Manual Servidor SIAT Versi+¦n Final_victor
49
MANUAL de INSTALACION Y CONFIGURACIÓN SERVIDOR Siat Server, SiatBd y Servidor de Desarrollo
-
Upload
jose-tapia -
Category
Documents
-
view
59 -
download
8
Transcript of Manual Servidor SIAT Versi+¦n Final_victor
MANUAL de
INSTALACION Y CONFIGURACIÓN
SERVIDOR Siat Server, SiatBd
y Servidor de Desarrollo
(172.16.2.213, 172.16.1.2 y
172.16.2.18)
Versión 2.3
I - Descripción Distribuciones Server
Ubuntu (http://www.ubuntulinux.org) es una distribución GNU/Linux fácil de utilizar y orientada tanto al usuario de escritorio como al servidor. Se encuentra mantenida por una comunidad de desarrolladores que reciben el soporte de la empresa Canonical, la cual vende servicios relacionados con la distribución.
El proyecto openSUSE es un programa comunitario a nivel internacional patrocinado por Novell. Al mismo tiempo que promueve el uso de Linux, openSUSE.org proporciona acceso fácil y gratuito a la distribución de Linux más utilizable del mundo, openSUSE. El proyecto openSUSE ofrece a
desarrolladores y usuarios todo lo que necesitan para empezar a trabajar con Linux.
Red Hat Enterprise Linux también conocido por sus siglas RHEL es una distribución comercial de Linux desarrollada por Red Hat. Es la versión comercial de Fedora, y anteriormente lo era de RedHat Linux, de forma similar a como Novell SUSE Enterprise (SUSE Linux Enterprise Desktop y SLE Server) lo es respecto de OpenSUSE o Mandriva Corporate respecto de Mandriva Linux One.Mientras que las nuevas versiones de Fedora salen cada aproximadamente 6 meses, las de RHEL suelen hacerlo cada 18 o 24 meses (aunque desde RHEL 5 ya han pasado 32 meses y aun no se sabe la fecha de RHEL 6). Tienen soporte oficial de Red Hat, programas de certificación, etc.
Mandriva o Mandriva Linux es una distribución Linux publicada por la compañía francesa Mandriva destinada tanto para principiantes como para usuarios experimentados, que ofrece un sistema operativo orientado a computadoras personales y también para servidores con un enfoque a los usuarios que se están introduciendo al mundo de Linux y al software libre. Surgió en julio de 1998 resultado de la fusión de la distribución francesa Mandrake Linux y la brasileña Conectiva Linux.
II - Instalación – Ubuntu Server
A la realización de este documento se contó con un CD instalador de la distribución Ubuntu-Server 9.10. Es necesario contar con conocimientos previos de instalaciones bajo Linux. A continuación mostraré el proceso de instalación de manera genérica, detallando solamente aspectos críticos del Server, necesarios para la MPA y el SIAT.
1 – El idioma de las opciones de instalación, teclado, e idioma del sistema serán Español.
2 – Red, se recomienda que la configuración sea manual, tanto si se cuenta con un servicio de DHCP o no, ya que de esta configuración dependera el resto de servicios que dependan del servicio “networking” de Ubuntu.
3 – Hostname, UbuntuSiat
4 – Particiones, se contó con un disco duro de 80gb (pruebas) siendo las particiones las siguientes:
Punto montaje
Tipo partición Cantidad Sistema Archivos
Uso
Swap Primaria 2 GB Intercambio Intercambio
/var Primaria 50 GB Ext4 Variables, fuentes y data
/home Primaria 10 GB Ext4 Usuarios
/ Extendida 17 GB Ext4 Sistema Operativo
ServerSiat: Disco de 146 GB en RAID1:
Punto montaje
Tipo partición Cantidad Sistema Archivos
Uso
Swap Primaria 16 GB Intercambio Intercambio
/var Primaria 110 GB Ext4 Variables, fuentes y data
/home Primaria 10 GB Ext4 Usuarios
/ Extendida 10.8 GB Ext4 Sistema Operativo
SiatDb: Disco de 250 GB en RAID1:
Punto montaje
Tipo partición Cantidad Sistema Archivos
Uso
Swap Primaria 20 GB Intercambio Intercambio
/var Primaria 200 GB Ext4 Variables, fuentes y data
/home Primaria 10 GB Ext4 Usuarios
/ Extendida 20 GB Ext4 Sistema Operativo
Swap : muchos manuales de instalación bajo Linux (no importa la distro), ya sea para server o para desktop se recomienda una swap que sea el doble de la capacidad de la maquina que se este instalando; esta recomendación quedo desfasada, ya que la misma fue hecha a raiz de se contaba con PC’s con restricciones de memoria y capacidad.
/var : se recomienda la mayor parte del disco para este punto de montaje, al ser este donde se almacena los fuentes del Sistema, data de la base de datos, y archivos de la mayoría de servicios.
/home : este punto de montaje depende de la cantidad de usuarios del S.O; no se habla de usuarios de postgres, por que actualmente el SIAT gestiona los mismos mediante tablas de base de datos.
/ : punto de montaje donde se encuentra el sistema operativo en si, cabe resaltar que no se le dio una partición especial para /boot; ya que no se espera cambiar de distribución una vez estando en producción nuestro servidor.Tipo Partición Ext4 : ultima version del ext3.
5 – Servicios seleccionados: Apache, Samba, DHCP y DNS; los demás servicios básicos se instalan por defecto, por razones que se explicaran mas adelante en este documento no se seleccionó Postgres.
III - Configuración – Debian/Ubuntu Server
root, las distribuciones de Ubuntu no tienen activado por defecto el usuario root, para su activación :
sudo passwd root
Password pruebas : ***************Password SiatServer : ****************Password SiatBd: ***************
Para cambiar la clave root, una vez que esta exista se procede asi, como root:
sudo passwd
172.16.2.18: “nataliaoreiro20101984”172.16.2.18:edwin2:********172.16.2.18:vhualpa:********172.16.2.213:transferencia********172.16.2.213:soporte:********172.16.1.2: soporte
Los editores utilizados son nano y vi; pero este último deberá ser instalado para debían (aptitude install vim)
Agregar usuarios
useradd edwin2
passwd edwin2
Red, se configura, como root (pruebas):
vi /etc/network/interfaces
# This file describes the network interfaces available on your system# and how to activate them. For more information, see interfaces(5).# The loopback network interfaceauto loiface lo inet loopback#the first network interfaceauto eth0iface eth0 inet static address 172.16.2.212 netmask 255.255.254.0 network 172.16.2.0 gateway 172.16.2.1
Server :
# This file describes the network interfaces available on your system# and how to activate them. For more information, see interfaces(5).# The loopback network interfaceauto loiface lo inet loopback#the first network interfaceauto eth0iface eth0 inet static address 172.16.2.213 netmask 255.255.254.0 network 172.16.2.0
gateway 172.16.2.1
SiatBd
# This file describes the network interfaces available on your system# and how to activate them. For more information, see interfaces(5).
