I am pleased to say I have successfully installed Barracuda and a satellite Octopus instance on my linode.
I have also managed to upgrade the two all using the scripts kindly provided by omega8cc.
During the install process I received a couple of errors but nothing show stopping.
/usr/bin/mysql_secure_installation: 371: find_mysql_client: not found
Which led me to:
http://drupal.org/node/1213050 "This is not our bug, it is MariaDB bug probably, but cosmetic only, since it doesn't break anything, AFAIK."
So that's cool, there was another error during install of Barracuda.
ERROR 1008 (HY000) at line 1: Can't drop database 'test'; database doesn't exist
I really didn't sweat this one to be honest, bigger fish to fry as they say q8)
I have a couple of newbie questions
-
At the moment I can log in to chive using localhost as host and root as user with the password provided, it seems sensible to change that, I would think it should be ok but can't be 100% sure.
-
I added my ip address to /etc/csf/csf.ignore to exclude it, to prevent the login (from myip) notification emails only, it appears to be working as expected, am I correct that
restarting nginx doesn't invoke this new setting? I used nginx start stop to get it working
*(error/typo see edit at bottom of page)
I found this useful:
pdnsd - there is no interface/login/password (irrelevant)
Bind9 - there is no interface/login/password (irrelevant) unless you will use Webmin
Solr - see docs/SOLR.txt
Chive & SQL Buddy - always site db credentials from settings.php per site
CGP - is not password protected
Webmin - standard setup - your server root password
I couldn't see the database credentials in the settings.php or the drushrc.php files but I was able to use the command:
drush @example.com sql-connect
I later realised I was looking at
/data/disk/o1/distro/001/platform/sites/default/settings.php
instead of
/data/disk/o1/distro/001/platform/sites/mysite.com/settings.php
I do have one email when logged in as root that contains:
W: Failed to fetch http://ftp.osuosl.org/pub/mariadb/repo/5.2/debian/dists/squeeze/Release.gpg Could not connect to ftp.osuosl.org:80 (140.211.166.134), connection timed out
W: Failed to fetch http://ftp.osuosl.org/pub/mariadb/repo/5.2/debian/dists/squeeze/main/i18... Unable to connect to ftp.osuosl.org:http:
W: Failed to fetch http://ftp.osuosl.org/pub/mariadb/repo/5.2/debian/dists/squeeze/main/i18... Unable to connect to ftp.osuosl.org:http:
W: Some index files failed to download, they have been ignored, or old ones used instead.
- I might be wrong but are these just warnings about translations that failed to download for il8n module? I have not investigated this any further as of yet.
I also recieved this email message
Action: Too many hits for LF_DIRWATCH - Directory Watching disabled
- I was thinking this might be due to all the changes when updating, is this something that requires further attention? Does it sort itself out and automatically re-enable? or do I need to take further action?
I have not investigated properly yet but I did see something about /tmp that makes me believe it is somehow related, and possibly I need to manually clear /tmp regularly.
A little perseverance and BOA rewards one greatly, I am really impressed with the setup it seems a little more complex to get orientated than standard aegir install but that's understandable considering the use case's BOA covers, thanks very much for all the hard work folks @omega8cc and most of all, thanks for sharing! X <-- A big kiss!
EDIT
I must of been well tired when I wrote this:
"restarting nginx doesn't invoke this new setting? I used nginx start stop to get it working"
Well it's half right lol, I do believe lfd is what needs to be restarted and restarting I think does actually work.
service lfd restart (command I used)
TIDE
Comments
I have a couple of newbie
I have a couple of newbie questions
1) At the moment I can log in to chive using localhost as host and root as user with the password provided, it seems sensible to change that, I would think it should be ok but can't be 100% sure.
2) I added my ip address to /etc/csf/csf.ignore to exclude it, to prevent the login (from myip) notification emails only, it appears to be working as expected, am I correct that restarting nginx doesn't invoke this new setting? I used nginx start stop to get it working
YUP
not sure about your other questions, sorry...
