community.aegirproject.org
Manual Installation
Aegir installation seems difficult at first, but once you get around it, it's fairly simple. It's 3 basic steps::
- Install the system requirements
- Configure system requirements, which include:
- create an Aegir user,
- configure the webserver, MySQL, DNS, PHP, etc.
- Install the backend (Drush & Provision)
- Install the frontend with
hostmaster-install
.
Note that these instructions setup a complete Aegir system. If you want to only setup a new remote web/db server, it should be sufficient to system requirements (step 1), configure them (step 2) and follow the Remote server how-to.
These instructions provide example commands for a Debian-like distribution, but should be fairly easy to adapt to other environments. In fact, this document is meant as a canonical reference that should work on every platform and that can be used for people porting Aegir to new platforms or installing on alien platform for which Aegir is not yet packaged.
- Login or register to post comments
- Print entire section
- Talk
Mac OS X installation instructions
Apache
For Apache based installation hints see Apache / mySQL / PHP / Aegir
Nginx
Nginx is more performant than Apache, if you are interested in setting Aegir up using nginx Brian Gilbert from Realityloop has created a script to install everything that you need on a clean Mac (not already running anything on port 80), see OSX Aegir Installer on github.
Apache / mySQL / PHP / Aegir
This is a helper file to the canonical manual install process. It is aimed at helping you install Aegir on Mac OS X. Since PHP and MySQL support on OS X is fairly limited and complicated, a separate documentation page was created for that part of the documentation. You should follow this page all the way through and then proceed with the regular install, step 4: becoming the aegir user.
1. Special software requirements
While Mac OS X comes with Apache & PHP (and even MySQL on the Server version), the version of PHP shipped with 10.6 Snow Leopard is 5.3.x and thus may not work with Aegir (as of the 0.4alpha-era) and various other software. If you're running 10.5 Leopard, it may work out of the box, but I haven't tested it.
There are several different ways to get Apache, PHP 5.2, and MySQL 5 onto a Mac OS X machine. I give detailed instructions for MacPorts below, but if that's a bit more than you're ready to bite off right now, feel free to use an alternative approach.
One such alternative is MAMP. There is a good but outdated HOWTO for installing Aegir on Mac OS X 10.6 (Snow Leopard) using MAMP located here: http://groups.drupal.org/node/30270
MAMP stands for Mac, Apache, MySQL, and PHP and is the Mac equivalent of "LAMP". It is a self-contained package of all of these programs with a nice graphical installer and control panel. You can find it here: http://www.mamp.info/
MAMP is pretty straightforward, but it's also not very flexible (IMHO). While certainly not without its own headaches, MacPorts is a decently powerful way to sanely manage a healthy stack of open source UNIX software on your Mac. Since this is what I use, I'm going to assume MacPorts is in use for the rest of this HINTS file. I have also only tested this on Mac OS X 10.6 Snow Leopard.
If you don't yet have MacPorts installed, go here to get it: http://www.macports.org/install.php
Once it's installed, quit and re-launch your Terminal before continuing. Otherwise MacPorts won't yet be in your PATH.
The first two commands below are optional but recommended.
sudo port selfupdate
sudo port upgrade outdated
sudo port install apache2 mysql5-server git-core unzip php52 php5-posix php5-gd php5-apc +mysql5
php5-apc is optional, but highly recommended as it will significantly increase PHP performance.
Watch the output of the last port command carefully, as there are usually some boring tasks for you to perform once the install is done. You'll be wishing you were running Ubuntu/Debian and apt-get by the time you're done.
2. Configure system requirements
Next we'll create the aegir user and add it to the _www group. This part is very different on Mac OS X than Linux or most other Unices. Must be a NeXTism. The command we will use he is "dscl", which is a short for Directory Service Command Line. In OSX 10.3 and earlier, that command is "nicl" (short for Net Info Command Line). It is also possible to create the user using the "Workgroup Manager" utility included with OS X Server. To obtain Workgroup Manager for the OS X Client, download the "Server Admin Tools" from Apple. For example, for Mac OS X 10.6, the admin tools can be found at:
http://support.apple.com/downloads/Server_Admin_Tools_10_6
sudo dscl . -create /Users/aegir NFSHomeDirectory /var/aegir
Now you need to find the next spare UID to assign the user.