# The loopback network interfaceauto loiface lo inet loopbackauto eth0# The primary network interface#allow-hotplug eth0#iface eth0 inet dhcpiface eth0 inet static address 172.16.1.2 netmask 255.255.252.0 network 172.16.1.0 gateway 172.16.2.1
Seguidamente reiniciar el servicio de red :
/etc/init.d/networking restart
Nóta : Para actualizar el comando aptitude (gestor de instalaciones), es necesario acceso a Internet, para descargas de paquetes, pero se debe tener en cuenta que si el acceso es mediante un Proxy se debe registrarlo con el siguiente comando
export http_proxy = “172.16.2.1:3128”
Además los links de actualizaciones en este caso de Debian serían los siguientes
nano/etc/apt/sources.list## deb cdrom:[Debian GNU/Linux 6.0.2.1 _Squeeze_ - Official amd64 CD Binary-1 20$
#deb cdrom:[Debian GNU/Linux 6.0.2.1 _Squeeze_ - Official amd64 CD Binary-1 201$
deb http://ftp.debian.org/debian/ squeeze main contrib non-freedeb-src http://ftp.debian.org/debian/ squeeze main contrib non-freedeb ftp://ftp.us.debian.org/debian/ squeeze/update maindeb-src ftp://ftp.us.debian.org/debian/ squeeze/update main
deb http://security.debian.org/ squeeze/updates maindeb-src http://security.debian.org/ squeeze/updates main
# squeeze-updates, previously known as 'volatile'# A network mirror was not selected during install. The following entries# are provided as examples, but you should amend them as appropriate# for your mirror of choice.
Aptitude , una vez instalada la red, se procede a actualizar aptitude .
aptitude –update
Este comando actualiza el gestor de instalaciones aptitude, con las nuevas versiones de muchas aplicaciones para ubuntu.
Restringir el acceso SSH
$nano /etc/ssh/sshd_config
Se agrega al final :
AllowUsers edwin2 vhualpa
Y se reinicia el servicio
/etc/init.d/ssh restart
Restringir Navegabilidad Apache2
Primero se tiene que activar la directive AllowOverride:
cd /etc/apache2/sites-available
vi default
NameVirtualHost *<VirtualHost *> ServerAdmin webmaster@localhost
DocumentRoot /var/www/ <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews
AllowOverride All Order allow,deny
allow from all </Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn
CustomLog /var/log/apache2/access.log combined ServerSignature On
Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory>
Despues en /var/www se crea un archive .htaccess
vi .htaccess
Options All –Indexes
NOTA: En httpd.conf verificar que tenga en su cotenido. ServerName localhost
IV - Postgres La versión estable del postgres, cuando se realizó este documento, esta en la
versión postgresql-8.4, pero existen algunos cambios en las tablas de configuración respecto a postgresql-8.3, a saber
Postgresql-8.3 Postgresql-8-4Base de datos postgres Postgres
Tabla pg_class pg_classValor Reltriggers Relhastriggers
Bit Bolean
El valor reltriggers (8.3) es para la activación de triggers, la cual se activa mediante una función que discrimina todos los objetos de la base de datos en la que se trabaja; esto a nivel de backup no causa ningún problema en versiones iguales. La última versión postgres tiene este valor activado, además de que el nombre de la variable cambió, pero esto no aplica cuando se restaura un backup de versión anterior. A fines de evitar conflictos entre versiones y para un ambiente de producción se eligió postgresql-8.3.
Instalación
1 - En la línea de comandos:
aptitude install postgresql-8.4
2 – Se activa el usuario postgres:
sudo passwd postgres
172.16.2.18 - Password : “Postgres1234567”172.16.2.213-Password : t@is230210
Password - pruebas : postgres
Se establece la contraseña para usuario postgres, recordemos que este usuario es tanto para base de datos como sistema operativo.
3 – Se edita cada uno de los archivos de configuración; a saber pg_hba.conf, postgresql.conf, pg_ident.conf.
En pg_hba.conf:
# Database administrative login by UNIX socketslocal all postgres ident sameuser
# TYPE DATABASE USER CIDR-ADDRESS METHOD
# "local" is for Unix domain socket connections onlylocal all all ident sameuser# IPv4 local connections:host all all 127.0.0.1/32 md5
#para específicos sus direcciones para todos y/o por iphost all all 0.0.0.0 0.0.0.0 md5host all all 0.0.0.0/32 md5# IPv6 local connections:#host all all ::1/128 md5
En pg_ident.conf (opcional en case rooteo directo desde linux):
# MAPNAME IDENT-USERNAME PG-USERNAMEpostgres postgres postgressiat siat postgres
En postgres.conf
# - Connection Settings -listen_addresses = '*'
port = 5432 max connections = 150 (variable a la capacidad del servidor)#….
# - Memory –shared_buffers = 1024MB (25% de RAM, max recommendable 30%)work men = 2MB (variable a la capacidad del servidor)maintenance_work_men = 256MB (0.5 % de RAM)
#….
Finalmente se reinicia el servicio:
/etc/init.d/postgresql-8.3 restart
Para el usuario postgres, como usuario postgres en SERVER,
Psqlalter user postgres with password ‘siatserver2011’;createuser –s –E –P siatalter user siat with password ‘siatserver2011’;
Calculando espacio en disco de Base de datos
Para tareas de control y seguimiento, es necesario saber cuanto espacio en disco ocupa una base de datos en particular, para eso como usuario postgres se hace lo siguiente:
su postgres
Psql
postgres=# select pg_size_pretty( pg_database_size('bd_tributaria'));
Instalando FTS
Las funcionalidades de FTS, en caso de no estar instaladas se procede asi:
aptitude search postgresql-contrib
como usuario postgres :
psql –d bd_tributaria45_2_desarrollo –h localhost –f usr/share/postgresql/8.3/contrib/fuzzystrmatch.sql
Esto es por cada base de datos
Restaurando Backup
Por lo general para restaurar backup generados en Windows, en el sistema operativo como usuario postgres.
pg_restore –d bd_tributaria /var/backups/bdtributaria_29-09-2011.backup
Y para backups generados en Linux
pg_restore –Ft –d bd_tributaria /var/backups/bdtributaria_29-09-2011.backup
Generando Backup
pg_dump –Ft bd_tributaria > /var/backups/bd_tributaria.backup
Con parámetros de fecha:pg_dump –Ft bd_tributaria > /var/backups/bd_tributaria_(date +%F).backup
para generar backup con los mismos parámetros de PGAdminIII en entorno Windows:
pg_dump –F c –v –f /var/backups/bd_migracion.backup –n \”public\” bd_migracion
generar backup en raw linux:
pg_dump –Ft bd_migracion > /var/www/Backups/bd_migracion3.backup
Desarrollo de Aplicaciones C++ con Postgres
Primero se instala las librerías libpq
aptitude install libpq5
aptitude install libpq-dev
Creamos un archivo c++ en /root o en algún directorio de desarrollo “prueba.cc”:
#include <iostream>#include "libpq-fe.h"#include <map>using namespace std;
static void exit_nicely(PGconn *conn){ PQfinish(conn); exit(1);}int main(){ /////////////////////////////////////////////////////////////////////////////// //campos para map /////////////////////////////////////////////////////////////////////////////// map< int , int > map_origen_destino;
const char *conninfo; PGconn *conn; PGresult *res; int nFields; int i,j; int numero_registros=0; conninfo= "dbname=bd_tributaria45_2_desarrollo"; conn= PQconnectdb(conninfo); if(PQstatus(conn)!=CONNECTION_OK){ cout<<PQerrorMessage(conn); exit_nicely(conn); }else{ cout<<"conexion exitosa"; } //PGresult *res; //res=PQexec(conn,"select count(*) from tp_cta_cte"); res=PQexec(conn,"select orides_iid from ts_detalle_cta_cte"); if(PQresultStatus(res)!=PGRES_TUPLES_OK){ cout<<"consulta fallo!!"<<endl; PQclear(res);
exit_nicely(conn); } numero_registros=PQntuples(res);
//cout<<"son n filas: "<<PQntuples(res)<<endl;// if(j=PQntuples(res)){ int temporal=0; for(int i=0;i<numero_registros;i++){
temporal=atoi(PQgetvalue(res,i,0)); map_origen_destino[temporal]++; //cout<<PQgetvalue(res,i,0)<<"-----------------"<<endl; }// PQclear(res);// } PQclear(res); PQfinish(conn); cout<<"Mapa generado correctamente!!!"<<endl;
map< int, int >::iterator origen=map_origen_destino.begin(); for(;origen!=map_origen_destino.end();origen++){ cout<<(*origen).first<<":"<<(*origen).second<<"@"; } return 1;}
Este programa cuenta las ocurrencias de un origen destino en detalle cuenta corriente, y lo almacena en un mapa.
