Scripted Server Setup

As a tasks-overloaded systems administrator, I really experienced the information is, by far, the most important asset of a company motto. Enough to risk your job or your career if you lose some. So, years ago, I focused on two highlights on servers management: keeping safe data and automatizing administrative processes. I will focus on this article on the automatizing administrative processes issue.

With Turbolinux, I wrote once a script, which allows me, runt before a fresh install, to complete a mailserver setup. Install tooks 10 minutes. Script execution (install additional rpms, copying mailboxes from other server, replacing configuration files, configure services and reboot), 5 minutes. With bash.

The only problem was that next year we, the company, found ourselves working with SuSE. A couple of years, with Fedora. We expect the script will just need a little review with each scenario changing. False. The script needed a rewrite every time. So, as a part of writing automatization processes scripts, we include the "source code" of our needs.

This is an excerpt of a class I dictated. Useful for a mailserver setting up.

Linux Fedora Core 4 Server

- Install Fedora Core 4

- Do Not install SELINUX.

- Custom Type installation - no packages

- Hostname=www.example.org.bo

Firewalling config with IP Tables

Add this rules to /etc/sysconfig/iptables:
-A RH-Firewall-1-INPUT -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --dport 25 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --dport 110 -j ACCEPT

# service iptables restart

Create yum repository

Install createrepo with rpm:
# yum -y install createrepo

Create basedir:
# mkdir -p /rpm/Fedora/RPMS
# cd /rpm/Fedora/RPMS

Put each disc on cdrom and
# mount /media/cdrom; cp -v /media/cdrom/Fedora/RPMS/*.rpm . ; eject

On /etc/yum.repos.d/fedora.repo comment baseurl=, mirrorlist, gpg...,
and add

Create repository:
# createrepo /rpm

Config Apache web server

# yum -y install httpd
# service httpd start
# chkconfig httpd on

Config Pop3 server with Dovecot

# yum -y install dovecot
# service dovecot start
# chkconfig dovecot on

Config SMTP server with Sendmail

# yum install sendmail-cf
# cd /etc/mail/

# vi sendmail.mc

Uncomment (wipe dnl):
dnl define(`confAUTH_OPTIONS', `A p')dnl

Comment (put dnl):
DAEMON_OPTIONS(`Port=smtp,Addr=, Name=MTA')dnl

Generate sendmail cf file:
# m4 sendmail.mc > sendmail.cf

Add domains served by server:
# echo example.org.bo >> local-host-names

Add the networks this server accepts mail from:
# echo 10.0.0 RELAY >> access

Regenerate hash tables by restarting service
# make
# service sendmail restart

Install a webmail server with SquirrelMail

# yum install squirrelmail

Fill organizational data with
# /usr/share/squirrelmail/config/conf.pl
Must complete numbers 1 (general data), 7 (Motd) and 10 (languaje, here
we use es_ES)

Install Mailman mailing lists server

Install mailman:
# yum install mailman

Config mailman:
# cd /usr/lib/mailman/bin
# ./mmsitepass

Maybe this is not necessary, but we must know where it is:
# vi /etc/mailman/mm_cfg.py # put fqdn='www.example.org.bo'

Create lists
# ./newlist # create "mailman" list and copy generated aliases
to /etc/aliases
# ./newlist # create "mylist" list and copy generated aliases
to /etc/aliases
# ./mailmanctl start
# service sendmail restart
# service httpd restart
# service mailman start
# chkconfig mailman on

(on redhat, mailman require MAILMAN_USER and GROUP = 'root' on

You can see how easy is to "compile" this to bash, with kickfiles, sed, yum or apt.

Additional tip: whilst including this lines as comments on the script, include instructions if you are gonna execute interactive commands...

No comments: