Installations/Centos
From DAViCal Wiki
CentOS 5.3 Install
I like to install most thing from scratch and compile them myself hence this way of doing it.
- If you see any major mistakes let me know, always interested, simple google search will find me. - Tim Osburn (last name domain name)
- CentOS 5.3 32bit version
- Just a pretty basic install, I selected the following for install
- base
- core
- development-libs
- development-tools
- kernel-devel
- ntp
- screen
- Filesystem
- 4096 kB for /
- 4096 kB for Swap (OR 2 x amount of available memory)
- Remainder of disk in /usr
- firewall --enabled --port=22:tcp --port=80:tcp
- authconfig --enableshadow --enablemd5
- selinux --disabled
Chkconfig Settings
Set apps to not start that we do not want running, your requirements may be different.
chkconfig --level 0123456 gpm off chkconfig --level 0123456 portmap off chkconfig --level 0123456 rpcidmapd off chkconfig --level 0123456 xfs off chkconfig --level 0123456 nfslock off chkconfig --level 0123456 sendmail off chkconfig --level 0123456 autofs off chkconfig --level 0123456 cups off chkconfig --level 0123456 yum-updatesd off chkconfig --level 0123456 hidd off chkconfig --level 0123456 bluetooth off chkconfig --level 0123456 pcscd off chkconfig --level 0123456 avahi-daemon off chkconfig --level 0123456 avahi-dnsconfd off chkconfig --level 0123456 smartd off chkconfig --level 0123456 auditd off
Disable extra Consoles
vi /etc/inittab comment out: #2:2345:respawn:/sbin/mingetty tty2 #3:2345:respawn:/sbin/mingetty tty3 #4:2345:respawn:/sbin/mingetty tty4 #5:2345:respawn:/sbin/mingetty tty5 #6:2345:respawn:/sbin/mingetty tty6 then run: init q
Setup PATH
vi /etc/profile.d/companynamehere.sh
if ! echo ${PATH} | /bin/grep -q /usr/local/www/bin ; then
PATH=/usr/local/www/bin:${PATH}
fi
if ! echo ${PATH} | /bin/grep -q /usr/local/ssl/bin ; then
PATH=/usr/local/ssl/bin:${PATH}
fi
if ! echo ${PATH} | /bin/grep -q /usr/local/pgsql/bin ; then
PATH=/usr/local/pgsql/bin:${PATH}
fi
if ! echo ${PATH} | /bin/grep -q /usr/local/php/bin ; then
PATH=/usr/local/php/bin:${PATH}
fi
if ! echo ${PATH} | /bin/grep -q ~/bin ; then
PATH=~/bin:${PATH}
fi
Setup DNS
Add to /etc/resolv.conf
domain domainnamehere.com search domainnamehere.com someotherdomainhere.com options timeout:1 rotate nameserver 4.1.1.1 (Put your DNS servers here) nameserver 4.2.2.2 (Put your DNS servers here)
Setup NTP
touch /var/lib/ntp/drift echo "driftfile /var/lib/ntp/drift keys /etc/ntp/keys server 132.163.4.101 server 132.163.4.102 server 132.163.4.103 server 140.142.16.34 server 140.221.8.88 server 192.43.244.18 server 192.5.41.40 server 192.5.41.41 server 204.34.198.40 server 204.34.198.41" > /etc/ntp.conf chkconfig --level 2345 ntpd on service ntpd restart
Move directories into large space area
Move /home and /var into /usr
cd / tar cf - /var | (cd /usr; tar xf -) mv var var.OLD ln -s /usr/var /var tar cf - /home | (cd /usr; tar xf -) mv home home.OLD ln -s /usr/home /home
Reboot system after doing this.