Para compilarlo, se procedió a instalar el gcc y g++
g++ -I/usr/include/postgresql/ -L/usr/lib/postgresql/8.3/lib/ -lpq –o prueba.o prueba.cc
Se ejecuta el archivo .o
./prueba.o
V - PHP
La versión PHP 5.2.10 , editamos el archivo de configuración de PHP
vi /etc/php5/apache2/php.ini
Las secciones siguientes copiarlas al archivo
;;;;;;;;;;;;;;;;;;;; Resource Limits ;;;;;;;;;;;;;;;;;;;;
max_execution_time = 90 ; Maximum execution time of each script, in seconds
max_input_time = 60 ; Maximum amount of time each script may spend parsing request data;max_input_nesting_level = 64 ; Maximum input variable nesting levelmemory_limit = 160M ; Maximum amount of memory a script may consume (16MB)
…..
; PHP's built-in default is text/htmldefault_mimetype = "text/html"default_charset = "utf-8";default_charset = "iso-8859-1"
…..
;;;;;;;;;;;;;;;;;;;;;;;;;; Paths and Directories ;;;;;;;;;;;;;;;;;;;;;;;;;;
; UNIX: "/path1:/path2";include_path = ".:/usr/share/php"include_path =".:/var/www/Siat/libs:/var/www/Siat/class:/var/www/Siat/configuracion:/var/www/STD/class:/var/www/STD/configuracion";
Se guardan los cambios, a continuación se procede a instalar la librería de conexión PHP-Postgres
aptitude install php5-pgsql
También la librería grafica para php:
aptitude install php5-gd
después de todos estos cambios se reinicia el servidor web :
/etc/init.d/apache2 restart
VI - SAMBA
Se instalo por defecto Samba 3. En la configuración de Samba, la sección de profiles, se agrega :
Pruebas :[Siat] comment = Carpetas SIAT2010 path = /var/www/ guest ok =yes read only = no browseable = yes create mask = 0777 directory mask = 0777
Server :[SiatServer] comment = Carpetas SIAT2010 path = /var/www/ guest ok =yes read only = no browseable = yes create mask = 0777 directory mask = 0777
Finalmente reiniciar el servicio :
/etc/init.d/samba restart
Para acceder con samba se necesita tener usuarios. En este caso primero crear usuarios como root y luego adicionarlos al samba. Ejemplo.
useradd siat
smbpasswd -a siat
otros parámetros (-x eliminar, -d deshabilitar, -e habilitar, -n usua-rio sin password y –m cuenta de equipo)
Para restringir accesos se utiliza
Tipos de permiso
r (^2) w (^1) x (^0) Total Resultado de los permisos0 Sin permisos
1 1 Ejecución2 2 Escritura2 1 3 Escritura y ejecución
4 Lectura4 1 5 Lectura y ejecución4 2 6 Lectura y ejecución4 2 1 7 Lectura, escritura y ejecuión
r=Read (Lectura)w=Write (Escritura)x=Execution (Ejecución)
Clases de usuario
1.- propietario del fichero.
2.- grupo al que pertenece el fichero.
3.- el resto de usuarios.
Ejemplos:
Chmod 777 /var/www/siat Acceso total a last res clases de acceso
Chmod 117 /var/www.siat Lectura para propietario y grupo. Total para el restoEn caso se quiera dar acceso por grupos, primero a la carpeta siat se le debe otorgar un grupo, para el caso del Servidor de Desarrollo se le ha otorgado grupo informatica y para el de producción sin grupo. Para ello los usuarios deben estar definidos por grupos
VII - CRONTAB
Para hacer tareas programadas bajo entorno Linux, la política establecida es “todos los días a las 11:00 pm se realizara un backup del código fuente del SIAT”. Bajo esa premisa se realizó los siguientes pasos:
crear un script bajo root, con permisos root llamado “tarea.sh”
#script en bash para generar un archivo comprimido de #toda la carpeta SIAT, la cual se generara en# /var/www/#el nombre tiene la forma# siat date donde ddate es la fecha actual ejem: siat2010-01-31#la salida se redirecciona al archivo nulltar -caf /var/www/siat$(date +%F).tar.gz /var/www/Siat >>/dev/null 2>1;
se agrega una nueva tarea a crontab, en la línea de comandos :
crontab –e
el editor elegido puede ser nano o vim, en caso de ser nano los atajos ctrl + O guardar y ctrl + X salir
# m h dom mon dow command00 23 * * * /var/www/tarea.sh
Esto indica que a las 11:00 pm de todos los dias se ejecutara tarea.sh. Es importante que el sistema tenga la hora correcta, tanto del sistema como del hardware, ver date, hwclock y ntpdate.
Muchas veces, la hora del sistema no es la misma que la hora del hardware, para probar esto se tiene que obtener las 2 horas. Por ejemplo:
hwclock vie 29 oct 2010 08:38:06 PET -0.985305 seconds
date vie oct 29 03:14:19 PET 2010
En este caso los 2 tiempos son diferentes, el proceso crontab en algunos casos es dirigido por la hora del hardware (hwclock) , entonces se recomienda que las 2 horas esten alineadas.
hwclock --set --date="2010-10-29 08:33:00"
date -s "29 OCT 2010 08:33:00"
Para generar un backup de la base de datos, como usuario postgres, crear un archivo llamado tareaPostgres.sh
vi tareaPostgres.sh
Ingresar el siguiente codigo
#script en bash para generar un archivo comprimido de #bd_tributaria18 en var/www/Backups pg_dump -Ft bd_tributaria45_2>/var/www/Backups/bd_tributaria45_2_$(date +%F).backup
Este script genera un backup de la base de datos en produccion “bd_tributaria45_2” en la carpeta Backups , adjuntandole la fecha que fue creado tal backup.
