Gentoo Post Installations

From Gentoo Linux Wiki

Jump to: navigation, search
This article is part of the HOWTO series.
Installation Kernel & Hardware Networks Portage Software System X Server Gaming Non-x86 Emulators Misc
This page is a candidate for deletion 
Reason given: Entire article series:
  • Very basic with installation instructions only and absolutely no explanations.
  • Frequent abuses of USE and ACCEPT_KEYWORDS.
  • A number of other security problems.
  • All these subjects are already covered by far more indepth articles.
  • Needs tidying and wikification.
If you disagree with its deletion, please explain why on its discussion page.
If you intend to fix it, please remove this notice, but do not remove this notice from articles that you have created yourself.
Make sure no other pages link here and check the page's history before deleting.

This article is still a Stub. You can help Gentoo-Wiki by expanding it.


[edit] Updating your System 

# nano -w /etc/make.conf

HOWTO The Home Network for Beginners

File: /etc/make.conf 
USE="-X apache2 -arts -avi bzip2 cgi cli -cups dba -encode examples 
-foomaticdb ftp -gif -gnome -gtk -gtk2 imap innodb -kde ldap -mad 
maildir mailwrapper -mikmod mime -motif -mpeg mysql mysqli -oss 
pcre -pdflib pear perl php -png posix qmail -qt -quicktime ruby 
samba sasl session -sdl simplexml snmp sockets socks5 spamassassin 
spl symlink szip tidy tokenizer -truetype unicode usb verbose vhosts 
xml xmlrpc -xmms -xv"

# emerge gentoolkit
# emerge --update --deep --newuse world
# emerge depclean
# revdep-rebuild

[edit] Installing DNSMasq 

# emerge dnsmasq
# nano -w /etc/dnsmasq.conf
File: /etc/dnsmasq.conf 
dhcp-range=192.168.132.10,192.168.132.20
dhcp-host=00:11:22:33:44:55,192.168.132.10

# /etc/init.d/dnsmasq start
# rc-update add dnsmasq default

[edit] Starting SSH Daemon 

# /etc/init.d/sshd start
# rc-update add sshd default

[edit] Installing UPS 

# mkdir /etc/upsmon
# cd /etc/upsmon
# wget http://www.powercom-ups.com/downloads/upsmon091_linux.tar
# tar -xvf ~/upsmon091_linux.tar
# nano -w /etc/init.d/upsmond
File: /etc/init.d/upsmond 
#! /sbin/runscript

start() {
    ebegin "Starting upsmon"
     eend $? "Failed to start upsmon"
}

# chmod 755 /etc/init.d/upsmond
# nano -w /etc/conf.d/upsmon
File: /etc/conf.d/upsmon 
/etc/upsmon/upsmon /dev/ttyS0 300 180

# /etc/init.d/upsmond start
# rc-update add upsmond default

[edit] Installing DDClient 

# emerge ddclient
# nano -w /etc/ddclient/ddclient.conf
File: /etc/ddclient/ddclient.conf 
 
  daemon=36000
  syslog=yes
  pid=/var/run/ddclient.pid
  use=web, web=checkip.dyndns.org/, web-skip='IP Address'

  login=testuser
  password=*******

  wildcard=yes
  server=members.dyndns.org,     \
  protocol=dyndns2               \

  testsite1.ath.cx,testsite2.ath.cx
  

# /etc/init.d/ddclient start
# rc-update add ddclient default

[edit] Installing IPtables 

# emerge iptables
# nano -w /etc/init.d/firewall
File: /etc/init.d/firewall 
 
  #!/sbin/runscript

  IFACE1=eth0
  IFACE2=eth1

  depend() {
   need net
  }

  start() {
   ebegin "Starting firewall"

   iptables -F
   iptables -t nat -F 
   iptables -A INPUT -i lo -p all -j ACCEPT 
   iptables -A INPUT -i $IFACE2 -p all -j ACCEPT 
   iptables -A INPUT -i $IFACE1 -m state --state ESTABLISHED,RELATED -j ACCEPT
   iptables -A INPUT -p tcp -i $IFACE1 --dport 22 -j ACCEPT
   iptables -A INPUT -p tcp -i $IFACE1 --dport 80 -j ACCEPT
   iptables -A INPUT -p tcp -i $IFACE1 --dport 443 -j ACCEPT
   iptables -P INPUT DROP

