Difference between revisions of "Center Server Administration Guide"

From BlackBox Framework Wiki
Jump to navigation Jump to search
 
(27 intermediate revisions by 3 users not shown)
Line 1: Line 1:
== Server control panel==
For controlling technical aspects of the server (POWER ON, POWER OFF, RESET, etc.) a web-based control panel is used.
Login at [https://manage.edis.at/whmcs/clientarea.php?action=productdetails&id=214299 https://manage.edis.at/whmcs/clientarea.php?action=productdetails&id=214299],
use Login credentials
email: <edisUser>
password: <edisPassword>


== Server login==
== Server login==
Line 9: Line 19:
== Server reboot ==
== Server reboot ==


Use "sudo reboot" for rebooting the server in case it shows any anomaly such as out-of memory error messages.
Use the control panel for rebooting the server in case it shows any anomaly such as out-of memory error messages.


Start Redmine after server reboot
Then login to the server and start Redmine:


cd /var/www/redmine-2.5.2
cd /var/www/redmine-2.5.2
Line 17: Line 27:
unicorn_rails -c config/unicorn.rb -E production -D
unicorn_rails -c config/unicorn.rb -E production -D


== Certificate extension ==
Certificates should be extended every 3 months.


== Certificate extension ==
sudo su


Certificates should be extended every 3 months. Note that the TMP folder is very small on EDIS, therefore the TMP variable should be redefined:
service nginx stop


export TMP="/var/www/tmp"
certbot renew


export TEMP="/var/www/tmp"
or use the long form if you need to deal with virtual hosts explicitly:


service nginx stop
certbot certonly --standalone -d blackboxframework.org -d forum.blackboxframework.org -d community.blackboxframework.org -d wiki.blackboxframework.org -d www.blackboxframework.org -d redmine.blackboxframework.org


sudo ./certbot-auto certonly --standalone -d forum.blackboxframework.org -d community.blackboxframework.org -d wiki.blackboxframework.org -d blackboxframework.org -d redmine.blackboxframework.org
then


service nginx start
service nginx start


For checking the web server status use:
For checking the web server status use:


service nginx status
service nginx status


exit


== MySql Database control panel ==
== MySql Database control panel ==
Line 46: Line 60:


password: <mysqlPassword>
password: <mysqlPassword>


== Backup Files ==
== Backup Files ==
Line 56: Line 69:
bash command for backup of all files starting from /var/www (modify it for user/serveradress you want to use).
bash command for backup of all files starting from /var/www (modify it for user/serveradress you want to use).


nohup tar -c /var/www 2>/dev/null | ssh user@serveradress "dd of=/shares/...../150413_www.tar" > result.out 2>&1 &
nohup tar -c /var/www 2>/dev/null | ssh user@serveradress "dd of=.../backup_of_var-www.tar" > result.out 2>&1 &
 
 
== Cleaning up Disc Space ==
 
The servers running on the host produce a lot of log files, summing up to several gigabytes over time.
Therefore it is required to check the available disc space periodically and to clean up old log files.
The log files are located in /var/log. With the following commands it is easy to identify large log files,
which are potential candidates for cleaning up.
 
cd /var/log
 
sudo du -had 1
 
If the result of 'df' and 'du' differ largely, check if there are deleted files that are still open in some program.
Use the following command to get a list of such files.
 
lsof | grep deleted
 
For checking and trimming the systemd journal use
 
sudo journalctl --disk-usage
 
sudo journalctl --vacuum-size=10M
 
== Virtual Hosts ==
 
The web-based services on our Edis server use so-called ''virtual hosts'' in order to provide nice URLs such as
''forum.blackboxframework.org'', ''wiki.blackboxframework.org'', etc.
For every distinct service, there exists a corresponding virtual host.
All virtual hosts are entered in the domain name system (DNS) on [http://name.com name.com] in addition to
the root domain name ''blackboxframework.org''.
 
If a new service needs to be added, a new entry in the domain name system is required and our web server (nginx) needs to be
configured to serve this new virtual host in ''/etc/nginx/sites-enabled''. In addition, the list of virtual hosts for certificate renewal needs to be extended (see ''Certificate extension'').
 