Seguidamente crear la tarea correspondiente
crontab –e
# m h dom mon dow command30 23 * * * /var/www/tareaPostgres.sh
NOTA: los scripts deberán tener acceso de ejecución y obviar usuario root en el crontab y del mismo modo debe iniciar su lista de comandos como sigue:#!/bin/sh
VIII Subversión
Instalación, en modo súper usuario
aptitude install subversion subversion-tools
Creamos la carpeta para repositorios:
mkdir /var/lib/svnmkdir /var/lib/svn/siat
La carpeta svn sera la raiz de los repositorios, en este caso tiene un repositorio “siat”.Seguidamente usamos el comando svnadmin para crear un repositorio:
svnadmin create /var/lib/svn/test
Creamos el arbol de directorio propios para subversion:
svn mkdir file:///var/lib/svn/siatsvn mkdir file:///var/lib/svn/siat/trunk -m “Trunk”svn mkdir file:///var/lib/svn/siat/tags -m “Tags”svn mkdir file:///var/lib/svn/siat/branches -m “Branches”
Configuración del repositorio svn para uso compartido mediante un servidor Apache
aptitude install libapache2-svn
Ajustar la propiedad del repositorio y su contenido
chown -R www-data /var/lib/svn/test
Configuración de acceso de los usuarios
sudo htpasswd -c /etc/apache2/dav_svn.passwd us1sudo htpasswd /etc/apache2/dav_svn.passwd us2
Configuración del módulo de acceso DAV, editamos dav_svn.conf
vi /etc/apache2/mods-available/dav_svn.conf
Muestro las lineas relevantes para la configuracion:
<Location /svn >DAV svnSVNParentPath /var/lib/svnAuthType BasicAuthName "Subversion Repository"AuthUserFile /etc/apache2/dav_svn.passwd</Location>
Nos situamos en :
cd /etc /apache2/sites-available vi default
Agregamos la siguiente linea:
<Location /svn>DAV svnSVNParentPath /var/lib/svn
</Location>
Reiniciamos el servicio web
/etc/init.d/apache2 restart
IX Acceso remoto
Servidorapt-get install tightvncservertightvncserver :1 -name sesion1 -depth 16 -geometry 640x480
Clienteapt-get install xtightvncviewerxtightvncviewer
Xvnc, que es el servidor en si. vncviewer, el programa cliente. vncpasswd, para cambiar la contraseña de cada sesión. vncconnect, para conectarnos a un servidor VNC. vncserver, para iniciar sesiones VNC.
X Berkeley DB
aptitude install libdb4.6++aptitude install libdb4.6++-dev
G++ -I/usr/include/ -ldb_cxx –o pruebaDB.out pruebaDB.cc
Activacion de Db en php
En /etc/php5/apache2/
Vi php.ini
Se añade
…. -enable-dba=shared-enable-dba –with –db4
XI – Configuración UPS’s
02-12-2010 : se procedió a documentar la actividad realizada el día 01-12-2010, por parte de terceros.
Apcupsd a daemon for controlling APC UPSesApcupsd es un software que puede ser usado para administrar y controlar la mayoría de APC’s UPS’s en Unix y Windows.
sudo passwd
Apt-get install apcupsd
/etc/init.d/apcupsd status
/etc/init.d/apcupsd start
nano /etc/default/apcupsd
El contenido es: #Defaults for apcupsd initscript #ApcUpsd-Devel internal configuration APCACCESS=/sbin/apcaccess ISCONFIGURED=yes
Updatedb es un comando incluido en findutils que se encarga de actualizar una base de datos con todos los achivos del sistema, utilizada por locate para hallar archivos rápidamente en sistemas de grandes cantidades de ficheros o incluso distintos dispositivos y sistemas de ficheros.
updatedb
locate apcups
locate apcups
Nano /etc/apcupsd/apcupsd.conf
El contenido es:
## apcupsd.conf v1.1 #### for apcupsd release 3.14.6 (16 May 2009) - debian## "apcupsd" POSIX config file
## ========= General configuration parameters ============## UPSNAME xxx# Use this to give your UPS a name in log files and such. This# is particulary useful if you have multiple UPSes. This does not
# set the EEPROM. It should be 8 characters or less.#UPSNAME
# UPSCABLE <cable># Defines the type of cable connecting the UPS to your computer.## Possible generic choices for <cable> are:# simple, smart, ether, usb## Or a specific cable model number may be used:# 940-0119A, 940-0127A, 940-0128A, 940-0020B,# 940-0020C, 940-0023A, 940-0024B, 940-0024C,# 940-1524C, 940-0024G, 940-0095A, 940-0095B,# 940-0095C, M-04-02-2000#UPSCABLE ether
# To get apcupsd to work, in addition to defining the cable# above, you must also define a UPSTYPE, which corresponds to# the type of UPS you have (see the Description for more details).# You must also specify a DEVICE, sometimes referred to as a port.# For USB UPSes, please leave the DEVICE directive blank. For# other UPS types, you must specify an appropriate port or address.## UPSTYPE DEVICE Description# apcsmart /dev/tty** Newer serial character device,# appropriate for SmartUPS models using# a serial cable (not USB).## usb <BLANK> Most new UPSes are USB. A blank DEVICE# setting enables autodetection, which is# the best choice for most installations.## net hostname:port Network link to a master apcupsd# through apcupsd's Network Information# Server. This is used if you don't have# a UPS directly connected to your computer.## snmp hostname:port:vendor:community# SNMP Network link to an SNMP-enabled# UPS device. Vendor is the MIB used by# the UPS device: can be "APC", "APC_NOTRAP"# or "RFC" where APC is the powernet MIB,# "APC_NOTRAP" is powernet with SNMP trap# catching disabled, and RFC is the IETF's# rfc1628 UPS-MIB. You usually want "APC".# Port is usually 161. Community is usually# "private".## dumb /dev/tty** Old serial character device for use# with simple-signaling UPSes.## pcnet ipaddr:username:passphrase# PowerChute Network Shutdown protocol# which can be used as an alternative to SNMP# with AP9617 family of smart slot cards.# ipaddr is the IP address of the UPS mgmt# card. username and passphrase are the# credentials for which the card has been# configured.
