This tutorial has been tested and is working on Debian etch and lenny

1. Install the PowerDNS server and MySql backend using apt

apt-get install pdns-server pdns-backend-mysql


2. Create a new database (or use existing) and execute the following SQL queries to create the PowerDNS table structure:

create table domains (
id INT auto_increment,
name VARCHAR(255) NOT NULL,
master VARCHAR(128) DEFAULT NULL,
last_check INT DEFAULT NULL,
type VARCHAR(6) NOT NULL,
notified_serial INT DEFAULT NULL,
account VARCHAR(40) DEFAULT NULL,
primary key (id)
)type=InnoDB;
 
CREATE UNIQUE INDEX name_index ON domains(name);
 
CREATE TABLE records (
id INT auto_increment,
domain_id INT DEFAULT NULL,
name VARCHAR(255) DEFAULT NULL,
type VARCHAR(6) DEFAULT NULL,
content VARCHAR(255) DEFAULT NULL,
ttl INT DEFAULT NULL,
prio INT DEFAULT NULL,
change_date INT DEFAULT NULL,
primary key(id)
)type=InnoDB;
 
CREATE INDEX rec_name_index ON records(name);
CREATE INDEX nametype_index ON records(name,type);
CREATE INDEX domain_id ON records(domain_id);
 
create table supermasters (
ip VARCHAR(25) NOT NULL,
nameserver VARCHAR(255) NOT NULL,
account VARCHAR(40) DEFAULT NULL
);


3. Configure PowerDNS to use the MySql backend by adding this line into the configuration file (pico /etc/powerdns/pdns.conf)

launch=gmysql


4. Configure MySql login information for the PowerDNS server that can read from the tables you created earlier by adding lines similar to these (pico /etc/powerdns/pdns.d/pdns.local)

gmysql-host=127.0.0.1
gmysql-user=pdns
gmysql-password=password
gmysql-dbname=pdns


Replace the username, password and dbname with a valid login information and database name.

5. Restart PowerDNS

/etc/init.d/pdns restart


Now you should have a fully functional PowerDNS server installed. To manage the database (adding zones and records), consider using the Poweradmin web-based administration tool.

Munin is a network/system monitoring application that presents output in graphs through a web interface. If you haven't installed it already, use this tutorial: Monitoring multiple servers with Munin.

Assuming you have both varnish and munin installed, here's a tutorial on installing a plugin for munin to monitor Varnish.

1. Install git-core to receive the plugin from github

apt-get install git-core


2. cd into the munin plugins directory

/usr/share/munin/plugins


3. Download the munin-varnish plugin

git clone git://github.com/basiszwo/munin-varnish.git


4. Set correct permissions

chmod a+x /usr/share/munin/plugins/munin-varnish/varnish_*


5. Link the plugin sections to the munin config

ln -s /usr/share/munin/plugins/munin-varnish/varnish_* /etc/munin/plugins/


6. Add these lines to the bottom of the munin-node config (pico /etc/munin/plugin-conf.d/munin-node)

[varnish*]
user root


7. Restart munin-node

/etc/init.d/munin-node restart


1. Install rkhunter

apt-get install rkhunter


2. Run rkhunter to check your server

rkhunter --check


The development of this interface specification was led by Intel Corporation and is supported by more than two hundred computer systems vendors including Dell, Hewlett-Packard, Intel, and NEC Corporation.

1. Install the ipmitool which is used to send commands and receive information from the management interface.

apt-get install ipmitool


2. Use this command to send and receive information to a remote server

ipmitool -H {ip_address} -U {username} -a {ipmi_command}


You can also skip the "-a" parameter (which makes ipmitool prompt for a password everytime) and add "-P {password}" to avoid the password prompt.

