It has been traditional for a FreeBSD sysadmin to compile applications from source in the ports tree, but binary packages can now be used for basic needs which saves significant time.
This server is being built for Maestro development. It will be running on my Windows 10 laptop using VirtualBox, although it could just as easily run on bare metal.
Features will include:
- FreeBSD 10.1-RELEASE Unix-like operating system.
- Apache 2.4, MariaDB 5.5 and PHP 5.6 AMP stack (using mod_php).
- Samba 3.6 and rsync (Samba to access Windows file shares as well as share the Maestro file vault to Windows clients, and rsync to synchronize the Maestro file vault to a Windows share).
- A variety of handy utilities, including git and mdbtools (to import from a Parts&Vendors Jet4 mdb database file).
This post does not include a mail server or gateway, and also will be updated shortly to include infrastructure requirements for Maestro testing (using PHPUnit with Selenium). Maestro is being updated first to use Composer following current best practices, with Composer being used to install PHPUnit.
Create Virtual Server
Create a new vm and specify BSD OS (FreeBSD) with 256 MB memory and a 20G system drive. Configure the network interface for NAT mode, and forward the IP ports being used from the vm (client) to Windows (host).
HTTPS (secure HTTP) will not be configured at this time. However, it will become the norm in the future.
ssh host port 2222 client port 22 http host port 8880 client port 80 mysql-tcp host port 3336 client port 3306 mysql-udp host port 3336 client port 3306
Download FreeBSD-10.2-RELEASE-i386.dvd1.iso from FreeBSD.org, boot the vm from the ISO, and perform a standard install (use 64-bit if you prefer, I still tend to create 32-bit virtual machines because I know it works and don’t need the extra address space). I will simply use root to admin the server, and will not create additional users during the install.
After installing the OS and rebooting into the new system, update the system to the latest release if you used an older install ISO, and also update the packages system (pkg, or pkgng in older references).
# freebsd-update upgrade -r 10.2-RELEASE # freebsd-update install # pkg update
Edit /etc/rc.conf to specify the hostname and DHCP network config.
hostname="whizzer.swiftconstructioncompany.net" ifconfig_em0="DHCP" sshd_enable="YES" # Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable dumpdev="AUTO"
Edit /etc/hosts so that necessary hostnames resolve (10.0.2.15 is the default IP address for a VirtualBox vm, substitute if necessary).
I am requiring that the vm never be exposed to the internet by using hostname swiftconstructioncompany.net. A different hostname must be used if the vm will be exposed to the internet.
::1 localhost localhost.local 127.0.0.1 localhost localhost.local 127.0.0.1 localhost localhost.swiftconstructioncompany.net 10.0.2.15 whizzer.swiftconstructioncompany.net whizzer 10.0.2.15 whizzer.swiftconstructioncompany.net.
Edit /etc/ssh/sshd_config to permit remote root login only, and only using an ssh key (a password can still be used at the console if necessary).
AllowUsers root PermitRootLogin YES PasswordAuthentication no ChallengeResponseAuthentication no UsePAM yes
Copy root‘s public ssh key to /root/.ssh/authorized_keys and restart sshd.
# service sshd restart
Install Apache and php
The venerated Apache with mod_php will be used, and installing mod_php will first install Apache 2.x as a dependency.
# pkg install mod_php5
Edit /usr/local/etc/apache24/httpd.conf to specify the server name and when to use php.
# ServerAdmin: Your address, where problems with the server should be ServerAdmin admin@whizzer.swiftconstructioncompany.net # ServerName gives the name and port that the server uses to identify itself. ServerName www.swiftconstructioncompany.net:80 # as per message from pkg install mod_php56 <FilesMatch "\.php$"> SetHandler application/x-httpd-php </FilesMatch> <FilesMatch "\.phps$"> SetHandler application/x-httpd-php-source </FilesMatch>
Edit /etc/rc.conf to start Apache at boot:
apache24_enable="YES"
Use the provided production PHP configuration file (or use the production file to suppress warnings and errors).
# cp /usr/local/etc/php.ini-development /usr/local/etc/php.ini
Edit php.ini to specify the server timezone.
# add default date timezone date.timezone = "America/Edmonton" # uncomment session.save_path session.save_path = "/tmp"
Confirm that the PHP comnmand line tools were installed correctly (no errors means things are good).
# php -r "phpinfo ( );"
Test the Apache configuration and start Apache.