#UPSTYPE snmpDEVICE 172.16.0.21:161:APC:private
# POLLTIME <int># Interval (in seconds) at which apcupsd polls the UPS for status. This# setting applies both to directly-attached UPSes (UPSTYPE apcsmart, usb,# dumb) and networked UPSes (UPSTYPE net, snmp). Lowering this setting# will improve apcupsd's responsiveness to certain events at the cost of# higher CPU utilization. The default of 60 is appropriate for most# situations.#POLLTIME 60
# LOCKFILE <path to lockfile># Path for device lock file. Not used on Win32.LOCKFILE /var/lock
# SCRIPTDIR <path to script directory># Directory in which apccontrol and event scripts are located.SCRIPTDIR /etc/apcupsd
# PWRFAILDIR <path to powerfail directory># Directory in which to write the powerfail flag file. This file# is created when apcupsd initiates a system shutdown and is# checked in the OS halt scripts to determine if a killpower# (turning off UPS output power) is required.PWRFAILDIR /etc/apcupsd
# NOLOGINDIR <path to nologin directory># Directory in which to write the nologin file. The existence# of this flag file tells the OS to disallow new logins.NOLOGINDIR /etc
## ======== Configuration parameters used during power failures ==========#
# The ONBATTERYDELAY is the time in seconds from when a power failure# is detected until we react to it with an onbattery event.## This means that, apccontrol will be called with the powerout argument# immediately when a power failure is detected. However, the# onbattery argument is passed to apccontrol only after the# ONBATTERYDELAY time. If you don't want to be annoyed by short# powerfailures, make sure that apccontrol powerout does nothing# i.e. comment out the wall.ONBATTERYDELAY 6
## Note: BATTERYLEVEL, MINUTES, and TIMEOUT work in conjunction, so# the first that occurs will cause the initation of a shutdown.#
# If during a power failure, the remaining battery percentage# (as reported by the UPS) is below or equal to BATTERYLEVEL,# apcupsd will initiate a system shutdown.BATTERYLEVEL 20
# If during a power failure, the remaining runtime in minutes
# (as calculated internally by the UPS) is below or equal to MINUTES,# apcupsd, will initiate a system shutdown.MINUTES 10
# If during a power failure, the UPS has run on batteries for TIMEOUT# many seconds or longer, apcupsd will initiate a system shutdown.# A value of 0 disables this timer.## Note, if you have a Smart UPS, you will most likely want to disable# this timer by setting it to zero. That way, you UPS will continue# on batteries until either the % charge remaing drops to or below BATTERYLEVEL,# or the remaining battery runtime drops to or below MINUTES. Of course,# if you are testing, setting this to 60 causes a quick system shutdown# if you pull the power plug.# If you have an older dumb UPS, you will want to set this to less than# the time you know you can run on batteries.TIMEOUT 1200
# Time in seconds between annoying users to signoff prior to# system shutdown. 0 disables.ANNOY 300
# Initial delay after power failure before warning users to get# off the system.ANNOYDELAY 60
# The condition which determines when users are prevented from# logging in during a power failure.# NOLOGON <string> [ disable | timeout | percent | minutes | always ]NOLOGON disable
# If KILLDELAY is non-zero, apcupsd will continue running after a# shutdown has been requested, and after the specified time in# seconds attempt to kill the power. This is for use on systems# where apcupsd cannot regain control after a shutdown.# KILLDELAY <seconds> 0 disablesKILLDELAY 0
## ==== Configuration statements for Network Information Server ====#
# NETSERVER [ on | off ] on enables, off disables the network# information server. If netstatus is on, a network information# server process will be started for serving the STATUS and# EVENT data over the network (used by CGI programs).NETSERVER on
# NISIP <dotted notation ip address># IP address on which NIS server will listen for incoming connections.# This is useful if your server is multi-homed (has more than one# network interface and IP address). Default value is 0.0.0.0 which# means any incoming request will be serviced. Alternatively, you can# configure this setting to any specific IP address of your server and# NIS will listen for connections only on that interface. Use the# loopback address (127.0.0.1) to accept connections only from the# local machine.NISIP 127.0.0.1
# NISPORT <port> default is 3551 as registered with the IANA
# port to use for sending STATUS and EVENTS data over the network.# It is not used unless NETSERVER is on. If you change this port,# you will need to change the corresponding value in the cgi directory# and rebuild the cgi programs.NISPORT 3551
# If you want the last few EVENTS to be available over the network# by the network information server, you must define an EVENTSFILE.EVENTSFILE /var/log/apcupsd.events
# EVENTSFILEMAX <kilobytes># By default, the size of the EVENTSFILE will be not be allowed to exceed# 10 kilobytes. When the file grows beyond this limit, older EVENTS will# be removed from the beginning of the file (first in first out). The# parameter EVENTSFILEMAX can be set to a different kilobyte value, or set# to zero to allow the EVENTSFILE to grow without limit.EVENTSFILEMAX 10
## ========== Configuration statements used if sharing =============# a UPS with more than one machine
## Remaining items are for ShareUPS (APC expansion card) ONLY#
# UPSCLASS [ standalone | shareslave | sharemaster ]# Normally standalone unless you share an UPS using an APC ShareUPS# card.UPSCLASS standalone
# UPSMODE [ disable | share ]# Normally disable unless you share an UPS using an APC ShareUPS card.
UPSMODE disable
## ===== Configuration statements to control apcupsd system logging ========#
# Time interval in seconds between writing the STATUS file; 0 disablesSTATTIME 0
# Location of STATUS file (written to only if STATTIME is non-zero)STATFILE /var/log/apcupsd.status
# LOGSTATS [ on | off ] on enables, off disables# Note! This generates a lot of output, so if# you turn this on, be sure that the# file defined in syslog.conf for LOG_NOTICE is a named pipe.# You probably do not want this on.LOGSTATS off
# Time interval in seconds between writing the DATA records to# the log file. 0 disables.DATATIME 0
# FACILITY defines the logging facility (class) for logging to syslog.# If not specified, it defaults to "daemon". This is useful# if you want to separate the data logged by apcupsd from other
# programs.#FACILITY DAEMON
## ========== Configuration statements used in updating the UPS EPROM =========#
## These statements are used only by apctest when choosing "Set EEPROM with conf# file values" from the EEPROM menu. THESE STATEMENTS HAVE NO EFFECT ON APCUPSD.