Usenet Indexer Installation - Debian / Ubuntu

System Vorbereitungen

1. Aktualisieren des Systems:

   # apt-get update
   # apt-get upgrade
   
   # apt-get dist-upgrade

2. Installation der benötigten Grundpakete:

   # apt-get install vim screen wget git apache2 apache2-utils curl mariadb-server mariadb-client php7.0-fpm php7.0-mysql php7.0-common php7.0-gd php7.0-json php7.0-cli php7.0-curl php7.0-mcrypt php-imagick php-pear php7.0-dev php7.0-mbstring php7.0-xml php7.0 gcc make curl

Konfiguration des Webservers

Im ersten Schritt, erstellen wir unter: /etc/apache2/sites-available/ einen neuen Virtual-Host, für unseren späteren Usenet Indexer:

# vim /etc/apache2/sites-available/nzedb.conf

<VirtualHost *:80>
    ServerName 127.0.0.1
    ServerAdmin webmaster@localhost
    ServerSignature Off

    DocumentRoot "/var/www/nZEDb/www"

    LogLevel warn
    ErrorLog /var/log/apache2/error.log

    Alias /covers /var/www/nZEDb/resources/covers
    <Directory "/var/www/nZEDb/www">
        Options FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>

    ProxyPassMatch ^/(.*\.php(/.*)?)$ unix:/run/php/php7.0-fpm.sock|fcgi://localhost/var/www/nZEDb/www
</VirtualHost>

# sed -i "s/ServerTokens OS/ServerTokens Prod/" /etc/apache2/conf-available/security.conf
# sed -i "s/ServerSignature On/ServerSignature Off/" /etc/apache2/conf-available/security.conf

Nun wird als erstes der Default-Virtual-Host deaktiviert, unser neuer aktiviert und das Rewrite-Modul enabled:

# mkdir -p /var/www/nZEDb/www

# a2dissite 000-default
# a2ensite nzedb.conf

# a2enmod rewrite

# systemctl enable apache2

Konfiguration von PHP 7.0

We already installed all needed PHP extensions earlier. For best performance, we also need to configure some PHP settings. :

# php --ini |grep Loaded

Loaded Configuration File:         /etc/php/7.0/cli/php.ini

In our case, we have to make changes first to the /etc/php/7.0/cli/php.ini file. We will increase the default upload limit to 2000 MB. You can set the values according to your needs. Run the following commands:

# sed -i "s/max_execution_time = 30/max_execution_time = 120/" /etc/php/7.0/cli/php.ini
# sed -i "s/;date.timezone =/date.timezone = Europe\/Zurich/" /etc/php/7.0/cli/php.ini

Now we have to do the same for our php7.0-fpm Configuration:

# sed -i "s/max_execution_time = 30/max_execution_time = 120/" /etc/php/7.0/fpm/php.ini
# sed -i "s/memory_limit = 128M/memory_limit = 1024M/" /etc/php/7.0/fpm/php.ini
# sed -i "s/;date.timezone =/date.timezone = Europe\/Zurich/" /etc/php/7.0/fpm/php.ini

# echo "<?php phpinfo(); ?>" > /var/www/nZEDb/www/phpinfo.php
# systemctl start php7.0-fpm
# systemctl enable php7.0-fpm

# a2enmod proxy_fcgi
# systemctl restart apache2

Check PHP-Configuration at: IP-From-SERVER/phpinfo.php

Konfiguration Mariadb

Erstellen einer neuen MariaDB spezifischen Konfiguration:

# vim /etc/mysql/mariadb.conf.d/50-server.cnf

# configurations by nZEDb
innodb_file_per_table = 1
max_allowed_packet = 16M
group_concat_max_len = 8192

Nach dem Speichern, wird im nächsten Schritt die MariaDB enabled und gestartet!

# systemctl start mysql.service
# systemctl enable mysql.service

# /usr/bin/mysql_secure_installation

Enter current password for root (enter for none): Enter
Set root password? [Y/n]: Y
New password: <your-password>
Re-enter new password: <your-password>
Remove anonymous users? [Y/n]: Y
Disallow root login remotely? [Y/n]: Y
Remove test database and access to it? [Y/n]: Y
Reload privilege tables now? [Y/n]: Y

Erstellen der Datenbank & Konfiguration von AppArmor

Erstellen der von nZEDb benötigten Datenbank und Users:

mysql -u root -p

MariaDB [(none)]> CREATE DATABASE nzedb;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nzedb.* TO 'nzedbuser'@'localhost' IDENTIFIED BY 'YOUR-PASSWORD';
MariaDB [(none)]> GRANT FILE ON *.* TO 'nzedbuser'@'localhost';
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> quit

Anschliessend, wenn die DB erstellt worden ist, muss nun AppArmor konfiguriert werden.

# apt install apparmor-utils
# aa-complain /usr/sbin/mysqld

You might encounter the following error. It tells you that MariaDB isn’t restricted by AppArmor so just go to the next step.

ERROR: /etc/apparmor.d/usr.sbin.mysqld contains no profile

Installation der Media Tools

1. Installation der packetierten Media-Tools:

   # apt-get install time unrar p7zip-full mediainfo lame ffmpeg libav-tools

2. Installation von yEnc, um das header und message prozessing durch das Indexing zu beschleunigen:

    
   # mkdir /tmp/yenc
   # cd /tmp/yenc
   # wget https://ayera.dl.sourceforge.net/project/yydecode/yydecode/0.2.10/yydecode-0.2.10.tar.gz
   # tar xzf yydecode-0.2.10.tar.gz
   # cd yydecode-0.2.10
   
   # ./configure
   # make
   # make install
   # cd /tmp
   # rm -rf yenc

3. Installation der php-yenc extension, für noch schnelleres Encoding:

   # wget https://github.com/niel/php-yenc/releases/download/v1.3.0/php7.0-yenc_1.3.0_amd64.deb
   
   # dpkg -i php7.0-yenc_1.3.0_amd64.deb

Download und Installation von nZEDb

# rm -Rf /var/www/nZEDb/
# cd /var/www/
# git clone https://github.com/nZEDb/nZEDb.git

# chown -R www-data:www-data /var/www/nZEDb
# chmod -R g+w /var/www/nZEDb/

# cp /var/www/nZEDb/_install/install.sh /var/www/
# chmod a+x /var/www/install.sh

# ./install.sh

During the installation, Composer will install all needed PHP dependencies and you will need to enter your sudo password to set permissions. Once the script finished, we need to set up the web server.

Tmux Version 2 installieren

• https://forums.nzedb.com/index.php?topic=2464.0

Wichtige Arbeiten, von vor dem konfigurieren / einrichten von nZEDb

• CA Zertifikat installieren:

  # wget -P /etc/ssl/certs/ http://curl.haxx.se/ca/cacert.pem
  # chmod 744 /etc/ssl/certs/cacert.pem

• Environment Ergänzungen:

  # mysql_tzinfo_to_sql /usr/share/zoneinfo | sudo mysql -u root -p mysql
  
  # mkdir -p /var/www/nZEDb/resources/tmp/unrar
  # chmod 777 /var/www/nZEDb/resources

nZEDb konfigurieren / Einrichten

server-ip/install

or

domain.com/install

Einrichten des Server-start Skripts

# vim /opt/BLAAA/start_server.sh

#! /bin/bash

SERVER_BIN=programm
cd /opt/

if [ "$(screen -ls | grep $SERVER_BIN)" ]
then
        echo $SERVER_BIN is already running..
else
    screen -dmS $SERVER_BIN andRequiretOPTIONShere
    echo $SERVER_BIN is now alive!
fi

Berechtigungen korrekt setzen und den Server starten!:

# chmod +x /opt/blaa/start_server.sh
# chown -R mcuser:mcuser /opt/blaaa

# ./start_server.sh

Automatischer Server-Start nach reboot

Damit nun der Server, auch nach einem reboot des Systems wieder automatisch startet, erstellen wir hier einen neuen cronetab eintrag, der dies bei jedem Reboot für uns erledigt: (Achtung !!! Bei einem öffentlichen Minecraft Server sollte es aus Sicherheitstechnischen Gründen nicht root sein, der per crontab der screen startet!)

# vim /etc/crontab

SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root

# For details see man 4 crontabs

# Example of job definition:
# .---------------- minute (0 - 59)
# |  .------------- hour (0 - 23)
# |  |  .---------- day of month (1 - 31)
# |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
# |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# |  |  |  |  |
# *  *  *  *  * user-name  command to be executed

@reboot root /opt/minecraft/start_server.sh

Beispiel einer korrekt angepassten “server.properties”:

# cat /opt/m

con=false