Configuration script

From OLPC
Revision as of 06:04, 21 November 2008 by Tony37 (talk | contribs) (New page: This script is run automatically when the server is restarted after the initial install. It completes the configuration except for the network eth0 (WAN) side which depends on school-speci...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

This script is run automatically when the server is restarted after the initial install. It completes the configuration except for the network eth0 (WAN) side which depends on school-specific information. That configuration is done via the netsetup script.

#!/bin/bash
set -x
set -o nounset
set -o errexit
echo "install.sh version 2.0" > /tmp/summary.log
#complete install and configuration of XS
#get command line arguments school, server
USAGE="usage: ./XSinstall school server"
set +o errexit
if [ -z $1 ]; then echo $USAGE; exit 1;fi
if [ -z $2 ]; then echo $USAGE; exit 1;fi
if [ -n $1 ]
  then SCHOOL=$1
  else echo $USAGE; exit 1 
fi
if [ -n $2 ]
  then SERVER=$2
  else echo $USAGE; exit 1
fi
set +o errexit
echo "school is $SCHOOL" >> /tmp/summary.log
echo "server is $SERVER" >> /tmp/summary.log
echo "execute olpc domain_config script" >> /tmp/summary.log
/etc/sysconfig/olpc-scripts/domain_config schoolnet.gov.np
echo "fix dhcp range" >> /tmp/summary.log
sed 's/172.18.0.2 /172.18.0.12 /g' /etc/dhcpd-xs.conf > /tmp/work
cp /tmp/work /etc/dhcpd-xs.conf
echo "Edit /etc/hosts"  >> /tmp/summary.log
#edit /etc/hosts
LINE1=" 192.168.5.$SERVER   schoolserver1.$SCHOOL.schoolnet.gov.np"
LINE2=" 172.18.0.1     schoolserver"
sed "s/conference.schoolserver/conference.schoolserver\n$LINE1\n$LINE2/g" /etc/hosts > /tmp/hosts
cp /tmp/hosts /etc/hosts
echo "/tmp/hosts" >> /tmp/summary.log
cat /tmp/hosts >> /tmp/summary.log
echo "remove unused interfaces" >>/tmp/summary.log
#remove unused interfaces
service network stop
rm /etc/sysconfig/network-scripts/ifcfg-msh*
rm /etc/sysconfig/network-scripts/ifcfg-br*
rm /etc/sysconfig/network-scripts/ifcfg-eth1:1
rm /etc/sysconfig/network-scripts/ifcfg-eth2
rm /etc/sysconfig/network-scripts/ifcfg-eth3
rm /etc/sysconfig/network-scripts/ifcfg-eth4
echo "edit ifcfg-eth0" >> /tmp/summary.log
#change eth0 to use static address: 192.168.5.$SERVER
cd /etc/sysconfig/network-scripts
sed 's/BOOTPROTO=dhcp/#BOOTPROTO=dhcp/g' /etc/sysconfig/network-scripts/ifcfg-eth0 > /tmp/work
cp /tmp/work /tmp/eth0
SEARCH='a static address is assigned'
sed "s/$SEARCH/$SEARCH\nIPADDR=192.168.5.$SERVER\nNETMASK=255.255.255.0\nGATEWAY=192.168.5.1\nBOOTPROTO=static/g" /tmp/eth0 >/tmp/work
cp /tmp/work /tmp/eth0
sed 's/HWADDR/#HWADDR/g' /tmp/eth0 /tmp/work
cp /tmp/work /etc/sysconfig/network-scripts/ifcfg-eth0
echo "ifcfg-eth0" >> /tmp/summary.log
cat ifcfg-eth0 >>/tmp/summary.log
echo "restart eth0" >>/tmp/summary.log
echo "edit ifcfg-eth1"  >> /tmp/summary.log
#change eth1 to use static address 172.18.0.1
sed 's/DEVICE=eth1/DEVICE=eth1\nBOOTPROTO=static/g' /etc/sysconfig/network-scripts/ifcfg-eth1 > /tmp/work
cp /tmp/work /tmp/eth1
sed 's/IPADDR.*$/IPADDR=172.18.0.1/g' /tmp/eth1 /tmp/work
cp /tmp/work /tmp/eth1
sed 's/NETMASK.*$/NETMASK=255.255.254.0/g' /tmp/eth1 /tmp/work
cp /tmp/work /tmp/eth1
sed 's/NETWORK.*$/NETWORK=172.18.0.0/g' /tmp/eth1 /tmp/work
cp /tmp/work /tmp/eth1
sed "s/BROADCAST.*$/BROADCAST=172.18.1.255\nGATEWAY=192.168.5.$SERVER/g" /tmp/eth1 /tmp/work
cp /tmp/work /tmp/eth1
sed 's/HWADDR/#HWADDR/g' /tmp/eth1 >/tmp/work
cp /tmp/work /etc/sysconfig/network-scripts/ifcfg-eth1
echo "ifcfg-eth1" >>/tmp/summary.log
cat ifcfg-eth1 >> /tmp/summary.log
echo "restart eth1" >> /tmp/summary.log
echo "disable IPV6" >> /tmp/summary.log
#check that IPV6 is disabled:
#confirm that /etc/sysconfig/network contains the lines:
sed 's/NETWORKING=.*$/NETWORKING=yes/g' /etc/sysconfig/network >/tmp/work
cp /tmp/work /tmp/network
sed 's/NETWORKING_IPV6.*$/NETWORKING_IPV6=no/g' /tmp/network >/tmp/work
cp /tmp/work /tmp/network
sed 's/IPV6FORWARDING.*$/IPV6FORWARDING=no/g' /tmp/network > /tmp/work
cp /tmp/work /tmp/network
sed "s/IPV6_AUTOCONF.*$/IPV6_AUTOCONF=no\nHOSTNAME=schoolserver1.$SCHOOL.schoolnet.gov.np/g" /tmp/network > /tmp/work
cp /tmp/work /etc/sysconfig/network
echo "/etc/sysconfig/network" >> /tmp/summary.log
cat /etc/sysconfig/network >> /tmp/summary.log
echo "fix resolv.conf" >> /tmp/summary.log
sed "s/nameserver.*$/nameserver 172.18.0.1\nnameserver 192.168.5.1/g" /etc/resolv.conf > /tmp/work
cp /tmp/work /etc/resolv.conf
service network restart
echo "ifconfig" >> /tmp/summary.log
ifconfig >> /tmp/summary.log
echo "Setup SSH access" >> /tmp/summary.log
#setup SSH access
#provide admin user since SSH cannot log in as root
useradd admin
echo "admin"|passwd --stdin admin
usermod -a -G wheel admin
sed 's/^PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config > /tmp/work
cp /tmp/work /etc/ssh/sshd_config
service sshd restart


