Server Setup

So I recently decided I to set up my own server in my home. The page you are reading is currently being served out of my living room. I had a few problems when setting it up, so I thought I would walk through the steps of my installation. These are mostly from memory, so they may not be entirely exact.

  • First, I downloaded the 4 CD's of Fedora Core 4, located at http://fedora.redhat.com/
  • I installed a custom load, including packages for an http, ftp and ssh server, as well as development packages and whatever else I was looking for.
  • Then I turned on my services, vsftpd and httpd, using the GUI. Make sure to check the box to turn them on after a restart.
  • I logged onto my Netgear router at 192.168.0.1 and set it up to reserve address 192.168.0.10 for my server.
  • I also set the Default DMZ server as 192.168.0.10 so that my server gets all unhandled incoming requests.
  • I registered with DynDns.org, so I also included that in the Dynamic DNS setup of my router.
  • I configured my httpd server to include a virtual domain. I set this under named based, and then set the IP to 192.168.0.10.
  • Next, I created a public_html folder under my user account name folder /home/user/public_html
  • I placed all of my html in this folder, and then set this folder to be the main folder under my virtual domain name.
  • FedoraCore4 starts coming with SELinux, which is security enhanced linux. When trying to view my web pages, I kept getting a 403 Forbidden error. I had to set the security context for this folder. I used this command chcon -R -t httpd_user_content_t public_html/ to update that.
  • At this point, my server seemed to serving up pages fine, until mysteriously my network connectivity stopped. I kept getting a "ping: icmp open socket: Permission denied" when trying to activate my ethernet device, which was a Realtek FTL8139/810x Family Fast Ethernet NIC. Nothing on google seemed to help. Eventually I figured out that the card was dead, even though there was no indication of this other than the error I kept getting. A new Netgear card solved this problem.
  • Finally, when trying to FTP any new files onto my server, I kept getting permission denied errors. In order to get around this, I simply disabled secure linux for ftp. Although it would be a better solution to modify the settings accordingly, I didn't have the time for this, so instead, I used the command setsebool -P ftpd_disable_trans 1. You must be root, and I had to locate setsebool before I could run it. See this page for more info.
  • Since I had copied my web site over from my old server, the permissions were wrong. I did a chmod -R ug+rw * in my public_html folder to recursively add read and write permissions to all of my files for user and group.
  • I run an external java process on my server, so after SSHing into my machine and running it with the command java -jar JavaTracker.jar JavaTracker & I also type exit to ensure a clean exit. This was something that took me a while to figure out and something that I could not easily google for. If you simply close Putty using the X (Windows, upper right of the window), Putty makes a disorderly connect. This caused the system to kill all of my processes that I had started. So make sure you cleanly close your connection. (NOTE, this was on FreeBSD in 2002. Currently on FC4 in 2005, this doesn't appear to happen).
  • To monitor my processes, I currently use ps -ef | grep java to show all of my java processes running, or ps -f -u username to show all of my processes. To set up an alias for this, modify your .bashrc file (using the BASH shell) in your home directory.

The HTML I create with Netscape Composer, part of the mozilla suite. For SSH access, I use Putty, and for FTP I use AceFTP which is free. AceFTP comes with some cruddy default collision options- so I usually set them up like in the figure. I also disable Collision action dialog for uploading. This way I keep most up to date web page on my home computer. I use composer to Publish pages I make some quick changes on. If I make major changes to my site, I can simply drag and drop my public_html folder over to my server to copy all updated changes onto the server.
aceftpoptions


I also wired some ethernet for this server. Here are some gotchas that I have for reference-
  • When connecting the RJ45 connector to the wires, try to keep the individual wires exposed from the sheath at less than or equal to 1/2 inch. (they should be untwisted as little as possible, and 1/2 inch is about right)
  • When crossing wires that contain power, cross at a perpendicular, or keep away at least X inches.
  • There are requirements for the distance and number of nodes that can be on an ethernet network. Look these up.
  • Using a star topology is probably one of the easiest methods if you can handle this.
  • The ends of the wires should be wired the same. I always use B just so I can remember what I wired. Here is the diagram for type B wiring for reference, clip down:  rj45It's easy to remember because it goes striped, solid, striped solid all the way across. Just remember to sandwich the blue in between the green.

Installing Cygwin on my Windows PC so that I could access my server remotely. It's very simple:
  • install Cygwin from http://www.cygwin.com/.
  • Make sure you install the OpenSSH and X11 libraries- they are NOT installed by default.
  • When setting up, I set up my startxwin.bat to modify the line near the bottom to be -
    • C:\cygwin\usr\X11R6\bin\startxwin.bat
    REM %RUN% XWin -multiwindow -clipboard -silent-dup-error
    %RUN% XWin -query 192.168.1.10 -nodecoration -lesspointer -once
    where 192.168.1.10 is the address of my server (note www.dskelly.com does NOT work...)
  • Also comment out the line REM %RUN% twm.
  • If you run into this error: 
    InitOutput - Duplicate invocation on display number: 0.  Exiting.
    it simply means you already have an X session open. Click the X in your taskbar and exit that session, then run startxwin.bat again.

  • For having Cygwin run on the laptop not using XDMP, it should be a default Cygwin installation. Enable X11 forwarding under PUTTY options. Then run startx, and then any GUI program you use under PUTTY.

I also set up a protected directory on my server. This is so I can dump stuff onto my server and then only have me access it. However, again, I ran into some simple configuration errors.

  • I used this FAQ on how to setup .htaccess and .htpasswd files. http://lightsphere.com/dev/htpass.html
  • Make sure that that these files are readable by the server ... so 755 is a good choice. Then, make sure your httpd.conf file (found in /etc/httpd/conf/httpd.conf) contains the lines, or it still won't work. Then I made sure I restarted the httpd service:
AccessFileName .htaccess
<Directory "/var/www/htdocs">
...
    AllowOverride AuthConfig
...
</Directory>

Next I also found that my server appeared to be receiving a SIGHUP at 4:05AM on some days. Very consistent, and would always fail with a cofiguration failure because module unique_id could not be loaded. I don't know what causes the SIGHUP to consistently be sent at 4:05, but disabling the loading of the unique ID module was able to allow the server to restart with no down time. To disable this, comment out the module that loads this, in httpd.conf. I forget the exact steps, but I will add them sometime later if I get to it.