| Version 16 (modified by chris, 4 years ago) (diff) |
|---|
Table of Contents
Parrot
parrot.webarch.net is a 1GB RAM Xen Debian Squeeze virtual server running Transition Network WordPress sites. It has the Webarch Secure Hosting scripts installed.
This server is due to be upgraded from LennyToSqueeze on ticket:535 in May 2013.
The install and initial configuration of this server was tracked on ticket:537.
Websites
See WordPress#WordPressSites for a list of sites on the server and links to documentation for each site.
SFTP Access
When a new WordPress site is added to the server a email is sent containing the SFTP username and password. The directory structure that you see when you login is as follows:
/home/username
/logs <- access and error logs, rotated daily, kept for 28 days
/private <- a place to keep private data, for example .htpasswd files
/sites
/default <- the DocumentRoot for the default site
(additional sites can be added)
/tmp <- the temp directory for the site
If you don't have a SFTP client then https://filezilla-project.org/ is suggested as it's free and available for most platforms. See the install and connection documentation, https://wiki.filezilla-project.org/Client_Installation and the https://wiki.filezilla-project.org/Using#Connecting_to_an_FTP_server you can access the server at this address on port 22:
Phpmyadmin Access
You can get access to the database, download backups and also change your password via https://parrot.transitionetwork.org/phpmyadmin using the same username and password as you have for SFTP.
Munin Stats
There are munin stats for the server available here
Adding a New WordPress Site
The server has been set up with the Webarch Secure Hosting scripts, see http://webarch.net/docs/wsh for some documentation of this.
To add a site run the curses-create-user script as root:
sudo -i cruses-create-user
The curses interface can be navigated using tab, arrow keys and the space bar on your keyboard.
This will ask you for the following things:
- Create a new user -- enter the username for SFTP / MySQL and the WordPress admin, this should be short and made up of lowercase letters and numbers
- Select product -- pick 5 medium+wordpress and this will create the site, database and install WordPress
- Users email address -- enter the email address that the SFTP, MySQL and WordPress login details are to be sent to
This will create a site with a http://username.parrot.transitionnetwork.org/ address which is fine for developing the site, when it needs to be accessed from another domain name there are two steps to complete:
Adding a domain to a site
To do this edit the /root/webarch/accounts/sites.txt file and add the domain(s) as aliases and run buildapache username, there username is the username for the site, for example:
sudo -i vim /root/webarch/accounts/sites.txt buildapache username
This is what the file looks like:
# File format "username" "sites subdir" "ServerName" "ServerAliases" # note ServerAliases are comma delimited. # #Example #aed foo foo.example.com www.foo.example.com,foo.example.org movie default movie.parrot.webarch.net movie.parrot.transitionnetwork.org,intransitionmovie.com,www.intransitionmovie.com,intransitionmovie.org,www.intransitionmovie.org,transitionmovie.org,www.transitionmovie.org
See also http://webarch.net/docs/wsh#buildapache
Changing the default domain of a site
WordPress will redirect all requests to a single domain, this is set on the Settings -> General page at /wp-admin/options-general.php using the WordPress Address (URL) field.
To change this address you need to add the following to wp-config.php after the "define" statements (just before the comment line that says "That's all, stop editing!"):
define('RELOCATE',true);
Then update the DNS and visit the site at the correct URl, login and then remove the above from wp-config.php. For more information on this see https://codex.wordpress.org/Changing_The_Site_URL#Relocate_method
Maintaining WordPress sites
This can be done using the wp command line tool, see WordPress#wp.
For site specific notes on maintenance see the page for each site listed on WordPress#WordPressSites
Updates
All systems updates are recorded on ticket:218.
There is a script in /usr/local/bin called a-up which can be used to update the system via aptitude, the advantage of using this script is that it writes things that are changed to the /root/Changelog and the time spent doing the updates can then be reported via ticket:218, see AptitudeUpdateScript for a copy of a-up and the logchange script it uses to update the Changelog.
Tickets
Current Parrot tickets:
| Ticket | Summary | Owner | Reporter |
|---|---|---|---|
| #917 | Any misc files in Transition Culture web root? | chris | sam |
| #916 | SSH to parrot please | chris | sam |
| #912 | Stats for TTT | chris | chris |
| #894 | Brute Force Attacks Against WordPress XMLRPC | chris | chris |
| #887 | Lot's of failed logins on conference15.transitionnetwork.org | ade | sam |
| #881 | Site on ParrotServer with a memory leak? | chris | chris |
| #873 | New Wordpress site please | chris | sam |
| #871 | Brute Force Attacks Against WordPress Sites | chris | chris |
| #868 | Is conference15.tn.org backed up in a convenient manner? | chris | sam |
| #853 | Parrot access please | chris | sam |
| #851 | Bot attacks on Transition Culture | chris | chris |
| #808 | WordPress email being rejected due to From field | chris | chris |
| #719 | Transition Culture HTML Problems | ed | chris |
| #619 | Upgrade WordPress sites to 3.9.1 | chris | chris |
| #598 | Redirect reconomyproject.org to reconomy.org | chris | chris |
| #541 | Documentation of the WordPress sites | chris | chris |
| #540 | HTTPS for WordPress sites | chris | chris |
| #537 | Parrot setup and documentation | chris | chris |
Closed Parrot tickets:
SSL Certs
There is a ticket regarding what do to for HTTPS for the server ticket:540.
The server has a copy of the *.transitionnetwork.org wild card certificate installed and this is used for https://parrot.transitionnetwork.org/
The server also has a dedicated IP address for the https://intransitionmovie.com/ site and SSL certificate.
All the other sites use a free http://cacert.org/ certificate, see ticket:540#comment:1 for a list of domains. To get rid of the security warnings that you will get if you don't have the CAcert root installed you need to install the root cert from http://www.cacert.org/index.php?id=3 to do this using Windows simply click http://www.cacert.org/certs/CAcert_Root_Certificates.msi and for Firefox and Chrome click https://www.cacert.org/certs/root.crt
Console Access
There is a Xen shell available for console access, see wiki:XenShell.
