Koeritz</span><span style="font-family: Comic Sans MS;"></span><span style="font-family: Comic Sans MS;"></span><br>
<span style="font-family: Comic Sans MS;">feisty meow® concerns ltd</span>.</div>
<h3 style=" text-align: center;"> Vintage: cakelampvm v002
- Updated: 2017-11-20 (rev. g)</h3>
+ Updated: 2017-12-19 (rev. h)</h3>
<p>The cakelampvm project provides a Virtualbox VM that acts as an "internet
in a bottle", serving up your web sites securely and only to your local
host. The virtual machine provides DNS services (<a target="_blank"
title="saco design" href="http://sacodesign.com">Saco Design</a> of <a
target="_blank" title="winterport" href="http://www.winterportmaine.gov/">Winterport,
Maine</a>.</p>
- <p>Commands preceded by an octothorpe ('#') below are intended to be typed
- into a bash shell running on the cakelampvm virtual machine. The
- bash shell can be obtained either by logging into the VM through ssh or by
- logging in directly to the Virtualbox VM console. You may find the
- ssh session more convenient, because copy & paste features work as
- expected.</p>
+ <p>Commands in fixed-width bold below are intended to be typed into a bash
+ shell running on the cakelampvm virtual machine. The bash shell can
+ be obtained either by logging into the VM through ssh or by logging in
+ directly to the Virtualbox VM console. You may find the ssh session
+ more convenient, because copy & paste features work as expected.</p>
<p>Commands preceded by a greater-than symbol ('>') are intended to be
run on the Host PC in a Windows command prompt (or in a bash prompt
running on the Host PC).</p>
IPv4 Network Mask: 255.255.255.0<br>
IPv6 Address: (leave blank)<br>
IPv6 Prefix Length: 0<br>
- Virtualbox will fill in the other details like so:<br>
+ Virtualbox will fill in the other details like so (this dialog may
+ differ between versions of virtualbox):<br>
<p><img alt="host only network adapter" src="images/host_only_network_adapter.png"></p>
</li>
<li>Set the "DHCP Server Settings" to disabled, e.g.<br>
Network CIDR: 10.0.2.0/24<br>
Supports DHCP: checked<br>
Supports IPv6: optionally checked<br>
- These are my settings, with IPv6 left disabled:<br>
+ These are my settings, with IPv6 left disabled (this dialog may differ
+ between versions of virtualbox):<br>
<img alt="nat net config" src="images/nat_network_config.png"></li>
</ol>
<h2>Starting up the VM and Connecting to It<a id="#start-vm" name="#start-vm"></a></h2>
is generally more useful to connect to the cakelampvm over ssh. If the
networking has been established properly, you should be able to do this
with:
- <pre># ssh developer@10.28.42.20 # or the equivalent with your ssh client</pre>
+ <pre><span style="font-weight: bold;">ssh developer@10.28.42.20<br># or perform the equivalent connection with your ssh client.</span></pre>
<p>And then provide the password to log in.</p>
<p>Once the DNS services are set up (discussed in detail below), you will be
able to run the much friendlier command:</p>
- <pre># ssh developer@cakelampvm.com</pre>
+ <pre><span style="font-weight: bold;">ssh developer@cakelampvm.com</span></pre>
<h4>Key Forwarding to the VM</h4>
<p>It is important to set up ssh key forwarding to enable your use of git
repositories while logged into the VM. Key forwarding should be
enabled for the VM's two fake host identities:</p>
- <pre>cakelampvm.com<br>10.28.42.20</pre>
+ <pre><span style="font-weight: bold;">cakelampvm.com<br>10.28.42.20</span></pre>
<h2>Updating cakelampvm to the Latest Model<a id="#update-vm" name="#update-vm"></a></h2>
<p>The cakelampvm v002 is released with the intention that it not need to be
released again. Version 001 was not built with that explicit
<p>There is an update feature built into the VM that is quite easy to
use. The updates are driven by the feisty meow script repository in
conjunction with a local scripted command. To activate the "update
- process" for your VM, run the following commands on the VM (without the
- initial '#' symbol):</p>
- <pre># rpuffer $FEISTY_MEOW_APEX # updates to the latest version of feisty meow
-# revamp_cakelampvm # enacts any configuration changes needed,<br> # plus fixes web folder and other permissions.</pre>
+ process" for your VM, run the following commands on the VM:</p>
+ <pre><span style="font-weight: bold;"># update to the latest version of feisty meow.<br>rpuffer $FEISTY_MEOW_APEX; reconfigure_feisty_meow<br># enact any configuration changes needed, such as permissions and account setup.
+revamp_cakelampvm</span></pre>
+ <span style="font-weight: bold;"> </span>
<p>These two commands can be run at any time to patch up your VM to the
latest.</p>
- <p>The first command ("rpuffer ...") is also useful on its own for getting
- the latest version of the feisty meow code. Run it again if there
- are bug fixes you need for any of the scripts or if you would like the
- most up-to-date cakelampvm documentation.</p>
+ <p>Recent versions of feisty meow support a new "<span style="font-weight: bold; font-family: monospace;">get_feisty</span>"
+ command, which will behave the same as the first line above. Once
+ you have run the "puffer..." command above for the first time (on
+ cakelampvm v002), this new command becomes available.</p>
+ <ul>
+ <li>The "<span style="font-weight: bold; font-family: monospace;">get_feisty</span>"
+ command is useful in its own right for getting the latest version of the
+ feisty meow code; run it again if you need bug fixes or if you want the
+ most recent cakelampvm documentation.</li>
+ <li>The "<span style="font-weight: bold; font-family: monospace;">revamp_cakelampvm</span>"
+ command can be used to repair many situations when the cakelampvm has
+ gone astray, especially for problems with permissions.</li>
+ </ul>
<h2>First Tasks as the Developer User</h2>
<p>Here are some first steps that will make the vm your own:</p>
<ol>
<li>Change your password for the developer account. (This may
eventually be required and automatic.) First, log into the VM with
ssh. Then type this command:<br>
- <pre># passwd</pre>
+ <pre><span style="font-weight: bold;">passwd</span></pre>
The 'passwd' command will ask for your current password, and then for a
new password plus a verification of that new password.<br>
</li>
<li>Change your git configuration for the user and email address.
This is how we've configured it so far:<br>
- <pre># git config --global user.email "developer@cakelampvm.com"</pre>
- <pre># git config --global user.name "Developer J. Cakemo"</pre>
+ <ul>
+ <li>
+ <pre><span style="font-weight: bold;">git config --global user.email "developer@cakelampvm.com"</span></pre>
+ </li>
+ <li>
+ <pre><span style="font-weight: bold;">git config --global user.name "Developer J. Cakemo"</span></pre>
+ </li>
+ </ul>
If you're developing on a real project, you probably don't want the
bogus email and even more bogus name above attached to your
commits. Just run the two commands again but with proper values.</li>
meow command reference</a> file.</p>
<p>(The feisty meow codebase is already configured for the developer account
on the cakelampvm virtual machine.)</p>
- <h2>X11 applications launched from the VM</h2>
- <p>[incomplete section]</p>
- <p>If a feature called "X forwarding" is enabled in your ssh client, then
- you can start graphical applications on the VM and display them on your
- local machine. This works right away on most Linux hosts, but can
- also work on PCs with X window system installed. This section
- describes how to set up Cygwin to run X server, which enables X11
- forwarding to your local display.</p>
- <p>...{insert that info}...</p>
<h2>Using the guest VM's DNS services<a id="#dns-from-vm" name="#dns-from-vm"></a></h2>
<p>The cakelampvm has been set up to provide a DNS server which will answer
name lookup requests on any of the sites that the cakelampvm is hosting
10.28.42.20. (The DNS server can be tested with nslookup, dig and
other tools.)</p>
<p>Note that the cakelampvm DNS should be listed first, if one intends to
- override any DNS names that actually exist out on the internet. Further,
- we have found it most effective to have *only* the cakelampvm as your DNS
- server, because a secondary DNS server can "take over" providing the name
- lookups, and thus foul up DNS requests that should succeed for your
- VM-hosted sites.</p>
+ override any DNS names that actually exist out on the internet.
