Select Page

This page holds information in regards to Richard Easthers Cosmology Wiki – created by Dom Ritchie.

Server

Mac Mini Server

 

Software

The software being used in order to provide a wiki server, is the built in Apple Wiki Server 3. This will be setup using Open Directory, so that users are completely SEPARATE from EC or UOA logins. Richard will manage these accounts – this is so he has the ability to grant access to users external to the university.

Richard also requires SVN/Git capability, I have setup uberSVN.

This machine will eventually have a CNAME associated with it to wiki.cosmology.auckland.ac.nz

Installation

Ok, so how do we go about setting up one of these machines?

Setting up the Wiki Server

  1. Get yourself an OSX Lion Server
    1. Make sure you have it updated to the latest patch
  2. Download the latest Admin Tools and Install them
  3. Setup OpenDirectory
    1. Use the Server Admin tool (part of the Admin Tools package)
    2. Highlight the server, then goto Settings, Services, and tick the box next to Open Directory
    3. Then highlight Open Directory and click Change – it takes you through an easy Wizard, where you will need to setup an OD admin

Open Directory
  1. Turn on the Wiki Server
    1. Get yourself a cert in the standard way
    2. Apply the cert in Server.App

Applying Certs in Server.app

Setting up GIT

One of the first things you have to remember to do is to install the Command Line Tools from Xcode.

Git has been setup using SSHFS. I have created a “git” user on the Open Directory, password is in secret server. This users home directory is stored on /Volumes/data (ie the second drive for easy backup).

Basically, GIT just requires an SSH login with a home drive. Richard may choose to have his users login as themselves – if this is the case we may need to revisit this, and create a shared space for them to access each others work.

People won’t be able to login without a home drive, and being in the SSH login users group.

  • First to add the user to the SSH login group, open up Workgroup Manager, choose the user, then goto groups. Hit the plus sign, and drag and drop the group.

Image:addtosshgroup.png

  • Next create a home drive, click home. I have modified where we store home directories to the secondary drive – this is so we can separate user access onto that drive – basically keeping all GIT stuff seperate.
  • If you choose a user without a homedrive, you will note that FullPath is not populated, select /Volumes/data/Users, then hit Create Home Now.

Image:Screen Shot 2012-08-28 at 3.28.12 PM.png

Now your users should be able to login and have access to some space to load their GIT repos. If we want to give particular users access to a particular space on that drive, I suggest we create a group for each set of users then create a share for them on the secondary drive in a particular place.

For an example I have created a directory /Volumes/data/git_repos, and created a group called git_repo_admins. To this group I have added myself, Richard Easther and Robert Carter, and I have given this group full control. Its important to note here that you will have to remove the current group before adding a new one.

Creation of git_repo_admins

Problems with GIT and shared repositories

If you get behaviour similar to be the below,

Counting objects: 5, done.
Delta compression using up to 16 threads.
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 350 bytes, done.
Total 3 (delta 2), reused 0 (delta 0)
error: insufficient permission for adding an object to repository database ./objects
Then you need to set permissions on the repository correctly, and add a line to your git repository config: This website shows the process for setting permissions and adding the repository, however I have added below as well.
chmod -R g+ws *
chgrp -R <your group name> *
 
git config core.sharedRepository true

 

Remote login to server

VNC dosen’t work with opendirectory by default. Heres some code:

#!/bin/sh
 
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -clientopts -setdirlogins -dirlogins yes
 
sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -restart -agent -console

Once you’ve done this, you will need to create Open Directory groups that correspond to the amount of access you want a given user to have (ard_admin, ard_reports, ard_manage, ard_interact) and add users to the appropriate groups.

ADDING OPENDIRECTORY USER TO LOCAL ADMINISTRATORS

Use dscl! Or, you can use the directory tool (Make sure you are looking at local and not the LDAP!)

 

Backup

Carbon Copy Cloner has been setup on the machine, and is being used to create an image of the first drive, and is currently storing it on the second.

CCC will copy the selected items from "sc-mini-291139-system" into a disk image at /Volumes/data/Backup/sc-mini-291139-system.sparseimage.
 
• Files and folders unique to the destination will be moved to the "_CCC Archives" folder. Files and folders at the root level of the destination will be left alone if they do not exist on the source.
 
• Files on the destination will be updated if the size or modification date differs. CCC will also use a checksum to identify and replace corrupted files on the destination.
 
• Older versions of updated files will be archived.
 
• CCC will prune archive content until 15 GB of free space is available on the "sc-mini-291139-system.sparseimage" volume.

In addition to this backup, the wiki database and the open directory will need to be backed up. Thankfully William McGrath of FOED has provided his backup scripts for our use.

#!/bin/bash
#
# backup-db.sh
# William McGrath, Faculty of Education
# w.mcgrath@auckland.ac.nz
#
# Backs up the Wiki Services collaboration database.
 
today=$(date +%Y-%m-%d)
backupdir=/backup/$(hostname)/${today}
backuplocation=${backupdir}/collab-$(date +%H%M).sql
 
# don't touch below here...
pguser=collab
psql=/usr/bin/psql
pg_dump=/usr/bin/pg_dump
 
mkdir -p $backupdir
$pg_dump -U $pguser collab -c -f $backuplocation
bzip2 $backuplocation
#!/bin/bash
#
# backup-db.sh
# William McGrath, Faculty of Education
# w.mcgrath@auckland.ac.nz
#
# Backs up the Wiki Services collaboration database.
 
today=$(date +%Y-%m-%d)
backupdir=/backup/$(hostname)/${today}
backuplocation=${backupdir}/collab-$(date +%H%M).sql
 
# don't touch below here...
pguser=collab
psql=/usr/bin/psql
pg_dump=/usr/bin/pg_dump
 
mkdir -p $backupdir
$pg_dump -U $pguser collab -c -f $backuplocation
bzip2 $backuplocation

These files work with a couple of .plists that will sit in the LaunchDaemons folder. (I have yet to implement and modify these scripts)

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
       <key>Label</key>
       <string>nz.ac.auckland.foeddbbackup</string>
       <key>ProgramArguments</key>
       <array>
               <string>/backup/backup-db.sh</string>
       </array>
       <key>LowPriorityIO</key>
       <true/>
       <key>Nice</key>
       <integer>1</integer>
       <key>StartCalendarInterval</key>
       <dict>
               <key>Minute</key>
               <integer>00</integer>
       </dict>
</dict>
</plist>
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>Label</key>
	<string>nz.ac.auckland.foedserverbackup</string>
	<key>ProgramArguments</key>
	<array>
		<string>/backup/backup-server.sh</string>
	</array>
	<key>LowPriorityIO</key>
	<true/>
	<key>Nice</key>
	<integer>1</integer>
	<key>StartCalendarInterval</key>
	<dict>
		<key>Hour</key>
		<integer>20</integer>
		<key>Minute</key>
		<integer>30</integer>
	</dict>
</dict>
</plist>
</xml>

I will back these databases up to the /Volumes/data drive. From here, I intend to rsync this drive to the secondary drive on the server sc-mini-291140? (the machine next to it on the rack), and also to scidrive.

CURRENTLY THE ONLY PART OF BACKUP FUNCTIONING IS THE FULL DISC BACKUP FROM CCC.

Alerts

At some point this service will need to be setup with Nagios

Skip to toolbar