BOA Wiki

Drupal.org docs

please don't update these docs anymore and move all available documentation to drupal.org: http://drupal.org/node/1741624

The BOA project has moved to Github!

The project with its build, documentation and issues are on github now

https://github.com/omega8cc/boa

Much of the information here is outdated although there are some valuable information but be careful when doing anything under the hood.

On January, 25th 2015. the current BOA is 2.3.8

What is BOA?

BOA is an acronym of the high performance Barracuda Octopus Aegir LEMP stack. Essentially it is a collection of bash scripts created by Omega8.cc which have made available to the drupal community for users to run on your own VPS. Omega8.cc also offers a paid hosting service for a managed solution.

Here are some links that help explain how it all fits together

• http://omega8.cc/are-there-any-specific-good-habits-to-learn-116
• http://omega8.cc/the-best-recipes-for-disaster-139
• http://omega8.cc/supported-enabled-disabled-a-complete-list-150
• http://omega8.cc/how-to-add-custom-platform-properly-140
• http://omega8.cc/how-to-edit-settingsphp-file-230
• http://community.aegirproject.org/article-archive/drupal-deployments-wor...
• http://www.youtube.com/watch?v=2JxvFAAN6hE
• http://omega8.cc/how-firewall-works-is-my-ip-blocked-121

What is Barracuda?

For a clear description of what Barracuda is and does, please see the project page on d.o. http://drupal.org/project/barracuda

Barracuda is essentially framework that everything sits on. It manages the firewalls, software updates and programs required to manage the server.

You can run a barracuda update and it will ensure all the correct software is installed and up-to-date, without touching the hosted sites or their software.

What is Octopus?

For a clear description of what Octopus is and does, please see the project page on d.o. http://drupal.org/project/octopus

Octopus creates a clear distinction between the server level and the hosting level. All the hosting is done in the octopus layer. While you can do without this layer, it is not recommended.

Further, if you have several different people hosting from the same server, each can have their own octopus login and completely separate set of source code (platforms).

Octopus also has several other efficiencies that save disk space and add special modules.

Getting Started

Start with a completely vanilla Debian or Ubuntu server (or VPS). Do not install anything special - the automated BOA scripts will do this for you.

If you are using AWS for hosting, use the LTS from cloud.ubuntu.org/ami

Login via SSH and run

to get the barracuda and octopus install/update scripts.

Then to install everything in one hit

The o1 is the octopus user name. You can change this to what ever you want.

Importing your existing Sites

See Import your sites to Aegir in 8 easy steps

Cron

"Aegir system manages scheduled cron for all your sites, and runs it by default every hour." Source: http://omega8.cc/running-scheduled-sites-cron-in-aegir-118

Database

Q: Where is phpmyadmin?
A: BOA doesn't use phpmyadmin, it uses Chive (see: http://www.chive-project.com). Refer to your installation email as to where you can find the URL to access chive. If you don't know how to log in, try looking in your settings.php for log in credentials.

Getting help

There are a number of places you can look to find help should you get stuck using BOA.

1. Read the documentation

Check your email after installation, you should have received an email which will explain usage of the system and give you instructions.

Also make sure you read the INSTALL.txt, CHANGELOG.txt and UPGRADE.txt if you are doing an upgrade.

A must read: http://omega8.cc/library/good-to-know.

2. Search the issues queues

Always do this first before lodging a new issue.

• Barracuda Issues
• Octopus Issues
• The old issue queue (reference only, do not post new issues here)
• The Aegir Community site

3. Community Help

• http://groups.drupal.org/boa (you are here)
• BOA IRC Channel is #omega8cc at freenode.net

Older posts (reference only, do not post in here)

• http://groups.drupal.org/node/89594 Octopus and Barracuda - Dual-Core Aegir Installer with 10+ Platforms - deploy, upgrade and clone Aegir instances in 8 minutes! (big update)
• http://groups.drupal.org/node/84074 Barracuda Aegir with Nginx Edition 0.4-HEAD-A12.D (Lucid, Karmic and Lenny compatible)

4. Lodge an Issue

If you need to lodge and issue in the Barracuda or Octopus Issues list be sure to follow the submission guidelines when you post.

5. Paid Support

Billed hourly basic support is available from Omega8.cc. see: http://omega8.cc/faq

6. Presentations on Barracuda, Octopus and AEgir

The following is a list of presentations made relating to the BOA.

*Facce your fears: Drush and Aegir -- by Iztok Smolič -- Added July2011

Troubleshooting / FAQ

IP Blocked

If you've accidentally become locked out of your server due to too many failed log-in attempts, following the steps below to regain access.

1. Use another IP to connect to the server.
2. Login to your server.
3. As privileged user (root) run csf -a BLOCKED_IP

How to disable Cache

See: http://drupal.org/node/1255660

Drush usage

Some expected commands aren't available.

