Build and install FreeBSD 8.2 Production Release with the versions Software and Servers hosting,
to serve and administer Name of Domain, Web site and Database with following « Groupware » :
FreeBSD is a « Must » to compile and host the « Groupware » above and has probably the Pile TCP/IP the most robust, like all BSD.
FreeBSD was conceived for Internet and include what many consider as the reference as regards implemented his of the protocol TCP/IP, the pile TCP/IP of BSD 4.4. This makes of FreeBSD the ideal Operating System for the network applications. It is perfect in the role of an Internet or Intranet Server. It provides robust network services even under heavy loads, it uses memory efficiently to maintain correct response times for thousands of simultaneous user processes.
By choice, the proposed system is a Web server configuration without Linux compatibility.
The option of reserved installation is what makes the strength of this Operating System and not its weakness.
For the networking, I chose in a arbitrary way Samba, to be in network simultaneously with the following Systems:
FreeBSD 8.2, Linux Fedora, Mac OSX and the System of « Redmond ».
* Supported Processors and System Boards by FreeBSD.
Installation materials:
Motherboard P4C800-E Deluxe Chipset Intel 875P
Intel Pentium 4C 3GHz
Two strips of Ram Kingston HyperX 2 Go (kit 2x 1 Go) DDR-SDRAM PC3200 CL2
Graphic processor Nvidia GeForce 6800GT - Asus V9999GT-TD AGP 256 Mo
Ethernet bge0 3Com Gigabit Server NIC
Ethernet fxp0 Intel Pro/100 S Server 82550
Ethernet fxp1 Intel Pro/100 S Server 82550
Sound card Creative SoundBlaster Audigy PCI
Caviar® Blue™ 320 Go, 3 Gb/s, 16 Mo de cache, 7200 tr/mn - Model : WD3200AAKS
FreeBSD 8.2 does not disappoint, well on the contrary, very succeeds and functional since its first release. In brief, FreeBSD as we like an Operating System grown-up. A great bravo to the Developers of FreeBSD!
This article does not resume all the detailled points, it is more for advanced Unix users.
For the beginner, read the article which presents a complete tutorial about installation:
This article describes the typical installing for FreeBSD 8.2 and submits a remote installing by using from SSH and Webmin very early in the installation of FreeBSD.
3. Perform installing
Nothing new under the sun, Sysinstall is always equal to itself and it is very well so.
SATA Controller on Motherboard ASUS P4C800-E Deluxe and two Disks Western Digital
Caviar® Blue™ 320 Go, 3 Gb/s, 16 Mo de cache, 7200 tr/mn - Modèle : WD3200AAKS
* These disks work very well and are recognized nickel-chromium, with the controller Serial ATA 150 Mb/s of the Intel chipset 8775P.
* The size of the partition /var is voluntarily increased, it contains the MySQL databases in /var/db/mysql.
Keyboard and Mouse USB connected on the PS2 Ports with a change of genre.
About the keyboard and about the mouse on USB ports, this works correctly, to answer NO at the question on the mouse on the PS2 port. This simply written in the file rc.conf if the answer is YES the following line:
The Kernel is Updated in version FreeBSD 8.2-RELEASE-p3 #0: Tue Sep 27 18:45:57 UTC 2011
When the Update is ended, restart the Server with shutdown -r now
shutdown -r now For only restart a FreeBSD system
shutdown -p now To stop and cut power supply for a FreeBSD system
We must be in Super-user « root » mode or a member of operator group to run the command : shutdown
5. Update FreeBSD 8.2
In the first one make the Update of the components of the installing, what is essential, because practically with time all the versions of Packages and their dependences will be obsolete since the release of FreeBSD 8.2 on February 24th, 2011.
FreeBSD which incidentally is very well maintained and possesses rather brilliant orders to update or for install components as well as their dependences.
Let us use the power of the System to have no errors of compilation, the presented method is of the simplest.
Connect to the Server in mode Super-user « root ».
The console is with a French keyboard, for the example.
– In console mode, seize the following commands ending by the seizure with Entry key.
portsnap fetch update
portsnap extract
It changes the list of components software of the System constituted from 22 680 Packages, after these two operations, we can really begin the procedure of installation of Ports and the Server install.
– Seize the following commands ending by the seizure with Entry key.