####configure MySQL
PASSWORD=mysqlroot
service mysqld restart
(mysqld_safe --skip-grant-tables &)
echo "mysqld_safe started" >> /tmp/summary.log
sleep 8
mysql -u root -e "use mysql; update user set password = PASSWORD(\"$PASSWORD\") where user = \"root\"" |tee >> /tmp/summary.log
echo "mysql update successful"
service mysqld stop
sleep 8
## migrate mysql-data to a new place
/bin/mv /var/lib/mysql /library/mysql-data
chown mysql:mysql -R /library/mysql-data
cp -varfp my.cnf /etc/my.cnf
chkconfig --level 345 mysqld on
echo '## migrating mysql-data to a new place [done]'
################# SQUID ###############################
cat /root/squid-xs.conf > /etc/squid/squid-xs.conf
cat /root/squid-xs.conf > /etc/squid/squid.conf
echo "change cache owner" >> /tmp/summary.log
chown -R squid:squid /library/cache
echo "start iptables and squid" >> /tmp/summary.log
chkconfig --level 345 iptables off
chkconfig --level 345 squid on
############## making data dir for moodle
echo '############## making data dir for moodle'
mkdir /library/moodledata
chown -R apache:apache /library/moodledata
mkdir  /library/Activities/
ln -s /library/Activities /var/www/moodle/Activities
chown -R apache:apache /library/Activities
############ TURN ON some services
chkconfig --level 345 named on 
chkconfig --level 345 network on 
chkconfig --level 345 squid on 
chkconfig --level 345 httpd on
chkconfig --level 345 dhcpd on
#configure ejabberd
#reset to be sure
service ejabberd stop
echo "configure ejabberd"  >> /tmp/summary.log
cp -varf /root/ejabberd.cfg /etc/ejabberd/
service ejabberd restart
sleep 6
ejabberdctl ejabberd@schoolserver register admin schoolserver admin


sed -i 's/8080/12121/' /etc/dansguardian/dansguardian.conf
sed -i '/root/d' /etc/rc.local
echo 'iptables -t filter -F' >> /etc/rc.local
echo 'iptables -t nat -F' >> /etc/rc.local
echo 'iptables -t mangle -F' >> /etc/rc.local
echo 'iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE' >> /etc/rc.local
echo 'iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-ports 12121' >> /etc/rc.local
echo 'dansguardian -Q' >> /etc/rc.local
##eject
reboot