====== euk1.php.net ======

This box hosts the PEAR infrastructure.

^ Hostname:          | euk1.php.net                                  |
^ IP Address:        | 78.129.214.25                                 |
^ Sponsor:           | [[http://www.eukhost.com/|eUKhost LTD.]]      |
^ Location:          | London, UK                                    |
^ Technical Contact: | Mark Ducadi ''<mark at eukhost dot com>'' or ''dedicated at eukhost dot com''     |
^ Hardware:||
^ CPU:               | 2x Intel Core 2 Duo E4600 (2.4 GHz)           |
^ Memory:            | 2 GB                                          |
^ Disk Space:        | 150 GB                                        |
^ Software:||
^ OS:                | CentOS 5.6                                    |
^ People with access to this machine:||
| bjori, bbieber, cellog, clockwerx, cweiske, davidc, derick, helgi, mj, philip, till, shupp, scottmac ||
===== Notes =====

  * The SELinux firewall on this box only permits outgoing SMTP for the users ''root'' and ''postfix''.
  * [[systems:Munin]] requires a custom iptables rule on this box: ''<nowiki>iptables -I INPUT -p tcp --dport 4949 --src 173.236.52.218 -j ACCEPT</nowiki>''. Adding it to ''/etc/sysconfig/iptables'' failed due to (presumably) something weird going on with SELinux. Make sure to add the rule manually after rebooting the box as long as this is not fixed properly.
  * 2009-04-05: The box crashed for reasons unknown. It was subsequently rebooted by eUKhost.
  * 2009-04-16: Box hang after reboot. Had file system journal problems again. eUKhost had to run fsck manually.
  * 2009-08-05: Box hang again and was rebooted. Mail system (postfix) was down after. After starting it, mails did not get out. Had to run ''<nowiki>/sbin/iptables -t filter -I OUTPUT 9 -p tcp -m tcp --dport 25 -m owner --uid-owner postfix -j ACCEPT</nowiki>'' to get it working again.
  * 2010-03-01: We had the same mail problems again; this time the problem was fixed:
    * ''ls -aZ /etc/sysconfig -> system_u:object_r:etc_runtime_t iptables.save''
    * ''chcon user_u:object_r:etc_t /etc/sysconfig/iptables.save''
    * ''<nowiki>/sbin/iptables -t filter -I OUTPUT 9 -p tcp -m tcp --dport 25 -m owner --uid-owner postfix -j ACCEPT</nowiki>''
    * ''/etc/init.d/iptables save''
    * ''chcon system_u:object_r:etc_runtime_t /etc/sysconfig/iptables.save''
  * 2010-06-25: Installed cronolog (''yum install cronolog'')
    * access.log's rotate daily
    * configured the following logs (in ''/home/pear/logs/httpd''):
      * ''%Y-%m-%d_download.pear.php.net-access.log''
      * ''%Y-%m-%d_pear2.php.net-access.log''
      * ''%Y-%m-%d_pear.php.net-access.log''
      * ''%Y-%m-%d_ssl_pear.php.net-access.log''
  * 2010-06-26:
    * added cronjob to ''bzip2'' yesterday's logs
    * setup daily rotation for ''error_log'' (''%Y-%m-%d_error.log'')
    * moved all old logfiles to ''till@sp2.php.net:/backup/logs-pear''
  * 2011-03-10
    * disabled selinux (was in permissive mode only and had no effect)
    * allowed git in iptables rules
    * changed /etc/init.d/iptables to use /etc/sysconfig/iptables.rules instead of "iptables" only since we - for unknown reasons - cannot modify, move or delete /etc/sysconfig/iptables.
  * 2011-04-27
    * Disabled short tag open in php.ini
  * 2011-06-08
    * Add new SSL cert from FB
    * Run distro upgrade of CentOS from 5.3 to 5.6 


===== Cronjobs =====
  * List all cronjobs with: sudo crontab -l

===== PHP =====
  * Currently php 5.3.7
  * Installed manually in /usr/local/src/
  * info: ~cweiske/phpinfo

===== PEAR =====
  * Use the /root/.pearrc config file for controlling the system PEAR repository.
  * sudo pear -c /root/.pearrc ...

===== PEAR website =====
  * The PEAR website is installed via pear itself (pearweb, pearweb_* packages).
    * "$ pear config-get www_dir": /var/www/html/pearweb/
  * Cron jobs are in root's crontab: "sudo crontab -e"
  * Scripts that are not in the pearweb package but only on the server are located in /var/lib/pear/scripts/.
  * Data like package releases (tgz), generated manuals and peardoc cvs checkout are in /var/lib/pear/ which links to /home/pear/ since there is enough space.

==== Upgrading ====
Make your changes to the [[http://github.com/pear/pearweb|pearweb]] source, then follow [[https://github.com/pear/pearweb/blob/master/README|the README]] steps.

===== PHAR =====

  * If no force-download is applied, phars appear corrupt on Windows
  * solution: http://support.microsoft.com/kb/260519
  * /etc/httpd/conf.d/phar.conf:
<code>
<FilesMatch go-pear.phar>
  ForceType application/octet-stream
  Header set Content-Disposition "attachment; filename=go-pear.phar"
</FilesMatch>
<FilesMatch pyrus.phar>
  ForceType application/octet-stream
  Header set Content-Disposition "attachment; filename=pyrus.phar"
</FilesMatch>
</code>