Install Webmin after to have installed Perl and to have prepared the configuration files with another machine.
Remark : Use the fetch command to download Webmin with the following syntax:
– Seize the following commands ending by the seizure with Entry key.
cd /usr/local fetch http://prdownloads.sourceforge.net/webadmin/webmin-1.570.tar.gz gunzip webmin-1.570.tar.gz tar -xvf webmin-1.570.tar cd webmin-1.570 ./setup.sh
Remark : With using Webmin you will be able to configure the Server.
With Webmin click on the icon Others then Upload et Download then Upload to server ou Download from server according to the selected option.
Upload et Download
Allows to download one or several files with the computer which administers a local or remote System with Webmin in a Web browser.
Upload files to server
Files to upload
File or directory to upload to
Create directory if needed?
Owned by user
Owned by group
Default
Extract ZIP or TAR files?
Yes, then delete
Yes
No
Send email when uploads are done?
No
Yes, to address
Allows to download a file and save it on the computer which administers a local or remote system with Webmin in a Web browser.
Download file from server to PC
File to download
Show in browser if possible?
Yes
No
After the FreeBSD installing, the syntax must be correct concerning the Machine Name and the Hostname in the File /etc/hosts
About the File hostsof FreeBSD I read quite a lot of stupidities on the Net, especially concerning Apache, Bind et MySQL, the correct syntax is that presented below, this gives complete satisfaction with the aforesaid Servers.
The File /etc/hosts is to be copied with Webmin in the Server and of course to adapt for its own Web sites.
# Generated by Eric Douzet - Mon Jun 30 12:00:00 2008
#
# FreeBSD /etc/rc.conf
#
# Enable network daemons for user convenience.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# This file now contains just the overrides from /etc/defaults/rc.conf.
defaultrouter="192.168.1.252"
hostname="product.c-extra.com"
ifconfig_bge0="inet 192.168.16.1 netmask 255.255.255.0 broadcast 192.168.16.255"
ifconfig_bge0_alias0="inet 192.168.16.10 netmask 255.255.255.255 broadcast 192.168.16.10"
ifconfig_fxp0="inet 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255"
ifconfig_fxp1="inet 192.168.2.1 netmask 255.255.255.0 broadcast 192.168.2.255"
named_enable="YES"
ntpdate_enable="YES"
#proftpd_enable="YES"
#samba_enable="YES"
webmin_enable="YES"
mysql_server_enable="YES"
dbus_enable="YES"
hald_enable="YES"
avahi_daemon_enable="YES"
keymap="fr.iso.acc"
#moused_enable="YES"
apache22_enable="YES"
sshd_enable="YES"
inetd_enable="YES"
For to compile gcc-4.6 it is necessary to copy this file /boot/loader.conf with Webmin.
# FreeBSD /boot/loader.conf
# Kernel tunables
kern.maxdsiz="734003200" # Set the max data size
# Sound modules
sound_load="YES" # Digital sound subsystem
snd_emu10kx_load="YES" # Creative SoundBlaster Live and Audigy*
* For find the Driver of the Sound card with a FreeBSD Machine, visit the Website Sound Devices find the Name of the chipset of the Driver of the Sound card, look if the Name of the chipset exists in this file /boot/defaults/loader.conf In the section Sound modules, then copy him in the file /boot/loader.conf as indicated above.
Restart the Server with shutdown -r now
Domain Name Resolve
With Webmin click on the icon Networking then Network Configuration then Hostname and DNS Client must be configured as below.
DNS Client Options
Hostname
Resolution order
Update hostname in host addresses if changed?
DNS Servers
Search domains
Noe
Listed
Remark :
80.10.246.2
80.10.246.129
IP address of DNS Servers primary and secondary of Orange.fr
Network settings for the three ethernet interfaces of the Server
When a Server possesses several Ethernet Interfaces, parametrize the appropriate network classes with Webmin, as in the example displayed and exposed here.
Warning, the Name of the Ethernet Interfaces can be different.
With Webmin in section Networking then Network Configuration then Network Interfaces Add a new interface (Add virtual interface).
Click on fxp0 of the section Active Now then on (Add virtual interface).
Redo the operation, Click on fxp0 of the section Activated at Boot.
* Broadcast address 192.168.16.255 for IP Address 192.168.16.1 /24 or Netmask 255.255.255.0
* Ethernet (Virtual) Broadcast address 192.168.16.10 for IP Address 192.168.16.10 /32 or Netmask 255.255.255.255
* Broadcast address 192.168.1.255 for IP Address 192.168.1.1 /24 or Netmask 255.255.255.0
* Broadcast address 192.168.2.255 for IP Address 192.168.2.1 /24 or Netmask 255.255.255.0
We have to obtain a similar result, according to selection the network class.
Active Now
Select all. | Invert selection. | Add a new interface.
Name
Type
IP Address
Netmask
Status
bge0
Gigabit ethernet
192.168.16.1
255.255.255.0
Up
bge0:0
Ethernet (Virtual)
192.168.16.10
255.255.255.255
Up
fxp0
Ethernet
192.168.1.1
255.255.255.0
Up
fxp1
Ethernet
192.168.2.1
255.255.255.0
Up
lo0
Loopback
127.0.0.1
255.0.0.0
Up
Select all. | Invert selection. | Add a new interface.
Activated at Boot
Select all. | Invert selection. | Add a new interface. | Add a new address range.
Name
Type
IP Address
Netmask
Activate at boot?
bge0
Gigabit ethernet
192.168.16.1
255.255.255.0
Yes
bge0:0
Ethernet (Virtual)
192.168.16.10
255.255.255.255
Yes
fxp0
Ethernet
192.168.1.1
255.255.255.0
Yes
fxp1
Ethernet
192.168.2.1
255.255.255.0
Yes
lo0
Loopback
127.0.0.1
255.0.0.0
Yes
Select all. | Invert selection. | Add a new interface. | Add a new address range.
With Webmin in section Networking then Network Configuration Click on
for restart the network services.
Restart the Server with shutdown -r now
SSH Configure
With Webmin click on the icon Servers then SSH Server then Authentication must be configured as below.
Authentication
Login and authentication options
Allow authentication by password?
Yes
No
Permit logins with empty passwords?
Yes
No
Allow login by root?
Allow RSA (SSH 1) authentication?
Yes
No
Allow DSA (SSH 2) authentication?
Yes
No
Check permissions on key files?
Yes
No
Display /etc/motd motd at login?
Yes
No
Ignore users' known_hosts files?
Yes
No
Pre-login message file
None
User authorized keys file
Default (~/.ssh/authorized_keys)
Fichier dans home
Ignore .rhosts files?
Yes
No
Click on the Save button.
With Webmin click on the icon Servers then SSH Server then Networking must be configured as below.
Networking
Networking options
Listen on addresses
All addresses
Entered below ...
Address
Port
Default
Default
Listen on port
Default (22)
Accept protocols
SSH v1
SSH v2
Disconnect if client has crashed?
Yes
No
Time to wait for login
Forever
seconds
Allow TCP forwarding?
Yes
No
Allow connection to forwarded ports?
Yes
No
Click on the Save button.
Remark : Stop and Start the SSH Server
For is connect to remote server on a local class of network:
ssh -l root 192.168.16.1
The authenticity of host ’192.168.16.1 (192.168.16.1)’ can’t be established.
DSA key fingerprint is 4f:3e:22:4d:x0:72:1a:x2:73:x6:c0:87:c4:53:52:96. In this example the SSH key is false, naturally. Are you sure you want to continue connecting (yes/no)? yes
Connection closed by 192.168.16.1
product# ssh -l root 192.168.16.1
Password: Enter the password for the remote Server.
Remark : We obtain the display below in a Terminal window after an established connection:
Welcome to FreeBSD!
Before seeking technical support, please use the following resources:
o Security advisories and updated errata information for all releases are
at http://www.FreeBSD.org/releases/ - always consult the ERRATA section
for your release first as it’s updated frequently.
o The Handbook and FAQ documents are at http://www.FreeBSD.org/ and,
along with the mailing lists, can be searched by going to
http://www.FreeBSD.org/search/. If the doc distribution has
been installed, they’re also available formatted in /usr/share/doc.
If you still have a question or problem, please take the output of
`uname -a’, along with any relevant error messages, and email it
as a question to the questions@FreeBSD.org mailing list. If you are
unfamiliar with FreeBSD’s directory layout, please refer to the hier(7)
manual page. If you are not familiar with manual pages, type `man man’.