The "Failed to fetch" errors
The "Failed to fetch" errors are a sign of connection issues at the time of the install, so it may cause even broken MariaDB install. Also, as smiro2000 wrote, you should leave the aut-generated MySQL password as-is, since it is too easy to break your system backup and auto-healing scripts by changing it. All other 'errors' are 'normal'.
Of course it is still possible to either protect Chive URL or change the mysql root password, but we leave this for the server admin.
The "Failed to fetch" errors
Seen identical errors on two completely different installs now, should I post an issue?
Yes, please.
Yes, please.
Thanks for the info
Thanks both for the info, I did setup the password upon installing as required but I just wondered about best practices regarding whether or not to change it as I figured if a malicious user were to find the login there's nothing to stop them repeatedly guessing at the root password.
Omega8cc when you say protect the chive url do you mean using HTTP_AUTH? I have read a little about it and it sounds like it would be fine, am I correct in thinking that as the page being requested is https that would provide encryption for the HTTP_AUTH password also?
I saw darthstevens post http://www.computerminds.co.uk/content/aegir-http-basic-authentication but that's for sites installed on aegir and I must admit I wouldn't know where to start at the moment, I think it will be a good solution I will come back to this at a later time as it's not a priority for now.
I was under the impression the errors regarding downloads had happened when I had provisioned a site rather than when I was installing BOA as the only mail I had at first was to do with lshell and log rotation which I read is fixed now (that's why I never mentioned in my first post).
There is also Nginx support
There is also Nginx support added in the dev branch: https://github.com/computerminds/aegir_http_basic/tree/develop
But you could also put in the Chive vhost a simple workaround to restrict the access only for your IP:
allow 12.34.56.78;deny all;
Thanks
Thanks for the info, works perfectly and very simple solution for a very simple user! q8)
I notice now that after adding my ip as detailed to chive vhost entry it lets me access via standard http but not https anymore.
I did the same for cgp and barracuda frontend, they work fine but they're not on https.
Also when I edited barracuda vhost did so as aegir user and the other two as root to preseve the permissions and save a little chmod.
update:
Although I can still access barracuda frontend with this vhost setting, when logging in it goes over to https and access is denied here also, so def related to https somehow, I should figure it out sooner or later.
You probably didn't add your
You probably didn't add your server IP to the allowed list. It has to be there because HTTPS is a local proxy and will hit the wall if there will be no server IP added to the allowed IPs in the vhost.
allow ser.ver.ip.address;allow 12.34.56.78;
deny all;
Perfect Solution
This solution is great, I now have it all working 100% as expected. omega8cc++
Domain Settings for BOA Linode Install
Hi - is it still recommended to leave the server FQDN as is default by linode so the server and aegir HM install would be li-1234.members.linode.com and octopus instance o1 would be o1.li-1234.members.linode.com?
Maybe setting BOA up using linode some time soon and was curious as to whether this was still the recommended way or should we setup custom domains pointing to our own domain example.com?
TIA,
JamieT
No, it was never recommended,
No, it was never recommended, and it is explained in the config section: http://drupalcode.org/project/barracuda.git/blob/HEAD:/BARRACUDA.sh.txt#...
There is also related issue in the queue, marked as to-do:
http://drupal.org/node/1187552#comment-4615296
http://drupal.org/node/1187552#comment-4609170
Hi omega8cc - thanks for the
Hi omega8cc - thanks for the prompt response I guess I must have misread a comment from another post where someone was installing on linode. So to be clear with a linode VPS I need to do a clean minimal install and then set the hostname to a FQDN under a domain in my control? So as per the docs in the script:
_MY_OWNIP=192.168.0.108
_MY_HOSTN=server.mydomain.com
_MY_FRONT=aegir.mydomain.com
Should all resolve to _OWNIP in my DNS settings and hostname -v should be the FQDN in _MYHOSTN?
Thanks again for all your hard work with BOA and support.
JamieT
You should allow Barracuda to
You should allow Barracuda to set your system hostname by using
_MY_HOSTN. Don't configure it by hand to avoid confusion.