系统安装

Installing Python 2.7 on SLES 11


#!/bin/bash
# Install Python 2.7.2 alternatively
zypper install -t pattern sdk_c_c++ -y
zypper install readline-devel openssl-devel gmp-devel ncurses-devel gdbm-devel zlib-devel expat-devel libGL-devel tk tix gcc-c++ libX11-devel glibc-devel bzip2 tar tcl-devel tk-devel pkgconfig tix-devel bzip2-devel sqlite-devel autoconf db4-devel libffi-devel valgrind-devel -y

mkdir tmp
cd tmp
wget http://python.org/ftp/python/2.7.2/Python-2.7.2.tgz
tar xvfz Python-2.7.2.tgz
cd Python-2.7.2
./configure --prefix=/opt/python2.7 --enable-shared
make
make altinstall
echo "/opt/python2.7/lib" >> /etc/ld.so.conf.d/opt-python2.7.conf
ldconfig
cd ..
cd ..
rm -rf tmp




# source: https://stackoverflow.com/questions/10940296/installing-python-2-7-on-sles-11

vm-ubuntu-fe安装过程

vm-ubuntu-fe安装过程

记录时间:2011-03-20

虚拟系统配置

  • CPU:1
  • 内存:512MB
  • 硬盘:系统:2GB
  • 服务:Apache2 + WordPress

提供服务

添加vm-ubuntu-fe虚拟机

在vmhost-ubuntu-vbox上初始化及设置虚拟机

mount /dev/sdb1 /mnt/backup/
su - vbox
VBoxManage createvm --name vm-ubuntu-fe --register
VBoxManage modifyvm vm-ubuntu-fe --cpus 1 --memory 512 --vram 8 --acpi on --boot1 dvd --boot2 disk --audio alsa --audiocontroller ac97 --usb on --usbehci on --nic1 bridged --bridgeadapter1 eth0 --vrde on --vrdevideochannel on --vrdevideochannelquality 75
VBoxManage sharedfolder add vm-ubuntu-fe --name vbox-shared --hostpath /opt/vbox-shared --automount
VBoxManage createhd --filename /opt/vbox/vm-ubuntu-fe/vm-ubuntu-fe-system.vdi --size 2000 --variant fixed
VBoxManage storagectl vm-ubuntu-fe --name "SATA Controller" --add sata
VBoxManage storageattach vm-ubuntu-fe --storagectl "SATA Controller" --port 0 --device 0 --type hdd --medium /opt/vbox/vm-ubuntu-fe/vm-ubuntu-fe-system.vdi
VBoxManage storageattach vm-ubuntu-fe --storagectl "SATA Controller" --port 1 --device 0 --type dvddrive --medium /mnt/backup/setup/system/ubuntu-10.04.2-server-amd64.iso
VBoxManage showvminfo vm-ubuntu-fe
VBoxHeadless -s vm-ubuntu-fe

远程VRDP安装

使用Windows上的远程管理工具

  • mstsc <vmhost-ubuntu-vbox-ip>:3389
  • 选项:640*400, 16bit
  • Installer boot menu
    • Language: English
    • <F6>: noacpi=on, nomodeset=on
    • Install Ubuntu Server 10.04 (Rescue mode)
  • Ubuntu installer main menu
    • Choose language: English
    • Location: other, Europe, Germany
    • Detect keyboard layout: yes, + y <ENTER> => de:nodeadkeys
  • Configure the network
    • DHCP: Auto
    • hostname: vm-ubuntu-fe
  • Partition disks
  • Install the base system
  • Set up users and passwords
    • Fullname: admin 2cn.de
    • Username: r
    • Password: <password>
    • Encrypt your home directory: No
  • Configure the package manager
  • Select and install software: No automatic updates
  • Software selection
  • Configuring grub-pc
    • Install the GRUB boot loader to the MBR: Yes
  • Restart

开启代理,更新系统,安装常用软件,删除不需要的软件包

sudo su
export http_proxy=http://www-cache.uni-mannheim.de:3128
apt-get update
apt-get dist-upgrade
apt-get autoremove
apt-get install rcconf
apt-get install python-software-properties
add-apt-repository "deb http://archive.canonical.com/ lucid partner"
apt-get remove ubuntu-docs
apt-get remove mysql-common
apt-get remove samba-common
apt-get clean
apt-get autoclean
apt-get autoremove
cat /etc/issue
vi /etc/hosts
127.0.0.1 vm-ubuntu-fe
10.20.18.104 vmhost-ubuntu-vbox

为r和root用户设置top

添加nagios远程监测

apt-get install nagios-nrpe-server
vi /etc/nagios/nrpe.cfg

修改/添加

allowed_hosts=vmhost-ubuntu-vbox
command[check_all_disks]=/usr/lib/nagios/plugins/check_disk -w 20% -c 10% -e
/etc/init.d/nagios-nrpe-server restart

避免意外删除文件等错误

vi /etc/bash.bashrc

在vi里添加以下几行:

confirm() {
echo -n "Please confirm $*? [N/y] "
read -N 1 REPLY
echo
if test "$REPLY" = "y" -o "$REPLY" = "Y"; then
"$@"
else
echo "Cancelled by user"
fi
}
alias rm="rm -i"
alias cp="cp -i"
alias mv="mv -i"
alias halt="confirm halt"
alias reboot="confirm reboot"
alias shutdown="confirm shutdown"

SSH设置

用PAM限制SSH用户

vi /etc/pam.d/sshd

在vi里写入

auth required pam_listfile.so item=user sense=allow file=/etc/ssh/ssh.allow onerr=fail

添加允许SSH的用户

vi /etc/ssh/ssh.allow

在vi里写入

r

10分钟后自动关闭空闲的SSH链接

vi /etc/ssh/sshd_config

添加以下几行:

ClientAliveInterval 300
ClientAliveCountMax 2
UseDNS no

安装VirtualBox Additions增强功能

在vmhost-ubuntu-vbox上:

su - vbox
VBoxManage storageattach vm-ubuntu-fe --storagectl "SATA Controller" --port 1 --device 0 --type dvddrive --medium /usr/share/virtualbox/VBoxGuestAdditions.iso

在vm-ubuntu-fe上:

sudo su
mkdir /media/cdrom
mount /dev/cdrom1 /media/cdrom
apt-get install dkms
/media/cdrom/VBoxLinuxAdditions.run --nox11
# 忽略没有视窗的错误:Installing the Window System drivers ...fail!
addgroup r vboxrf

安装apache2

apt-get install apache2
vi /etc/apache2/apache2.conf

添加/修改行:

ServerName localhost
Timeout 60
vi /etc/apache2/conf.d/security

添加/修改行:

# Disable access, directory indexing and .htaccess files by default
<Directory />
Options -Indexes
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>
# Disable system information be included in the HTTP responses
ServerTokens Prod
# Disable system information to be included in server-generated pages
ServerSignature Off
# Disable HTTP TRACE requests
TraceEnable Off
groupadd log
usermod -a -G log www-data
usermod -a -G log r
mkdir /opt/logs
mkdir /opt/logs/apache2
rm -R /var/log/apache2
ln -s /opt/logs/apache2 /var/log/apache2
chown -R www-data.log /opt/logs
chmod -R g+w /opt/logs
chmod -R o-r /opt/logs
chmod -R o-x /opt/logs

