Installation
Alix tweaks
sed -i '/ext4/ s/relatime/noatime/g' /etc/fstab
sed -i '/^default_kernel_opts/ s/=.*/="libata.force=1.0:udma66 console=tty0 console=ttyS0,38400 quiet"/' /etc/update-extlinux.conf
update-extlinux
Serial console
sed -i '/^serial_port/ s/=.*/=0/' /etc/update-extlinux.conf
sed -i '/^serial_baud/ s/=.*/=38400/' /etc/update-extlinux.conf
update-extlinux
echo 'ttyS0::respawn:/sbin/getty -L ttyS0 38400 vt100' >> /etc/inittab
echo 'ttyS0' >> /etc/securetty
Swap file
dd if=/dev/zero of=/swapfile bs=1M count=512
chmod 600 /swapfile
mkswap /swapfile
echo '/swapfile none swap sw 0 0' >> /etc/fstab
Disable IPv6
echo 'ipv6' >> /etc/modules
echo 'net.ipv6.conf.all.disable_ipv6 = 1' >> /etc/sysctl.d/01-disable-ipv6.conf
Packages
sed -i '/^http/ s/^/#/g' /etc/apk/repositories
sed -i '/edge/ s/^#//g' /etc/apk/repositories
apk update
apk upgrade --available
apk add man mc screen iputils rsync subversion git build-base
NFS server
apk add nfs-utils
sed -i '/^OPTS_RPC_MOUNTD/ s/""/"-p 32767"/' /etc/conf.d/nfs
sed -i '/^OPTS_RPC_STATD/ s/""/"-p 32765 -o 32766"/' /etc/conf.d/nfs
echo 'options lockd nlm_udpport=32768 nlm_tcpport=32768' >> /etc/modprobe.d/local.conf
echo 'options nfs callback_tcpport=32764' >> /etc/modprobe.d/local.conf
rc-update add nfs
MySQL
apk add mariadb mariadb-client
/etc/init.d/mariadb setup && /etc/init.d/mariadb start
mysql_secure_installation
sed -i '/^\[mysqld\]/ s/$/\nbind-address = 127.0.0.1/' /etc/mysql/my.cnf
rc-update add mariadb
Apache + PHP + FastCGI + suEXEC + Pound
apk add apache2 apache2-utils apache-mod-fcgid php5 php5-cgi pound openssl lynx
apk add php5-pdo_sqlite php5-pdo_mysql php5-json
sed -i '/LoadModule.*rewrite/ s/^#//' /etc/apache2/httpd.conf
sed -i '/LoadModule.*suexec/ s/^#//' /etc/apache2/httpd.conf
sed -i '/^\s*DirectoryIndex/ s/$/ index.htm index.php/' /etc/apache2/httpd.conf
sed -i '31 s/HTTP/HTTPS/' /etc/pound.cfg
sed -i '32 s/127.0.0.1/0.0.0.0/' /etc/pound.cfg
sed -i '33 s/8888/443/' /etc/pound.cfg
sed -i '/^Port 443/ s_$_\nCert "/etc/ssl/pound/bundle.pem"_' /etc/pound.cfg
sed -i '/^xHTTP/ s/0/2/' /etc/pound.cfg
mkdir /etc/ssl/pound
# create SSL certificate
rc-update add apache2
rc-update add pound
- Example: VirtualHost configuration
adduser web1
mkdir ~web1/etc ~web1/tmp /var/www/vhosts
mkdir -m 750 /var/www/vhosts/web1
mkdir /var/www/vhosts/web1/html /var/www/vhosts/web1/fcgi-bin
cat >/var/www/vhosts/web1/fcgi-bin/php-fcgi-starter <<EOF
#!/bin/sh
export PHPRC="/home/web1/etc"
export TMPDIR="/home/web1/tmp"
exec /usr/bin/php-cgi
EOF
chmod +x /var/www/vhosts/web1/fcgi-bin/php-fcgi-starter
chown -hR web1:web1 /var/www/vhosts/web1 ~web1
chgrp -h www-data /var/www/vhosts/web1
cat >/etc/apache2/conf.d/web1.conf <<EOF
<VirtualHost *:80>
ServerName web1.stelas.de
ServerAlias *.web1.stelas.de
SuexecUserGroup web1 web1
DocumentRoot "/var/www/vhosts/web1/html"
<Directory "/var/www/vhosts/web1/html">
AddHandler fcgid-script .php
Options SymLinksIfOwnerMatch ExecCGI
AllowOverride AuthConfig FileInfo Limit
FcgidWrapper /var/www/vhosts/web1/fcgi-bin/php-fcgi-starter .php
Require all granted
</Directory>
CustomLog /var/log/apache2/web1_access.log combined
ErrorLog /var/log/apache2/web1_error.log
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</VirtualHost>
EOF
AWall
slrn, ansiweather
apk add bc curl jq slrn
Backup
export LBU_BACKUPDIR=/export/backup
lbu ci