Set Up Ubuntu Server

Package Selection

• LAMP Server
• Mail Server
• OpenSSH Server
• PostgreSQL Server
• Samba File Server

.bashrc

umask 0077 (or 0022 to allow read access for other users)
export PATH=$HOME/bin:$PATH
alias dir="ls -l"

SSH Public Key Authentication

Copy over the public key, then

> mkdir .ssh
> chmod 700 .ssh
> cat key.pub >> .ssh/authorized_keys

Packages

> dpkg -l
> sudo apt-get remove dovecot*
> sudo apt-get install nmap
> sudo apt-get install ntp
> sudo apt-get install mailutils

Java, Ant, and Maven

Select OpenJDK 8 to be the default JVM:

> sudo update-alternatives --config java

Then install Ant and Maven:

> sudo apt-get install ant
> sudo apt-get install maven

Subversion

Create /etc/xinetd.d/svn with the following content:

then restart xinetd:

> sudo /etc/init.d/xinetd restart

MySQL and phpMyAdmin

If MySQL is not installed already:

Log into MySQL and create an account and a database for the user:

Note that the GRANT statement will automatically create the user account if it does not exist.

Now install phpMyAdmin:

> sudo apt-get install phpmyadmin

During configuration you'll need to provide the root password of MySQL. After phpMyAdmin is installed, it can be accessed at http://host/phpmyadmin/ .

By default MySQL server does not accept remote connections. To enable remote connections (which is necessary for servers like CS3 but not for servers like CSNS), modify /etc/mysql/my.cnf so the following line is commented out:

bind-address = 127.0.0.1

then restart the MySQL server:

> sudo service mysql restart

PostgreSQL and phpPgAdmin

If PostgreSQL is not installed already:

> sudo apt-get install postgresql

Log into PostgreSQL and create an account and a database for the user:

Leave out the createdb option in the CREATE USER statement if you do not want to grant the user the privilege to create databases.

By default PostgreSQL server does not accept remote connections. To enable remote connections (which is necessary for servers like CS3 but not for servers like CSNS), modify /etc/postgresql/9.1/main/postgresql.conf so:

listen_addresses = '*'

And modify /etc/postgresql/9.1/main/pg_hba.conf so that:

host    all     all     0.0.0.0/0    md5
host    all     all     ::0/0        md5

To install phpPgAdmin:

> sudo apt-get install phppgadmin

By default phpPgAdmin only allows local access. To allow remote access, edit /etc/phppgadmin/apache.conf so that

Then restart Apache2. After that phpPgAdmin can be accessed at http://host/phpmyadmin/ .

Tomcat

> sudo apt-get install tomcat8

Once installed, Tomcat will be running at port 8080. The webapp directory is at /var/lib/tomcat8/webapps/ and the configuration files are under /etc/tomcat8/.

On CS3, the instructor of CS3220/5220 may need to restart some applications once in a while, so install the Tomcat Admin package:

> sudo apt-get install tomcat8-admin

And edit /etc/tomcat8/tomcat-users.xml to add a manager user. Tomcat Manager can be accessed at http://host:8080/manager/html. 

Install JDBC drivers:

The JAR file will be installed under /usr/share/java with many other JAR files. To make them available to Tomcat, symbolic links to them need to be created under /usr/share/tomcat8/lib:

JSTL is still not included in the Tomcat distribution, and there doesn't seems to be a package that provide them, so download it from Apache Jakarta, place jstl.jar and standard.jar under /usr/share/java, then link them from /usr/share/tomcat8/lib like before.

Apache

Enable userdir (i.e. public_html):

> sudo a2enmod userdir
> sudo service apache2 restart
> cd /etc/skel
> sudo mkdir public_html
> sudo chmod 755 public_html

Samba

Set the ownership of the directory to be shared to nobody.nogroup:

> sudo chown nobody.nogroup /home/cysun/documents

Edit /etc/samba/smb.conf:

• Uncomment security = user
• Add a section for the shared directory:

[documents]
    comment = Documents
    path = /home/cysun/documents
    browsable = yes
    read only = no
    create mask = 0644

Note that the Samba mask is different from umask - 0644 in this case will be the permissions of the files created instead of a "mask" applied to the permissions.

Add a Samba user:

> sudo smbpasswd -a cysun

Note that the user should already have an account on the server; if not, use adduser to create a user account first.

And finally:

> sudo restart smbd
> sudo restart nmbd

Email

Install postfix and mutt if they are not installed already:

> sudo apt-get install postfix
> sudo apt-get install mutt

Choose Internet Site during the postfix configuration.

To add email aliases, edit /etc/aliases then run postalias:

> sudo vi /etc/aliases
> sudo postalias /etc/aliases

Manual Update

> sudo apt-get update
> sudo apt-get -u upgrade

Update and Dist Upgrade

If unattended-upgrades is not installed:

Edit /etc/apt/apt.conf.d/50unattended-upgrades to enable the following:

• Auto apply non-security updates
• Email notification after upgrade (requires mailutils)
• Auto remove unused dependencies
• Auto reboot if a reboot is required after upgrade

Then

> sudo service unattended-upgrades restart

Edit /etc/update-manager/release-upgrades to change Prompt=lts to Prompt=normal. This would allow do-release-upgrade to upgrade an LTS release to a normal release.

Other

Edit /etc/default/useradd and change SHELL to be /bin/bash so the default shell for accounts created with useradd will be bash instead of sh.

To disable a service, e.g. apache2:

> sudo update-rc.d -f apache2 remove

And to enable it:

> sudo update-rc.d apache2 defaults