安装WordPress

apt-get install mysql-server
apt-get install php5 phpmyadmin
adduser --system --shell /bin/sh --gecos 'wordpress admin' --group --disabled-password --home /opt/wordpress wpadmin
usermod -a -G log wpadmin
usermod -a -G wpadmin www-data
mkdir /opt/wordpress
cd /opt/wordpress
wget http://wordpress.org/latest.tar.gz
tar -zxvf latest.tar.gz
chown -R www-data.www-data wordpress
ln -s /opt/wordpress/wordpress /var/www/wordpress
mysql -u root -p
CREATE DATABASE wordpress;
CREATE USER wpadmin;
SET PASSWORD FOR wpadmin = PASSWORD("<PASSWORD>");
GRANT ALL PRIVILEGES ON wordpress.* TO "wpadmin"@"localhost" IDENTIFIED BY "<PASSWORD>";
FLUSH PRIVILEGES;
EXIT
cp /opt/wordpress/wordpress/wp-config-sample.php /opt/wordpress/wordpress/wp-config.php
vi /opt/wordpress/wordpress/wp-config.php
define('DB_NAME', 'wordpress');
define('DB_USER', 'wpadmin');
define('DB_PASSWORD', '<PASSWORD>');
# https://api.wordpress.org/secret-key/1.1/salt/
<SALT>

设置固定IP

vi /etc/network/interfaces

删除以下dhcp的设置

auto eth0
iface eth0 inet dhcp

添加IP设置

auto  eth0
iface eth0 inet static
address 192.168.178.111
netmask 255.255.255.0
network 192.168.178.0
broadcast 192.168.178.255
gateway 192.168.178.1
vi /etc/resolv.conf
search vm.2cn.de
domain vm.2cn.de
nameserver 192.168.178.1
nameserver 134.155.96.53
vi /etc/hosts
127.0.0.1 vm-ubuntu-fe
127.0.0.1 vm-ubuntu-fe.vm.2cn.de
192.168.168.11 vmhost-ubuntu-vbox
192.168.168.11 vmhost-ubuntu-vbox.2cn.de
/etc/init.d/networking restart

卸载dhcp

apt-get remove dhcp-client3

TODOs

vm-winxp-work虚拟机安装

vm-winxp-work虚拟机安装

记录时间:2011-02-19

虚拟系统配置

  • CPU:1
  • 内存:512MB
  • 显卡:32MB
  • 硬盘:系统:2GB
  • 服务:Apache2 + WordPress

提供服务

  • 迅雷下载:HTTP, FTP, BT, eMule
  • Team Viewer远程控制

在vmhost-ubuntu-vbox上初始化及虚拟机配置

su - vbox
VBoxManage createvm --name vm-winxp-work --register
VBoxManage modifyvm vm-winxp-work --cpus 1 --memory 512 --vram 32 --acpi on --boot1 dvd --boot2 disk --audio alsa --audiocontroller ac97 --usb on --usbehci on --nic1 bridged --bridgeadapter1 eth0 --vrde on --vrdevideochannel on --vrdevideochannelquality 75
VBoxManage sharedfolder add vm-winxp-work --name vbox-shared --hostpath /opt/vbox-shared --automount
VBoxManage createhd --filename /opt/vbox/vm-winxp-work/vm-winxp-work-system.vdi --size 5000 --variant fixed
VBoxManage storagectl vm-winxp-work --name "IDE Controller" --add ide
VBoxManage storageattach vm-winxp-work --storagectl "IDE Controller" --port 0 --device 0 --type hdd --medium /opt/vbox/vm-winxp-work/vm-winxp-work-system.vdi
VBoxManage storageattach vm-winxp-work --storagectl "IDE Controller" --port 1 --device 0 --type dvddrive --medium /mnt/backup/setup/system/windows_xp_x86_sp3
.iso
VBoxManage showvminfo vm-winxp-work
VBoxHeadless -s vm-winxp-work

安装系统

  • 按光盘安装步骤正常安装
  • 控制面板 – 切换到经典模式 – 用户账户
    • 选择Administrator
    • 添加密码
    • 添加账户:r
    • 添加密码
    • 换r账户登录
  • 显示 – 屏保 – 墙纸 – 电源
  • 声音 – 静音
  • 系统属性 – 计算机名
  • 系统属性 – 高级 – 性能
  • 系统属性 – 远程 – 系统还原
  • 资源管理器 – 文件夹选项
  • 任务管理器
  • 安装360
  • 用360优化系统:软件 – 开启 – 服务 – 插件 – 系统更新
  • 安装搜狗拼音

加速NTFS

fsutil behavior set disable8dot3 1
fsutil behavior set disablelastaccess 1
fsutil behavior set mftzone 2

转化成SATA

su - vbox
VBoxManage storagectl vm-winxp-work --name "SATA Controller" --add sata
VBoxManage createhd --filename /opt/vbox/vm-winxp-work/vm-winxp-work-data.vdi --size 50000 --variant fixed
VBoxManage storageattach vm-ubuntu-build --storagectl "SATA Controller" --port 1 --device 0 --type hdd --medium /opt/vbox/vm-winxp-work/vm-winxp-work-data.vdi

在vm-winxp-work里安装Intel Matrix Storage Manager驱动 (ICH8M-E/M SATA AHCI)

su - vbox
vi /opt/vbox/vm-winxp-work/vm-winxp-work.vbox

删除IDE信息

VBoxManage storageattach vm-winxp-work --storagectl "SATA Controller" --port 0 --device 0 --type hdd --medium /opt/vbox/vm-winxp-work/vm-winxp-work-system.vdi

把vm-winxp-work-data.vdi盘格式化成NTFS(64KB)D盘

安装VirtualBox Additions增强功能

VBoxManage storageattach vm-winxp-work --storagectl "IDE Controller" --port 1 --device 0 --type dvddrive --medium /usr/share/virtualbox/VBoxGuestAdditions.iso

在vm-winxp-work通过DVD安装

(手动添加共享文件夹):在资源管理器里把vbox-shared映射到Z盘上

net use z: \\vboxsvr\vbox-shared /PERSISTENT:yes

删除IDE Controller

VBoxManage storagectl vm-winxp-work --name "IDE Controller" --remove

安装软件

  • 迅雷5绿色免安装版
  • WinRAR绿色版
  • 安装Liberkey
    • Small Suite: Firefox, Faststone Image Viewer, 7-Zip, MPC HomeCinema, HxD, Notepad++, Team Viewer, CCleaner, Defraggler, xp-antispy, Tweak-UI, QuickSys RegDefrag
      • 更新所有软件
      • 运行XP-Antispy(选择Suggested), Tweak-UI, CCleaner
  • 安装Teamviewer
  • 设置CCleaner v3.04.1348
    • 选择CCleaner里的所有选项
  • 安装Firefox插件
    • user agent switcher
    • http resource test
    • easylink

设置任务计划

  • 设置CCleaner
    • 设置任务计划为:每天02:00
    • 设置运行为:C:\WINDOWS\sdelete.exe -c c:/
  • 设置Defraggler
    • 设置任务计划为:每天03:00
    • 设置运行为:df.exe C: /large . 20

TODOs

  • 压缩下载完的文件并移到vbox-shared文件夹里
    for /d %X in (*) do “c:\Program Files\7-Zip\7z.exe” a “%X.7z” “%X\” -mx=9 -ms=on -md=32m -mfb=64 -m0=lzma

vm-ubuntu-build安装过程

vm-ubuntu-build安装过程

记录时间:2011-02-16

虚拟系统配置

  • CPU:1
  • 内存:1024MB
  • 硬盘:系统:2GB, 软件+数据: 50GB

提供服务

服务器 服务 软件 网址
Apache2 前端,http代理,ssl代理 Apache2 2.2.14 (ssl, proxy, proxy-http)
Apache2 软件配置管理 Subversion 2.3.0, Apache2 2.2.14 (dav), WebSVN 2.3.0 https://vm-ubuntu-build/svn/2cn.de,

https://vm-ubuntu-build/websvn 
Tomcat6 仓库管理 Sonatype Nexus 1.9.0.1 http://vm-ubuntu-build/nexus
Tomcat6 持续集成 Oracle Hudson 1.3.96 http://vm-ubuntu-build/hudson

