Context Navigation

← Previous Ticket
Next Ticket →

Ticket #829 (closed maintenance: fixed)

Last modified 21 months ago

Creation of web space request

Reported by:	ade	Owned by:	chris
Priority:	major	Milestone:	Maintenance
Component:	Parrot server	Keywords:
Cc:	chris	Estimated Number of Hours:	0.0
Add Hours to Ticket:	0	Billable?:	yes
Total Hours:	0.59

Description

Hi Chris,
As discussed, can you please set up some webspace on Penguin?
If you could also set up a sub-domain of 'projects' and confirm the FTP access details?

Many thanks
Ade

Change History

comment:1 Changed 22 months ago by chris

Status changed from new to accepted
Total Hours changed from 0.0 to 0.4
Cc chris added
Component changed from Unassigned to Parrot server
Add Hours to Ticket changed from 0.0 to 0.4
Milestone set to Maintenance
Owner changed from ade to chris
Type changed from defect to maintenance

The live Gandi Zone file, Transition Network (4) contains the following and I don't have write access to it (because Ed was the last one to updated it):

* 3600 IN A 81.95.52.103
*.newdev 3600 IN A 81.95.52.103
*.parrot 3600 IN A 81.95.52.43
2010.archive 3600 IN A 81.95.52.111
2011.archive 3600 IN A 81.95.52.111
@ 3600 IN A 81.95.52.103
lists 3600 IN A 212.113.133.235
mail 3600 IN A 212.113.133.235
newdev 3600 IN A 81.95.52.103
parrot 3600 IN A 81.95.52.43
penguin 3600 IN A 81.95.52.111
power 3600 IN A 81.95.52.111
puffin 3600 IN A 81.95.52.103
redirects 3600 IN A 81.95.52.111
static 3600 IN A 81.95.52.111
stats 3600 IN A 81.95.52.111
tech 3600 IN A 81.95.52.111
totnes 3600 IN A 81.95.52.111
trac 3600 IN A 81.95.52.111
wagn 3600 IN A 81.95.52.111
wiki 3600 IN A 81.95.52.111
www 3600 IN A 81.95.52.103
www.penguin 3600 IN A 81.95.52.111
www.totnes 3600 IN A 81.95.52.111
www.wiki 3600 IN A 81.95.52.111
79D80BA704E7BB649F5AD14FA6F6F972 10800 IN CNAME 1efe45ccc62378ef1ca615725e11befe9404777a.comodoca.com.
7d72687fce85678abd244184d39746c3 10800 IN CNAME 53248cf779400e23ee3920e7423e60ad13858841.comodoca.com.
@ 3600 IN MX 5 alt1.aspmx.l.google.com.
@ 3600 IN MX 5 alt2.aspmx.l.google.com.
@ 3600 IN MX 1 aspmx.l.google.com.
@ 3600 IN MX 10 aspmx2.googlemail.com.
@ 3600 IN MX 10 aspmx3.googlemail.com.
tech 10800 IN MX 10 mx.webarch.net.
@ 3600 IN TXT "google-site-verification=aooK9AklevXMJTRHVQUG5cF1Ubz4MgPwcNLVmHMMkkk"
@ 3600 IN TXT "google-site-verification=SwCShCh4Rzz49ODhh8juQQNcgiD5IBHzbd-zgJIqi64"
@ 3600 IN TXT "v=spf1 include:_spf.google.com ~all"

So I have copied the above to the Transition Network Zone file and edited it to:

* 3600 IN A 81.95.52.103
*.newdev 3600 IN A 81.95.52.103
*.parrot 3600 IN A 81.95.52.43
2010.archive 3600 IN A 81.95.52.111
2011.archive 3600 IN A 81.95.52.111
@ 3600 IN A 81.95.52.103
lists 3600 IN A 212.113.133.235
mail 3600 IN A 212.113.133.235
newdev 3600 IN A 81.95.52.103
parrot 3600 IN A 81.95.52.43
penguin 3600 IN A 81.95.52.111
power 3600 IN A 81.95.52.111
projects 3600 IN A 81.95.52.43
puffin 3600 IN A 81.95.52.103
redirects 3600 IN A 81.95.52.111
static 3600 IN A 81.95.52.111
stats 3600 IN A 81.95.52.111
tech 3600 IN A 81.95.52.111
totnes 3600 IN A 81.95.52.111
trac 3600 IN A 81.95.52.111
wagn 3600 IN A 81.95.52.111
wiki 3600 IN A 81.95.52.111
www 3600 IN A 81.95.52.103
www.penguin 3600 IN A 81.95.52.111
www.projects 3600 IN A 81.95.52.43
www.totnes 3600 IN A 81.95.52.111
www.wiki 3600 IN A 81.95.52.111
@ 3600 IN MX 5 alt1.aspmx.l.google.com.
@ 3600 IN MX 5 alt2.aspmx.l.google.com.
@ 3600 IN MX 1 aspmx.l.google.com.
@ 3600 IN MX 10 aspmx2.googlemail.com.
@ 3600 IN MX 10 aspmx3.googlemail.com.
tech 10800 IN MX 10 mx.webarch.net.
@ 3600 IN TXT "google-site-verification=aooK9AklevXMJTRHVQUG5cF1Ubz4MgPwcNLVmHMMkkk"
@ 3600 IN TXT "google-site-verification=SwCShCh4Rzz49ODhh8juQQNcgiD5IBHzbd-zgJIqi64"
@ 3600 IN TXT "v=spf1 include:_spf.google.com ~all"