+ Further, we have found it most effective to have *only* the cakelampvm as
+ your DNS server, because a secondary DNS server can "take over" providing
+ the name lookups, and thus foul up DNS requests that should succeed for
+ your VM-hosted sites.</p>
<p>If your Host PC is running Windows, see the DNS configuration section
below that is tailored to that operating system.</p>
<p>Important Note: It behooves you to remember to switch back to a normal
both the cakelampvm VM and on your host PC. Note: ping on Linux
keeps going forever, so hit control-C when you are tired of seeing the
pings:</p>
- <pre># ping cakelampvm.com</pre>
- <pre># ping mapsdemo.cakelampvm.com</pre>
+ <pre><span style="font-weight: bold;">ping cakelampvm.com</span></pre>
+ <span style="font-weight: bold;"> </span>
+ <pre><span style="font-weight: bold;">ping www.cakelampvm.com</span></pre>
<p>Note that any other answer than 10.28.42.20 for the address is *bzzzt*
wrong, and means something needs to be fixed.</p>
<p>If these pings succeed (which hopefully they will!), then try accessing
<pre>> ipconfig /flushdns</pre>
<p>and on Linux the flush DNS command can be many different things, but try
these two most common options:</p>
- <pre># sudo service dns-clean restart # restarts the client side DNS cache.</pre>
+ <pre><span style="font-weight: bold;"># restarts the client side DNS cache.<br>sudo service dns-clean restart</span></pre>
<p>or</p>
- <pre># sudo service nscd restart # restarts the nscd caching server.</pre>
+ <pre><span style="font-weight: bold;"># restarts the nscd caching server.<br>sudo service nscd restart</span></pre>
After, this try the pings again. If they still fail, please go back
over your DNS configuration very carefully. The cakelampvm's DNS
feature *does* actually work, but operating systems sometimes do their best
<p>If you run into any permission problems that prevent file access, either
remotely or within the VM itself, then try running this command to fix
them (repeated from the section above about updating the cakelampvm):</p>
- <pre># revamp_cakelampvm</pre>
+ <pre><span style="font-weight: bold;">revamp_cakelampvm</span></pre>
<p>Afterwards, the www folder and others should allow the developer user to
create new folders at will.</p>
<h2>Accessing files on the host PC from the guest VM<a id="#samba-shares" name="#samba-shares"></a></h2>
shared, and give it a name for the guest. We assume the folder
name will be "myshare".</li>
<li>On the guest vm, run the following commands to mount the share:<br>
- <pre># mkdir ~/shared # for the guest's version of the shared folder<br># sudo mount -t vboxsf myshare ~/shared # mount the vm's share name onto the folder on the vm.</pre>
+ <pre><span style="font-weight: bold;"># make the guest's version of the shared folder<br>mkdir ~/shared<br># mount the vm's share name onto the folder on the vm.<br>sudo mount -t vboxsf myshare ~/shared</span></pre>
</li>
</ol>
+ <h2>X11 applications launched from the VM</h2>
+ <p>[incomplete section]</p>
+ <p>If a feature called "X forwarding" is enabled in your ssh client, then
+ you can start graphical applications on the VM and display them on your
+ local machine. This works right away on most Linux hosts, but can
+ also work on PCs with X window system installed. This section
+ describes how to set up Cygwin to run X server, which enables X11
+ forwarding to your local display.</p>
+ <p>...{insert that info}...</p>
<h2>Adding a new website and domain on the guest VM</h2>
<p>Note: these instructions, even the quick approaches below, pale in
comparison to the ease of use of the "standup" command in feisty meow's
details on how to add a containing domain for the first time.