在vmhost-ubuntu-vbox添加vm-ubuntu-build虚拟机

绑定优盘,配置,初始化,启动虚拟机

mount /dev/sdb1 /mnt/backup/
su - vbox
VBoxManage createvm --name vm-ubuntu-build --register
VBoxManage modifyvm vm-ubuntu-build --cpus 1 --memory 1024 --vram 8 --acpi on --boot1 dvd --boot2 disk --audio alsa --audiocontroller ac97 --usb on --usbehci on --nic1 bridged --bridgeadapter1 eth0 --vrde on --vrdevideochannel on --vrdevideochannelquality 75
VBoxManage sharedfolder add vm-ubuntu-build --name vbox-shared --hostpath /opt/vbox-shared --automount
VBoxManage createhd --filename /opt/vbox/vm-ubuntu-build/vm-ubuntu-build-system.vdi --size 2000 --variant fixed
VBoxManage storagectl vm-ubuntu-build --name "SATA Controller" --add sata
VBoxManage storageattach vm-ubuntu-build --storagectl "SATA Controller" --port 0 --device 0 --type hdd --medium /opt/vbox/vm-ubuntu-build/vm-ubuntu-build-system.vdi
VBoxManage storageattach vm-ubuntu-build --storagectl "SATA Controller" --port 1 --device 0 --type dvddrive --medium /mnt/backup/setup/system/ubuntu-10.04.2-server-amd64.iso
VBoxManage showvminfo vm-ubuntu-build
VBoxHeadless -s vm-ubuntu-build

远程VRDP安装

使用Windows上的远程管理工具

  • mstsc <vmhost-ubuntu-vbox-ip>:3389
  • 选项:640*400, 16bit

安装ubuntu,硬盘分区,安装OpenSSH

  • Installer boot menu
    • Language: English
    • <F6>: noacpi=on, nomodeset=on
    • Install Ubuntu Server 10.04 (Rescue mode)
  • Ubuntu installer main menu
    • Choose language: English
    • Location: other, Europe, Germany
    • Detect keyboard layout: yes, + y <ENTER> => de:nodeadkeys
  • Configure the network
    • DHCP: Auto
    • hostname: vm-ubuntu-build
  • Partition disks
  • Install the base system
  • Set up users and passwords
    • Fullname: admin vm-ubuntu-build
    • Username: r
    • Password: <password>
    • Encrypt your home directory: No
  • Configure the package manager
  • Select and install software: No automatic updates
  • Software selection
  • Configuring grub-pc
    • Install the GRUB boot loader to the MBR: Yes
  • Restart

开启代理,更新系统,安装常用软件,删除不需要的软件包

sudo su
export http_proxy=http://www-cache.uni-mannheim.de:3128
apt-get update
apt-get dist-upgrade
apt-get autoremove
apt-get install rcconf
apt-get install python-software-properties
add-apt-repository "deb http://archive.canonical.com/ lucid partner"
aptitude install sun-java6-jdk
apt-get remove ubuntu-docs
apt-get remove mysql-common
apt-get remove samba-common
apt-get clean
apt-get autoclean
apt-get autoremove
cat /etc/issue
vi /etc/hosts

在vi里添加设置

127.0.0.1 vm-ubuntu-build

为r和root用户配置top命令

top

添加nagios远程监测

apt-get install nagios-nrpe-server
vi /etc/nagios/nrpe.cfg

修改/添加

allowed_hosts=vmhost-ubuntu-vbox
command[check_all_disks]=/usr/lib/nagios/plugins/check_disk -w 20% -c 10% -e
/etc/init.d/nagios-nrpe-server restart

避免意外删除文件等错误

vi /etc/bash.bashrc

在vi里添加以下几行:

confirm() {
echo -n "Please confirm $*? [N/y] "
read -N 1 REPLY
echo
if test "$REPLY" = "y" -o "$REPLY" = "Y"; then
"$@"
else
echo "Cancelled by user"
fi
}
alias rm="rm -i"
alias cp="cp -i"
alias mv="mv -i"
alias halt="confirm halt"
alias reboot="confirm reboot"
alias shutdown="confirm shutdown"

SSH设置

用PAM限制SSH用户

vi /etc/pam.d/sshd

在vi里写入

auth required pam_listfile.so item=user sense=allow file=/etc/ssh/ssh.allow onerr=fail

添加允许SSH的用户

vi /etc/ssh/ssh.allow

在vi里写入

r
vbox

设置10分钟后自动关闭空闲的SSH链接

vi /etc/ssh/sshd_config

添加以下几行:

ClientAliveInterval 300
ClientAliveCountMax 2
UseDNS no

为vm-ubuntu-build添加data盘

添加data盘(vmhost-ubuntu-vbox)

VBoxManage createhd --filename /opt/vbox/vm-ubuntu-build/vm-ubuntu-build-data.vdi --size 50000
VBoxManage storageattach vm-ubuntu-build --storagectl "SATA Controller" --port 1 --device 0 --type hdd --medium /opt/vbox/vm-ubuntu-build/vm-ubuntu-build-data.vdi
VBoxHeadless startvm vm-ubuntu-build

创建ext4分区

sudo su
parted -a optimal /dev/sdb
(parted) mklabel
(parted) mkpart primary ext4 1 100%
(parted) print
(parted) quit
mkfs.ext4 /dev/sdb1

添加到虚拟机的fstab里

ls -l /dev/disk/by-uuid
# uuid sdb1: e42e6040-0f94-4694-88cc-1a1d687cc48e
vi /etc/fstab
# add line: UUID=e42e6040-0f94-4694-88cc-1a1d687cc48e /opt ext4 defaults 0 0
mount -a

安装VirtualBox Additions增强功能

在vmhost-ubuntu-vbox上绑定VBoxGuestAdditions.iso:

su - vbox
VBoxManage storagectl vm-ubuntu-build --name "IDE Controller" --add ide
VBoxManage storageattach vm-ubuntu-build --storagectl "IDE Controller" --port 0 --device 0 --type dvddrive --medium /usr/share/virtualbox/VBoxGuestAdditions.iso

在vm-ubuntu-build上安装:

sudo su
mkdir /media/cdrom
mount /dev/cdrom1 /media/cdrom
apt-get install dkms
/media/cdrom/VBoxLinuxAdditions.run --nox11
# 忽略视窗错误:Installing the Window System drivers ...fail!
addgroup r vboxrf

(手动添加共享文件夹)

mkdir /media/vbox-shared
mount -t vboxsf vbox-shared /media/vbox-shared

删除IDE Controller

VBoxManage storagectl vm-ubuntu-build --name "IDE Controller" --remove

安装subversion

安装subversion

安装apache2,配置apache2

sudo su
apt-get install apache2
a2enmod proxy
a2enmod proxy_http
vi /etc/apache2/apache2.conf

添加/修改行:

ServerName localhost
Timeout 60
MaxKeepAliveRequests 10
StartServers 1
MinSpareServers 1
MaxSpareServers 1
MaxClients 10
vi /etc/apache2/conf.d/security