# service apache24 configtest # service apache24 start
Test that Apache will serve HTML by browsing http://localhost:8880 to see the default Apache install page.
Test that Apache will execute PHP by displaying the output from phpinfo() in a web page. I like to explicitly configure Apache for each site or page served to avoid the possibility of accidentally creating a security risk. First create /usr/local/www/phpinfo/index.php, the PHP code for the “phpinfo website”.
<?php phpinfo(); ?>
Next, create an Apache configuration file /usr/local/etc/apache24/Includes/phpinfo.conf.
Alias /phpinfo "/usr/local/www/phpinfo" <Directory "/usr/local/www/phpinfo"> Require all granted </Directory>
Finally restart Apache,
# service apache24 restart
and browse to http://localhost:8880/phpinfo to confirm all is ok.
This post will be updated shortly to include the infrastructure for Maestro testing using PHPUnit and Selenium.
Install MariaDB
Install the MariaDB database server (and the mysql command line client). I haven’t tested Maestro with MariaDB v10.x yet, so will use MariaDB v5.5, which retains full compatibility with MySQL 5.5.
# pkg install mariadb55-server
Use the my-medium.cnf config file:
# cp /usr/local/share/mysql/my-medium.cnf /var/db/mysql/my.cnf
and edit it to default to InnoDB tables:
# Uncomment the following if you are using InnoDB tables innodb_data_home_dir = /var/db/mysql innodb_data_file_path = ibdata1:10M:autoextend innodb_log_group_home_dir = /var/db/mysql # You can set .._buffer_pool_size up to 50 - 80 % # of RAM but beware of setting memory usage too high innodb_buffer_pool_size = 16M innodb_additional_mem_pool_size = 2M # Set .._log_file_size to 25 % of buffer pool size innodb_log_file_size = 5M innodb_log_buffer_size = 8M innodb_flush_log_at_trx_commit = 1 innodb_lock_wait_timeout = 50
Install MariaDB’s management database and setup grant tables:
# cd /usr/local/ # mysql_install_db --user=mysql --basedir=/usr/local --basedir=/usr/local --datadir=/var/db/mysql
The –datadir option should not be necessary but must be specified if mysql_install_db cannot determine datadir (aka ldir) correctly.
Edit /etc/rc.conf to start MariaDB at boot.
mysql_enable="YES"
Start MariaDB.
# service mysql-server start
Configure the MariaDB root password:
> mysqladmin -u root password 'appleton' > mysqladmin -u root -p -h localhost password 'appleton' > mysqladmin -u root -p -h whizzer.swiftconstructioncompany.net password 'appleton'
If desired, grant root permission to connect remotely (e.g. to connect to MariaDB on the vm directly from the Windows host, or some other “remote” server).
> mysql -u root -p mysql> grant all privileges on *.* to 'root'@'%' identified by 'appleton' with grant option; mysql> exit;
Restart MariaDB to read the edited my.cnf file:
# service mysql-server restart
Run mysql_secure_installation as a double-check that all is ok.
# mysql_secure_installation
Install Samba and rsync
The venerable Samba v3 will be used for simple CIFS file sharing.
# pkg install samba3
Create the Maestro share directory.
# mkdir -p /usr/home/maestro # chmod ugo+w /usr/home/maestro
Edit /usr/local/etc/smb.conf to configure Samba.
#======================= Global Settings ===================== [global] workgroup = WORKGROUP server string = Maestro Share security = share passdb backend = tdbsam #======================= Share Definitions ===================== [maestro] comment = Maestro Share path = /usr/home/maestro public = yes read only = no
Edit /etc/rc.conf to start Samba at boot:
# samba3 samba_enable="YES" winbindd_enable="YES"
Start Samba:
# service samba start
Install rsync.
# pkg install rsync
Install Utilities
Git
Git is used to clone the Maestro project repository.
Install Git.
# pkg install git
Configure git with your username and email. I prefer plain text without color-coding.
# git config --global user.name "Dale Scott"
# git config --global user.email "dale@dalescott.net"
# git config --global color.ui false
# git config --global color.diff false
# git config --global color.status false
# git config --global color.branch false
# git config --global color.interactive false
mdbtools
mdbtools is used by Maestro export data from Parts&Vendors, which uses a Microsoft Jet v4 database (colloquially called an Access database).
# pkg install mdbtools
flip
flip is useful for converting the occasional pesky Windows-format text file.
# pkg install flip