Here's how you find out on your system:
sudo dsexport users.out /Local/Default dsRecTypeStandard:Users
Then open the file users.out in a text editor, search for the highest 5xx user ID and add 1 to it (in your brain, not in the file). So if you find 506 but no 507, use 507. When you're done, delete users.out to be safe.
sudo rm users.out
Now assign this UID to the aegir user, replacing "5xx" with the UID.
sudo dscl . -create /Users/aegir UniqueID 5xx
!! If you're running Mac OSX Lion, you also need to assign PrimaryGroupID to the aegir user. sudo dscl . -create /Users/aegir PrimaryGroupID XXX
Set a secure password for the aegir user, as it needs shell access.
sudo passwd aegir
Create the aegir home directory and set its permissions.
sudo mkdir /var/aegir
sudo chown aegir /var/aegir
sudo chgrp _www /var/aegir
Add the aegir user to the _www group. This is the group Apache runs as.
sudo dscl . -append /Groups/_www GroupMembership aegir
Give the aegir user the ability to restart Apache.
sudo mv /usr/sbin/apachectl /usr/sbin/apachectl-apple
sudo ln -s /opt/local/apache2/bin/apachectl /usr/sbin/apachectl
sudo visudo
Go to the last line of the file and add the following.
aegir ALL=NOPASSWD: /usr/sbin/apachectl
Save the file and exit your text editor.
Next configure Apache to include the Aegir config.
echo "Include /var/aegir/config/apache.conf" >> /opt/local/apache2/conf/httpd.conf
Configuring your MySQL database and user accounts is the same as in the INSTALL.txt file. But you probably want to add the path to its executables to your user's PATH and the aegir user's PATH.
echo 'export PATH=/opt/local/lib/mysql5/bin:$PATH' >> ~/.profile
su - aegir
Password: (the password you setup earlier)
echo 'export PATH=/opt/local/lib/mysql5/bin:$PATH' >> ~/.profile
exit
nginx / MariaDB / PHP / Aegir (MEMPÆ)
The instructions that used to be here are now outdated, instead use the OSXAegirInstaller created by Brian Gilbert of Realityloop.
Centos 6.x Aegir Install Guide
There are 2 methods of installing AEgir on CentOS both are the same but one is scripted and the other is manual and is documented below.
Scripted
The script can be found at https://github.com/marafa/aegir/tree/master/version2
NB. There is preliminary work to fix selinux at https://github.com/marafa/aegir/blob/master/aegir_selinux.sh. Feedback is quite welcome as well as git pulls.
Explanation
Connect to the server via ssh as root user.
ssh root@000.000.000.000
Install system requirements
yum install httpd php php-mysql php-cli php-gd php-process php-pear php-mbstring php-xml php-soap sudo rsync git postfix tree wget cronie unzip mysql-server mlocate nmap samba samba-client samba-common vim
Note: The following packages are not required but are very useful to include git wget mlocate nmap samba samba-client samba-common vim
SElinux
Make sure Security-Enhanced Linux is disabled as it creates install problems.
vim /etc/selinux/config Make sure SELINUX=disabled
If was SELINUX=enabled then we need to restart.
shutdown -r now
Note: I am not sure if it can be enabled at the end I have never tried.
Create the Aegir user
The provision framework of Aegir requires that the scripts run as a non-root system account, to ensure that it can correctly set the file permissions on the hosted files.
Also to ensure that the file permissions of the hosted sites are always as safe as can be, and especially to make sure that the web server does not have the ability to modify the code of the site, the configured system account needs to be a member of the web server group, in order to be able to correctly set the file permissions.