#
# UPS name, max 8 characters#UPSNAME UPS_IDEN
# Battery date - 8 characters#BATTDATE mm/dd/yy
# Sensitivity to line voltage quality (H cause faster transfer to batteries)# SENSITIVITY H M L (default = H)#SENSITIVITY H
# UPS delay after power return (seconds)# WAKEUP 000 060 180 300 (default = 0)#WAKEUP 60
# UPS Grace period after request to power off (seconds)# SLEEP 020 180 300 600 (default = 20)#SLEEP 180
# Low line voltage causing transfer to batteries# The permitted values depend on your model as defined by last letter# of FIRMWARE or APCMODEL. Some representative values are:# D 106 103 100 097# M 177 172 168 182# A 092 090 088 086
# I 208 204 200 196 (default = 0 => not valid)#LOTRANSFER 208
# High line voltage causing transfer to batteries# The permitted values depend on your model as defined by last letter# of FIRMWARE or APCMODEL. Some representative values are:# D 127 130 133 136# M 229 234 239 224# A 108 110 112 114# I 253 257 261 265 (default = 0 => not valid)#HITRANSFER 253
# Battery charge needed to restore power# RETURNCHARGE 00 15 50 90 (default = 15)#RETURNCHARGE 15
# Alarm delay# 0 = zero delay after pwr fail, T = power fail + 30 sec, L = low battery, N = never# BEEPSTATE 0 T L N (default = 0)#BEEPSTATE T
# Low battery warning delay in minutes
# LOWBATT 02 05 07 10 (default = 02)#LOWBATT 2
# UPS Output voltage when running on batteries# The permitted values depend on your model as defined by last letter# of FIRMWARE or APCMODEL. Some representative values are:# D 115# M 208# A 100# I 230 240 220 225 (default = 0 => not valid)#OUTPUTVOLTS 230
# Self test interval in hours 336=2 weeks, 168=1 week, ON=at power on# SELFTEST 336 168 ON OFF (default = 336)#SELFTEST 336
cp /etc/apcupsd/apcupsd.conf /etc/apcupsd/apcupsd.conf.old
Ping 172.16.0.20
Ping 172.16.0.21
Nano /etc/apcupsd/apccontrol
El contenido es:
#!/bin/sh## Copyright (C) 1999-2002 Riccardo Facchetti <[email protected]>## for apcupsd release 3.14.6 (16 May 2009) - debian## platforms/apccontrol. Generated from apccontrol.in by configure.## Note, this is a generic file that can be used by most# systems. If a particular system needs to have something# special, start with this file, and put a copy in the# platform subdirectory.#
## These variables are needed for set up the autoconf other variables.#prefix=/usrexec_prefix=${prefix}
APCPID=/var/run/apcupsd.pidAPCUPSD=/sbin/apcupsdSHUTDOWN=/sbin/shutdownSCRIPTSHELL=/bin/shSCRIPTDIR=/etc/apcupsdWALL=wall
## Concatenate all output from this script to the events file# Note, the following kills the script in a power fail situation# where the disks are mounted read-only.# exec >>/var/log/apcupsd.events 2>&1
#
# This piece is to substitute the default behaviour with your own script,# perl, or C program.# You can customize every single command creating an executable file (may be a# script or a compiled program) and calling it the same as the $1 parameter# passed by apcupsd to this script.## After executing your script, apccontrol continues with the default action.# If you do not want apccontrol to continue, exit your script with exit# code 99. E.g. "exit 99".## WARNING: the apccontrol file will be overwritten every time you update your# apcupsd, doing `make install'. Your own customized scripts will _not_ be# overwritten. If you wish to make changes to this file (discouraged), you# should change apccontrol.sh.in and then rerun the configure process.#if [ -f ${SCRIPTDIR}/${1} -a -x ${SCRIPTDIR}/${1} ]then ${SCRIPTDIR}/${1} ${2} ${3} ${4} # exit code 99 means he does not want us to do default action if [ $? = 99 ] ; then exit 0 fifi
case "$1" in killpower) echo "Apccontrol doing: ${APCUPSD} --killpower on UPS ${2}" sleep 10 ${APCUPSD} --killpower echo "Apccontrol has done: ${APCUPSD} --killpower on UPS ${2}" | ${WALL} ;; commfailure) echo "Warning communications lost with UPS ${2}" | ${WALL} ;; commok) echo "Communications restored with UPS ${2}" | ${WALL} ;;## powerout, onbattery, offbattery, mainsback events occur
# in that order.# powerout) ;; onbattery) echo "Power failure on UPS ${2}. Running on batteries." | ${WALL} ;; offbattery) echo "Power has returned on UPS ${2}..." | ${WALL} ;; mainsback) if [ -f /etc/apcupsd/powerfail ] ; then printf "Continuing with shutdown." | ${WALL} fi ;; failing) echo "Battery power exhaused on UPS ${2}. Doing shutdown." | ${WALL} ;; timeout) echo "Battery time limit exceeded on UPS ${2}. Doing shutdown." | ${WALL} ;; loadlimit) echo "Remaining battery charge below limit on UPS ${2}. Doing shutdown." | ${WALL} ;; runlimit) echo "Remaining battery runtime below limit on UPS ${2}. Doing shutdown." | ${WALL} ;; doreboot) echo "UPS ${2} initiating Reboot Sequence" | ${WALL} ${SHUTDOWN} -r now "apcupsd UPS ${2} initiated reboot" ;; doshutdown) echo "UPS ${2} initiated Shutdown Sequence" | ${WALL} ${SHUTDOWN} -h now "apcupsd UPS ${2} initiated shutdown" ;; annoyme)
echo "Power problems with UPS ${2}. Please logoff." | ${WALL} ;; emergency) echo "Emergency Shutdown. Possible battery failure on UPS ${2}." | ${WALL} ;; changeme) echo "Emergency! Batteries have failed on UPS ${2}. Change them NOW" | ${WALL} ;; remotedown) echo "Remote Shutdown. Beginning Shutdown Sequence." | ${WALL} ;; startselftest) ;; endselftest) ;; battdetach) ;; battattach) ;; *) echo "Usage: ${0##*/} command" echo " warning: this script is intended to be launched by" echo " apcupsd and should never be launched by users." exit 1 ;;esac
XI - Referencias
[1] http://www2.mandriva.com/[2] http://www.latam.redhat.com/rhel/[3] http://es.opensuse.org/[4] http://www.ubuntu.com/[5] http://subversion.tigris.org/
Anexos
Limpiar Cache
0: No libera nada.1: Libera la pagecache.2: Libera inodos y dentries.3: Libera pagecache, inodos y dentries.Ejemplo# echo 1 > /proc/sys/vm/drop_caches# echo 2 > /proc/sys/vm/drop_cachesDespues de migracion# echo 3 > /proc/sys/vm/drop_caches# echo 0 > /proc/sys/vm/drop_caches
Variables de rendimiento
Para variación de parámetros de memoria en el postgres.conf considerar lo siguiente (preferentemente considerar los que bota el error del servicio postgresql: cat /proc/sys/kernel/shmmax
sysctl –w kernel.shmmax= 268435456
sysctl –p /etc/sysctl.conf
Para mantener los datos permanentemente y no volver a configurar cada vez que se apague el servidor
Nano /etc/sysctl.conf#...#Adecuación manual de acuerdo a la configuración de postgres kernel.shmmax= 268435456
En 213:2097152000 -> 2365587456 -> 4731174912->9437184000
CONF para Migracion
# This file consists of lines of the form:## name = value## (The "=" is optional.) Whitespace may be used. Comments are introduced with# "#" anywhere on a line. The complete list of parameter names and allowed# values can be found in the PostgreSQL documentation.## The commented-out settings shown in this file represent the default values.# Re-commenting a setting is NOT sufficient to revert it to the default value;# you need to reload the server.## This file is read on server startup and when the server receives a SIGHUP# signal. If you edit the file on a running system, you have to SIGHUP the# server for the changes to take effect, or use "pg_ctl reload". Some# parameters, which are marked below, require a server shutdown and restart to# take effect.## Any parameter can also be given as a command-line option to the server, e.g.,# "postgres -c log_connections=on". Some paramters can be changed at run time# with the "SET" SQL command.## Memory units: kB = kilobytes MB = megabytes GB = gigabytes# Time units: ms = milliseconds s = seconds min = minutes h = hours d = days
#------------------------------------------------------------------------------# FILE LOCATIONS#------------------------------------------------------------------------------
# The default values of these variables are driven from the -D command-line# option or PGDATA environment variable, represented here as ConfigDir.