I then used the curses-create-user script to create an account, then edited the /root/webarch/accounts/sites.txt file to add the aliases:

projects default projects.parrot.webarch.net projects.parrot.transitionnetwork.org,projects.transitionnetwork.org,www.projects.transitionnetwork.org

and ran buildapache projects to rebuild the Apache config.

Ade -- you should have a email with the SFTP login details (note it is SFTP not FTP), if you don't have a SFTP client I'd suggest:

https://filezilla-project.org/

The directory to upload the website to is ~/sites/default/ and you can access the site using this URL (once the DNS has updated):

https://projects.transitionnetwork.org/

Before then you can use:

https://projects.parrot.transitionnetwork.org/ (this needs the CAcert.org root cert installing, click this link in Forefox to do this http://www.cacert.org/certs/root.crt )

Once the DNS has updated I'll switch the site to use the *.transitionnetwork.org cert, it hasn't updated yet:

dig @A.DNS.GANDI.NET projects.transitionnetwork.org +short
81.95.52.103
dig @A.DNS.GANDI.NET projects.parrot.transitionnetwork.org +short
81.95.52.43

Version 0, edited 22 months ago by chris (next)

comment:2 Changed 22 months ago by chris

Add Hours to Ticket changed from 0.0 to 0.19
Total Hours changed from 0.4 to 0.59

The Gandi DNS servers have updated:

dig @A.DNS.GANDI.NET projects.transitionnetwork.org +short
81.95.52.43
dig @B.DNS.GANDI.NET projects.transitionnetwork.org +short
81.95.52.43
dig @C.DNS.GANDI.NET projects.transitionnetwork.org +short
81.95.52.43

So I have switched the site to use the *.transitionnetwork.org cert:

cd /etc/ssl/wsh/
ls -lah | grep projects
lrwxrwxrwx 1 root root       21 Feb  2 12:13 projects.parrot.webarch.net-cert.pem -> /etc/ssl/wsh/cert.pem
lrwxrwxrwx 1 root root       20 Feb  2 12:13 projects.parrot.webarch.net-key.pem -> /etc/ssl/wsh/key.pem
lrwxrwxrwx 1 root root       21 Feb  2 12:13 projects.parrot.webarch.net-root.pem -> /etc/ssl/wsh/root.pem
 ls -lah ../transitionnetwork.org/
total 60K
drwxr-xr-x 5 root root 4.0K Jan 23 11:19 .
drwxr-xr-x 7 root root 4.0K Jan 11 13:36 ..
drwx------ 2 root root 4.0K Jan 24  2014 2013
drwx------ 2 root root 4.0K Jan 23 11:19 2014
drwx------ 2 root root 4.0K Jan 23 11:19 2015
-rw------- 1 root root 2.1K Jan 20 14:45 GandiStandardSSLCA2.pem
-rw------- 1 root root 1.4K May 30  2000 USERTrustRSAAddTrustCA.crt
-rw------- 1 root root 2.0K Jan 22 14:47 USERTrustRSAAddTrustCA.pem
-r-------- 1 root root  424 Jan 22 13:15 dhparam.pem
-rw------- 1 root root 4.0K Jan 22 14:48 gandi.pem
-rw------- 1 root root 5.8K Jan 22 14:50 transitionnetwork.org.chained.pem
-rw------- 1 root root 1.8K Jan 22 14:28 transitionnetwork.org.crt
-rw------- 1 root root 1.1K Jan 22 12:25 transitionnetwork.org.csr
-rw------- 1 root root 1.7K Jan 22 12:25 transitionnetwork.org.key
rm projects.parrot.webarch.net-root.pem ; ln -s ../transitionnetwork.org/gandi.pem projects.parrot.webarch.net-root.pem
rm projects.parrot.webarch.net-cert.pem ; ln -s ../transitionnetwork.org/transitionnetwork.org.crt projects.parrot.webarch.net-cert.pem
rm projects.parrot.webarch.net-key.pem ; ln -s ../transitionnetwork.org/transitionnetwork.org.key projects.parrot.webarch.net-key.pem
apache2ctl configtest
Syntax OK
apache2ctl restart

So once the DNS servers you use have updated from Gandi.net this should start working:

https://projects.transitionnetwork.org/

And the TLS setup looks good (A):

https://www.ssllabs.com/ssltest/analyze.html?d=projects.transitionnetwork.org&latest

Ade -- please add a comment if you have any questions / problems.

comment:3 Changed 21 months ago by ade

Status changed from accepted to closed
Resolution set to fixed

Note: See TracTickets for help on using tickets.

Download in other formats: