Editorial Note: This is my 100th post. Thanks for reading.
Today, I signed up for a VPS at Slicehost. This is my first time dealing with them, and so far I’m very happy. I did encounter a fair number of small problems when configuring my Fedora 10 instance, however; these were no one’s fault, just stuff I hadn’t seen before. I thought I’d jot them down, so as to potentially save some other developers some time.
Iptables
The default iptables configuration will only accept connections on the SSH port. In particular, a webserver won’t work until you open port 80. One way to do this is to dump the iptables configuration to a file with iptables-save, edit that file, and then re-configure iptables with the iptables-restore command. On the command line, the sequence of operations would look something like this:
iptables-save > iptables.rules
emacs iptables.rules
iptables-restore < iptables.rulesAnd the edited iptables.rules file would look like this:
# Generated by iptables-save v1.4.1.1 on Fri Apr 10 01:52:35 2009
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [5894:1122214]
-A INPUT -m state −−state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state −−state NEW -m tcp −−dport 22 -j ACCEPT
-A INPUT -p tcp -m state −−state NEW -m tcp −−dport 80 -j ACCEPT
-A INPUT -j REJECT −−reject-with icmp-host-prohibited
-A FORWARD -j REJECT −−reject-with icmp-host-prohibited
COMMIT
# Completed on Fri Apr 10 01:52:35 2009(Only the "−−dport 22" line needs to be added.)
Iptables persistence
Unfortunately, the changes made above won't survive a reboot of the machine, and it's not obvious how to make them sticky. Fortunately, this guy has explained how. It's simply a matter of editing the /etc/sysconfig/iptables-config file, and ensuring that these values are all set to "yes":
- IPTABLES_MODULE_UNLOAD
- IPTABLES_SAVE_ON_STOP
- IPTABLES_SAVE_ON_RESTART
Starting Apache on Boot
This one probably isn't really that obscure, but I had to poke around a little to discover how to configure the system s.t. Apache would start up automatically on boot. It was explained here, and required these command lines:
chkconfig --add httpd
chkconfig --level 3 httpd on
chkconfig --level 5 httpd onAllowOverride
By default, /etc/httpd/conf/httpd.conf has an AllowOverride value of None. This means that .htaccess files will be ineffective, by default. Be sure to change this value if you want to use such files.
Miscellaneous
Just a couple of small personal blind spots:
- If you're going to use a non-root admin user, it makes your life easier if you chown /var/www/html to him
- Be sure to set the ServerName in /etc/httpd/conf/httpd.conf
- If Apache is running when you install PHP, a restart won't suffice to load the PHP module; you must stop and start the daemon
Future Work
Since today was largely taken up with VPS wrangling, my plans haven't substantively changed from yesterday. A reader request did come over the transom, however, at which I want to have a look. My plans:
- Release and advertise the whitepaper
- Refine support for puzzle printing
- User request: Investigate solver support for difference and quotient cages with more than two cells.
- Begin researching widgets
Yesterday's Stats
| Stat | 8th |
|---|---|
| Visitors | 19 |
| Visits | 23 |
| Pageviews | 113 |
| Pages/Visit | 4.91 |
| Avg. Time on Site | 4:43 |
I'm particularly unhappy about the delay in releasing the whitepaper because I'm running out of pithy comments to go along with these flat numbers.
Follow Along
You can subscribe to my RSS feed, if you’d like to follow along with this month’s project, in which I attempt to create and popularize a puzzle site.
