-index --assume-unchanged
  track = update-index --no-assume-unchanged
  listignored = !git ls-files -v | grep -s ^'h ' | cut -b 1-2 --complement
[diff]
  tool = vimdiff
[difftool]
  prompt = false
[merge]
  defaultToUpstream = true
</source>
== Change default shell ==
<source lang="bash">
$ chsh
</source>
== Edit passwd files ==
<source lang="bash">
$ sudo vipw
</source>
== Resources ==
=== Check disk space usage ===
You can check the file space usage with the command <span class="package">du</span>.
<syntaxhighlight lang="bash">
$ du -h
</syntaxhighlight>
=== Check disk space left ===
<span class="package">df</span> is for checking the amount of disk space used and available on file systems.
<syntaxhighlight lang="bash">
$ df -h
</syntaxhighlight>
= User Accounts =
== Groups ==
=== Add a new group ===
<source lang="bash">
$ sudo addgroup webdev
</source>
=== Delete a group ===
<source lang="bash">
$ sudo delgroup webdev
</source>
=== Add a user to a group ===
<source lang="bash">
$ sudo adduser username groupname
</source>
=== Set a directory writable by a certain group ===
Make /srv/www folder readable/writable/executable by dev group
<source lang="bash">
$ sudo setfacl -d -m g:dev:rwx /srv/www
</source>
== Add a user account ==
<source lang="bash">
$ sudo useradd -d /home/jsmith -m jsmith -G webdev
$ sudo passwd jsmith
</source>
== Delete a user account ==
Force removal and delete files
<source lang="bash">
$ sudo userdel -fr username
</source>
or
<source lang="bash">
$ sudo deluser -remove-home username
</source>
== Lock or unlock a user account ==
<source lang="bash">
$ sudo passwd -l username
$ sudo passwd -u username
</source>
== Adding sudoers ==
A file can be added for groups of users or specific users to /etc/sudoers.d/ directory. This line would make someone a sudoer with no password requirement.
<source lang="html5">
jsmith ALL=(ALL) NOPASSWD:ALL
</source>
If you want the user to type a password.
<source lang="html5">
jsmith ALL=(ALL:ALL) ALL
</source>
= Samba =
== Reset password for Samba server ==
<source lang="bash">
$ samba-tool user setpassword administrator
</source>
= OpenSSL =
== Creating self-signed certificates (usually for SSL connection) ==
<source lang="bash">
$ sudo a2enmod ssl
$ sudo service apache2 restart
$ sudo mkdir /etc/apache2/ssl
$ sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.pem -outform PEM
</source>
= Debian/Ubuntu-specific =
== Reconfigure console font ==
<syntaxhighlight lang="bash">
$ dpkg-reconfigure console-setup
</syntaxhighlight>
== Change time zone ==
<syntaxhighlight lang="bash">
$ dpkg-reconfigure tzdata
</syntaxhighlight>