Ci-dessous, les différences entre deux révisions de la page.
— |
doc:dak:usr_share_doc_dak_readme.debian [2005/08/03 11:25] (Version actuelle) lehobey créée |
||
---|---|---|---|
Ligne 1: | Ligne 1: | ||
+ | <file> | ||
+ | dak for Debian | ||
+ | -------------- | ||
+ | 1. Insanity | ||
+ | 2. Base Directory | ||
+ | 3. Initial setup | ||
+ | 4. Crontabs/Scripts | ||
+ | 5. Environment | ||
+ | 6. Steps to a working dak | ||
+ | |||
+ | 1. Insanity | ||
+ | ----------- | ||
+ | |||
+ | This is the package for dak, the "Debian Archive Kit", sometimes known | ||
+ | as katie (but katie is "only" a (central) part of it). | ||
+ | |||
+ | First: You won't, and you can't, use dak simply by installing this | ||
+ | package, but it should help for many things. At least I tried to get it | ||
+ | to do this. You need to follow this Readme. Really. | ||
+ | |||
+ | Second: | ||
+ | a. Read the docs. | ||
+ | b. Look at the example configs. | ||
+ | c. Install mini-dinstall or debarchiver and use them. | ||
+ | d. If you still read this you are insane or in a need of a | ||
+ | archive kit for a huge archive and don't want to use | ||
+ | mini-dinstall -> go on with dak. | ||
+ | |||
+ | |||
+ | 2. Base Directory | ||
+ | ----------------- | ||
+ | |||
+ | This package asks a debconf question for the base-directory. Most of dak | ||
+ | will work in that directory, some default files are also copied there. | ||
+ | This package only creates one base directory, but in theorie you can run | ||
+ | thousands of dak-setups on a single machine - simply copy the katie/ | ||
+ | subdirectory to the base-directory for the new dak and run rose there. | ||
+ | |||
+ | 3. Initial setup | ||
+ | ---------------- | ||
+ | |||
+ | After the package is installed, or you added a new base-directory, you | ||
+ | should edit the configuration files. This package delivers some basic | ||
+ | configuration files, which are adapted to the path you enter in Debconf, | ||
+ | and then copied to that path. If you later want to look at them again, | ||
+ | see /usr/share/dak/config. | ||
+ | |||
+ | More Configuration Examples, including the ones that are in use for the | ||
+ | Debian Archive, can be found in /usr/share/doc/dak together with a whole | ||
+ | lot of Readmes for different purposes. | ||
+ | |||
+ | 4. Crontabs/Scripts | ||
+ | ------------------- | ||
+ | |||
+ | dak needs some jobs started by cron to run properly. For example to | ||
+ | process new files in the incoming directory there should be a cronjob | ||
+ | doing exactly this every X minutes. For this one there is a ready-to-use | ||
+ | cron.unchecked file in your base/katie directory. You only need to setup | ||
+ | the entry in katies crontab to let cron execute it every X minutes. | ||
+ | |||
+ | The directory /usr/share/doc/dak/crontabs also contains a few other | ||
+ | example scripts. Please note: They are real-life examples, used on the | ||
+ | Debian machines. You don't want to use them exactly like they are, adapt | ||
+ | them to your needs. ESPECIALLY CHANGE ALL EMAIL ADDRESSES that are in them. | ||
+ | |||
+ | An example crontab for katie is in the file katie.crontab, adjust | ||
+ | it to your needs. | ||
+ | |||
+ | 5. Environment | ||
+ | -------------- | ||
+ | |||
+ | You should define SCRIPTVARS in your environment (and that of your dak | ||
+ | user) to point to your base/vars file, it's used by many scripts. | ||
+ | |||
+ | 6. Steps to a working dak | ||
+ | ------------------------- | ||
+ | |||
+ | a. Have your postgresql up and running. I assume it is on the localhost, | ||
+ | if not change your config files (katie.conf) for dak. | ||
+ | b. run createuser YOURDAKUSERNAME with a user that is allowed to create | ||
+ | databases and allow YOURDAKUSERNAME to create a database. This user | ||
+ | needs to be superuser in the database as it runs COPY from a file later. | ||
+ | c. su - YOURDAKUSERNAME | ||
+ | d. rose | ||
+ | e. Watch how the directories are created. | ||
+ | f. Add a group "ftpmaster" to your postgresql database. | ||
+ | At a psql prompt a CREATE GROUP ftpmaster; should do it. | ||
+ | Add your YOURDAKUSERNAME to this group. | ||
+ | g. Change to your DAKDIR/katie and run /usr/share/dak/neve -a and watch | ||
+ | her creating the database. If it ends with some VACUUM and two GRANTs | ||
+ | it worked. | ||
+ | Be careful, neve DROPS your database, so don't run it if you like the | ||
+ | data that is in that database! | ||
+ | h. You need to get your maintainers in the database. The Debian Archive | ||
+ | uses a script (emilie) that syncs with its LDAP Server, but you | ||
+ | probably don't want to sync with Debian's LDAP. :) | ||
+ | If you have a setup with an LDAP Server, look at emilie and their | ||
+ | config options. If not, there is a script called uma which helps you | ||
+ | to do this. You basically give it a keyid with the -k parameter and | ||
+ | it will do the rest, after asking you if you like the action. | ||
+ | If you told it to create a system user for the new account it will | ||
+ | run useradd to do the stuff, for that YOURDAKUSERNAME needs sudo | ||
+ | access to useradd, with NOPASSWD set. It will also add new users to | ||
+ | the mail whitelist file, if you have that option enabled (it is per | ||
+ | default). | ||
+ | i. Repeat step h for every user you have. | ||
+ | j. Install the cronjobs you need. Start with cron.unchecked which is | ||
+ | already copied in /YOURDAKPATH/katie/cron.unchecked and asks | ||
+ | jennifer to process new uploads. The Crontab Debian uses can be found | ||
+ | in /usr/share/doc/dak/crontabs as an example. | ||
+ | k. You should setup the keyring for katie now. Do a command similar to | ||
+ | the following, but adjust your path: | ||
+ | gpg --no-default-keyring --keyring /opt/dak/keyrings/keyring.gpg | ||
+ | l. To let ziyi sign the Release files you need a s3kr1t key. | ||
+ | gpg --gen-key and follow the prompts. Then move it from the home of | ||
+ | YOURDAKUSERNAME to the path of "SigningKeyring" from the | ||
+ | config. Both, public and private key. Write your Keyid in the config | ||
+ | value "SigningKeyIds". Remember that the signing works automagically, | ||
+ | so a passphrase on the key doesnt help... | ||
+ | m. If you followed until here you made your archive run and accepting | ||
+ | new uploads. Except they are not installed - you need another script | ||
+ | for this in your crontab. cron.daily, look in the examples. Change it | ||
+ | to fit your needs (disable billie for now as a first step, change | ||
+ | email addresses), and let it run as often as you wish. I suggest | ||
+ | daily or hourly. | ||
+ | n. Of course there must be a way to get the files up to the | ||
+ | archive. Setup a ftp server to let users upload into | ||
+ | queue/unchecked. Only be careful that all files are read/writeable by | ||
+ | the YOURDAKUSERNAME or you will have troubles. :) | ||
+ | |||
+ | |||
+ | -- Joerg Jaspert <joerg@debian.org>, Mon, 29 Nov 2004 20:04:27 +0100 | ||
+ | </file> |