LInux (Debian) Server tasks

LInux (Debian) Server tasks

Linux (Debian) System Tasks:

SSH
   $ ssh optimusprime.se
   or 
   $ ssh 31.192.227.207

Add user (with root privileges):
   $ sudo useradd -s /bin/bash -m -d /home/<username> -c <username> (add user with bash and homedir)
   $ sudo passwd <username> (give password)
   
   $ visudo (give sudo privileges)
      # user privilege specification
      root ALL=(ALL:ALL) ALL
      # add user
      <username> ALL=(ALL:ALL) ALL

chmod restrictions example (theory)
   read = 4
   write = 2
   execute = 1
   
   $ chmod 421 <file> 
   means owner has read, group has write, and the world has execute privileges on <file> 

   $ chmod 760 <file>
   means owner has read, write and execute priviliges on <file>
   group has read and write privileges on <file> 
   world has not access to the file.
 
Create a group with restrictions 
   $ sudo groupadd developers
   $ sudo grep developer /etc/group (too see if the group was created)
      # developers:x:1002:

   $ sudo chown root:developers /var/ (change owner and group of directory or file)
   $ sudo chmod 770 /var/ (give owner and group read, write and execution privileges)
   
   Same two last steps for /var/www/

Add user to developer group with read write privileges to the /var/ directory
   $ sudo useradd -m -g developers <username>

Give user ssh rights with public key (no password) 
   On the clients home dir check if id_rsa.pub or id_dsa.pub exist.
   $ ls ~/.ssh

   $ ssh-keygen (in homedir if not public key exist)
   
   Somehow copy that id_rsa.pub (or id_dsa.pub) to /home/user/.ssh/authorized_keys file. Now when user
   ssh to server no password is needed.

Creating Stage-server for git 
   This is to be done on server, assumes you have gitrepo on your client that you want to deploy for 
   testpurpose.

   $ mkdir /home/patriknygren82/<projectname>.git 
   $ cd /home/patriknygren82/<projectname>.git 
   $ git init --bare 

   This creates a “bare” Git repo, which means that it contains all the Git commit data, but no 
   checked-out HEAD – essentially, it’s just the contents of the .git directory in a normal git repo.

   $ vim /home/patriknygren82/<projectname>.git/.git/hooks/post-receive
        #!/bin/sh
        GIT_WORK_TREE=/path/to/webroot/<projectname> git checkout -f
   $ chmod +x /home/patriknygren82/<projectname>.git/.git/hooks/post-receive

   On client side inside the project folder with the gitrepo you want to push
   $ git remote add stageserver git://optimusprime.se/<projectname>.git
   
   On Ec2
   $ cat ~/.ssh/id_rsa.pub | ssh ~/<user>-europe.pem [email protected] 'cat >> .ssh/authorized_keys'
   
   Now you have an additional remote push and fetch server for your gitrepo.
   
O-viu EC2

   start mongo server on port 27017
   $ sudo service mongod start 
   stop
   $ sudo service mongod stop
   restart
   $ sudo service mongod restart
   
   Node server portforwarding (open port 80 for the world)
   1. See if you have ip forwarding enabled already:
   $ cat /proc/sys/net/ipv4/ip_forward
   2. If it returns 0, then ip forwarding is disabled. A 1 means it's enabled.
   $ sudo vim /etc/sysctl.conf
   // uncomment this line
   net.ipv4.ip_forward
   3. This will enable ip forwarding. Then, to enable the changes made in sysctl.conf:
   $ sudo sysctl -p /etc/sysctl.conf
   4. See if you have ip forwarding enabled now
   $ cat /proc/sys/net/ipv4/ip_forward
   5. Now, let's set up forwarding from 80 to 8080, 3000, 5000 or what you have:
   sudo iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
   6. Next, we need to open the Linux firewall to allow connections on port 80:
   $ sudo iptables -A INPUT -p tcp -m tcp --sport 80 -j ACCEPT
   $ sudo iptables -A OUTPUT -p tcp -m tcp --dport 80 -j ACCEPT
   7. start node and go to your ip on the browser
   $ node app.js