You may also use sysinstall(8) to re-enter the installation and
configuration utility. Edit /etc/motd to change this login announcement.
product#
Remark : If accidentally, this takes place badly, one little always to erase the file /root/.ssh/known_hosts and repeat the operation..
From now on, the installation can run in remote login with SSH.
7. Packages Installing
It's better to compile all packages them of the Server for two reasons:
We possess all the sources of Packages in the Server, what can be very useful during the installation of another Server and that we cannot reach or download the sources of Packages on the Web.
Compiling with its processor the Packages, this greatly improves the reliability of the Server then this is equivalent to having a system written for its machine.
And then especially, always to realize an installation of FreeBSD in the time with the Packages sources up to date.
Arrived at this stage, it is very simple to install and configure a Server without breaking the head.
Like an Unix is developed in C and C ++ we shall start with the following components:
– Seize the following commands ending by the seizure with Entry key.
Connect to the Server with SSH in mode Super-user « root ».
– Seize the following commands ending by the seizure with Entry key.
Xorg -configure
What generates a file named xorg.conf.new in the directory /root then execute the following command:
mv xorg.conf.new /etc/X11/xorg.conf
After installing the Xorg-7.5 will be able to configure the French Keyboard for the example or in another language.
With Xorg-7.4 the configuration of the keyboard has changed, we do not proceed any more as before with the previous versions. This is not dependent on the version of FreeBSD but on the version of Xorg.
With Unix it is better to choose the Character set encoding UTF-8.
After it is enough to copy this file with Webmin which concerns the keyboard with the following syntax:
We can install MySQL-5.1 or MySQL-5.5 according to the preference of each. These two installations are similar, but differ in certain points. Paragraphs below enunciate the variants of their respective installation.
MySQL-5.1 Version
Warning, it is necessary to install this Package libnss-mysql without this one the PHP does not display in Firefox.
– Seize the following commands ending by the seizure with Entry key.
After the packages compiling, with Webmin click on the Icon Servers then MySQL Database Server then click on the Module Config tab and parametrize following both lines:
Path to MySQL databases directory
/var/db/mysql
MySQL configuration file
/usr/local/etc/my.cnf
Copy the my.cnf File in the directory /usr/local/etc
With Firefox to right click on the link my.cnf Save Link As... by reappointing him .cnf
# Generated by Eric Douzet - Mon Jun 30 12:00:00 2008
#
# FreeBSD /usr/local/etc/my.cnf
#
[mysqld]
datadir = /var/db/mysql
socket = /tmp/mysql.sock
user=mysql
[mysqld_safe]
log-error = /var/log/mysqld.log
Remark : Generate the MySQL Databases
– Seize the following commands in a Teminal ending by the seizure with Entry key.
cd /usr/local/bin
mysql_install_db --user=mysql
With Webmin launch MySQL and click on the Icon Change Administration Password to change the Administrator Password of Mysql.
For to launch automatically MySQL at Server boot or the starting up of FreeBSD with Webmin click on the Icon System then on the Icon Bootup and Shutdown and click on mysql-server and modify the variable from Script of Edit Action tab, on the Action Script form, as below:
: ${mysql_enable="YES"}
MySQL-5.1 will be automatically launched by the rc.conf File.
MySQL-5.5 Version
Warning, it is necessary to install this Package libnss-mysql without this one the PHP does not display in Firefox.
– Seize the following commands ending by the seizure with Entry key.
After the packages compiling, with Webmin click on the Icon Servers then MySQL Database Server then click on the Module Config tab and parametrize following both lines:
Path to MySQL databases directory
/var/db/mysql
MySQL configuration file
/usr/local/etc/my.cnf
Copy the my.cnf File in the directory /usr/local/etc
For Apache with FreeBSD 8.2 Selecting the apache-2.2.22 version which is a must of speed and stability much better than the apache-1.3.42 version with FreeBSD 8.2 and I find the apache-2.2.22 version possess much more security and is preferable to the ancient version. It is necessary to say to itself a thing, if the programmers of The Apache Software Foundation have completely rewritten this version of HTTP Server Apache is not for nothing.
Apache is the most popular of Web Servers on the Internet and that since April 1996 this is a benchmark for Web Server, personally I do not know better.