添加/修改行:

<Directory />
Options -Indexes
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>
ServerTokens Prod
ServerSignature Off
TraceEnable Off

安装subversion

addgroup subversion
usermod -a -G subversion www-data
usermod -a -G subversion r
apt-get install subversion libapache2-svn
svnadmin create --fs-type fsfs /opt/svn/2cn.de
chown -R www-data.subversion /opt/svn
chmod -R 770 /opt/svn
htpasswd -c /etc/subversion/passwd kley

修改/etc/subversion/authz文件

[groups]
admins = kley
developers = kley
guests = kley
[/]
@admins = rw
@developers = r
[2cn.de:/]
@admins = rw
@developers = rw

修改/etc/apache2/mods-available/dav_svn.conf文件

<Location /svn>
DAV svn
SVNPath /opt/svn
AuthType Basic
AuthName "2cn.de repository"
AuthUserFile /etc/subversion/passwd
AuthzSVNAccessFile /etc/subversion/authz
Require valid-user
</Location>

配置记录文件

groupadd log
usermod -a -G log www-data
usermod -a -G log r
mkdir /opt/logs
mkdir /opt/logs/build
mkdir /opt/logs/apache2
mkdir /opt/logs/svn
rm -R /var/log/apache2
ln -s /opt/logs/apache2 /var/log/apache2
chown -R build.log /opt/logs
chmod -R g+w /opt/logs
chmod -R o-r /opt/logs
chmod -R o-x /opt/logs
vi /etc/logrotate.d/svn
/opt/logs/svn/*.log {
weekly
missingok
rotate 52
compress
delaycompress
notifempty
create 640 root adm
sharedscripts
postrotate
if [ -f "`. /etc/apache2/envvars ; echo ${APACHE_PID_FILE:-/var/run/apache2.pid}`" ]; then
/etc/init.d/apache2 reload > /dev/null
fi
endscript
}

配置ssl

a2enmod ssl

在/etc/apache2/ports.conf里加入以下行

<IfModule mod_ssl.c>
NameVirtualHost *:443
Listen 443
</IfModule>
apt-get install ssl-cert
mkdir /etc/apache2/ssl
chmod 600 /etc/apache2/ssl
vi /usr/share/ssl-cert/ssleay.cnf

修改default_bits值

default_bits = 8192
/usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/vm-ubuntu-build_apache.pem

安装websvn

apt-get install websvn
# 选择apache2作为服务器
# svn文件夹:/opt/svn/2cn.de

清空/etc/apache2/mods-available/dav_svn.conf里的内容
添加到/etc/apache2/sites-available/websvn文件里

<VirtualHost *:443>
ServerAdmin webmaster@localhost
Alias /websvn /usr/share/websvn
<Directory /usr/share/websvn>
DirectoryIndex index.php
Options FollowSymLinks
Order allow,deny
Allow from all
AuthType Basic
AuthName "2cn.de WebSVN Subversion Repository"
Require valid-user
AuthUserFile /etc/subversion/passwd
<IfModule mod_php4.c>
php_flag magic_quotes_gpc Off
php_flag track_vars On
</IfModule>
</Directory>
<Location /svn/2cn.de>
Order allow,deny
Allow from all
DAV svn
SVNPath /opt/svn/2cn.de
AuthType Basic
AuthName "2cn.de repository"
AuthUserFile /etc/subversion/passwd
AuthzSVNAccessFile /etc/subversion/authz
Require valid-user
</Location>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/vm-ubuntu-build_apache.pem
SSLProtocol all
SSLCipherSuite HIGH:MEDIUM
ErrorLog /opt/logs/svn/error.log
LogLevel error
CustomLog /opt/logs/svn/access.log combined
</VirtualHost>

清除/etc/websvn/apache.conf里的所有行
在/etc/websvn/svn_deb_conf.inc里更改2cn.de的标题

a2ensite websvn

SVN备份

创建备份文件夹,配置备份脚本

mkdir /opt/backup
mkdir /opt/build/scripts
vi /opt/build/scripts/svn_2cnde_full-backup.sh
#! /bin/sh
svnadmin dump /opt/svn/2cn.de > /tmp/svn_2cnde_full-backup.dump
rm -f /opt/backup/svn_2cnde_full-backup.dump
cp /tmp/svn_2cnde_full-backup.dump /opt/backup/svn_2cnde_full-backup.dump
chmod +x svn_2cnde_full-backup.sh
vi /opt/build/scripts/svn_2cnde_inc-backup.sh
#!/usr/bin/perl
use strict;
use warnings;
my $repo = '/opt/svn/2cn.de';
my $local_dir = '/tmp';
my $savedir = '/opt/backup';
my $last_saved_file = $savedir.'/last_saved.txt';
open(LAST_SAVED, '<', $last_saved_file);
my $last_saved = <LAST_SAVED>;
chomp $last_saved;
close(LAST_SAVED);
my $head = `svnlook youngest $repo`;
chomp $head;
if ($last_saved == $head) {
exit();
}
my $from = $last_saved + 1;
my $to = $head;
my $dumpfile = sprintf(
'/svn-%05u_%05u.svndump',
$from,
$to
);
my $local_dump_file = $local_dir.$dumpfile;
my $command = sprintf(
'svnadmin dump -q -r%u:%u --incremental %s > %s',
$from,
$to,
$repo,
$local_dump_file
);
system($command);
if (grep /^Revision-number: $to/, `grep --text ^Revision-number: $local_dump_file`) {
open(LAST_SAVED, '>', $last_saved_file);
print LAST_SAVED $to, "\n";
close(LAST_SAVED);
system('gzip '.$local_dump_file);
chdir($local_dir);
use File::Basename;
system('md5sum '.basename($local_dump_file).'.gz >> '.$savedir.'/MD5SUMS');
}
my $mv_command = sprintf(
'mv %s %s',
$local_dump_file.'.gz',
$savedir.$dumpfile.'.gz'
);
system($mv_command);
chmod +x /opt/build/scripts/svn_2cnde_inc-backup.sh
crontab -e
0 1 * * * /opt/build/scripts/svn_2cnde_inc-backup.sh
0 2 1 * * /opt/build/scripts/svn_2cnde_full-backup.sh

安装tomcat

apt-get install tomcat6 tomcat6-user
apt-get install libtcnative-1
apt-get install sun-java6-jdk
update-alternatives --config java
update-alternatives --config javac
# 选择/usr/lib/jvm/java-6-sun/jre/bin/java
apt-get remove openjdk-6-jdk
apt-get remove openjdk-6-jre
apt-get remove openjdk-6-jre-headless
apt-get remove openjdk-6-jre-lib
update-rc.d -f tomcat6 remove
adduser --system --shell /bin/sh --gecos 'build user' --group --disabled-password --home /opt/build build
cd /opt/build
su - -c "tomcat6-instance-create tomcat" build
usermod -a -G build tomcat6
usermod -a -G log tomcat6
usermod -a -G log build
usermod -a -G build r
rm -R /var/log/tomcat6
ln -s /opt/logs/build /var/log/tomcat6
ln -s /etc/tomcat6/policy.d /opt/build/tomcat/conf/policy.d
vi /etc/logrotate.d/build
/var/log/tomcat6/*.log {
copytruncate
daily
missingok
rotate 30
compress
delaycompress
missingok
size 10M
}
chown -R build.build /opt/build

