ServerSetupFedora22: Difference between revisions

From DrewWiki
Jump to navigation Jump to search
No edit summary
No edit summary
Line 42: Line 42:
# Enable samba
# Enable samba
## Add TCP139,445/24 to IPTables
## Add TCP139,445/24 to IPTables
## <pre>chkconfig smb on; chkconfig nmb on;</pre>
## <pre># chkconfig smb on; chkconfig nmb on;</pre>
# Enable iSCSI
# Enable iSCSI
## Add TCP3260/24
## Add TCP3260/24
Line 59: Line 59:


# Verify all log files in /var/log are not giving any errors or notifications
# Verify all log files in /var/log are not giving any errors or notifications
# Check logs for whats growing! <pre>ls -alR /var/log | grep ^- | awk {'print $5" "$8'} | sort -k 2| sort -n</pre>
# Check logs for whats growing! <pre># ls -alR /var/log | grep ^- | awk {'print $5" "$8'} | sort -k 2| sort -n</pre>

Revision as of 00:09, 2 August 2011

# yum install man screen wget rsync fail2ban mailx fdupes sendmail-cf strace \
logwatch etckeeper OpenIPMI ipmitool sysstat mutt clamav clamav-update nfs-utils \
lm_sensors hddtemp apcupsd apcupsd-cgi smartmontools \
mod_auth_pam mod_auth_shadow php-pecl-apc
# java-1.6.0-openjdk.x86_64 nss-mdns
  1. Install etckeeper
  2. Disable root login via ssh
    1. Add TCP22/0 to IPTables
  3. Enable sudo
  4. Install fail2ban
  5. yum remove unneeded software
  6. yum update
  7. Enable SElinux
  8. Extend days of sysstat logging


  1. Configure GRUB serial console redirection
  2. Configure kdump for system panics
  3. Configure apcupsd for UPS alerts
  4. Configure Time Server for local network access
    1. Add UDP123/24 to IPTables
  5. Configure rsyslog for network clients
    1. Add UDP514/24 to IPTables
  6. Setup mail relay
    1. Remove 127.0.0.1 /etc/mail/sendmail.mc
    2. # echo drew > /root/.forward; echo "andrew: drew" >> /etc/aliases; newaliases; echo "root: drew" >> /etc/aliases; newaliases
    3. Add TCP25/0 to IPTables
  7. Configure smartd/hddtemp for disk monitoring
  8. ^ Configure thermal alerts for server
  9. Configure logwatch
  10. Setup clamav virus protection for Samba and weekly scan


  1. Mount raid array
  2. Configure md alerts
  3. Enable NFS
    1. Add TCP2049/24 to IPTables
    2. Disable NFSv2/3 /etc/sysconfig/nfs
  4. Enable samba
    1. Add TCP139,445/24 to IPTables
    2. # chkconfig smb on; chkconfig nmb on;
  5. Enable iSCSI
    1. Add TCP3260/24
  6. ^ Configure bacula and web interface


  1. Setup cron jobs
    1. Keep anacron from waking me up at night!
      # vi /etc/anacrontab // START_HOURS_RANGE


  1. Configure MythTV / MythWeb
    1. Add TCP443/0 to IPTables
  2. Configure mod_auth_pam / mod_auth_shadow / pecl-php-apc / phpMyAdmin
  3. Configure DrewaWiki / WebDAV


  1. Verify all log files in /var/log are not giving any errors or notifications
  2. Check logs for whats growing!
    # ls -alR /var/log | grep ^- | awk {'print $5" "$8'} | sort -k 2| sort -n