Install Apache – Seize the following command ending by the seizure with Entry key.
portupgrade -N apache-2.2.22
Version 2.2.x of Apache web server with prefork MPM.
When the form of compiling Options for apache-2.2.22 appears, select with the spacebar besides those selected the following option:
[X] SUEXEC Enable mod_suexec
Press the Tab key on the keyboard to reach the validation field [ OK ] afterward press Enter Key to continue the installing.
Create the following directories:
# mkdir cgi-bin
# mkdir error
# mkdir html
# mkdir icons
# mkdir usage
# ls
cgi-bin error html icons usage
#
This gives that directory tree:
/usr/local
/www
/cgi-bin
/error
/html
/icons
/usage
Remark : Copy the contents of directories /cgi-bin /error /icons from /usr/local/www/apache22/ in those from /usr/local/www/ it goes without saying, of course.
Erase the directory /apache22 after copying everything in it in the directory /usr/local/www
# cd /usr/local/www/
# ls
apache22
# rm -r apache22/
#
Remark : For generate the Package apache-2.2.22 - Version 2.2.x of Apache web server with prefork MPM. - Do not delete this file or directory.
After the packages compiling, with Webmin click on the Icon Servers then Apache Webserver then click on the Module Config tab and parametrize the following four lines:
Path to httpd.conf or apache2.conf
/usr/local/etc/apache22/httpd.conf
Path to srm.conf
/usr/local/etc/apache22/srm.conf
Path to access.conf
/usr/local/etc/apache22/access.conf
Path to mime.types
/usr/local/etc/apache22/mime.types
Install PHP – Seize the following command ending by the seizure with Entry key.
Among others, it is for that reason that it is imperative to copy him after installing of PHP5.
Remark : Enable the Virtual Host Name in removing the character # In the beginning of line as below of the File httpd.conf according to the used network class when the Virtual Host Name is configured.
It remains to edit the File php.ini-production of directory /usr/local/etc with xfe and save under the name php.ini in the Directory /usr/local/etcc and restart the server.
Remark : Each compiling of PHP5 generates the following line in the File httpd.conf It is necessary to delete this doubloon.
Remark : bind96-9.6.3-ESV-R3 Is already installed, you should not replace him.
After the installing of FreeBSD 8.2, with Webmin click on the icon Servers then BIND DNS Server then click on the tab Module Config and parametrize the following line:
Full path to the rndc.conf file /var/named/etc/namedb/rndc.conf
We can then generate the RNDC key with the icon Setup RNDC.
Bind works in environment chroot
chroot is a command of operating system UNIX allowing to change the root directory of a process of the host machine.
This command allows to isolate the execution of a program to avoid the hostilities of malevolence, as the operation of a buffer overflow, then access the root directory of the host machine.
This also allows to run multiple instances of the same set of services or daemons on the same host machine.
Directory of the configuration Files /var/named/etc/namedb
Remark : From this stage, it is not compulsory to install a graphic Interface, the System is operational to host the Web sites. The network and Webmin are amply sufficient for to administer this FreeBSD Server.
Installation without graphic Interface : Packages list
I disadvise strongly the use of a Graphic Interface for one production Server, for an ease of maintenance and Update.
The Xfe soft as File Manager and as Text editor with the local Server. When to the Servers administration software, Webmin can do everything at local or remote with the SSL protocol. Consider a production Server as one firewall Router, as by example the Zywall 5 from the Zyxel range, which possesses only a Web interface to configure it, dependent not system.
Remark : One specific Network Interface for the Local Area Network is necessary, especially if we have to use one SMB network, which has to use a different network class for the security.
Section indicating the change of the compiling version from the Server softwares.
The 2011-12-28 – Procedure of the Kernel update and the upgrade of Ruby 1.9.
The 2011-07-12 – Adding the installation of PostgreSQL Server and various modifications.
The 2011-07-12 – Update of the Packages list from installing.
The 2011-02-24 – FreeBSD 8.2-RELEASE is available, installation and compilation without any problem.
The 2010-09-12 – Modification of the Table of contents with one section addition: Packages list from installing
The 2010-06-02 – Dynamic management the Packages list from install.
The 2010-05-20 – Revision completes of the installation procedure of FreeBSD.