修改/etc/default/tomcat6

TOMCAT6_USER=build
TOMCAT6_GROUP=build
JAVA_HOME=/usr/lib/jvm/java-6-sun
CATALINA_BASE=/opt/build/tomcat
JAVA_OPTS="${JAVA_OPTS} -server -DHUDSON_HOME=/opt/build/hudson-work -Djava.awt.headless=true -Xmx512M -Xms512M -XX:MaxPermSize=128m -XX:+UseParallelOldGC -XX:+DisableExplicitGC -XX:+UseCompressedOops -XX:+AggressiveOpts -XX:NewRatio=2 -XX:+UseCompressedStrings -XX:+UseStringCache -XX:+OptimizeStringConcat"
JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=8888 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false"
export LD_LIBRARY_PATH=/usr/lib:$LD_LIBRARY_PATH

修改/opt/build/tomcat/conf/server.xml

<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000"
URIEncoding="UTF-8" redirectPort="8443"
compression="off" acceptCount="10" maxKeepAliveRequests="10"
minSpareThreads="4" maxSpareThreads="4" maxThreads="4"/>

添加到/etc/tomcat6/policy.d/04webapps.policy里

grant codeBase "file:/opt/build/hudson-work/-" {
permission java.security.AllPermission;
permission java.io.FilePermission "/opt/build/hudson-work/-", "read,write,delete";
permission java.io.FilePermission "/opt/build/tomcat/webapps/hudson/-", "read,write,delete";
};
grant codeBase "file:/opt/build/tomcat/webapps/hudson/-" {
permission java.security.AllPermission;
permission java.io.FilePermission "/opt/build/hudson-work/-", "read,write,delete";
};
grant codeBase "file:/opt/build/sonatype-work/-" {
permission java.security.AllPermission;
permission java.io.FilePermission "/opt/build/sonatype-work/-", "read,write,delete";
permission java.io.FilePermission "/opt/build/tomcat/webapps/nexus/-", "read,write,delete";
};
grant codeBase "file:/opt/build/tomcat/webapps/nexus/-" {
permission java.security.AllPermission;
permission java.io.FilePermission "/opt/build/sonatype-work/-", "read,write,delete";
};
update-rc.d tomcat6 defaults
mkdir /opt/build/webapps
chown -R build.log /opt/logs
chown -R build.build /opt/build
chmod -R o-r /opt/build
chmod -R o-x /opt/build
chmod -R g+w /opt/build
chmod -R g+w /opt/logs
chmod -R o-r /opt/logs
chmod -R o-x /opt/logs

安装nexus

cd /opt/build/webapps
wget http://nexus.sonatype.org/downloads/nexus-webapp-1.9.0.1.war
ln -s /opt/build/webapps/nexus-webapp-1.9.0.1.war /opt/build/tomcat/webapps/nexus.war
su - build
mkdir /opt/build/.m2
vi /opt/build/.m2/settings.xml
<settings>
<mirrors>
<mirror>
<!--This sends everything else to /public -->
<id>nexus</id>
<mirrorOf>*</mirrorOf>
<url></url>
</mirror>
</mirrors>
<profiles>
<profile>
<id>nexus</id>
<!--Enable snapshots for the built in central repo to direct -->
<!--all requests to nexus via the mirror -->
<repositories>
<repository>
<id>central</id>
<url></url>
<releases><enabled>true</enabled></releases>
<snapshots><enabled>true</enabled></snapshots>
</repository>
</repositories>
<pluginRepositories>
<pluginRepository>
<id>central</id>
<url></url>
<releases><enabled>true</enabled></releases>
<snapshots><enabled>true</enabled></snapshots>
</pluginRepository>
</pluginRepositories>
</profile>
</profiles>
<activeProfiles>
<!--make the profile active all the time -->
<activeProfile>nexus</activeProfile>
</activeProfiles>
</settings>
  • 在浏览器里键入http://<vm-ubuntu-build>:8080/nexus
  • 登录admin账户:用户名:admin,密码:admin123
  • 在Security里修改admin和deployment用户的密码,邮件及其他信息
  • 创建索引:
    • 选择Repositories
    • 在Maven Central的Configuration里把Download Remote Indexes改为True, 在Mirrors里添加http://uk.maven.org/maven2
    • 在Google Code, Codehaus Snapshots和java.net的Configuration里把Download Remote Indexes改为True
  • nexus配置
    • SMTP Settings
      • SMTP Settings: mail.gmx.net:465, SSL/TLS, Normal Password

安装hudson

apt-get install maven2
apt-get install ant ant-optional junit
cd /opt/build/webapps
wget http://java.net/projects/hudson/downloads/download/war/hudson-1.396.war
ln -s /opt/build/webapps/hudson-1.396.war /opt/build/tomcat/webapps/hudson.war
vi /opt/build/tomcat/bin/setenv.sh
export HUDSON_HOME=/opt/build/hudson-work
export MAVEN_HOME=/usr/share/maven2
export ANT_HOME=/usr/share/ant
  • hudson设置
    • sign up => 创建*admin*用户
    • Manage Hudson => Configure System => # of executors = 1
    • Manage Hudson => Configure System => Enable Security
      • 取消*Allow users to sign up*
      • Security Realm => Hudson’s own user database
      • Authorization => Matrix-based security
      • 加入admin => 为admin加入所有权限
      • 取消Anonymous的所有权限
      • 取消Help make Hudson better by …

安装Apache2代理

a2enmod proxy
a2enmod proxy_http
vi /etc/apache2/sites-available/default

添入以下行:

<IfModule mod_proxy.c>
ProxyPreserveHost On
ProxyPass         /hudson  http://localhost:8080/hudson
ProxyPassReverse  /hudson  http://localhost:8080/hudson
<Proxy http://localhost:8080/hudson/*>
Order deny,allow
Allow from all
</Proxy>
<Location /hudson>
Order deny,allow
Allow from all
</Location>
ProxyPass        /nexus    http://localhost:8080/nexus
ProxyPassReverse /nexus    http://localhost:8080/nexus
<Proxy http://localhost:8080/nexus/*>
Order deny,allow
Allow from all
</Proxy>
<Location /nexus>
Order deny,allow
Allow from all
</Location>
</IfModule>

设置固定IP

vi /etc/network/interfaces

删除dhcp设置

auto eth0
iface eth0 inet dhcp

添加IP设置

auto  eth0
iface eth0 inet static
address 192.168.178.111
netmask 255.255.255.0
network 192.168.178.0
broadcast 192.168.178.255
gateway 192.168.178.1
vi /etc/resolv.conf
search vm.2cn.de
domain vm.2cn.de
nameserver 192.168.178.1
nameserver 134.155.96.53
vi /etc/hosts
127.0.0.1 vm-ubuntu-build
127.0.0.1 vm-ubuntu-build.vm.2cn.de
192.168.168.11 vmhost-ubuntu-vbox
192.168.168.11 vmhost-ubuntu-vbox.2cn.de
/etc/init.d/networking restart

卸载dhcp

apt-get remove dhcp-client3

TODOs

Java编程环境安装(win32)

Java编程环境安装(win32)

  • 注意:以下软件中必须使用相同的svn版本(如:TortoiseSVN, svn, Subversive)

Oracle JDK

Subversion Client

  • TortoiseSVN下载网站:http://tortoisesvn.net/downloads.html
    • 下载TortoiseSVN-1.6.12.20536-win32-svn-1.6.15.msi
    • 安装TortoiseSVN
  • SVN下载网站:
    • 安装SVN并把SVN的位置加入进PATH环境函数中

SpringSource Tool Suite (Eclipse)