While you can choose another username, most aegir documentation assumes the Aegir user is aegir, its home directory is /var/aegir and the webserver group is www-data.
useradd --home-dir /var/aegir aegir
gpasswd -a aegir apache
chmod -R 755 /var/aegir
Apache configuration
Start Apache
service httpd start
Make apache start automatically after reboot.
chkconfig httpd on
We need to create a symbolic link between aegir and apache.
ln -s /var/aegir/config/apache.conf /etc/httpd/conf.d/aegir.conf
PHP configuration
vim /etc/php.ini
Increase the memory limit as complex installation profiles or distributions require a PHP memory limit that is higher than the default (128M)
memory_limit = 192M
Set Date Zone to your time zone see http://www.php.net/manual/en/datetime.configuration.php#ini.date.timezone
date.timezone = “”
Sudo configuration
Next, we need to give the aegir user permission to execute the Apache2 command to restart the web server without entering a password.
visudo
Add to end of file
Defaults:aegir !requiretty
aegir ALL=NOPASSWD: /usr/sbin/apachectl
DNS configuration
Aegir requires a properly configured "FQDN" (Fully Qualified Domain Name) be assigned to the machine. In practice, this means that the hostname returned by the hostname and uname -n shell commands should resolve to the IP address for this server, and vice versa.
If you only intend to use Aegir on a single server, it is acceptable for the resolved IP address to be the '127.0.0.1' loopback address.
If you intend to manage multiple servers using Aegir, you will need to make sure that the IP address is the public IP of this server.
You can add multiple entries to your /etc/hosts file for testing purposes, for example:#> >vim /etc/hosts Add your ip and hostname
000.000.000.000 hostname
Database configuration
Start mysql
service mysqld start
Make mysql start automatically after reboot.
chkconfig mysqld on
Configure Mysql
/usr/bin/mysql_secure_installation
Recommended:
Set root Password
Remove anonymous users? y
Disallow root login remotely? y
Remove test database and access to it? y
Reload privilege tables now? y
Install drush
pear channel-discover pear.drush.org
pear install drush/drush-4.5.0
Check if drush works If you get PHP Fatal error: Class 'Console_Table' not found then
pear install Console_Table
Stop! Now become the Aegir user!
The remaining of this manual assumes you are running as the Aegir user. Things will go very wrong if you do not change your shell credentials to become that user.
su -s /bin/bash - aegir
Install provision
drush dl --destination=/var/aegir/.drush provision-6.x
Clear the drush cache
drush cache-clear drush
Run hostmaster-install
drush hostmaster-install
Manual install of a web cluster aegir using nginx
These are some really rough notes on how to go about creating a 4 server aegir installation (aegir, mysql, web1, web2).
Adapted from reading through the BOA project and my own experimentation.
** Note -- regarding the wildcard SSL, your sites will need some configuration in your settings.php or local.settings.php to check for the X-Forwarded-Proto headers. I can't recall if the wildcard SSL config.
These notes also assume the last Ubuntu LTS -- 10.04/Lucid.
