Server

LXC containers are great for application isolation and safe deployment. Running unprivileged containers is the safest way to run containers in a production environment. This note contains enough information to create your own safe container.

I’ve completed setting up my comfort set of LXC containers and want to save some points I spent a lot of time for or things for copy-paste.

I used the official Ubuntu Server Guide but note at Digital Ocean knowledge base also helped me a lot. I created 3 containers: one for vpn, one for site on Drupal and last one as www proxy for second one with nginx only.

This note is similar to previous drupal and joomla installations. Install requirements (webserver, php5, DB server, DB adapter for php) as root:

apt-get install -y nginx php5-fpm nginx postgresql php5-pgsql php5-gd

This Python script retrieves computer’s external IP address (using internet.yandex.ru) and emails message with new IP if IP has been changed since last check. BeautifulSoup module is needed, so install it if you have no installed version:

sudo pip install beautifulsoup

Installing dependencies Firstly you need to install webserver, php-related stuff and database server (we use PostgreSQL). apt-get install -y php5-fpm nginx postgresql php5-pgsql Now download and install Joomla (currently 3.1.5 is the latest). Please, update following lines with latest version if nescessary: cd /srv wget http://joomlacode.org/gf/download/frsrelease/18622/83487/Joomla_3.1.5-Stable-Full_Package.zip unzip Joomla_3.1.5-Stable-Full_Package.zip -d joomla chown -R www-data:www-data joomla Database setup The only two things you need to do is to create user (joomla in example) and database (joomla in example).

To enable tun device in OpenVZ containers tun module - needs to be loaded in the host system (in my case CentOS 6.4) - containter (in my case Ubuntu Server 12.04) must be allowed to use tun

This howto is based on two sources: Official wiki and Amutu blog entry. In short, the main difficulty is in bridge network configuration: correct network configuration doesn’t work in CentOS 6.4 while NetworkManager is running. I compiled official documentation and fix found in Amutu blog here in one entry.

Depends on server configuration, each OpenVPN client needs configuration file (client.conf for *nix and client.ovpn for windows), certificate authority (ca.crt), [optional] tls auth file (ta.key), user crt and key.

SLURM (Simple Linux Utility for Resource Management) — job scheduler and resource manager usually installed on supercomputers. For example, it runs on Lomonosov supercomputer in MSU, Moscow, Russia.

Default Drupal package in Ubuntu installs Apache, but I prefer nginx as a webserver. In this note I’ll describe steps necessary to get Drupal 7 work.

This howto is based on a great guide with modifications. All settings are made for server domain hg.kenarius.org. You can replace it with your one easily.

We all do backups. This note is about doing them on Ubuntu 12.04.

Tasks:

archive important folders
dump mysql databases
upload all to yandex.disk (online web storage with 10GB space)
delete old backups

I’ll save only backups for last five days.

Tips for LXC 2: unprivileged containers

Tips for LXC: creation, autostart, OpenVPN and port forwarding to containers

Setup Drupal 7 with nginx and PostgreSQL on Ubuntu 14.04

Email notification if IP is changed with Python and cron

Setting up Joomla 3.1.5 with PostgreSQL on Ubuntu 13.04

Enable tun for OpenVZ Ubuntu 12.04 containers in CentOS 6.4

Configuring Ubuntu 12.04 in OpenVZ on CentOS 6.4

Creating Zip With VPN Client Keys and Configuration Files

Ubuntu Server 12.04 + Slurm 2.5.7 fatnodes

Ubuntu Server 12.04 + Drupal 7 + nginx + MySQL

Setting up RhodeCode on Ubuntu 12.04

Daily backups (files + mysql) to yandex.disk in Ubuntu 12.04