STS-Eclipse设置

  • 添加以下插件
    • Help => Install new software => Eclipse Marketplace
    • Help => Eclipse Marketplace
      • Subclipse
    • FindBugs Eclipse Plugin
      • EclEmma Java Code Coverage
      • Checkstyle Plug-in
      • Jadclipse
    • dot4zest
      • (WikiText)
  • 设置
    • General => 选择*Show heap status*
    • General => Content Types => Text => Default encoding = UTF-8 => 点击 Update
    • General => Editors => Text Editors => Undo history size = 2000
    • General => Editors => Text Editors => 选择 Insert spaces for tabs
    • General => Editors => Text Editors => 选择 Show line numbers
    • General => Editors => Text Editors => Spelling => 关闭 Enable spell checking
    • General => Startup and Shutdown => 关闭 Atlassian Connector, Roo Integration, Mylyn Tasks, Mylyn Team
    • General => Workspace => 关闭 Build automatically
    • General => Workspace => Text file encoding => Other = UTF-8
    • General => Workspace => New text file line delimiter => Other = Unix
    • General => Workspace => Days to keep files = 28
    • General => Workspace => Maximum entries per file = 1500
    • General => Workspace => Maximum file size (MB) = 32
    • Ant => Editor => Formatter => 关闭 Use tab character instead of spaces
    • Ant => Editor => Formatter => Maximum line width (characters) = 160
    • Ant => Editor => Formatter => 选择 Wrap long element tags
    • Data Management => SQL Development => Execution Plan View Options => Export encoding = UTF-8
    • Install/Update => 选择 Show all versions of available software
    • Java => Code Style => Clean Up => 导入 %SCM%/etc/conf/eclipse/java_code-style_clean-up_profile.xml
    • Java => Code Style => Code Templates => 导入 %SCM%/etc/conf/eclipse/java_code-style_code-templates.xml
    • Java => Code Style => Formatter => 导入 %SCM%/etc/conf/eclipse/java_code-style_formatter_profile.xml
    • Java => Code Style => Organize Imports => 导入 %SCM%/etc/conf/eclipse/java_code-style_import-order.importorder
    • Java => Compiler => Errors/Warnings
      • Code style: 把除Non-externalized strings以外所有的选项设置为 Warning
      • Potential programming problems: 把所有的选项设置为 Warning
      • Name shadowing and conflicts: 把所有的选项设置为 Warning
    • Java => Compiler => Javadoc => 把所有的选项设置为 Warning
    • Java => Debug => Debugger timout = 30000
    • Java => Debug => Launch timout = 60000
    • Java => Editor => 选择 Light bulb for quick assists
    • Java => Editor => Save Actions => 启用 Perform the selected actions on save*并选择 *Organize imports
    • Java => Editor => Typing => 选择 Semicolons, Braces*和 *Escape text when pasting into a string literal
    • JavaScript => Code Style => 选择 Automatically add comments for new functions and types
    • JavaScript => Code Style => Clean Up => 导入 %SCM%/etc/conf/eclipse/javascript_code-style_clean-up_profile.xml
    • JavaScript => Code Style => Code Templates => 导入 %SCM%/etc/conf/eclipse/javascript_code-style_code-templates.xml
    • JavaScript => Code Style => Formatter => 导入 %SCM%/etc/conf/eclipse/javascript_code-style_formatter_profile.xml
    • JavaScript => Editor => 选择 Light bulb for quick assist
    • JavaScript => Editor => Typing => 选择 Semicolons, Braces*和 *Escape text when pasting into a string literal
    • JavaScript => Validator => Errors/Warinings => 启用 Enable JavaScript semantic validation
    • Maven => 选择 Debug Output, Download Artifact Sources, Download Artifact JavaDoc
    • Maven => Installations => 添加 %JAVA_DEV_ENV%\maven-<VERSION>
    • Maven => Installations => 设置 Global settings = %SCM%/etc/conf/eclipse/maven_global_settings.xml
    • Maven => POM Editor => 选择 Show advanced tabs in the POM Editor
    • Remote Systems => Files => 选择 Show hidden files
    • Run/Debug => Console
      • Fixed width console = 160
      • Console buffer size = 1000000
      • Displayed tab width = 4
    • Run/Debug => Launching
      • 取消 Remove terminated launches when a new launch is created
      • 选择 Always launch the previously launched application
    • Server => Launching => 取消 Automatically publish when starting servers
    • Spring => Dashboard => 取消 Show Dashboard On Startup
    • Spring => User Agent Analysis => 选择 Disable UAA
    • Tasks => Synchronization => 取消 Synchronize with repositories
    • Team => 选择 Show all synchronization information
    • Team => SVN => 选择 show revision comparisons
    • Java => FindBugs => analysis effort = maximum
    • Terminal
      • Terminal buffer lines = 1000000
      • Serial timeout = 30
      • Network timeout = 30
    • Web => CSS Files => Encoding = UTF-8
    • Web => CSS Files => Editor
      • Line width = 160
      • 选择 Indent using spaces
      • Indentation size = 4
    • Web => HTML Files => Encoding = UTF-8
    • Web => HTML Files => Editor
      • Line width = 160
      • 选择 Align final bracket
      • 选择 Indent using spaces
      • Indentation size = 4
    • Web => JSP Files => Encoding = UTF-8
    • XML => XML Files => Editor
      • Line width = 160
      • 取消 Join lines
      • 选择 Indent using spaces
      • Indentation size = 4
    • XML => XML Files => Validation => 选择 Enable markup validations

vmhost-ubuntu-vbox虚拟主机安装

vmhost-ubuntu-vbox虚拟主机安装

记录时间:2011-02-13

硬件

  • Samsung R540 i3-380M JA05
    • Intel Core i3-380M 2x 2,53GHz
    • 4096MB DDR3 Ram PC3 8500 (1066 MHz)
    • 320GB S-ATA HDD, 5400rpm
    • Ethernet: 10/100/1000-MBit/s
    • Wireless LAN 802.11 B/G/N
    • 15,6″, 39cm, 1366 x 768 Pixel (WXGA TFT)
    • Intel® HD Graphics, ~1023MB
    • 3xUSB2.0, VGA, HDMI, MMC, SDHC, SDXC, SD
    • Webcam u. int. Mikro, DVD Brenner
    • Windows 7 Home Premium 64 Bit

软件

分区

电脑启动时在Samsung恢复系统里选择高级选项:

  • 把硬盘参照以下列表分区
    • sda1: RECOVERY (ntfs): 21.5GB
    • sda2: SYSTEM (ntfs): 104.9MB (B)
    • sda3: WINDOWS (ntfs): 62.7GB
    • 预留给ubuntu系统:220GB
      • sda5: UBUNTU (ext4): 10GB
      • sda7: DATA (ext4): 200GB
      • sda6: swap (swap): 9,6GB

安装ubuntu

放入ubuntu安装光盘,在BIOS里选择从光盘启动:

  • Installer boot menu
    • Language: English
    • <F6>: noacpi=on, nomodeset=on
    • Install Ubuntu Server 10.04 (Rescue mode)
  • Ubuntu installer main menu
    • Choose language: English
    • Location: other, Europe, Germany
    • Detect keyboard layout: yes, + y <ENTER> => de:nodeadkeys
  • Configure the network
    • DHCP: Auto
    • hostname: vmhost-ubuntu-vbox
  • Partition disks
    • Manual, Guided partitioning
      • / 226.2GB (分区应该分为10GB+200GB,见下文)
      • swap 9.6GB
  • Install the base system
  • Set up users and passwords
    • Fullname: admin 2cn.de
    • Username: r
    • Password: <password>
    • Encrypt your home directory: No
  • Configure the package manager
    • HTTP proxy: 无
  • Select and install software: No automatic updates
  • Software selection
    • OpenSSH Server
  • Configuring grub-pc
    • Install the GRUB boot loader to the MBR: Yes
  • Restart
  • 用SystemRescueCD纠正分区
    • gparted resize sda5 to 10GB
    • gparted add sda7 ext4 partition 200GB
      sudo su
      ls -l /dev/disk/by-uuid
vi /etc/fstab

