#Mirador Competition Server
##Part 1: Ubuntu Server setup
-
Install Ubuntu Server 14.04.
-
Install the OpenSSH and LAMPS tasks using aptitude.
-
Configure network (static IP, domain name, etc).
-
Install and configure [fail2ban] (https://www.digitalocean.com/community/tutorials/how-to-install-and-use-fail2ban-on-ubuntu-14-04) to lock out users repeatedly trying to login
-
Install and configure logwatch to get daily reports of system logs
-
Install avahi to use mirador.local from internal network
-
set unattended upgrades to automatically install security updates nightly and reboot if necessary.
##Part 2: Local test
-
Run any local AMP server, for example AMPPS In what follows, the instructions assume that you are using AMMPPS on MacOSX. Open AMMPPS up and start Apache and mySQL, phpMyAdmin should work in the browser.
-
Copy the contents of www/html into /Applications/AMPPS/www. A better alternative to copy the files is to create a symbolic link /Applications/AMPPS/www (delete the original www folder in AMPPS first) to the html folder inside the local repo, in this way any changes can be tested immediately and keep under revision control:
ln -s <path_to_local_repo>/www/html /Applications/AMPPS/www
- Open a terminal and set the path to the mySQL binary distribution inside AMPPS:
export PATH=$PATH:/Applications/AMPPS/mysql/bin
-
Change to folder containing the mySQL scripts, which should be /Applications/AMPPS/www/classes/sql_scripts
-
run mysql as root:
mysql -u root -p
and enter "mysql" as the password
- create the "access_user_db" database:
create database access_user_db;
use access_user_db;
- Create all required databases by running the sql scripts:
source users_table.sql;
source users_profile_table.sql;
source submissions.sql;
source sessions.sql;
source countries_table.sql;
Or create all the above tables by running the conglomerated sql script:
source tables.sql;
- The PHP pages should work now by going to localhost, for example the registration page:
http://localhost/classes/access_user/register.php
##Part 3: Website setup
General Information is available in the Apache2 Web Server chapter from the Ubuntu Server Guide:
https://help.ubuntu.com/14.04/serverguide/httpd.html
- Create a webmasters group, add users to it, and grant shared write permission to /var/www/ for webmasters:
sudo addgroup webmasters
sudo adduser <user_name> webmasters
sudo chgrp -R webmasters /var/www
sudo find /var/www -type d -exec chmod g=rwxs "{}" \;
sudo find /var/www -type f -exec chmod g=rws "{}" \;
https://help.ubuntu.com/14.04/serverguide/user-management.html
-
Copy static content to /var/www/html using sftp
-
Copy all php scripts to /var/www/html/classes, configure classes/db.php with appropriate parameters:
<?php
define("DB_SERVER", "localhost");
define("DB_NAME", "access_user_db");
define ("DB_USER", "root");
define ("DB_PASSWORD", "password");
?>
DB_SERVER should remain as localhost, even for the live version of the server, the only change needed is for DB_PASSWORD, which should be the root password of MySQL.
To avoid users getting the listing of the subfolders inside the www root remember to edit the apache configuration file /etc/apache2/apache2.conf and remove the Indexes option for /var/wwww:
<Directory /var/www/>
Options FollowSymLinks
AllowOverride None
Require all granted
</Directory>
-
Change to folder containing the mySQL scripts, which should be /var/www/classes/sql_scripts
-
run mysql as root:
mysql -u root -p
- create the "access_user_db" database:
create database access_user_db;
use access_user_db;
- Create all required databases by running the sql scripts:
source users_table.sql;
source users_profile_table.sql;
source submissions.sql;
source sessions.sql;
source countries_table.sql;
Or create all the above tables by running the conglomerated sql script:
source tables.sql;
- It is a good idea to run an automatic backup of the mysql database, [this askubuntu thread](discusses several approaches), one of the simplest seems to be this script that invokes mysqldump:
#!/bin/bash
#Script to make a regular copy of a mysql database and gzip it into the SAVEDIR.
USER="authorized_user"
PASSWORD="the_password"
DATABASE="database_name"
SAVEDIR="/backup"
/usr/bin/nice -n 19 /usr/bin/mysqldump -u $USER --password=$PASSWORD --default-character-set=utf8 $DATABASE -c | /usr/bin/nice -n 19 /bin/gzip -9 > $SAVEDIR/$DATABASE-$(date '+%Y%m%d-%H').sql.gz
and put it in the crontab with a reasonable schedule.
##Acknowledgments
PHP scripts for user registration Copyright (c) 2004 - 2008, Olaf Lederer http://www.finalwebsites.com/snippets.php?id=10
Java class for HTTP connection Copyright (c) 2008 - 2014 MK Yong http://www.mkyong.com/java/apache-httpclient-examples/