Download Sources
Create a directory to put the sources of applications that we are going to download and install
- I picked /home/source
mkdir -p /home/source cd /home/source wget http://www.openssl.org/source/openssl-0.9.8k.tar.gz wget ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-5.2p1.tar.gz wget http://apache.imghat.com/httpd/httpd-2.2.13.tar.gz wget http://us2.php.net/get/php-5.2.11.tar.gz/from/this/mirror wget http://wwwmaster.postgresql.org/redir/198/h/source/v8.3.8/postgresql-8.3.8.tar.gz wget http://sourceforge.net/projects/rscds/files/davical/0.9.7.2/davical-0.9.7.2.tar.gz/download wget http://sourceforge.net/projects/rscds/files/awl/0.37/awl_0.37.tar.gz/download
Install OpenSSL, OpenSSH
cd into un-tarred OpenSSL source directory ./Configure dist --prefix=/usr/local/ssl make install
vi /etc/ld.so.conf /usr/local/lib /usr/local/ssl/lib /usr/local/pgsql/lib Then run: ldconfig Logout and back in
Copy the exsting SSH private id's that were generated for this site so we don't have two sets of keys.
mkdir -p /usr/local/etc mv /etc/ssh/*key* /usr/local/etc/ rm -rf /etc/ssh
cd into un-tarred OpenSSH source directory ./configure --with-ipaddr-display --with-ssl-dir=/usr/local/ssl make install Rename old SSH programs mv /usr/bin/ssh /usr/bin/OLD-ssh mv /usr/bin/ssh-add /usr/bin/OLD-ssh-add mv /usr/bin/ssh-agent /usr/bin/OLD-ssh-agent mv /usr/bin/ssh-keygen /usr/bin/OLD-ssh-keygen mv /usr/bin/ssh-keyscan /usr/bin/OLD-ssh-keyscan mv /usr/bin/scp /usr/bin/OLD-scp mv /usr/bin/slogin /usr/bin/OLD-slogin mv /usr/bin/sftp /usr/bin/OLD-sftp mv /usr/sbin/sshd /usr/sbin/OLD-sshd mv /usr/libexec/openssh /usr/libexec/OLD-openssh Replace this in the existing init.d start up script vi /etc/init.d/sshd KEYGEN=/usr/local/bin/ssh-keygen SSHD=/usr/local/sbin/sshd RSA1_KEY=/usr/local/etc/ssh_host_key RSA_KEY=/usr/local/etc/ssh_host_rsa_key DSA_KEY=/usr/local/etc/ssh_host_dsa_key PID_FILE=/var/run/sshd.pid vi /usr/local/etc/ssh_config Port 22 Protocol 2,1 ForwardAgent yes ForwardX11 yes AddressFamily inet StrictHostKeyChecking ask IdentityFile ~/.ssh/identity IdentityFile ~/.ssh/id_rsa IdentityFile ~/.ssh/id_dsa Cipher 3des Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc Host * Don't let root ssh in unless it's with a passphase vi /usr/local/etc/sshd_config Port 22 Protocol 2 HostKey /usr/local/etc/ssh_host_key HostKey /usr/local/etc/ssh_host_rsa_key HostKey /usr/local/etc/ssh_host_dsa_key AddressFamily inet UseDNS no SyslogFacility AUTHPRIV PermitRootLogin without-password PasswordAuthentication yes AllowTcpForwarding yes X11Forwarding yes Subsystem sftp /usr/local/libexec/sftp-server chkconfig --level 2345 sshd on /etc/init.d/sshd restart
Install Apache server
Create WWW login and GROUP echo 'www:x:600:' >> /etc/group echo 'www:x:600:600:WWW Server:/usr/local/www:/sbin/nologin' >> /etc/passwd echo 'www:!!:13546::::::' >> /etc/shadow cd into the un-tarred Apache source dirctory ./configure --with-included-apr --enable-ssl --enable-info --enable-rewrite --prefix=/usr/local/www --with-ssl=/usr/local/ssl make install
Add to /usr/local/www/conf/httpd.conf
- Below the line Listen 80 is fine
vi /usr/local/www/conf/httpd.conf ServerTokens ProductOnly ServerSignature Off ServerName calendar.domainnamehere.com:80
Change in /usr/local/www/conf/httpd.conf
vi /usr/local/www/conf/httpd.conf User www Group www ServerAdmin www@domainnamehere.com uncomment # Virtual hosts # Include conf/extra/httpd-vhosts.conf AS # Virtual hosts Include conf/extra/httpd-vhosts.conf
Add to /usr/local/www/conf/extra/httpd-vhosts.conf
vi /usr/local/www/conf/extra/httpd-vhosts.conf
Comment out the two Virtual host exampels and the line "NameVirtualHost"
<VirtualHost 172.16.130.21:80> (Change the IP to the IP of the server)
DocumentRoot /usr/share/davical/htdocs
DirectoryIndex index.php index.html
ServerName calendar.domainnamehere.com
ServerAlias davical.domainnamehere.com
Alias /images/ /usr/share/davical/htdocs/images/
<Directory /usr/share/davical/htdocs/>
AllowOverride None
Order allow,deny
Allow from all
</Directory>
php_value include_path /usr/share/awl/inc
php_value magic_quotes_gpc 0
php_value register_globals 0
php_value open_basedir 1
php_value error_reporting "E_ALL & ~E_NOTICE"
php_value default_charset "utf-8"
ErrorLog "logs/calendar.domainnamehere.com-error_log"
CustomLog "logs/calendar.domainnamehere.com-access_log" common
</VirtualHost>
mkdir -p /usr/share/davical/htdocs
Add Apache start to /etc/init.d
vi /etc/init.d/httpd
#!/bin/bash
#
# Startup script for the Apache Web Server
#
# chkconfig: - 85 15
# description: Apache is a World Wide Web server. It is used to serve \
# HTML files and CGI.
# processname: httpd
# pidfile: /usr/local/www/logs/httpd.pid
# config: /usr/local/www/conf/httpd.conf
# Source function library.
. /etc/rc.d/init.d/functions
if [ -f /etc/sysconfig/httpd ]; then
. /etc/sysconfig/httpd
fi
# This will prevent initlog from swallowing up a pass-phrase prompt if
# mod_ssl needs a pass-phrase from the user.
INITLOG_ARGS=""
# Path to the apachectl script, server binary, and short-form for messages.
apachectl=/usr/local/www/bin/apachectl
httpd=/usr/local/www/bin/httpd
http=/usr/local/www
pid=$http/logs/httpd.pid
prog=httpd
RETVAL=0
# The semantics of these two functions differ from the way apachectl does
# things -- attempting to start while running is a failure, and shutdown
# when not running is also a failure. So we just do it the way init scripts
# are expected to behave here.
start() {
echo -n $"Starting $prog: "
daemon $httpd $OPTIONS
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /var/lock/subsys/httpd
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc $httpd
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f /var/lock/subsys/httpd $pid
}
reload() {
echo -n $"Reloading $prog: "
killproc $httpd -HUP
RETVAL=$?
echo
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status $httpd
RETVAL=$?
;;
restart)
stop
start
;;
condrestart)
if [ -f $pid ] ; then
stop
start
fi
;;
reload)
reload
;;
graceful|help|configtest|fullstatus)
$apachectl $@
RETVAL=$?
;;
*)
echo $"Usage: $prog {start|stop|restart|condrestart|reload|status"
echo $"|fullstatus|graceful|help|configtest}"
exit 1
esac
exit $RETVAL
Add to the start up
chown -R www:www /usr/local/www/logs chmod 755 /etc/init.d/httpd chkconfig --add httpd chkconfig --level 2345 httpd on chkconfig --list | grep httpd Do not start till after PHP is installed
Install PostgreSQL
echo 'postgres:x:700:' >> /etc/group adduser -g 700 -u 700 postgres ./configure --prefix=/usr/local/pgsql --with-perl --with-openssl --with-libraries=/usr/local/ssl/lib gmake gmake install cd /usr/local/pgsql ln -s /var/lib/pgsql/data data mkdir -p /var/lib/pgsql/data chown postgres /var/lib/pgsql/data su - postgres /usr/local/pgsql/bin/initdb -D /var/lib/pgsql/data
Setup for local access
vi /var/lib/pgsql/data/pg_ident.conf
root root postgres
vi /var/lib/pgsql/data/pg_hba.conf
Add at the bottom:
local davical davical_app trust
local davical davical_dba trust
Create a startup file for postgres in init.d, things to look for and or add.
- LINE 67: PGVERSION=8.3.8
- LINE 181: -p
vi /etc/init.d/postgresql
#!/bin/sh
# postgresql This is the init script for starting up the PostgreSQL
# server
#
# chkconfig: - 64 36
# description: Starts and stops the PostgreSQL backend daemon that handles \
# all database requests.
# processname: postmaster
# pidfile: /var/run/postmaster.pid
# Version 6.5.3-2 Lamar Owen
# Added code to determine if PGDATA exists, whether it is current version
# or not, and initdb if no PGDATA (initdb will not overwrite a database).
# Version 7.0 Lamar Owen
# Added logging code
# Changed PGDATA.
# Version 7.0.2 Trond Eivind Glomsrd <teg@redhat.com>
# use functions, add conditional restart
# Version 7.0.3 Lamar Owen <lamar@postgresql.org>
# Check for the existence of functions before blindly using them
# in particular -- check for success () and failure () before using.
# More Cross-distribution support -- PGVERSION variable, and docdir checks.
# Version 7.1 Release Candidate Lamar Owen <lamar@postgresql.org>
# initdb parameters have changed.
# Version 7.1.2 Trond Eivind Glomsrd <teg@redhat.com>
# Specify shell for su
# Handle stop better - kill unwanted output, make it wait until the database is ready
# Handle locales slightly differently - always using "C" isn't a valid option
# Kill output from database initialization
# Mark messages for translation
# Version 7.1.2-2.PGDG Lamar Owen <lamar.owen@wgcr.org>
# sync up.
# Karl's fixes for some quoting issues.
# Version 7.2b2 Lamar Owen <lamar.owen@wgcr.org>
# version change.
# Version 7.2 final. Lamar Owen <lamar.owen@wgcr.org>
# reload from Peter E.
# Eliminate the pidof postmaster test in stop -- we're using pg_ctl so we don't need pidof.
# Tested the $? return for the stop script -- it does in fact propagate.
# TODO: multiple postmasters.
# Version 7.3 Lamar Owen <lamar.owen@ramifordistat.net>
# Multiple postmasters, courtesy Karl DeBisschop
# Version 7.4 Lamar Owen.
# Version 7.4.3 Tom Lane <tgl@sss.pgh.pa.us>
# Support condstop for uninstall
# Minor other changes suggested by Fernando Nasser.
# Version 7.4.5 Tom Lane <tgl@sss.pgh.pa.us>
# Rewrite to start postmaster directly, rather than via pg_ctl; this avoids
# fooling the postmaster's stale-lockfile check by having too many
# postgres-owned processes laying about.
# PGVERSION is the full package version, e.g., 7.4.7
# Note: the specfile ordinarily updates this during install
PGVERSION=8.3.8
# PGMAJORVERSION is major version, e.g., 7.4 (this should match PG_VERSION)
PGMAJORVERSION=`echo "$PGVERSION" | sed 's/^\([0-9]*\.[0-9]*\).*$/\1/'`
# Source function library.
INITD=/etc/rc.d/init.d
. $INITD/functions
# Get function listing for cross-distribution logic.
TYPESET=`typeset -f|grep "declare"`
# Get config.
. /etc/sysconfig/network
# Find the name of the script
NAME=`basename $0`
if [ ${NAME:0:1} = "S" -o ${NAME:0:1} = "K" ]
then
NAME=${NAME:3}
fi
# For SELinux we need to use 'runuser' not 'su'
if [ -x /sbin/runuser ]
then
SU=runuser
else
SU=su
fi
# Set defaults for configuration variables
PGENGINE=/usr/local/pgsql/bin/
PGPORT=5432
export PGDATA=/usr/local/pgsql/data
if [ -f $PGDATA/PG_VERSION ] && [ -d $PGDATA/base/template1 ]
then
echo "Using old-style directory structure"
else
export PGDATA=/var/lib/pgsql/data
fi
PGLOG=/dev/null
# Override defaults from /etc/sysconfig/pgsql if file is present
[ -f /etc/sysconfig/pgsql/${NAME} ] && . /etc/sysconfig/pgsql/${NAME}
export PGDATA
export PGPORT
export PGOPTS
# Check that networking is up.
# Pretty much need it for postmaster.
[ "${NETWORKING}" = "no" ] && exit 0
[ -f $PGENGINE/postmaster ] || exit 0
start(){
PSQL_START=$"Starting ${NAME} service: "
# Check for the PGDATA structure
if [ -f $PGDATA/PG_VERSION ] && [ -d $PGDATA/base ]
then
# Check version of existing PGDATA
if [ x`cat $PGDATA/PG_VERSION` != x"$PGMAJORVERSION" ]
then
SYSDOCDIR="(Your System's documentation directory)"
if [ -d /usr/doc/postgresql-$PGVERSION ]
then
SYSDOCDIR=/usr/doc
fi
if [ -d /usr/share/doc/postgresql-$PGVERSION ]
then
SYSDOCDIR=/usr/share/doc
fi
if [ -d /usr/doc/packages/postgresql-$PGVERSION ]
then
SYSDOCDIR=/usr/doc/packages
fi
if [ -d /usr/share/doc/packages/postgresql-$PGVERSION ]
then
SYSDOCDIR=/usr/share/doc/packages
fi
echo
echo $"An old version of the database format was found."
echo $"You need to upgrade the data format before using PostgreSQL."
echo $"See $SYSDOCDIR/postgresql-$PGVERSION/README.rpm-dist for more information."
exit 1
fi
# No existing PGDATA! Initdb it.
else
echo -n $"Initializing database: "
if [ ! -e $PGDATA -a ! -h $PGDATA ]
then
mkdir -p $PGDATA || exit 1
chown postgres:postgres $PGDATA
chmod go-rwx $PGDATA
fi
# Clean up SELinux tagging for PGDATA
[ -x /sbin/restorecon ] && /sbin/restorecon "$PGDATA"
# Make sure the locale from the initdb is preserved for later startups...
[ -f /etc/sysconfig/i18n ] && cp /etc/sysconfig/i18n $PGDATA/../initdb.i18n
# Just in case no locale was set, use en_US
[ ! -f /etc/sysconfig/i18n ] && echo "LANG=en_US" > $PGDATA/../initdb.i18n
# Is expanded this early to be used in the command $SU runs
echo "export LANG LC_ALL LC_CTYPE LC_COLLATE LC_NUMERIC LC_CTYPE LC_TIME" >> $PGDATA/../initdb.i18n
# Initialize the database
$SU -l postgres -c "$PGENGINE/initdb --pgdata=$PGDATA" >> $PGLOG 2>&1 < /dev/null
[ -f $PGDATA/PG_VERSION ] && echo_success
[ ! -f $PGDATA/PG_VERSION ] && echo_failure
echo
fi
echo -n "$PSQL_START"
$SU -l postgres -c "$PGENGINE/postmaster -i -p ${PGPORT} -D '${PGDATA}' ${PGOPTS} &" >> $PGLOG 2>&1 < /dev/null
sleep 2
pid=`pidof -s $PGENGINE/postmaster`
if [ $pid ] && [ -f "${PGDATA}/postmaster.pid" ]
then
success "$PSQL_START"
touch /var/lock/subsys/${NAME}
head -n 1 "${PGDATA}/postmaster.pid" > /var/run/postmaster.${PGPORT}.pid
echo
else
failure "$PSQL_START"
echo
fi
}
stop(){
echo -n $"Stopping ${NAME} service: "
$SU -l postgres -c "$PGENGINE/pg_ctl stop -D '${PGDATA}' -s -m fast" > /dev/null 2>&1 < /dev/null
ret=$?
if [ $ret -eq 0 ]
then
echo_success
else
echo_failure
fi
echo
rm -f /var/run/postmaster.${PGPORT}.pid
rm -f /var/lock/subsys/${NAME}
}
restart(){
stop
start
}
condrestart(){
[ -e /var/lock/subsys/${NAME} ] && restart
}
condstop(){
[ -e /var/lock/subsys/${NAME} ] && stop
}
reload(){
$SU -l postgres -c "$PGENGINE/pg_ctl reload -D '${PGDATA}' -s" > /dev/null 2>&1 < /dev/null
}
# This script is slightly unusual in that the name of the daemon (postmaster)
# is not the same as the name of the subsystem (postgresql)
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status postmaster
;;
restart)
restart
;;
condrestart)
condrestart
;;
condstop)
condstop
;;
reload|force-reload)
reload
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|condstop|reload|force-reload}"
exit 1
esac
exit 0
Add to the start up
chmod 755 /etc/init.d/postgresql chkconfig --add postgresql chkconfig --level 2345 postgresql on service postgresql start
Install PHP5
Installs PHP5 with Postgres Support
cd info PHP Source directory ./configure --prefix=/usr/local/php --with-apxs2=/usr/local/www/bin/apxs --with-pgsql=/var/lib/pgsql/ --with-gettext --enable-soap --with-openssl --with-openssl=/usr/local/ssl make install
Add to appache config in the correct location.
vi /usr/local/www/conf/httpd.conf ServerTokens ProductOnly ServerSignature Off PHP will add this, verify it's there: LoadModule php5_module modules/libphp5.so Add this to the dir_module section DirectoryIndex index.html index.php Add this to the mime_module section AddType application/x-httpd-php .php
Need to start Apache
service httpd start Add this file then browse to it in a browser to ensure it worked: vi /usr/local/www/htdocs/test.php <?php phpinfo(); ?>
Install CPAN Modules
perl -MCPAN -e'install Bundle::CPAN'
Return on all the prompts except:
- Policy on building prerequisites (follow, ask or ignore)?
- type: follow
- Continent:
- continent: (6) North America
- country: (4) United States
- URL locations: 11 10 16 20 23 24 30 36 50
- After a while you will be prompted for
- Do you want to modify/update your configuration (y|n) ? [no]
- Just press enter
- Do you want to modify/update your configuration (y|n) ? [no]
- After a while you will be prompted for
- Enter arithmetic or Perl expression: exit
- Just press enter
- Enter arithmetic or Perl expression: exit
Press return for all the following prompts: perl -MCPAN -e'install DBI' perl -MCPAN -e'install DBD::Pg'
Install DAViCal
tar zxf awl_0.37.tar.gz mv awl-0.37 /usr/share/awl tar zxf davical-0.9.7.2.tar.gz rm -rf /usr/share/davical mv davical-0.9.7.2 /usr/share/davical service httpd restart
For Version 0.9.7.2 of davical you'll need to fix the following line:
In /usr/share/davical/inc/CalDAVPrincipal.php
Change line 162 FROM
rawurlencode('mailto:'.$this->email),
TO
'mailto:'.$this->email,
Craete the following site config
mkdir /etc/davical/ vi /etc/davical/calendar.domainnamehere.com-conf.php <?php // $c->dbg['caldav'] = 1; // Enable debug of common caldav functions // $c->collections_always_exist = true; // $c->enable_row_linking = true; $c->dbg['get'] = 1; // Enable debug of GET request processing $c->dbg['post']= 1; $c->dbg['querystring'] =1; $c->dbg['request'] = 1; $c->dbg['response'] = 1; $c->domain_name = "calendar.domainnamehere.com"; $c->sysabbr = 'davical'; $c->admin_email = 'admin@domainnamehere.com'; $c->system_name = "Company Name Here"; $c->default_locale = en_US.UTF-8; $c->pg_connect[] = 'dbname=davical port=5432 user=davical_app';
Create Database
su postgres -c /usr/share/davical/dba/create-database.sh
Test the URL and you should get a Administration page.
http://calendar.domainnamehere.com/
- Read up on how relationships work.
- Read up on everything else at: DAViCal
- Remove a user.
Sunbird Configuration
For each person you want to show up in your calendar, add the following as new remote calendar in Sunbird.
http://calendar.domainnamehere.com/caldav.php/tim/home/ http://calendar.domainnamehere.com/caldav.php/jeff/home/ http://calendar.domainnamehere.com/caldav.php/karen/home/ http://calendar.domainnamehere.com/caldav.php/rick/home/ http://calendar.domainnamehere.com/caldav.php/moire/home/ etc... For iCal4OL users (Outlook connector), it will be slightly different adding them in Sunbird http://calendar.domainnamehere.com/caldav.php/tim/calendar-proxy-write/