Here are some examples of useful commands

Get hardware status (including hardware failures and power status)

ipmitool -H {ip_address} -U {username} -a chassis status


List all sensor values (including temperature, fan speed, voltage and more)

ipmitool -H {ip_address} -U {username} -a sensor list


Print system event log

ipmitool -H {ip_address} -U {username} -a sel list


Check if your server is on or off

ipmitool -H {ip_address} -U {username} -a chassis power status


Power off the server (soft shutdown via ACPI)

ipmitool -H {ip_address} -U {username} -a chassis power soft


Power off the server (hard)

ipmitool -H {ip_address} -U {username} -a chassis power off


Start the server

ipmitool -H {ip_address} -U {username} -a chassis power on


Restart server (hard)

ipmitool -H {ip_address} -U {username} -a chassis power reset


1. Install Apache2 and PHP5 (as an Apache module)

apt-get install apache2 php5 libapache2-mod-php5 php5-mysql


2. Install MySql server

apt-get install mysql-server


3. At this point you may need to restart Apache

/etc/init.d/apache2 restart


3. Create a test php file

echo "<?php phpinfo(); ?>" > /var/www/info.php


The default document root for Debian is in /var/www so you can access the test file on this location: http://yourserver/info.php

3. Install phpMyAdmin (optional but preferred by most developers and administrators)

apt-get install phpmyadmin


By default, phpmyadmin will be accessible on: http://yourserver/phpmyadmin

In this tutorial, it's assumed that you have already installed Postfix with MySql backend using this tutorial: Installing Postfix with MySql backend and SASL for SMTP authentication

1. Install PHP5-CLI (Command Line Interpreter) if it's not already installed

apt-get install php5-cli


2. Create a MySql table for goldfish and a user that has only read access to the users table and read/update access to the autoresponder table (mysql -u root -p)

USE mail;
 
CREATE TABLE autoresponder (
email varchar(255) NOT NULL,
descname varchar(255) default NULL,
`from` date NOT NULL,
`to` date NOT NULL,
message text NOT NULL,
enabled tinyint(4) NOT NULL default '0',
subject varchar(255) NOT NULL,
PRIMARY KEY (email),
FULLTEXT KEY message (message)
) TYPE=MyISAM;
 
-- Insert a sample out of office message for the
-- e-mail address email@example.com
-- Goldfish automatically enables and disables the out of office
-- message according to the from and to dates
-- (in this case: 7th of august to 14th of august 2010)
INSERT INTO autoresponder ('email@example.com', 'Your name', '2010-08-07', '2010-08-14', 'Your message', '1', 'Your subject');
 
GRANT SELECT,UPDATE ON mail.autoresponder TO '{username}'@'localhost' IDENTIFIED BY '{password}';
GRANT SELECT ON mail.users TO '{username}'@'localhost' IDENTIFIED BY '{password}';
FLUSH PRIVILEGES;
 
exit;


Replace {username} and {password} with selected username and password that will be used by goldfish

We'll use the mail database that was created in the Postfix installation tutorial.

3. Download goldfish and put it to any location on the server. In this example I'll place it in /usr/local/goldfish

mkdir /usr/local/goldfish
wget http://www.remofritzsche.com/projects/goldfish/download/goldfish-1.1-STABLE.tar.gz
tar zxvf goldfish-1.1-STABLE.tar.gz
mv goldfish-1.1-STABLE/* /usr/local/goldfish/
rm goldfish-1.1-STABLE* -rf # Clean up


1.1 was the latest stable version when this tutorial was written. Check this location for updated version: http://www.remofritzsche.com/projects/goldfish/download/

4. Configure database information in goldfish (pico /usr/local/goldfish/autoresponder.php)

/* Database information */
$conf['mysql_host'] = "localhost";
$conf['mysql_user'] = "{username}";
$conf['mysql_password'] = "{password}";
$conf['mysql_database'] = "mail";


Input your MySql server information and the login created in step 2. mysql_host should be localhost in most cases and the mysql_database should be mail (if you didn't choose another name for the database when Postfix was installed with MySql backend)

5. Configure database queries in goldfish (pico /usr/local/goldfish/autoresponder.php)

/* Database Queries */
 
# This query has to return the path (`path`) of the corresponding
# maildir-Mailbox with email-address %m
$conf['q_mailbox_path'] = "SELECT CONCAT('/home/vmail/', SUBSTRING_INDEX(email,'@',-1), '/', SUBSTRING_INDEX(email,'@',1), '/') as `path` FROM users WHERE `email` = '%m'";


The database queries begin on line 56 in version 1.1. Replace the q_mailbox_path query with the one shown above. The only change is that the table name is changed from view_users to users.