添加以下几行

UUID=<partition-by-uuid> /opt ext4 defaults 0 0
mount -a

设置系统

安装软件,基本设置

设置代理,更新系统

sudo su
export http_proxy=http://www-cache.uni-mannheim.de:3128
apt-get update
apt-get dist-upgrade
apt-get autoremove
apt-get install python-software-properties
apt-get install rcconf
apt-get install p7zip-full
apt-get remove ubuntu-docs
apt-get remove mysql-common
apt-get remove samba-common
apt-get clean
apt-get autoclean
apt-get autoremove
cat /etc/issue
vi /etc/hosts
127.0.0.1 vmhost-ubuntu-vbox

为r和root用户设置top

为r和root添加screen显示设置

vi  ~/.screenrc

添加以下几行

caption always "%{Wb} %H %{Bk}| %{Ck}%-w%50>%{Cb} %n %t %-%+w%<%{- Wk}% |{Bk} | %=%{Wb} %C "

避免意外删除文件等错误

vi /etc/bash.bashrc

添加以下行

alias rm="rm -i"
alias cp="cp -i"
alias mv="mv -i"
alias halt="confirm halt"
alias reboot="confirm reboot"
alias shutdown="confirm shutdown"

SSH设置

用PAM限制SSH用户

vi /etc/pam.d/sshd

在vi里写入

auth required pam_listfile.so item=user sense=allow file=/etc/ssh/ssh.allow onerr=fail

添加允许SSH的用户

vi /etc/ssh/ssh.allow

在vi里写入

r

10分钟后自动关闭空闲的SSH链接

vi /etc/ssh/sshd_config

添加以下几行:

ClientAliveInterval 300
ClientAliveCountMax 2
UseDNS no

Postfix设置

dpkg-reconfigure postfix

Satellite System: 只通过smarthost发送,不接受邮件

vi /etc/postfix/main.cf

添加以下行

smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl_password
sender_canonical_maps = hash:/etc/postfix/sender_canonical
message_size_limit = 25600000
vi /etc/postfix/sasl_password

添加以下几行

smtp.gmx.net china-portal@gmx.net:<password>
chmod 600 /etc/postfix/sasl_password
postmap /etc/postfix/sasl_password
vi /etc/postfix/sender_canonical

添加以下几行

r china-portal@gmx.net
root china-portal@gmx.net
vbox china-portal@gmx.net
nagios china-portal@gmx.net
postmap /etc/postfix/sender_canonical
/etc/init.d/postfix restart

安装监测程序

监测网卡流量

apt-get install iftop
apt-get install jnettop

监测电脑硬件配置

apt-get install hwinfo

监测其他电脑数据

apt-get install iotop
apt-get install apachetop

安装Nagios

安装Nagios 3.2.0

apt-get install nagios3
apt-get install nagios-nrpe-plugin
  • Configuring nagios3-cgi
    • nagiosadmin password: <password>
      htpasswd -c /etc/nagios3/htpasswd.users nagiosadmin
      htpasswd -c /etc/nagios3/htpasswd.users nagios

设置权限

vi /etc/nagios3/cgi.cfg

在vi里修改行

authorized_for_read_only=nagios

设置apache2

vi /etc/apache2/apache2.conf

在vi里修改以下几行

ServerName localhost
Timeout 60
MaxKeepAliveRequests 10
StartServers 1
MinSpareServers 1
MaxSpareServers 1
MaxClients 10
vi /etc/apache2/conf.d/security

添加/修改行:

<Directory />
Options -Indexes
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>
ServerTokens Prod
ServerSignature Off
TraceEnable Off
vi /var/www/index.html
<html><body></body></html>
groupadd log
usermod -a -G log vbox
usermod -a -G log www-data
usermod -a -G log r
mkdir /opt/logs
mkdir /opt/logs/apache2
rm -R /var/log/apache2
ln -s /opt/logs/apache2 /var/log/apache2
chown -R www-data.log /opt/logs
chmod -R g+w /opt/logs
chmod -R o-r /opt/logs
chmod -R o-x /opt/logs

配置nagios

vm-ubuntu-build

vi /etc/nagios3/conf.d/vm-ubuntu-build.cfg
define host{
use                     generic-host
host_name               vm-ubuntu-build
alias                   vm-ubuntu-build
address 192.168.178.111
}
define service{
use                             generic-service
host_name                       vm-ubuntu-build
service_description             DNS
check_command                   check_dns!192.168.178.111
}
define service {
use                             generic-service
host_name                       vm-ubuntu-build
service_description             NRPE Disk Usage
check_command                   check_nrpe_1arg!check_all_disks!vm-ubuntu-build
}
define service{
use                             generic-service
host_name                       vm-ubuntu-build
service_description             NRPE Current Users
check_command                   check_nrpe_1arg!check_users!vm-ubuntu-build
}
define service{
use                             generic-service
host_name                       vm-ubuntu-build
service_description             NRPE Zombie Processes
check_command                   check_nrpe_1arg!check_zombie_procs!vm-ubuntu-build
}
define service{
use                             generic-service
host_name                       vm-ubuntu-build
service_description             NRPE Total Processes
check_command                   check_nrpe_1arg!check_total_procs!vm-ubuntu-build
}
/etc/init.d/nagios3 restart

安装VirtualBox

安装VirtualBox4.0.2

add-apt-repository "deb [http://download.virtualbox.org/virtualbox/debian] lucid contrib"
add-apt-repository "deb [http://download.virtualbox.org/virtualbox/debian] lucid non-free"
wget -q- -[http://download.virtualbox.org/virtualbox/debian/oracle_vbox.asc]- --O- | sudo apt-key add -
apt-get update
apt-get install libqtcore4
apt-get install libqtgui4
apt-get install libssl0.9.8
apt-get install virtualbox-4.0
apt-get install dkms
wget [http://download.virtualbox.org/virtualbox/4.0.2/Oracle_VM_VirtualBox_Extension_Pack-4.0.2-69518.vbox-extpack]
VBoxManage extpack install Oracle_VM_VirtualBox_Extension_Pack-4.0.2-69518.vbox-extpack
useradd -m -s /bin/bash vbox
passwd vbox
adduser vbox vboxusers
mkdir /opt/vbox
mkdir /opt/vbox-shared
chown -R vbox.vboxusers /opt/vbox
chown -R vbox.vboxusers /opt/vbox-shared
su - vbox
vi ~.VirtualBox/VirtualBox.xml