   iptables -I FORWARD -i $IFACE1 -p tcp -o $IFACE2 --dport 4662 -j ACCEPT
   iptables -I FORWARD -i $IFACE1 -p udp -o $IFACE2 --dport 4672 -j ACCEPT
   iptables -I FORWARD -i $IFACE1 -p tcp -o $IFACE2 --dport 4771 -j ACCEPT
   iptables -I FORWARD -i $IFACE1 -p tcp -o $IFACE2 --dport 5190 -j ACCEPT
   iptables -I FORWARD -i $IFACE1 -p udp -o $IFACE2 --dport 5190 -j ACCEPT
   iptables -I FORWARD -i $IFACE1 -p tcp -o $IFACE2 --dport 6881 -j ACCEPT 
   iptables -I FORWARD -i $IFACE2 -p tcp -o $IFACE1 --dport 4661 -j ACCEPT
   iptables -I FORWARD -i $IFACE2 -p tcp -o $IFACE1 --dport 4662 -j ACCEPT
   iptables -I FORWARD -i $IFACE2 -p udp -o $IFACE1 --dport 4672 -j ACCEPT
   iptables -I FORWARD -i $IFACE2 -p tcp -o $IFACE1 --dport 4771 -j ACCEPT
   iptables -I FORWARD -i $IFACE2 -p tcp -o $IFACE1 --dport 5190 -j ACCEPT
   iptables -I FORWARD -i $IFACE2 -p udp -o $IFACE1 --dport 5190 -j ACCEPT
   iptables -I FORWARD -i $IFACE2 -p tcp -o $IFACE1 --dport 6881 -j ACCEPT
   iptables -I FORWARD -i $IFACE1 -m state --state ESTABLISHED,RELATED -j ACCEPT

   iptables -t nat -I PREROUTING -i $IFACE1 -p tcp --dport 4662 -j DNAT --to 192.168.132.10:4662
   iptables -t nat -I PREROUTING -i $IFACE1 -p udp --dport 4672 -j DNAT --to 192.168.132.10:4672
   iptables -t nat -I PREROUTING -i $IFACE1 -p tcp --dport 4771 -j DNAT --to 192.168.132.10:4771
   iptables -t nat -I PREROUTING -i $IFACE1 -p tcp --dport 5190 -j DNAT --to 192.168.132.10:5190
   iptables -t nat -I PREROUTING -i $IFACE1 -p tcp --dport 6881 -j DNAT --to 192.168.132.10:6881
   iptables -t nat -A POSTROUTING -o $IFACE1 -j MASQUERADE
   
   eend $?
  }

  stop() {
   ebegin "Stopping firewall"

   iptables -F
   iptables -t nat -F
   iptables -P FORWARD ACCEPT
   iptables -P INPUT   ACCEPT
   iptables -P OUTPUT  ACCEPT
   iptables -t nat -A POSTROUTING -o $IFACE1 -j MASQUERADE

   eend $?
  }
  

# nano -w /etc/conf.d/local.start
File: /etc/conf.d/local.start 
 
  /etc/init.d/firewall start 
  

# chmod 755 /etc/init.d/firewall
# /etc/init.d/firewall start
# nano -w /etc/sysctl.conf
File: /etc/sysctl.conf 
 
  net.ipv4.ip_forward = 1
  net.ipv4.conf.default.rp_filter = 1
  

# /etc/init.d/iptables save
# /etc/init.d/iptables start
# rc-update add iptables default

[edit] Installing NFS 

# emerge nfs-utils

[edit] Server side 

# nano -w /etc/exports
File: /etc/exports 
 
  /home                   192.168.132.0/255.255.255.0(async,rw)
  /files                  192.168.132.0/255.255.255.0(async,rw)
  /backup                 192.168.132.0/255.255.255.0(async,rw)
  /var/www                192.168.132.10(async,rw)
  /var/vpopmail/domains/  192.168.132.10(async,rw)
  

# /etc/init.d/nfs start
# rc-update add nfs default

[edit] Client side 

# mkdir -p /server/{files,backup,home,web,mail}
# nano –w /etc/fstab
File: /etc/fstab 
 
  192.168.132.1:/home                   /server/home    nfs     rw      0 0
  192.168.132.1:/files                  /server/files   nfs     rw      0 0
  192.168.132.1:/backup                 /server/backup  nfs     rw      0 0
  192.168.132.1:/var/www                /server/web     nfs     rw      0 0
  192.168.132.1:/var/vpopmail/domains/  /server/mail    nfs     rw      0 0
  

# /etc/init.d/portmap start
# rc-update add portmap default

[edit] Installing Local Rsync Mirror

[edit] Server side 

# nano -w /etc/rsyncd.conf
File: /etc/rsyncd.conf 
 
  pid file = /var/run/rsyncd.pid
  uid = nobody
  gid = nobody
  use chroot = yes

  hosts allow=192.168.132.0/255.255.255.0
  hosts deny=*

  max connections = 5
  pid file = /var/run/rsyncd.pid
  motd file = /etc/rsyncd.motd
  log file = /var/log/rsync.log
  log format = %t %a %m %f %b
  syslog facility = local3
  timeout = 300

  [gentoo-portage]

  path = /usr/portage
  comment = Gentoo Linux Portage tree mirror
  exclude = distfiles/ packages/
  

# nano -w /etc/init.d/rsyncd
File: /etc/init.d/rsyncd 
 
  start() {
         ebegin "Starting rsyncd"
         nice -n -5 rsync --daemon ${RSYNC_OPTS}
         eend $?
  }
  

# nano -w /etc/rsyncd.motd
File: /etc/rsyncd.motd 
 
  .: Welcome to TestSite1.Ath.Cx Local Rsync Mirror! :.
  

# /etc/init.d/rsyncd start
# rc-update add rsyncd default

[edit] Client side 

# nano -w /etc/make.conf
File: /etc/make.conf 
 
  SYNC="rsync://testsite1.ath.cx/gentoo-portage"
Retrieved from "http://gentoo-wiki.com/Gentoo_Post_Installations"
Personal tools