6. Make the vmail user the owner of the goldfish directory and make the php file executable. The vmail user was created when you installed Postfix.

chown vmail /usr/local/goldfish -R
chmod 700 /usr/local/goldfish/autoresponder.php


7. Create a cronjob to run goldfish every 5 minutes as the vmail user. It must be running as a user that can read the maildir mailboxes currently located in /home/vmail. (crontab -e)

*/5 * * * * vmail /usr/local/goldfish/autoresponder.php


1. Install the Squid package

apt-get install squid


2. Allow your ip network to use the proxy server (pico /etc/squid/squid.conf). Append lines similar to these to your config

file:

acl mynetwork src 192.168.1.0/255.255.255.0
http_access allow mynetwork


Replace 192.168.1.0/255.255.255.0 with the network that should be able to use the proxy.

3. Don't forward client ip information (optional)

forwarded_for off


4. Restart the daemon

/etc/init.d/squid restart


5. Configure your web browser or application your would like to use the proxy server to connect to serverip at port 3128.

1. Open the SSH daemon config file and change this line: (pico /etc/ssh/sshd_config)

PermitRootLogin no


2. Restart the SSH daemon

/etc/init.d/ssh restart


1. Create a new user (optional)

adduser user1


2. Make sure sudo is install (installed by default on lenny)

apt-get install sudo


3. Add the new user to the sudo-ers list (visudo)

user1 ALL=(ALL) ALL


This will allow user1 to run all commands that require root privileges. You can also limit the access, Click here to view the syntax

4. Save the file by pressing Ctrl-X if you are using Nano/pico or :w if using vi

You can now login as the standard user (user1) and execute commands that require root privileges using sudo.

First install packages for both Trac and Subversion. We'll be using Apache to publish the Subversion reposatories
apt-get install python-setuptools trac subversion libapache2-svn


Create the SVN reposatory directory structure, used to create new reposatories later
mkdir /var/svn/
mkdir /var/svn/tmpproject
mkdir /var/svn/tmpproject/branches
mkdir /var/svn/tmpproject/tags
mkdir /var/svn/tmpproject/trunk

Enable the Apache SVN module

a2enmod dav_fs


Create a password file containing users that have access to the Subversion reposatories and Trac
htpasswd -c /etc/apache2/svn.passwd user1
htpasswd /etc/apache2/svn.passwd user2


Edit the apache configurations to enable Trac and Subversion SVN (pico /etc/apache2/sites-enabled/000-default). Add the following lines:
<Location /svn>
DAV svn
SVNParentPath /var/svn
SVNAutoversioning on
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /etc/apache2/svn.passwd
Require valid-user
</Location>

<Directory "/usr/share/trac/htdocs">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>

Alias /trac "/usr/share/trac/htdocs"
Create a directory for Trac projects
mkdir /var/trac


Create projects

Subversion reposatory
svnadmin create /var/svn/myproject --fs-type fsfs
svn import /var/svn/tmpproject file:///var/svn/myproject -m "initial import"
find /var/svn/myproject -type f -exec chmod 660 {} \;
find /var/svn/myproject -type d -exec chmod 2770 {} \;
chown -R root.www-data /var/svn/myproject


Trac project
trac-admin /var/trac/myproject initenv
find /var/trac/myproject -type f -exec chmod 660 {} \;
find /var/trac/myproject -type d -exec chmod 2770 {} \;
chown -R root.www-data /var/trac/myproject


Configure Apache to publish the new project (pico /etc/apache2/sites-enabled/000-default). Add the following lines:
ScriptAlias /projects/myproject /usr/share/trac/cgi-bin/trac.cgi
a
<Location "/projects/myproject">
SetEnv TRAC_ENV "/var/trac/myproject"
</Location>
 
<Location "/projects/myproject">
AuthType Basic
AuthName "Trac - myproject"
AuthUserFile /etc/apache2/svn.passwd
Require valid-user
</Location>


Restart Apache
/etc/init.d/apache2 force-reload


Give a user administrator permissions to the project
trac-admin /var/trac/myproject
permission add user1 TRAC_ADMIN


You can now access your Trac project by browsing with your favorite browser to http://localhost/projects/myproject.

To access the Subversion reposatory you can use any Subversion client. If you're using Windows, TortoiseSVN would be a good choice.