data_directory = '/var/lib/postgresql/8.3/main' # use data in another directory # (change requires restart)hba_file = '/etc/postgresql/8.3/main/pg_hba.conf' # host-based authentication file
# (change requires restart)ident_file = '/etc/postgresql/8.3/main/pg_ident.conf' # ident configuration file # (change requires restart)
# If external_pid_file is not explicitly set, no extra PID file is written.external_pid_file = '/var/run/postgresql/8.3-main.pid' # write an extra PID file # (change requires restart)
#------------------------------------------------------------------------------# CONNECTIONS AND AUTHENTICATION#------------------------------------------------------------------------------
# - Connection Settings -
listen_addresses = '*' # what IP address(es) to listen on; # comma-separated list of addresses; # defaults to 'localhost', '*' = all # (change requires restart)port = 5432 # (change requires restart)max_connections = 200 # (change requires restart)# Note: Increasing max_connections costs ~400 bytes of shared memory per# connection slot, plus lock space (see max_locks_per_transaction). You might# also need to raise shared_buffers to support more connections.#superuser_reserved_connections = 3 # (change requires restart)unix_socket_directory = '/var/run/postgresql' # (change requires restart)#unix_socket_group = '' # (change requires restart)#unix_socket_permissions = 0777 # begin with 0 to use octal notation # (change requires restart)#bonjour_name = '' # defaults to the computer name # (change requires restart)
# - Security and Authentication -
#authentication_timeout = 1min # 1s-600sssl = true # (change requires restart)#ssl_ciphers = 'ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH' # allowed SSL ciphers # (change requires restart)#password_encryption = on#db_user_namespace = off
# Kerberos and GSSAPI#krb_server_keyfile = '' # (change requires restart)#krb_srvname = 'postgres' # (change requires restart, Kerberos only)#krb_server_hostname = '' # empty string matches any keytab entry # (change requires restart, Kerberos only)#krb_caseins_users = off # (change requires restart)#krb_realm = '' # (change requires restart)
# - TCP Keepalives -# see "man 7 tcp" for details
#tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds; # 0 selects the system default#tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds; # 0 selects the system default#tcp_keepalives_count = 0 # TCP_KEEPCNT; # 0 selects the system default
#------------------------------------------------------------------------------# RESOURCE USAGE (except WAL)#------------------------------------------------------------------------------
# - Memory -
shared_buffers =64MB # min 128kB or max_connections*16kB # (change requires restart)#temp_buffers = 8MB # min 800kB#max_prepared_transactions = 5 # can be 0 or more # (change requires restart)# Note: Increasing max_prepared_transactions costs ~600 bytes of shared memory# per transaction slot, plus lock space (see max_locks_per_transaction).work_mem = 1MB # min 64kB#maintenance_work_mem = 16MB # min 1MB#max_stack_depth = 2MB # min 100kB
# - Free Space Map -
max_fsm_pages = 153600 # min max_fsm_relations*16, 6 bytes each # (change requires restart)#max_fsm_relations = 1000 # min 100, ~70 bytes each # (change requires restart)
# - Kernel Resource Usage -
#max_files_per_process = 1000 # min 25 # (change requires restart)#shared_preload_libraries = '' # (change requires restart)
# - Cost-Based Vacuum Delay -
#vacuum_cost_delay = 0 # 0-1000 milliseconds#vacuum_cost_page_hit = 1 # 0-10000 credits#vacuum_cost_page_miss = 10 # 0-10000 credits#vacuum_cost_page_dirty = 20 # 0-10000 credits#vacuum_cost_limit = 200 # 1-10000 credits
# - Background Writer -
#bgwriter_delay = 200ms # 10-10000ms between rounds#bgwriter_lru_maxpages = 100 # 0-1000 max buffers written/round#bgwriter_lru_multiplier = 2.0 # 0-10.0 multipler on buffers scanned/round
#------------------------------------------------------------------------------# WRITE AHEAD LOG#------------------------------------------------------------------------------
# - Settings -
#fsync = on # turns forced synchronization on or off#synchronous_commit = on # immediate fsync at commit#wal_sync_method = fsync # the default is the first option # supported by the operating system: # open_datasync # fdatasync # fsync # fsync_writethrough # open_sync#full_page_writes = on # recover from partial page writeswal_buffers = 200kB # min 32kB # (change requires restart)#wal_writer_delay = 200ms # 1-10000 milliseconds
#commit_delay = 0 # range 0-100000, in microseconds#commit_siblings = 5 # range 1-1000# - Checkpoints -
#checkpoint_segments = 3 # in logfile segments, min 1, 16MB each#checkpoint_timeout = 5min # range 30s-1h#checkpoint_completion_target = 0.5 # checkpoint target duration, 0.0 - 1.0#checkpoint_warning = 30s # 0 is off
# - Archiving -
#archive_mode = off # allows archiving to be done # (change requires restart)#archive_command = '' # command to use to archive a logfile segment#archive_timeout = 0 # force a logfile segment switch after this # time; 0 is off
#------------------------------------------------------------------------------# QUERY TUNING#------------------------------------------------------------------------------
# - Planner Method Configuration -
#enable_bitmapscan = on#enable_hashagg = on#enable_hashjoin = on
#enable_indexscan = on#enable_mergejoin = on#enable_nestloop = on#enable_seqscan = on#enable_sort = on#enable_tidscan = on
# - Planner Cost Constants -
#seq_page_cost = 1.0 # measured on an arbitrary scale#random_page_cost = 4.0 # same scale as above#cpu_tuple_cost = 0.01 # same scale as above#cpu_index_tuple_cost = 0.005 # same scale as above#cpu_operator_cost = 0.0025 # same scale as aboveeffective_cache_size =3200 # - Genetic Query Optimizer -
#geqo = on#geqo_threshold = 12#geqo_effort = 5 # range 1-10#geqo_pool_size = 0 # selects default based on effort#geqo_generations = 0 # selects default based on effort#geqo_selection_bias = 2.0 # range 1.5-2.0
# - Other Planner Options -
#default_statistics_target = 10 # range 1-1000#constraint_exclusion = off#from_collapse_limit = 8#join_collapse_limit = 8 # 1 disables collapsing of explicit # JOIN clauses
#------------------------------------------------------------------------------# ERROR REPORTING AND LOGGING#------------------------------------------------------------------------------
# - Where to Log -
#log_destination = 'stderr' # Valid values are combinations of # stderr, csvlog, syslog and eventlog, # depending on platform. csvlog # requires logging_collector to be on.
# This is used when logging to stderr:#logging_collector = off # Enable capturing of stderr and csvlog # into log files. Required to be on for # csvlogs. # (change requires restart)
# These are only used if logging_collector is on:#log_directory = 'pg_log' # directory where log files are written, # can be absolute or relative to PGDATA#log_filename = 'postgresql-%Y-%m-%d_%H%M%S.log' # log file name pattern, # can include strftime() escapes #log_truncate_on_rotation = off # If on, an existing log file of the # same name as the new log file will be # truncated rather than appended to. # But such truncation only occurs on # time-driven rotation, not on restarts # or size-driven rotation. Default is # off, meaning append to existing files # in all cases.#log_rotation_age = 1d # Automatic rotation of logfiles will # happen after that time. 0 to disable.#log_rotation_size = 10MB # Automatic rotation of logfiles will # happen after that much log output. # 0 to disable.
# These are relevant when logging to syslog:#syslog_facility = 'LOCAL0'#syslog_ident = 'postgres'
# - When to Log -
#client_min_messages = notice # values in order of decreasing detail: # debug5 # debug4 # debug3 # debug2 # debug1 # log # notice # warning # error
#log_min_messages = notice # values in order of decreasing detail: # debug5 # debug4 # debug3 # debug2 # debug1 # info # notice # warning # error # log # fatal # panic
#log_error_verbosity = default # terse, default, or verbose messages
#log_min_error_statement = error # values in order of decreasing detail: # debug5 # debug4 # debug3 # debug2 # debug1 # info # notice # warning # error # log # fatal # panic (effectively off)
#log_min_duration_statement = -1 # -1 is disabled, 0 logs all statements # and their durations, > 0 logs only # statements running at least this time.
