Jspwiki-vm

JSPWIKI VM #

Table of Contents

Intro#

Description of the setup of the Ubuntu VM we have to run http://jspwiki.apache.org/wiki and http://jspwiki.apache.org/doc.
See INFRA-5588 for more background.

Important directories and files#

name purpose
/etc/init/tomcat1.conf(info)upstart bootstrap script
/usr/local/tomcat1 tomcat home dir (symlink to ./apache-tomcat1-x.y.z)
/usr/local/tomcat1/logslog files tomcat1
/usr/local/tomcat1/libcontains jspwiki property files
/var/jspwiki/wiki/pageswiki pages and attachments of wiki
/var/jspwiki/wiki/logswiki pages and attachments of wiki
/var/log/apache2webserver logs

Extra installed packages#

  • openjdk-6-jre-headless (apt)
  • apache2 (apt)
  • tomcat 7.0.42
  • JSPWiki v2.10.0-svn-49
  • unzip (apt)
  • openjdk-6-jdk (apt)
  • logwatch
  • mailutils

Configuration and installation#

  • Default apache site configuration ? : /etc/apache2/sites-enabled/000-default(info)
  • can I see apache status ? : Added my IP address to /etc/apache2/mods-enabled/status.conf
  • download vanilla tomcat :wget 'http://apache.mirror1.spango.com/tomcat/tomcat-7/v7.0.42/bin/apache-tomcat-7.0.42.tar.gz'
  • create tomcat userids : useradd -m -s /bin/bash tomcat1 && useradd -m -s /bin/bash tomcat2
  • install vanilla tomcat : cd /usr/local && tar -xf /tmp/apache-tomcat-7.0.42.tar && mv apache-tomcat-7.0.42 apache-tomcat1-7.0.42 && chown -R tomcat1.tomcat1 apache-tomcat1-7.0.42 && cp -R apache-tomcat1-7.0.42 apache-tomcat2-7.0.42 && chown -R tomcat2.tomcat2 apache-tomcat2-7.0.42 && ln -s apache-tomcat1-7.0.42 tomcat1 && ln -s apache-tomcat2-7.0.42 tomcat2 && rm -rf tomcat?/webapps/examples tomcat?/webapps/host-manager
  • create bootstrap scripts : created /etc/init/tomcat1.conf /etc/init/tomcat2.conf ==> use these to set the envvars for tomcat
  • download latest released JSPWiki : wget 'http://www.apache.org/dist/incubator/jspwiki/2.9.1-incubating/JSPWiki-2.9.1-incubating-4-bin.zip'
  • create tomcat[1/2] webapp dirs : with user tomcat[1/2]: cd /usr/local/tomcat[1/2]/webapps && mv ROOT ROOT.old && mkdir ROOT && cd ROOT && jar -xf /tmp/ff/JSPWiki-bin/JSPWiki.war
  • patch wiki vanilla jspwiki.properties : created ~tomcat1/jspwiki/jspwiki.properties.patch and run: patch /usr/local/tomcat1/webapps/wiki/WEB-INF/jspwiki.properties ~tomcat1/jspwiki/jspwiki.properties.patch
  • patch doc vanilla jspwiki.properties : created ~tomcat2/jspwiki/jspwiki.properties.patch and run: patch /usr/local/tomcat2/webapps/wiki/WEB-INF/jspwiki.properties ~tomcat2/jspwiki/jspwiki.properties.patch
  • created /usr/local/tomcat[1/2]/lib/jspwiki-custom.properties (see attached files)
  • create jspwiki page logs dir : mkdir -p /var/jspwiki/wiki/pages /var/jspwiki/wiki/logs /var/jspwiki/doc/pages /var/jspwiki/doc/logs && chmod -R 755 /var/jspwiki && chown -R tomcat1.tomcat1 /var/jspwiki/wiki && chown -R tomcat2.tomcat2 /var/jspwiki/doc
  • enable apache ajp proxy : cd /etc/apache2/mods-enabled && ln -s ../mods-available/proxy.conf proxy.conf && ln -s ../mods-available/proxy.load proxy.load && ln -s ../mods-available/proxy_ajp.load proxy_ajp.load
  • modify /etc/apache2/sites-available/000-default(info)
  • patch tomcat1 server.xml (disable port 8080, change redirect port to 443) : cd /usr/local/tomcat1/conf && patch server.xml ~/jspwiki/tomcat.server.xml.patch
  • patch tomcat2 server.xml (disable port 8080 and shift 8005 8009 up 100, change redirect port to 443) : cd /usr/local/tomcat2/conf && patch server.xml ~/jspwiki/tomcat.server.xml.patch
  • install spam filter filters.xml(info) to /usr/local/tomcat[1/2]/lib
  • install jspwiki security policy jspwiki-custom.policy(info) to /usr/local/tomcat[1/2]/lib (anonymous users can only view)
  • redirect root mail : /etc/aliases : direct "root" to harry.metske@gmail.com (and run newaliases) ==> puppet reverts it
    ==> edit /etc/cron.weekly/00logwatch : logwatch --mailto harry.metske@gmail.com
  • create the /etc/logrotate.d/tomcats(info) file to truncate catalina.out
  • create the /etc/cron.daily/cleanTomcatLogs(info) file to get rid of old log files
  • create the /etc/cron.daily/backupWikis(info) file to arrange the backup