After any change to the nginx configuration, a HUP signal may be sent to the nginx process in order to reload the configuration without a server restart: ''kill -HUP `cat /var/run/nginx.pid''`
 
Virtual Hosts served by ''nginx''
# blackboxframework.org (root domain name; content management system)
# www.blackboxframework.org (redirected to blackboxframework.org)
# forum.blackboxframework.org
# community.blackboxframework.org
# wiki.blackboxframework.org
# redmine.blackboxframework.org
 
All http requests are redirected to https automatically.

Latest revision as of 07:45, 26 October 2022

Server control panel

For controlling technical aspects of the server (POWER ON, POWER OFF, RESET, etc.) a web-based control panel is used.

Login at https://manage.edis.at/whmcs/clientarea.php?action=productdetails&id=214299, use Login credentials

email: <edisUser>

password: <edisPassword>

Server login

The server allows secure (ssh) logins only. From a Windows machine it is recommended to use the PuTTy tool as the ssh client.

Login at blackboxframework.org on port 22 with SSH selected.


Server reboot

Use the control panel for rebooting the server in case it shows any anomaly such as out-of memory error messages.

Then login to the server and start Redmine:

cd /var/www/redmine-2.5.2

unicorn_rails -c config/unicorn.rb -E production -D

Certificate extension

Certificates should be extended every 3 months.

sudo su
service nginx stop
certbot renew

or use the long form if you need to deal with virtual hosts explicitly:

certbot certonly --standalone -d blackboxframework.org -d forum.blackboxframework.org -d community.blackboxframework.org -d wiki.blackboxframework.org -d www.blackboxframework.org -d redmine.blackboxframework.org

then

service nginx start

For checking the web server status use:

service nginx status
exit

MySql Database control panel

This can be used for example for creating backups of MySql databases. The administration tool is a php-based web application.

Login at http://178.209.50.165/phpmyadmin/

user: <mysqlUser>

password: <mysqlPassword>

Backup Files

Before running the following bash command you should copy your public key to this server in order to login without password (modify it for user/serveradress you want to use):

ssh-copy-id -i .ssh/id_rsa.pub user@serveradress

bash command for backup of all files starting from /var/www (modify it for user/serveradress you want to use).

nohup tar -c /var/www 2>/dev/null | ssh user@serveradress "dd of=.../backup_of_var-www.tar" > result.out 2>&1 &


Cleaning up Disc Space

The servers running on the host produce a lot of log files, summing up to several gigabytes over time. Therefore it is required to check the available disc space periodically and to clean up old log files. The log files are located in /var/log. With the following commands it is easy to identify large log files, which are potential candidates for cleaning up.

cd /var/log

sudo du -had 1

If the result of 'df' and 'du' differ largely, check if there are deleted files that are still open in some program. Use the following command to get a list of such files.

lsof | grep deleted

For checking and trimming the systemd journal use

sudo journalctl --disk-usage

sudo journalctl --vacuum-size=10M

Virtual Hosts

The web-based services on our Edis server use so-called virtual hosts in order to provide nice URLs such as forum.blackboxframework.org, wiki.blackboxframework.org, etc. For every distinct service, there exists a corresponding virtual host. All virtual hosts are entered in the domain name system (DNS) on name.com in addition to the root domain name blackboxframework.org.

If a new service needs to be added, a new entry in the domain name system is required and our web server (nginx) needs to be configured to serve this new virtual host in /etc/nginx/sites-enabled. In addition, the list of virtual hosts for certificate renewal needs to be extended (see Certificate extension).

After any change to the nginx configuration, a HUP signal may be sent to the nginx process in order to reload the configuration without a server restart: kill -HUP `cat /var/run/nginx.pid`

Virtual Hosts served by nginx

  1. blackboxframework.org (root domain name; content management system)
  2. www.blackboxframework.org (redirected to blackboxframework.org)
  3. forum.blackboxframework.org
  4. community.blackboxframework.org
  5. wiki.blackboxframework.org
  6. redmine.blackboxframework.org

All http requests are redirected to https automatically.