#silent_mode = off # DO NOT USE without syslog or # logging_collector # (change requires restart)
# - What to Log -
#debug_print_parse = off#debug_print_rewritten = off#debug_print_plan = off#debug_pretty_print = off#log_checkpoints = off#log_connections = off#log_disconnections = off#log_duration = off#log_hostname = offlog_line_prefix = '%t ' # special values: # %u = user name # %d = database name # %r = remote host and port # %h = remote host # %p = process ID # %t = timestamp without milliseconds # %m = timestamp with milliseconds # %i = command tag # %c = session ID # %l = session line number # %s = session start timestamp # %v = virtual transaction ID # %x = transaction ID (0 if none) # %q = stop here in non-session
# processes # %% = '%' # e.g. '<%u%%%d> '#log_lock_waits = off # log lock waits >= deadlock_timeout#log_statement = 'none' # none, ddl, mod, all#log_temp_files = -1 # log temporary files equal or larger # than specified size; # -1 disables, 0 logs all temp files#log_timezone = unknown # actually, defaults to TZ environment # setting
#------------------------------------------------------------------------------# RUNTIME STATISTICS#------------------------------------------------------------------------------
# - Query/Index Statistics Collector -
#track_activities = on#track_counts = on#update_process_title = on
# - Statistics Monitoring -
#log_parser_stats = off #log_planner_stats = off#log_executor_stats = off#log_statement_stats = off
#------------------------------------------------------------------------------# AUTOVACUUM PARAMETERS#------------------------------------------------------------------------------
#autovacuum = on # Enable autovacuum subprocess? 'on' # requires track_counts to also be on.#log_autovacuum_min_duration = -1 # -1 disables, 0 logs all actions and # their durations, > 0 logs only # actions running at least that time.#autovacuum_max_workers = 3 # max number of autovacuum subprocesses#autovacuum_naptime = 1min # time between autovacuum runs#autovacuum_vacuum_threshold = 50 # min number of row updates before # vacuum#autovacuum_analyze_threshold = 50 # min number of row updates before # analyze#autovacuum_vacuum_scale_factor = 0.2 # fraction of table size before vacuum#autovacuum_analyze_scale_factor = 0.1 # fraction of table size before analyze#autovacuum_freeze_max_age = 200000000 # maximum XID age before forced vacuum # (change requires restart)#autovacuum_vacuum_cost_delay = 20 # default vacuum cost delay for # autovacuum, -1 means use # vacuum_cost_delay#autovacuum_vacuum_cost_limit = -1 # default vacuum cost limit for # autovacuum, -1 means use # vacuum_cost_limit
#------------------------------------------------------------------------------# CLIENT CONNECTION DEFAULTS#------------------------------------------------------------------------------
# - Statement Behavior -
#search_path = '"$user",public' # schema names#default_tablespace = '' # a tablespace name, '' uses the default#temp_tablespaces = '' # a list of tablespace names, '' uses
# only default tablespace#check_function_bodies = on#default_transaction_isolation = 'read committed'#default_transaction_read_only = off#session_replication_role = 'origin'#statement_timeout = 0 # 0 is disabled#vacuum_freeze_min_age = 100000000
#xmlbinary = 'base64'#xmloption = 'content'
# - Locale and Formatting -
datestyle = 'iso, dmy'#timezone = unknown # actually, defaults to TZ environment # setting#timezone_abbreviations = 'Default' # Select the set of available time zone # abbreviations. Currently, there are # Default # Australia # India # You can create your own file in # share/timezonesets/.#extra_float_digits = 0 # min -15, max 2#client_encoding = sql_ascii # actually, defaults to database # encoding
# These settings are initialized by initdb, but they can be changed.lc_messages = 'es_PE.UTF-8' # locale for system error message # stringslc_monetary = 'es_PE.UTF-8' # locale for monetary formattinglc_numeric = 'es_PE.UTF-8' # locale for number formattinglc_time = 'es_PE.UTF-8' # locale for time formatting
# default configuration for text searchdefault_text_search_config = 'pg_catalog.spanish'
# - Other Defaults -
#explain_pretty_print = on#dynamic_library_path = '$libdir'#local_preload_libraries = ''
#------------------------------------------------------------------------------# LOCK MANAGEMENT#------------------------------------------------------------------------------
#deadlock_timeout = 1s#max_locks_per_transaction = 64 # min 10 # (change requires restart)# Note: Each lock table slot uses ~270 bytes of shared memory, and there are# max_locks_per_transaction * (max_connections + max_prepared_transactions)# lock table slots.
#------------------------------------------------------------------------------# VERSION/PLATFORM COMPATIBILITY#------------------------------------------------------------------------------
# - Previous PostgreSQL Versions -
#add_missing_from = off#array_nulls = on#backslash_quote = safe_encoding # on, off, or safe_encoding#default_with_oids = off#escape_string_warning = on#regex_flavor = advanced # advanced, extended, or basic#sql_inheritance = on#standard_conforming_strings = off#synchronize_seqscans = on
# - Other Platforms and Clients -
#transform_null_equals = off
#------------------------------------------------------------------------------# CUSTOMIZED OPTIONS#------------------------------------------------------------------------------
#custom_variable_classes = '' # list of custom variable class names
Chat Siat
La version que se instalo es phpfreechat-1.3.zip, deberá contarse con esos fuentes.Después de copiar los archivos en /Siat, hay que dar los permisos al usuario www-data
Como sigue
chown -R www-data /var/www/Siat/chat
Open-SSL (Encriptación https)
a2enmod ssl
Se hace una copia del archivo default en /etc/apache2/sites-enabled/ que se llama ssl o default-ssl
En /etc/apache2
Openssl req –new –x509 –extensions v3_ca –keyout cakey.pem –out cacert.pem v3
Mv cacert.pem cacert.crt
Mv cakey.pem cakey.crl
cd /etc/apache2vi ports.conf
En /etc/apache2/sites-enabled/Vi 000-default
NameVirtualHost *NameVirtualHost *:443<VirtualHost *> ServerAdmin webmaster@localhost DocumentRoot /var/www/ <Directory /> Options FollowSymLinks AllowOverride None </Directory>
<Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn
CustomLog /var/log/apache2/access.log combined ServerSignature On
Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> <Location /svn> DAV svn SVNParentPath /var/lib/svn </Location>
</VirtualHost>
<VirtualHost *:443> ServerAdmin webmaster@localhost SSLEngine on SSLCertificateFile /etc/apache2/cacert.crt SSLCertificateKeyFile /etc/apache2/cakey.crl
DocumentRoot /var/www/ <Directory /> Options FollowSymLinks AllowOverride None </Directory><Directory /var/www/> Options Indexes FollowSymLinks Multiviews AllowOverride All </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Allow from all </Directory>
ErrorLog /var/log/apache2/error.log
LogLevel warn
CustomLog /var/log/apache2/access.log combined ServerSignature On
Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory></VirtualHost>