<h4>Quick approach: Use the feisty meow "add_domain" command.</h4>
<p>Run this command in a bash shell on the VM:</p>
- <pre># add_domain excalibur.cakelampvm.com</pre>
+ <pre><span style="font-weight: bold;">add_domain excalibur.cakelampvm.com</span></pre>
<p>Done.</p>
<h4>Manual approach: Edit the bind9 configuration.</h4>
<p>Note: the manual approach is not compatible with later use of feisty
meow's "remove_domain".</p>
Execute the following command to edit the DNS file for the cakelampvm
domain:
- <pre># sudo vi /etc/bind/cakelampvm.com.conf</pre>
+ <pre><span style="font-weight: bold;">sudo vi /etc/bind/cakelampvm.com.conf</span></pre>
<p>Add a stanza for the new site at the end of this file:</p>
<pre>excalibur.cakelampvm.com. IN A 10.28.42.20<br> IN HINFO "linux server" "ubuntu"</pre>
<p>Restart the DNS server:</p>
- <pre># sudo service bind9 restart</pre>
+ <pre><span style="font-weight: bold;">sudo service bind9 restart</span></pre>
<p>Afterwards, pinging excalibur.cakelampvm.com should work from both the
guest VM and the host PC.</p>
<h3>DNS Option B: Using an entirely new domain for the site</h3>
this example, we need to add the site "excalibur.tv" into the DNS.</p>
<h4>Quick approach: Use the feisty meow "add_domain" command.</h4>
Run this command in a bash shell on the VM:
- <pre># add_domain excalibur.tv</pre>
+ <pre><span style="font-weight: bold;">add_domain excalibur.tv</span></pre>
<p>Done.</p>
<h4>Manual approach: Edit a new DNS config file</h4>
<p>Note: the manual approach is not compatible with later use of feisty
to add the new file by adding this bit of configuration at the end:</p>
<pre>zone "excalibur.tv" in {<br> file "/etc/bind/excalibur.tv.conf";<br> type master;<br> allow-query { any; };<br>};</pre>
<p>Restart the DNS server:</p>
- <pre># sudo service bind9 restart</pre>
+ <pre><span style="font-weight: bold;">sudo service bind9 restart</span></pre>
<p>Afterwards, pinging excalibur.tv should work from both the guest and the
host.</p>
<h3>Creating a New Apache Site</h3>
developer@cakelampvm.com </p>
<h4>Quick approach: Use the feisty meow "add_apache_site" command.</h4>
<p>Run this command in a bash shell on the VM:</p>
- <pre># add_apache_site excalibur excalibur.tv</pre>
+ <pre><span style="font-weight: bold;">add_apache_site excalibur excalibur.tv</span></pre>
<p>(The first parameter is the application name, the second is the domain
name.)</p>
<p>Done.</p>
appropriate file name that includes the site's domain name. We will
call our config file "excalibur.tv.conf". If you developed the file
in your home folder, this would be the command to move it up to Apache:</p>
- <pre># sudo cp ~/excalibur.tv.conf /etc/apache2/sites-available</pre>
+ <pre><span style="font-weight: bold;">sudo cp ~/excalibur.tv.conf /etc/apache2/sites-available</span></pre>
<p>Then tell apache to use the new file:</p>
- <pre># sudo a2ensite excalibur.tv # the '.conf' portion of the filename is unnecessary for this command.
+ <pre><span style="font-weight: bold;">sudo a2ensite excalibur.tv<br># the '.conf' portion of the filename is unnecessary for this command.</span>
</pre>
<p>Finally, restart apache to get it to begin serving the site:</p>
- <pre># sudo service apache2 restart</pre>
+ <pre><span style="font-weight: bold;">sudo service apache2 restart</span></pre>
<h3>Test the new web site</h3>
<p>Given the configuration above, your host PC should now be able to access
the new website on the domain "excalibur.tv".</p>
<p>To test this, first try pinging the new DNS name:</p>
- <pre># ping excalibur.tv</pre>
- <p>If there are responses to the ping *and* the answer is 10.28.42.20, then
- it means the DNS is working. If there are no responses or it's some
- other IP address talking back, check the instructions in the above DNS
- sections.</p>
+ <pre><span style="font-weight: bold;">ping excalibur.tv</span></pre>
+ <p>If there are responses to the ping <span style="font-weight: bold;">*and*</span>
+ the answer is 10.28.42.20, then it means the DNS is working.</p>
+ <p>If there are no responses or it's some other IP address talking back,
+ check the instructions in the above DNS sections.</p>
<p>Once the DNS is working, try browsing to the site at "<a title="it's excalibur, wilbur!"
href="http://excalibur.tv">http://excalibur.tv</a>". That should
at least bring up the configured site storage path, even if nothing is
href="http://nvie.com/posts/a-successful-git-branching-model/">http://nvie.com/posts/a-successful-git-branching-model/</a></p>
<p>This is a basic guide to the Google Developer Console and API Key
management: <a target="_blank" title="apis and creds at google" href="https://feistymeow.org//feisty_meow/documentation/google_apis/google_apis_and_credentials.pdf">Google
- API Docs</a></p>
- <p> </p>
+ API Docs</a> </p>
<h3>Using the "meld" Tool to Compare Files & Directories</h3>
<p>Meld is a great comparison tool that displays differences between two
files or directories or directory trees in a graphical view. Meld is
pre-installed on the VM. This tool can be launched either in the
VM's X Windowing System (on the console) or if X11 forwarding is enabled.</p>
<p>To run meld, just type this command:</p>
- <p>#meld A B</p>
- <p>where A and B are either both file names or they are both directory names.