1.) drush gm is an alias for drush generate-makefile, see http://drupalcode.org/project/barracuda.git/commit/356caaa
2.)drush dbup is an alias for drush updatedb
3.) drush mup is an alias for drush upc

adding node.js

Just follow the install instructions at:

https://github.com/joyent/node/wiki/Installing-Node.js-via-package-manager
http://drupalcode.org/project/nodejs.git/blob/refs/heads/7.x-1.x:/README...

lshell

Client ssh accounts make use of lshell. Lshell lets you restrict a user's environment to limited sets of commands, choose to enable/disable any command over SSH.

You can see a list of allowed / forbidden commands here. Or just view /etc/lshell.conf

If you want to allow a command in ssh for octupus' users or change any lshell configuration, you have to edit this file: /var/xdrago/conf/lshell.conf
Because /etc/lshell.conf file it's recreated ever X minutes by a xdrago cron, copying this file /var/xdrago/conf/lshell.conf

If you want unrestricted ssh access you can switch to your system account: su -s /bin/bash - o1

CSF / lfd email alerts

Every sftp / ssh login is registered and mails are send to root. CSF (ConfigServer Security & Firewall) documentation can be found here. To disable mail loggin for an IP address add the ip to:

/etc/csf/csf.ignore

Even when you don't add your own IP to csf.ignore you should add it to csf.allow. You need restart lfd afterwards:

/etc/init.d/lfd restart

You got no Octopus welcome mail?

You feel ashamed of asking omega8cc for sending you the details of your install?

check: /data/disk/o1/log/setupmail.txt

Moving sites between octopus installs

Since BOA 2.0.3 octopus instances are shipped with
http://drupal.org/project/remote_import
http://drupal.org/project/hosting_remote_import

They aren't enabled by default.

Read the Remote.txt notes in the Barracuda code repo for more guidance.

Create limited shell and FTPS access for developers

You can easily grant limited shell and FTPS access for developers, simply by creating "Clients" in the Aegir control panel and define them as 'owners' of one or more sites. Their access will be limited to only sites they can manage, but only if you will send them their access credentials, which are independent of their Aegir control panel credentials and stored in the ~/users/ directory in your main account. You will find their files with passwords for every "Client" with at least one site attached. For example ~/users/o1.username file means that this Client's username for SSH and FTPS access is 'o1.username' while his password is stored in this file. This means that SSH/FTPS access is not granted automatically, but you can decide who should receive it. How to change any extra user's password? Simply delete his ~/users/o1.username file and wait up to 5 minutes - the system will re-create his account with new password. And how to delete the user completely? Simply delete this user "Client" account in the Aegir control panel and allow the system to delete also his SSH/FTPS access in the next 5 minutes.

Check this for the FTP client configuration:

http://omega8.cc/dev/ftp-tls.txt

Change php / mysql / redis config files and preserve them for being overwritten on update

Edit /root/.barracuda.cnf and add one of the following:

_CUSTOM_CONFIG_PHP_5_2=YES
_CUSTOM_CONFIG_PHP_5_3=YES
_CUSTOM_CONFIG_SQL=YES
_CUSTOM_CONFIG_REDIS=YES
_CUSTOM_CONFIG_CSF=YES

Then run (new) standard upgrade:

wget -q -U iCab http://files.aegir.cc/versions/BOA.sh.txt
bash BOA.sh.txt
barracuda up-stable

Restart php-fpm after changing values:

$ bash /var/xdrago/clear.sh

Add any package like Collectd, chive at a later moment

$ vim .barracuda.cnf

PDS --- fast DNS cache server (pdnsd) (default)
BND --- Bind9 DNS Server
SLR --- MultiCore Apache Solr Tomcat
CHV --- Chive DB Manager (default)
BDD --- SQL Buddy DB Manager
CGP --- Collectd Graph Panel
WMN --- Webmin Control Panel
CSF --- csf/lfd Firewall (default)
FTP --- ??? (default)

add the shortcodes from above to like this _XTRAS_LIST='CSF CGP'

Run update:
barracuda up-stable

Open up a port for some application

add a port to TCP_IN / TCP_OUT

$ vim /etc/csf/csf.conf

restart the firewall service

$ service csf restart

prevent overwriting your changes on upgrade, create the control file

add to /root/.barracuda.cnf _CUSTOM_CONFIG_CSF=YES

get or reset SSH password of some client

look or edit: /home/OCTOPUS.ftp/users/OCTOPUS.CLIENT

Site got disabled due to segmentation fault

1.) check in the platform for php files with 8192bytes or 4096 bytes

find ./* -type f -exec ls -la {} \; | grep 4096
find ./* -type f -exec ls -la {} \; | grep 8192

For reference:
https://bugs.php.net/bug.php?id=48034
http://drupal.org/node/1462984#comment-5790468
http://drupal.org/node/1366084#comment-5877974

2.) in 2.0.3 you can disable the segfault error system by renaming or deleting

/var/xdrago/monitor/check/segfault_alert

For more info check: http://drupalcode.org/project/barracuda.git/blob/HEAD:/aegir/tools/syste...