systems:euk1

euk1.php.net

This box hosts the PEAR infrastructure.

Hostname: euk1.php.net
IP Address: 78.129.214.25
Sponsor: eUKhost LTD.
Location: London, UK
Technical Contact: Mark Ducadi <mark at eukhost dot com> or dedicated at eukhost dot com
Hardware:
CPU: 2x Intel Core 2 Duo E4600 (2.4 GHz)
Memory: 2 GB
Disk Space: 150 GB
Software:
OS: CentOS 5.6
People with access to this machine:
bjori, bbieber, cellog, clockwerx, cweiske, davidc, derick, helgi, mj, philip, till, shupp, scottmac

Notes

  • The SELinux firewall on this box only permits outgoing SMTP for the users root and postfix.
  • Munin requires a custom iptables rule on this box: iptables -I INPUT -p tcp --dport 4949 --src 173.236.52.218 -j ACCEPT. Adding it to /etc/sysconfig/iptables failed due to (presumably) something weird going on with SELinux. Make sure to add the rule manually after rebooting the box as long as this is not fixed properly.
  • 2009-04-05: The box crashed for reasons unknown. It was subsequently rebooted by eUKhost.
  • 2009-04-16: Box hang after reboot. Had file system journal problems again. eUKhost had to run fsck manually.
  • 2009-08-05: Box hang again and was rebooted. Mail system (postfix) was down after. After starting it, mails did not get out. Had to run /sbin/iptables -t filter -I OUTPUT 9 -p tcp -m tcp --dport 25 -m owner --uid-owner postfix -j ACCEPT to get it working again.
  • 2010-03-01: We had the same mail problems again; this time the problem was fixed:
    • ls -aZ /etc/sysconfig → system_u:object_r:etc_runtime_t iptables.save
    • chcon user_u:object_r:etc_t /etc/sysconfig/iptables.save
    • /sbin/iptables -t filter -I OUTPUT 9 -p tcp -m tcp --dport 25 -m owner --uid-owner postfix -j ACCEPT
    • /etc/init.d/iptables save
    • chcon system_u:object_r:etc_runtime_t /etc/sysconfig/iptables.save
  • 2010-06-25: Installed cronolog (yum install cronolog)
    • access.log's rotate daily
    • configured the following logs (in /home/pear/logs/httpd):
      • %Y-%m-%d_download.pear.php.net-access.log
      • %Y-%m-%d_pear2.php.net-access.log
      • %Y-%m-%d_pear.php.net-access.log
      • %Y-%m-%d_ssl_pear.php.net-access.log
  • 2010-06-26:
    • added cronjob to bzip2 yesterday's logs
    • setup daily rotation for error_log (%Y-%m-%d_error.log)
    • moved all old logfiles to till@sp2.php.net:/backup/logs-pear
  • 2011-03-10
    • disabled selinux (was in permissive mode only and had no effect)
    • allowed git in iptables rules
    • changed /etc/init.d/iptables to use /etc/sysconfig/iptables.rules instead of “iptables” only since we - for unknown reasons - cannot modify, move or delete /etc/sysconfig/iptables.
  • 2011-04-27
    • Disabled short tag open in php.ini
  • 2011-06-08
    • Add new SSL cert from FB
    • Run distro upgrade of CentOS from 5.3 to 5.6

Cronjobs

  • List all cronjobs with: sudo crontab -l

PHP

  • Currently php 5.3.7
  • Installed manually in /usr/local/src/
  • info: ~cweiske/phpinfo

PEAR

  • Use the /root/.pearrc config file for controlling the system PEAR repository.
  • sudo pear -c /root/.pearrc …

PEAR website

  • The PEAR website is installed via pear itself (pearweb, pearweb_* packages).
    • “$ pear config-get www_dir”: /var/www/html/pearweb/
  • Cron jobs are in root's crontab: “sudo crontab -e”
  • Scripts that are not in the pearweb package but only on the server are located in /var/lib/pear/scripts/.
  • Data like package releases (tgz), generated manuals and peardoc cvs checkout are in /var/lib/pear/ which links to /home/pear/ since there is enough space.

Upgrading

Make your changes to the pearweb source, then follow the README steps.

PHAR

<FilesMatch go-pear.phar>
  ForceType application/octet-stream
  Header set Content-Disposition "attachment; filename=go-pear.phar"
</FilesMatch>
<FilesMatch pyrus.phar>
  ForceType application/octet-stream
  Header set Content-Disposition "attachment; filename=pyrus.phar"
</FilesMatch>
systems/euk1.txt · Last modified: 2011/11/16 02:48 by clockwerx