TODO:

• better firewall rules - for internal boxes
• DB backup script

db1.boxaroo.com

• System type = custom (you pick the packages)
• eth0 = 192.168.1.10
• eth1 = 192.168.1.11
• left SELinux on
• TODO: get better DNS set up (and fix when server is landed)
• Unpick Graphical Internet, Office/Productivity, Sound/Video, Graphics (TODO: make this list complete)
• Install size ~ 2GB

• Reboot...first time pick 'NTP', enter in a non-root user (e.g. guy)

• login to a shell
• su to root
• record what you get from sudo /sbin/mdadm --detail --scan

• in /etc/sudoers add: guy   ALL=(ALL)   PASSWD: /usr/bin/passwd, NOPASSWD: ALL
• log out to guy account
• change /etc/inittab to have start at runlevel 3
• sudo hostname db1.boxaroo.com
• sudo mv /sbin/shutdown /sbin/sulogin_really_are_you_sure_this_is_the_server

• sudo wget http://centos.karan.org/kbsingh-CentOS-Extras.repo -O /etc/yum.repos.d/kbsingh-CentOS-Extras.repo
• sudo wget http://centos.karan.org/kbsingh-CentOS-Misc.repo -O /etc/yum.repos.d/kbsingh-CentOS-Misc.repo
• sed --in-place=_old '/\[centosplus\]/,/^\[/s/enabled=0/enabled=1/' /etc/yum.repos.d/CentOS-Base.repo

• sudo yum -y install mysql
• sudo yum -y install mysql-server
• sudo yum -y install mysql-administrator
• sudo yum -y install mysql-query-browser
• sudo yum -y install vim-enhanced
• sudo yum install chkrootkit
• sudo yum -y install php ( this gives us basic PHP, without some of the things our normal servers need, but should be enough for basic scripts)

• mkdir ~guy/.ssh
• chmod 700 .ssh/
• paste in id_rsa and authorized_keys from the ~msw/.ssh dir into ~/.ssh/id_rsa
• sudo sed --in-place=_old 's/^[ ]*\(PasswordAuthentication \).*/\1 no/' /etc/ssh/sshd_config
• fix /etc/ssh/sshd_config to not allow root login (too tired to write sed command)
• sudo /etc/init.d/sshd restart

• as msw run vncserver. Pick a password
• run vncserver -kill :1
• fix ~/.vnc/xstartup
• scp boxaroo.com:~/.vimrc .
• set 'setting up replication' here

-- MattWalsh - 19 Sep 2007