Skip to content
Basim Ramadhan edited this page Jun 2, 2017 · 24 revisions

Welcome to the lovelace-website wiki!

Setting up a FreeBSD server on DigitalOcean

  1. Create a FreeBSD 11.0 server on DigitalOcean
  2. Log into the server: ssh freebsd@<server_ip>
  3. Set up a password for the root user: su root then passwd
  4. Set up a password for the freebsd user: as root, run passwd freebsd then exit
  5. Disable password-authenticated SSH access for the root user:
    • open the SSH daemon configuration: sudo vim /etv/ssh/sshd_config
    • update the following line to read: PermitRootLogin without-password
    • restart the SSH daemon: sudo service sshd restart
  6. Check for base operating system updates: sudo freebsd-update fetch install, restarting with sudo shutdown -r now if kernel updates were installed
  7. Set up automatic checking for base operating system software updates:
    • open the crontab file: sudo vim /etc/crontab
    • append the following line: @daily root freebsd-update -t freebsd cron
    • that will check for updates daily and notify the freebsd user
    • check for notifications with: mail
    • if there are updates available, install them with sudo freebsd-update install
    • remember to restart after kernel updates!
  8. Set up the firewall:
    • sudo sysrc firewall_enable="yes"
    • sudo sysrc firewall_quiet="yes"
    • sudo sysrc firewall_type="workstation"
    • sudo sysrc firewall_myservices="ssh http https"
    • sudo sysrc firewall_allowservices="any"
    • sudo sysrc firewall_logdeny="yes"
    • sudo service ipfw start
  9. Set up the server's timezone:
    • sudo tzsetup
    • sudo sysrc ntpd_enable="yes"
    • sudo sysrc ntpd_sync_on_start="yes"
    • sudo service ntpd start
  10. Fetch the ports tree: sudo portsnap fetch extract (one-time setup)
  11. Check for package updates:
    • update the ports tree: sudo portsnap fetch update
    • fetch most recent package database information: sudo pkg update
    • run pkg version -vRL= for available package updates
    • check the notes before updating: less /usr/ports/UPDATING
    • proceed with updating packages: sudo pkg upgrade
  12. Package management:
    • finding packages: pkg search <name>
    • installing packages: `sudo pkg install
    • after installing package a package, run rehash to update PATH
    • viewing package information: pkg info <name>
    • removing packages: sudo pkg delete <name>
    • removing unused dependencies: sudo pkg autoremove
    • list installed packages: pkg info
    • check for security vulnerabilities in installed packages: pkg audit -F
  13. Service management:
    • enabling services: sudo sysrc <name>_enable=yes (this will append to /etc/rc.conf)
    • to enable a service means auto-starting on boot, as well as allowing users to start it
    • starting services: sudo service <name> start (service must have been enabled first)
  14. Install required packages: sudo pkg install git sudo pkg install bash python36 apache24 ap24-mod_wsgi4 py27-virtualenv postgresql96-server
  15. Set up git:
    • choose the name that will be associated with commits: git config --global user.name "<name>"
    • choose the email associated with the Github account: git config --global user.email "<email>"
    • choose the default editor: git config --global core.editor "<editor>"
  16. Set up bash:
    • make sure bash is installed: which bash
    • change default shell to bash: chsh
    • specify /usr/local/bin/bash as your shell
    • log out and log back in
  17. Set up Postgres:
    • sudo sysrc postgresql_enable="yes"
    • sudo /usr/local/etc/rc.d/postgresql initdb
    • sudo vim /var/db/postgres/data96/postgresql.conf
      • listen_addresses = 'localhost'
      • port = 5432
    • sudo service postgresql start
    • sudo su - postgres
    • psql
      • CREATE DATABASE projectlovelace;
      • CREATE USER admin WITH PASSWORD '<password>';
      • ALTER ROLE admin SET client_encoding TO 'utf8';
      • ALTER ROLE admin SET default_transaction_isolation TO 'read committed';
      • ALTER ROLE admin SET timezone TO 'UTC'; (confirm that Django setting USE_TZ is 'True')
      • GRANT ALL PRIVILEGES ON DATABASE projectlovelace TO admin;
      • ``
      • \q
    • exit
  18. Set up Apache:
    • sudo sysrc apache24_enable="yes"
  • sudo mkdir /usr/local/www/apache24/data/
    • cd /usr/local/www/apache24/data/
    • sudo git clone https://github.com/project-lovelace/lovelace-website.git
    • sudo chown -R freebsd ./lovelace-website
    • cd ./lovelace-website
    • make prepare-venv
    • nano ./src/lovelace/settings.py (paste production password)
    • source env/bin/activate
    • cd ./src
    • python manage.py migrate (if db is empty)
Clone this wiki locally