- If A and B are directories, meld will compare the entire tree structure
- between the two directories. It allows one to copy from one side to
- the other, even if the item that needs to be copied is an entire
- subdirectory.</p>
+ <pre><span style="font-weight: bold;">meld A B</span></pre>
+ <p>where A and B are either both file names or they are both directory
+ names. If A and B are directories, meld will compare the entire tree
+ structure between the two directories. It allows one to copy from
+ one side to the other, even if the item that needs to be copied is an
+ entire subdirectory.</p>
<h3>Get the network address on the guest vm</h3>
<p>Run this command:</p>
- <pre># ifconfig</pre>
+ <pre><span style="font-weight: bold;">ifconfig</span></pre>
<p>In the results, look for "<span style="font-family: monospace;">inet addr</span>".
There may be more than one, if there are multiple network interfaces.</p>
<p>The standard IP address is 10.28.42.20 for the cakelampvm.</p>
<p>When you've got the DNS and everything integrated, these commands will
manage the vm's state:</p>
<p>First, log into the guest VM:</p>
- <pre># ssh developer@cakelampvm.com</pre>
+ <pre><span style="font-weight: bold;">ssh developer@cakelampvm.com</span></pre>
<p>Then, to reboot the guest VM:</p>
- <pre># sudo reboot</pre>
+ <pre><span style="font-weight: bold;">sudo reboot</span></pre>
<p>Or, to halt the guest VM:</p>
- <pre># sudo shutdown -h now</pre>
+ <pre><span style="font-weight: bold;">sudo shutdown -h now</span></pre>
<p>Using these commands is kinder to the VM than just cycling the power from
the Virtualbox control panel.</p>
<h1>Gritty Details of the Nitty Variety<a id="#nitty-gritty" name="#nitty-gritty"></a></h1>
Image". This will mount the CD's ISO image on the VM.</li>
<li>On the guest VM, it may be necessary to mount the CD image that's now
available:<br>
- <pre># sudo mount /dev/sr0 /media/cdrom</pre>
+ <pre><span style="font-weight: bold;">sudo mount /dev/sr0 /media/cdrom</span></pre>
<p>Linux will mention that the device is mounted "read-only".</p>
</li>
<li>Since the VM currently has no windowing system installed, one must
start the Guest Additions install manually:<br>
- <pre># cd /media/cdrom<br># sudo sh VBoxLinuxAdditions.run</pre>
+ <pre><span style="font-weight: bold;">cd /media/cdrom<br>sudo sh VBoxLinuxAdditions.run</span></pre>
</li>
<li>The latest Virtualbox guest additions should now be installed.</li>
</ol>
<p>To minimize the size used for the disk image, there are three major
steps.</p>
<p>1. While running the VM, run this command:</p>
- <pre># sudo apt clean</pre>
+ <pre><span style="font-weight: bold;">sudo apt clean</span></pre>
<p>This throws away any cached data from the apt tool, which can be
substantial.</p>
<p>If there are other junk files you know of that can be removed, delete
<p>2. Reboot the VM to the gparted ISO image (available at the <a target="_blank"
title="great free partition editor" href="https://gparted.org/livecd.php">gparted
site</a>) and run the following command:</p>
- <pre># sudo zerofree /dev/sda</pre>
+ <pre><span style="font-weight: bold;">sudo zerofree /dev/sda</span></pre>
<p>This sets all free space to the zero byte, enabling Virtualbox to free
that space in the next step.</p>
<p>3. Shut the vm down after zerofree is complete and run this command on
the host PC (this is the Linux version of the command):</p>
- <pre># VBoxManage modifyhd --compact ~/cake_lamp_vm/cake-lamp-vm-hd.vdi</pre>
+ <pre><span style="font-weight: bold;">VBoxManage modifyhd --compact ~/cake_lamp_vm/cake-lamp-vm-hd.vdi</span></pre>
<p>Replace the <span style="font-family: monospace;">~/cake_lamp_vm</span>
path with the real VM storage path. This command compacts the root
(and only) partition of the VM.</p>
<li>Installed and configured Samba service for the guest VM. The
main config file lives in "/etc/samba/smb.conf". Some pointers
here: <a target="_blank" href="https://help.ubuntu.com/community/How%20to%20Create%20a%20Network%20Share%20Via%20Samba%20Via%20CLI%20%28Command-line%20interface/Linux%20Terminal%29%20-%20Uncomplicated%2C%20Simple%20and%20Brief%20Way%21">https://help.ubuntu.com/community/How%20to%20Create...</a></li>
- <li><br>
- </li>
</ul>
<p><br>
</p>
# new requirement is to get the sql root password, since we need to do some sql db configuration.
echo -n "Please enter the MySQL root account password: "
+# turn off echo but remember former setting.
+stty_orig=`stty -g`
+stty -echo
read mysql_passwd
+# turn echo back on.
+stty $stty_orig
if [ -z "$mysql_passwd" ]; then
echo "This script must have the sql root password to proceed."
exit 1
##############
+sep
+
echo "Regenerating feisty meow loading dock."
reconfigure_feisty_meow
##############
+# set up some crucial users in the mysql db that we seem to have missed previously.
+
+sep
+
+echo "Adding users to the mysql database."
+
+#hmmm: good application for hiding output unless error here.
+mysql -u root -p"$mysql_passwd" &>/dev/null <<EOF
+ create user if not exists 'root'@'%' IDENTIFIED BY '$mysql_passwd';
+ grant all privileges on *.* TO 'root'@'%' with grant option;
+
+ create user if not exists 'wampcake'@'%' IDENTIFIED BY 'bakecamp';
+ grant all privileges on *.* TO 'wampcake'@'%' with grant option;
+
+ create user if not exists 'lampcake'@'%' IDENTIFIED BY 'bakecamp';
+ grant all privileges on *.* TO 'lampcake'@'%' with grant option;
+EOF
+test_or_die "configuring root, wampcake and lampcake users on mysql"
+
+##############
+
+sep
+
echo "Making some important permission changes..."
# fix up the main web storage.
#
##############
+sep
+
echo "Updating developer welcome file."
# only update hello if they've still got the file there. we don't want to
# install a better editor app.
+sep
+
echo "The script is about to install the bluefish editor and some dependencies.
-If the app is not already installed, then this process takes only about a
-minute on a slower home DSL internet connection..."
+If the app is not already installed, then this process takes about one minute
+on a slow home DSL internet connection..."
apt-get install -y bluefish &> "/tmp/install_bluefish-$(logname).log"
test_or_continue "installing bluefish editor"
# which we've done as a prefix on the config for some reason. makes the
# code below easy at least.
if [ -L /etc/apache2/sites-enabled/000-default.conf ]; then
+
+ sep
+
# the old site is in place still, so let's update that.
echo "Updating default web sites to latest version."
# copy in our new version of the default page.
#hmmm: would be nice if this worked without mods for any new version, besides just 001. see apache env var file below for example implem.
- cp -f $FEISTY_MEOW_APEX/production/sites/cakelampvm.com/rolling/default_page.001/* \
+ \cp -f $FEISTY_MEOW_APEX/production/sites/cakelampvm.com/rolling/default_page.001/* \
/etc/apache2/sites-available
test_or_die "installing new apache default sites"
# fix up the apache site so that HSTS is disabled. otherwise we can't view
# the https site for cakelampvm.com once the domain name switch has occurred.
+sep
+
# we operate only on our own specialized tls conf file. hopefully no one has messed with it besides revamp.
# note the use of the character class :blank: below to match spaces or tabs.
search_replace "^[[:blank:]]*Header always set Strict-Transport-Security.*" "# not good for cakelampvm.com -- Header always set Strict-Transport-Security \"max-age=63072000; includeSubdomains;\"" /etc/apache2/conf-library/tls-enabling.conf
if [ $? -ne 0 ]; then
- echo the apache tls-enabling.conf file seems to have already been patched to disable strict transport security. good.
+ echo the apache tls-enabling.conf file seems to have already been patched to disable strict transport security.
else
restart_apache
- echo successfully patched the apache tls-enabling.conf file to disable strict transport security. awesome.
+ echo successfully patched the apache tls-enabling.conf file to disable strict transport security.
fi
##############
# as being on the vm. this is already true for some specific sites, but we
# want the wildcard enabled to ease the use of DNS for windows folks.
+sep
+
grep -q "\*[[:blank:]]*IN A[[:blank:]]*10.28.42.20" /etc/bind/cakelampvm.com.conf
if [ $? -eq 0 ]; then
# already present.
- echo the bind settings for wildcard domains off of cakelampvm.com seems to already be present. good deal.
+ echo the bind settings for wildcard domains off of cakelampvm.com seems to already be present.
else
echo "
+
+
+;;;;;;
+
; our bind magic, a wildcard domain, for all other sites with cakelampvm.com
; in the domain. this forces any other sites besides the ones above to route
; to the actual vm IP address, which currently is singular and very fixated.
* IN A 10.28.42.20
- IN HINFO "linux vm" "ubuntu"
-" >> /etc/bind/cakelampvm.com.conf
- restart_bind
- echo "successfully added wildcard domains to the cakelampvm.com bind configuration, so we're still on track for greatness."
-fi
+ IN HINFO \"linux vm\" \"ubuntu\"
-##############
+;;;;;;
-# fix samba configuration for (ass-headed) default of read-only in user homes.
-# why add a necessary feature if you're just going to cripple it by default?
-pattern="[#;][[:blank:]]*read only = yes"
-replacement="read only = no"
-# first see if we've already done this.
-# if we find any occurrence of the replacement, we assume we already did it.
-# ** we're assuming a lot about the structure of the samba config file!
-grep -q "$replacement" /etc/samba/smb.conf
-if [ $? -ne 0 ]; then
- echo "the samba configuration has already been fixed for user homes, s'cool."
-else
- # so not there yet; we need to make the replacement.
- sed -i "0,/$pattern/{s/$pattern/$replacement/}" /etc/samba/smb.conf
- test_or_die "patching samba configuration to enable write acccess on user home dirs"
- # sweet, looks like that worked...
- restart_samba
- echo successfully patched the samba configuration to enable writes on user home directories. way cool.
+" >> /etc/bind/cakelampvm.com.conf
+ restart_bind
+ echo "successfully added wildcard domains to the cakelampvm.com bind configuration."
fi
##############
-# set up some crucial users in the mysql db that we seem to have missed previously.
+# fix samba configuration for (ass-headed) default of read-only in user homes.
+# why cripple a necessary feature by default?
-mysql -u root -p "$mysql_passwd" <<EOF
- create user 'root'@'%' IDENTIFIED BY '$mysql_passwd';
- grant all privileges on *.* TO 'root'@'%' with grant option;
+sep
- create user 'wampcake'@'%' IDENTIFIED BY 'bakecamp';
- grant all privileges on *.* TO 'wampcake'@'%' with grant option;
+pattern="[#;][[:blank:]]*read only = yes"
+replacement="read only = no"
- create user 'lampcake'@'%' IDENTIFIED BY 'bakecamp';
- grant all privileges on *.* TO 'lampcake'@'%' with grant option;
-EOF
-test_or_die "configuring root, wampcake and lampcake users on mysql"
+# we just always do the replacement now, after realizing the sentinel pattern
+# was acutally already in the file... too much subtlety can get one into trouble.
+sed -i "0,/$pattern/{s/$pattern/$replacement/}" /etc/samba/smb.conf
+test_or_die "patching samba configuration to enable write acccess on user home dirs"
+# sweet, looks like that worked...
+restart_samba
+echo successfully patched the samba configuration to enable writes on user home directories.
##############
# add the latest version of the cakelampvm environment variables for apache.
-echo Setting up environment variables for apache2...
+sep
# drop existing file, if already configured. ignore errors.
-a2disconf env_vars_cakelampvm
+a2disconf env_vars_cakelampvm &>/dev/null
# plug in the new version, just stomping anything there.
# note: we only expect to have one version of the env_vars dir at a time in place in feisty...
-cp -f $FEISTY_MEOW_APEX/production/sites/cakelampvm.com/rolling/env_vars.*/env_vars_cakelampvm.conf /etc/apache2/conf-available
+\cp -f $FEISTY_MEOW_APEX/production/sites/cakelampvm.com/rolling/env_vars.*/env_vars_cakelampvm.conf /etc/apache2/conf-available
test_or_die "copying environment variables file into place"
# enable the new version of the config file.
# sequel--tell them they're great and show the hello again also.
-echo "
-
+sep
-"
regenerate
test_or_die "regenerating feisty meow scripts"
chown -R "$(logname)":"$(logname)" /home/$(logname)/.[a-zA-Z0-9]*