docs.s4d.ch: FreeBSD Installation Checklist


**********************************************
* Do not follow this documentation any more, *
* it is now completely out of date!          *
**********************************************
Probably sometimes in the future there will be a newer, better FreeBSD installation checklist available here, I have learned a lot and also got a lot more experience in the past few years. Now I only need some (probably much more then I think) time to write my knowledge down into a good and useful documentation.


FreeBSD Installation

Partition Size:
/
swap
/var
/usr
/proxy 		100 - 150 MB
around 2 x RAM, at least 50MB
150 MB (more with mail servers)
remaining, at least 500MB, more as needed
for proxy servers, around 1GB for cache and logs

Do not install the Ports Colletion, it will be updated later.

After installation set keyrate fast, ntp and time zone.
Also disable not needed network services like portmap, sendmail and inetd.


Application Installation

Check system time, must be correct!

Update Ports Collection:
cd /usr
fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/branches/-current/ports.tar.gz
tar -zxvf ports.tar.gz

Install Base Applications:
cd /etc
fetch http://docs.s4d.ch/freebsd/make.conf
fetch http://docs.s4d.ch/freebsd/install.sh
sh install.sh

Standard selection with bash, uemacs, ncftp, screen and amanda-client, minicom only if there are some devices on the serial port to manage.

Other applications as needed.


Kernel

Configure and make a nongeneric kernel and a reboot to see if everything works fine.


User Accounts

set password for root account
create Accounts for other login users, with bash as shell
cd /home/username
cp /root/.bashrc .
ln -s .bashrc .bash_profile
chown username .bashrc


Base Configuration

modify /etc/motd

modify /etc/rc.conf

modify /etc/rc.local (as needed)

modify /etc/inetd.conf
killall -HUP inetd

modify /etc/ttys, change ttyv4 to ttyv7 from on to off
killall -HUP init

modify /etc/resolv.conf

if you are using uemacs: rm /etc/aliases (FreeBSD 4.x an higher)
modify /etc/mail/aliases: root: you@yoursite.com
newaliases

create crontab:
SHELL=/bin/sh
PATH=/bin:/sbin:/usr/bin:/usr/sbin
HOME=/root
#minute hour mday month wday command
#
# ntpdate - sync time every 6 hours
51      */6  *    *     *    /usr/sbin/ntpdate -s swisstime.ethz.ch ntp0.fau.de rustime01.rus.uni-stuttgart.de

modify /etc/syslog (as needed)
killall -HUP syslogd

modify /etc/newsyslog.conf (as needed)



Application Configuration

Proxy Server Squid

modify /usr/local/etc/squid/squid.conf
create user proxy (UID + GID 500)
create /proxy/cache and /proxy/logs directory
chown proxy.proxy /proxy/cache /proxy/logs
squid -z

append to crontab:
# rotate squid logfiles every week
5 0 * * * mon /usr/local/sbin/squid -k rotate



Amanda Client

modify /etc/inetd.conf (append lines at the end of the IPv4 section):
# Amanda
amanda dgram udp wait operator /usr/local/libexec/amanda/amandad amandad

killall -HUP inetd

vipw change home from user operator to /root

create /root/.amandahosts:
echo "backup-server.yoursite.com operator" >/root/.amandahosts

on the backup server modify /usr/local/etc/amanda/backup/disklist with the new server to backup

if the server was already in the backup, run on the backup server:
amadmin backup force new-installed-server



Apache FreeBSD
©2002 by s4d.ch last update 11-Mar-2002 / we