## links #### visudo [configuring visudo](http://askubuntu.com/questions/539243/how-to-change-visudo-editor-from-nano-to-vim) #### users [tecmint.com complete guide to users](http://www.tecmint.com/add-users-in-linux/) [How To Configure SSH Key-Based Authentication on a Linux Server](https://www.digitalocean.com/community/tutorials/how-to-configure-ssh-key-based-authentication-on-a-linux-server) #### postgres [ubuntu community postgres docs](https://help.ubuntu.com/community/PostgreSQL) ## adding/deleting users #### adding a user: *("www-data" is the group name for website stuff on gandi)* > *sudo useradd -G* ***www-data*** *-d /home/****username*** *-m -s /bin/bash* ***username*** ***-G group*** adds the groups in a comma separated ***-d /home/username*** specifies the home directory to be created (necessary on ubuntu) ***-m*** flag to create scripts (necessary) ***-s /bin/bash*** what shell is to be used (default is none) #### deleting a user userdel -r {username} ## IMPORTANT ### set users primary group **this is critical** sudo usermod -g www-data ### setting up ssh authentication cat ~/.ssh/id\_rsa.pub | ssh **username@remote\_host** "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized\_keys" ## apt-get commands **to see the package version:** dpkg -s postgresql | grep Version # setting up aws server ## creating the server instance [aws instance](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EC2_GetStarted.html) 1. Open the [amazon EC2 console](https://console.aws.amazon.com/ec2/) 2. Choose **Launch Instance** 3. The *Choose an Amazon Machine Image (AMI)* page has basic configuration, so pick the first *ubuntu* configuration 4. This will take you to the *Choose an Instance Type* page, this chooses the hardware configuration, you want to pick **t2.micro** 5. Hit **Review and Launch** 6. This will take you to *Review Instance Launch* page, and that has an option for **Security Groups**, hit **Edit security groups**, on the page that pops up, pick the options you want to allow for your instance 7. When finished, hit "done" or whatever and you'll be taken back to the *Review Instance Launch* page, from here hit the **Launch** key 8. this will prompt you for a key pair. There are a few options. Create a new Pair and choose an existing key pair ####key pair info: [aws info on key pairs](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) [importing id_rsa](http://www.admin-magazine.com/CloudAge/Blogs/Dan-Frost-s-Blog/Importing-SSH-keys-on-AWS) [add_ssh](http://stackoverflow.com/questions/8193768/trying-to-ssh-into-an-amazon-ec2-instance-permission-error) 1. mv /path/to/myname.pem ~/.ssh 2. ssh-add ~/.ssh/myname.pem 3. ssh ubuntu@INSTANCE_IP_ADDRESS Remember that the IP ADDRESS changes whenever you restart the instance on your computer 1. vim /etc/hosts 2. add a line with the server name and IP ADDRESS for that insntace 3. ssh ubuntu@SERVERNAME ## updating the hostname [aws ubuntu hostname](https://aws.amazon.com/premiumsupport/knowledge-center/linux-static-hostname/) [scroll down to find the "echo" comment](https://forums.aws.amazon.com/message.jspa?messageID=495274) there is an issue with ubuntu instances on AWS, the name given in /etc/hostname doesn't match what exist in /etc/hosts. So if you try using sudo you'll get an error. To fix this, you need to change those files, to get into sudo type in: sudo su - echo "127.0.0.1 $(hostname)" >> /etc/hosts This will update /etc/hosts with the default hostname generated by amazon. Alternatively you can do what it says in the first link [aws ubuntu hostname](https://aws.amazon.com/premiumsupport/knowledge-center/linux-static-hostname/) ### setup visudo sudo update-alternatives --config editor su -c 'visudo' find this line: USERNAME ALL=(ALL) NOPASSWD: ALL replace it with: admin ALL=(ALL) ALL ## add new user [adding a user on linux AWS](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/managing-users.html) [how to get an add the public key to the new user](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html#retrieving-the-public-key) 1. *sudo useradd -G* ***www-data*** *-d /home/****username*** *-m -s /bin/bash* ***username*** 2. *mkdir projectdir* ### set users primary group **this is critical** - The primary group is the group applied to you when you log in using the usual methods (TTYs, GUI, SSH, etc.). sudo usermod -g www-data ### set password sudo passwd ### setting up ssh authentication 1. get the public key: ssh-keygen -y -f /path/to/myinstance.pem 2. copy the above results 3. log in to the ubuntu instance using default ubuntu user 4. change users to the custom username sudo su - username 5. create the ssh directory and auth file cd /home/username mkdir .ssh touch .ssh/authorized_keys vim ~/.ssh/authorized_keys 6. change the permissions chown -R username:username_gropus .ssh chmod 700 .ssh chmod 600 .ssh/authorized_keys 7. now paste in the public_key you got in step 1 8. log out and test with the username ssh username@instance.domain ### add username to the sudo group AWS has a sudo group that allows a user sudo priveleges usermod -a -G sudo username ### apt-get setup sudo apt-get update sudo apt-get install aptitude ## postgres #### links fix locale error with postgres [could not connect to server solution](http://askubuntu.com/questions/50621/cannot-connect-to-postgresql-on-port-5432) [locale solution](http://ubuntuforums.org/showthread.php?t=1346581) [remote connecting](http://www.railszilla.com/postgresql-tcpip-connections-port-5432/coffee-break) sudo apt-get install postgresql sudo apt-get install postgresql-contrib sudo locale-gen en_US en_US.UTF-8 hu_HU hu_HU.UTF-8 sudo dpkg-reconfigure locales sudo service postgresql restart sudo -u postgres psql postgres sudo -u postgres createdb **website_dbname** sudo apt-get install postgresql-server-dev-X.Y sudo apt-get install postgresql-server-dev-9.3 #### change password for db user "postgres" sudo -u postgres psql postgres ALTER USER Postgres WITH PASSWORD ''; #### set up postgresql to remote access ######(see "remote connecting" link above) #####Note: be careful with this, because **anyone** will be able to mess around with it 1. sudo vim /etc/postgresql/9.3/main/postgresql.conf 2. find **listen\_addresses** and change it to **listen\_addresses = '\*'** 3. sudo vim /etc/postgresql/9.3/main/pg_hba.conf 4. find **host all all 127.0.0.1/32 trust** and change **127.0.0.1/32** to **0.0.0.0/0** 5. sudo service postgresql restart 6. test it by running: *psql -h* ***ip\_address*** *-U* ***username*** *-d* ***database*** 7. e.g. psql -h 173.246.107.96 -U postgres postgres ### setup the /var/www directory cd /var sudo mkdir www sudo chgrp www-data www -R sudo chmod g+w www -R ### install python packages sudo apt-get install python-dev sudo apt-get install libjpeg-dev ## install and set up supervisor sudo apt-get install supervisor make sure www-data is a group for the main user vim /etc/supervisor/supervisord.conf add the following: [unix_http_server] file=/var/run/supervisor.sock chmod=0770 chown=nobody:www-data [supervisorctl] serverurl=unix:///var/run//supervisor.sock chmod=0770 chown=nobody:www-data #### run the following commands: sudo service supervisor stop sudo service supervisor start ### install pip and virtualenv [virtualenv install](http://roundhere.net/journal/virtualenv-ubuntu-12-10/) sudo apt-get install python-pip sudo pip install virtualenv sudo pip install virtualenvwrapper echo "WORKON_HOME=~/.virtualenvs" >> .bashrc echo ". /usr/local/bin/virtualenvwrapper.sh" >> .bashrc ### install nginx sudo apt-get install nginx # bootstrap server fab (prod|rel) deploy.bootstrap