把defaultMachineFolder改为/opt/vbox

安装PhpVirtualBox

vi /etc/default/virtualbox
VBOXWEB_USER=vbox
VBOXWEB_HOST=localhost
VBOXWEB_PORT=18083
VBOXWEB_TIMEOUT=60
VBOXWEB_CHECK_INTERVAL=5
VBOXWEB_THREADS=2
VBOXWEB_KEEPALIVE=2
VBOXWEB_LOGFILE=/var/log/virtualbox.log
INSTALL_DIR=/usr/lib/virtualbox
mkdir /var/log/virtualbox
update-rc.d vboxweb-service defaults
apt-get install libapache2-mod-php5
mkdir /opt/phpvirtualbox
cd /opt/phpvirtualbox
wget `wget -q -O - [http://phpvirtualbox.googlecode.com/files/LATEST.txt]` -O phpvirtualbox-latest.zip
7z x phpvirtualbox-latest.zip
ln -s /opt/phpvirtualbox/phpvirtualbox-4.0-4b/ /var/www/vbox
mkdir /opt/phpvirtualbox/conf
vi /opt/phpvirtualbox/conf/config.php
<?php
class phpVBoxConfig {
var $username = 'vbox';
var $password = '<密码>';
var $location = 'http://127.0.0.1:18083/';
var $language = 'en_us';
var $previewUpdateInterval = 600;
var $enableAdvancedConfig = true;
}
ln -s /opt/phpvirtualbox/conf/config.php /opt/phpvirtualbox/phpvirtualbox-4.0-4b/config.php
vi /etc/apache2/sites-available/vbox
<VirtualHost *:80>
Alias /vbox /opt/phpvirtualbox/phpvirtualbox
<Directory /opt/phpvirtualbox/phpvirtualbox>
Options None
AllowOverride None
Order allow,deny
allow from all
</Directory>
ErrorLog /var/log/apache2/vbox-error.log
* Possible values include: debug, info, notice, warn, error, crit,
* alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/vbox-access.log combined
</VirtualHost>
a2ensite vbox
chown -R vbox.www-data /opt/phpvirtualbox/
chmod -R o-r /opt/phpvirtualbox
chmod -R o-x /opt/phpvirtualbox
/etc/init.d/apache2 restart
  • 在浏览器里打开http://<vmhost-ubuntu-vbox>/vbox网页
    • 用户admin,密码admin
    • File – Preferences – 修改admin密码

安装vboxMgr

mkdir /opt/vboxmgr
cd /opt/vboxmgr
wget http://vboxmgr.svn.sourceforge.net/viewvc/vboxmgr/trunk/vboxmgr-init
wget http://vboxmgr.svn.sourceforge.net/viewvc/vboxmgr/trunk/vboxmgr
wget http://vboxmgr.svn.sourceforge.net/viewvc/vboxmgr/trunk/autostart.conf.README
chmod 754 /opt/vboxmgr/vboxmgr
ln -s /opt/vboxmgr/vboxmgr /usr/local/bin/vboxmgr
chmod 754 /opt/vboxmgr/vboxmgr-init
ln -s /opt/vboxmgr/vboxmgr-init /etc/init.d/vboxmgr-init
mkdir /opt/vboxmgr/conf
mv /opt/vboxmgr/autostart.conf.README /opt/vboxmgr/conf
ln -s /opt/vboxmgr/conf/ /etc/vboxmgr
chown -R vbox.vboxusers /opt/vboxmgr
update-rc.d vboxmgr-init defaults 99 20
vi /opt/vboxmgr/conf/autostart.conf

添入以下几行

"vm-ubuntu-build" 0
"vm-winxp-work" 0

virtualbox备份

创建备份文件夹

mkdir /opt/backup
chown -R vbox.vbox /opt/backup
mkdir /opt/scripts
chown -R vbox.vbox /opt/scripts
vi /opt/scripts/vbox_backup.sh

添入以下备份脚本

!/bin/bash
BACKUP_TARGET="/opt/backup"
KEEP_DAYS=1
BACKUP_VMS=("vm-ubuntu-fe" "vm-ubuntu-build")
HOST=`hostname`
LAST_BACKUP=`/bin/date +%G%m%d`
AVAILABLE_VMS=`VBoxManage list vms | grep '"' | cut -d'"' -f2 2>/dev/null`
function suspendVM {
VM_STATE=`VBoxManage showvminfo "${CURRENT_VM}" --machinereadable | grep "^\(VM_STATE=\)" | cut -d'"' -f2 2>/dev/null`
if [ "${VM_STATE}" = "running" ]; then
echo "Suspending ${CURRENT_VM} ..."
VBoxManage controlvm ${CURRENT_VM} savestate
fi
}
function backupVM {
vbox_cfg_file=`VBoxManage showvminfo "${CURRENT_VM}" --machinereadable | grep "^\(CfgFile=\)" | cut -d'"' -f2 2>/dev/null`
vbox_vdi_files=`VBoxManage showvminfo "${CURRENT_VM}" --machinereadable | grep ".vdi" | cut -d'"' -f4 2>/dev/null`
mkdir "${BACKUP_TARGET}/${CURRENT_VM}"
echo "Backing up ${CURRENT_VM} ..."
rsync -aP --stats "${vbox_cfg_file}" "${BACKUP_TARGET}/${CURRENT_VM}/"
for current_vdi in ${vbox_vdi_files}; do
rsync -aP --stats "${current_vdi}" "${BACKUP_TARGET}/${CURRENT_VM}/"
done
}
function resumeVM {
if [ "${VM_STATE}" = "running" ]; then
echo "Resuming ${CURRENT_VM} . . ."
VBoxHeadless -s ${CURRENT_VM}
fi
}
function compressBackup {
backup_file="${CURRENT_VM}_${LAST_BACKUP}.tar.gz"
echo "Compressing ${CURRENT_VM} backup ..."
tar -cf "${BACKUP_TARGET}/${backup_file}" -C "${BACKUP_TARGET}/${CURRENT_VM}"
}
function deleteOldBackups {
echo "Deleting older than ${KEEP_DAYS} day(s)"
find "${BACKUP_TARGET}" -name "${CURRENT_VM}_*.tar.gz" -mtime ${KEEP_DAYS} -exec rm -vf {} \;
}
for backup_vm in "${BACKUP_VMS[@]}"; do
for CURRENT_VM in ${AVAILABLE_VMS}; do
if [ "${backup_vm}" = "${CURRENT_VM}" ]; then
echo "Start backup: ${CURRENT_VM} (`date`)"
suspendVM
sleep 3
backupVM
resumeVM
sleep 3
compressBackup
deleteOldBackups
echo "Finished backup: ${CURRENT_VM} (`date`)"
fi
done
done
chmod 750 /opt/scripts/vbox_backup.sh

设置固定IP

vi /etc/network/interfaces

删除以下dhcp的设置

auto eth0
iface eth0 inet dhcp

添加IP设置

auto  eth0
iface eth0 inet static
address 192.168.178.11
netmask 255.255.255.0
network 192.168.178.0
broadcast 192.168.178.255
gateway 192.168.178.1
vi /etc/resolv.conf
search 2cn.de
domain 2cn.de
nameserver 192.168.178.1
nameserver 134.155.96.53
vi /etc/hosts
127.0.0.1 vmhost-ubuntu-vbox
127.0.0.1 vmhost-ubuntu-vbox.2cn.de
192.168.178.111 vm-ubuntu-build
192.168.178.111 vm-ubuntu-build.vm.2cn.de
192.168.178.112 vm-winxp-work
192.168.178.112 vm-winxp-work.vm.2cn.de
/etc/init.d/networking restart

删除不需要的软件包

apt-get remove telnet

卸载dhcp

apt-get remove dhcp-client3

设置grub-reboot

把/etc/default/grub里的GRUB_DEFAULT函数改为saved

GRUB_DEFAULT=saved
grub-set-default 0
update-grub
vi /etc/bash.bashrc

添加使用Windows7重启指令

alias reboot2win="grub-reboot \"Windows 7 (loader) (on /dev/sda2)\" && reboot"

TODOs