Todo#

  • install apache2 with mod_ajp
  • create user/group to run tomcats
  • install tomcat latest release, 2 instances
  • bootstrap scripts for tomcats
  • have INFRA get the proxying in place:
    • http://jspwiki.apache.org/wiki => http://jspwiki-vm.apache.org/wiki
    • https://jspwiki.apache.org/wiki => http://jspwiki-vm.apache.org/wiki
    • http://jspwiki.apache.org/doc => http://jspwiki-vm.apache.org/doc
    • https://jspwiki.apache.org/doc => http://jspwiki-vm.apache.org/doc
  • housekeeping (log cleaning) cron jobs
  • get the proper userdatabase.xml (start with empty one)
  • create the admin group and put your self in
  • mail config => installed mailutilx
  • backup ?
  • analog ?
  • fail2ban monitoring
  • (nagios) monitoring
  • place (apache) /var/www/favicon.ico
  • place /var/www/robots.txt(info)

Findings#

  • no lvm installed, so just one fs, simple and easy: 
root@jspwiki-vm:~# mount
/dev/sda1 on / type ext4 (rw,errors=remount-ro)
.....snip.....
/dev/sda6 on /tmp type ext4 (rw)
root@jspwiki-vm:~# df -h /
Filesystem      Size  Used Avail Use% Mounted on
/dev/sda1        28G  1.9G   25G   8% /
  • network: 
metskem@jspwiki-vm:~$ ifconfig 
eth0      Link encap:Ethernet  HWaddr 00:50:56:9d:00:19  
          inet addr:140.211.11.82  Bcast:140.211.11.255  Mask:255.255.255.0
          inet6 addr: fe80::250:56ff:fe9d:19/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:69671783 errors:0 dropped:9171 overruns:0 frame:0
          TX packets:23419837 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:16814561371 (16.8 GB)  TX bytes:1662666969 (1.6 GB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

root@jspwiki-vm:/opt# iptables -vnL
Chain INPUT (policy DROP 3697 packets, 301K bytes)
 pkts bytes target     prot opt in     out     source               destination         
  67M   16G fail2ban-ssh  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           
15701 1494K fail2ban-ssh  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:22
  68M   16G ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED /* ASF IP tables enabled */
    0     0 ACCEPT     all  --  lo     *       127.0.0.1            0.0.0.0/0            /* Allow all loopback traffic */
   55  1804 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 8 state NEW,RELATED,ESTABLISHED /* Allow ICMP */
  801 47592 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:22

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 3442K packets, 196M bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain fail2ban-ssh (2 references)
 pkts bytes target     prot opt in     out     source               destination         
   18  1488 DROP       all  --  *      *       61.153.110.253       0.0.0.0/0           
   20  1564 DROP       all  --  *      *       123.30.143.150       0.0.0.0/0           
   21  3288 DROP       all  --  *      *       112.216.76.110       0.0.0.0/0           
   14   704 DROP       all  --  *      *       117.135.139.142      0.0.0.0/0           
   17  1640 DROP       all  --  *      *       58.59.176.61         0.0.0.0/0           
   23  2228 DROP       all  --  *      *       196.22.220.8         0.0.0.0/0           
   23  2228 DROP       all  --  *      *       200.146.120.122      0.0.0.0/0           
   28  1820 DROP       all  --  *      *       122.147.2.254        0.0.0.0/0           
  67M   16G RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain test (0 references)
 pkts bytes target     prot opt in     out     source               destination
  • Comment signature
Find & Replace
×

Recent Changes

Find pages
Page Index

SystemInfo

Harry's PGP key(info)

Active
Sessions		277
Uptime6d, 12h 11m 7s
Number of pages333

Referenced by
...nobody

JSPWiki v2.12.4