Difference between revisions of "Post-Install Configuration"

From MineOS
Jump to: navigation, search
(Changing the web-ui password)
m (Changing the web-ui password)
Line 19: Line 19:
  
 
<tt>nano /etc/hiawatha/passwords</tt>
 
<tt>nano /etc/hiawatha/passwords</tt>
Replace the one existing line with the generated line, such as: will:/ZU9ss0WcLwmE
+
 
 +
Replace the one existing line with the generated line, such as: <tt>will:/ZU9ss0WcLwmE</tt>
 
Save and exit. The password will take effect on reboot or on hiawatha restart (<tt>/etc/rc.d/hiawatha restart</tt>).
 
Save and exit. The password will take effect on reboot or on hiawatha restart (<tt>/etc/rc.d/hiawatha restart</tt>).
  

Revision as of 01:00, 2 August 2011

A few configurations must occur after the first reboot, and some are not implemented to greatly simplify the setup. These steps, however, are important for the securing of the server.

Contents

Password changing

MySQL root password

The password is unset by default, and can only be set when the MySQL daemon is running (after first boot). To set the password, use the following command as root:

  1. ln -s /var/www/tmp/mysql.sock /tmp/mysql.sock
  2. mysql_secure_installation

Changing the web-ui password

The default admin:password to the web-ui is admin:minecraft If you would like to change this, (either the username and/or password), open up /etc/hiawatha/passwords in your favorite text editor and replace the existing line.

Since the password is encrypted, you must first generate it. You can do so with the help of an online htpasswd generator. Fill in the username to whatever you like, set the password and choose CRYPT as the password--it is essential to choose CRYPT.

For example:

nano /etc/hiawatha/passwords

Replace the one existing line with the generated line, such as: will:/ZU9ss0WcLwmE Save and exit. The password will take effect on reboot or on hiawatha restart (/etc/rc.d/hiawatha restart).

Remember, any usernames listed in the passwords file will be accessible, so be sure to remove the existing admin:password line no matter what.

Other configuration

iptables

iptables filters inbound and outbound traffic by a sequence of rules. These rules are to prevent undesired traffic from being responded to, helping defend against DOS attacks and to prevent unauthorized access (such as permitting SSH connections only from an IP address/range).

The default rules include inbound connections for SSH (22), Minecraft (25565), HTTP (80), and the web-ui (8080) though it is fully customizable.

cronjobs

Until it is automated, cronjobs must be created manually. For your benefit, however, the process has been simplified. The directory /etc/cron/ exists and has several sub-directories, (hourly, daily, weekly, etc). Instead of having to learn standard crontab syntax, each sub-directory (and its contained files) gets executed at its respective interval.

For example, if you want backups done on your server daily, you can create a file in the daily directory:

  1. touch /etc/cron/daily/backupscript
  2. chmod +x /etc/cron/daily/backupscript
  3. nano /etc/cron/daily/backupscript

(backupscript contents)

cd /usr/games/minecraft
./mineos_console.py backup myserver