aegirmysql: sudo apt-get update sudo apt-get upgrade sudo apt-get install vim mysql-server _USER="aegir" _DOMAIN="aegir.domain.com" _AEGIR_HOST="aegir.server.hostname" _AEGIR_HOST_IP="123.456.789.01" _AEGIR_PASSWORD="password" #AEGIR_DB_USER=aegir_root #AEGIR_DB_PASS=`echo $RANDOM:\`date\`:$AEGIR_HOST | openssl md5` echo "[client] user=root password=password" >> .my.cnf mysql -uroot mysql<<EOFMYSQL GRANT ALL PRIVILEGES ON *.* TO '$_USER'@'$_DOMAIN' IDENTIFIED BY 'password' WITH GRANT OPTION; GRANT ALL PRIVILEGES ON *.* TO '$_USER'@'$_AEGIR_HOST' IDENTIFIED BY 'password' WITH GRANT OPTION; GRANT ALL PRIVILEGES ON *.* TO '$_USER'@'$_AEGIR_HOST_IP' IDENTIFIED BY 'password' WITH GRANT OPTION; GRANT ALL PRIVILEGES ON *.* TO '$_USER'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION; FLUSH PRIVILEGES; EOFMYSQL ======================== # https://launchpad.net/~brianmercer/+archive/nginx # https://launchpad.net/~nginx/+archive/php5 aegircontrol: sudo apt-get update sudo apt-get upgrade sudo mkdir -p /var/www/nginx-default #php5-suhosin CATHOSTDEBDEPS="git-core git-doc mysql-client-5.1 vim nginx-custom drush postfix php5-cli php5-mysql php5-fpm php5-gd rsync unzip bzr patch curl" sudo apt-get -V install $CATHOSTDEBDEPS #postfix config already sorted sudo adduser --system --group --home /var/aegir aegir sudo adduser aegir www-data sudo chsh -s /bin/bash aegir #patch drush, re: ereg() #as root: echo "aegir ALL=NOPASSWD: /etc/init.d/nginx" >> /etc/sudoers ln -s /var/aegir/config/nginx.conf /etc/nginx/conf.d/aegir.conf #disable directives in nginx.conf: #types_hash_max_size #tcp_nopush #error_log invoke-rc.d nginx restart #install SSL cert to: /etc/ssl/private/domain.com.cert.pem cd /etc/ssl/private/ ln -s domain.com.cert.pem nginx-wild-ssl.crt ln -s domain.com.cert.pem nginx-wild-ssl.key #install SSL config to: /var/aegir/config/server_master/nginx/pre.d/nginx_wild_ssl.conf #TODO: also install for /var/aegir/config/server_aegirweb{1,2}.host.name #as aegir: cd ~ mkdir .ssh ssh-keygen -t rsa ln -s /usr/share/drush /var/aegir/drush mkdir ~/.drush cd ~/.drush wget -c http://ftp.drupal.org/files/projects/provision-6.x-1.3.tar.gz tar -zxf provision-6.x-1.3.tar.gz #htaccess password bit mkdir ~/tmp cd ~/tmp git clone --branch develop git://github.com/computerminds/aegir_http_basic.git #must be develop branch to use crypt() and for nginx support cp -r aegir_http_basic/provision ~/.drush/provision/aegir_http_basic cp -r aegir_http_basic/hosting ~/hostmaster-6.x-1.3/profiles/hostmaster/modules/hosting/http_basic_auth #set directory permissions? -- patch aegir/http_basic module to do so? _DOMAIN="aegir.domain.com" _USER="aegir" #_AEGIR_HOST=`uname -n` _AEGIR_HOST="aegir.server.hostname" _AEGIR_HOME="$HOME" _AEGIR_DB_PASS="password" _AEGIR_DB_HOST="mysql.server.fqdn" _AEGIR_VERSION="1.3" #_AEGIR_ROOT="$_AEGIR_HOME/hostmaster-$_AEGIR_VERSION" _ADM_EMAIL="admin@domain.com"" _WEBG=www-data _USRG=users #going vanilla echo "drush hostmaster-install $_DOMAIN --aegir_host=$_AEGIR_HOST --aegir_db_user=$_USER --aegir_db_pass=$_AEGIR_DB_PASS --http_service_type=nginx --db_service_type=mysql --db_port=3306 --aegir_db_host=$_AEGIR_DB_HOST --client_email=$_ADM_EMAIL --script_user=$_USER --web_group=$_WEBG --profile=hostmaster -d -v" drush hostmaster-install $_DOMAIN --aegir_host=$_AEGIR_HOST --aegir_db_user=$_USER --aegir_db_pass=$_AEGIR_DB_PASS --http_service_type=nginx --db_service_type=mysql --db_port=3306 --aegir_db_host=$_AEGIR_DB_HOST --client_email=$_ADM_EMAIL --script_user=$_USER --web_group=$_WEBG --profile=hostmaster -d -v cd hostmaster-6.x-1.3 echo "alive" >> healthcheck #enable aegir modules drush @hostmaster en hosting_web_cluster drush @hostmaster en hosting_alias drush @hostmaster en hosting_http_basic_auth #*** enable hosting client in features -- disabling client module cause WSOD on site add page # setup aegirweb{1,2} # test ssh to aegirweb{1,2} # add to known_hosts # NOTE: Aegir web clusters need to share the files, and private directories between web servers (also cache directory, if using boost module) # Setup provision hook for NFS links # http://drupal.org/node/1283738 mkdir -p /var/lib/sitedata/aegir chown -R aegir:www-data /var/lib/sitedata/aegir mkdir -p /var/lib/sitedata/aegir/cache chown -R aegir:www-data /var/lib/sitedata/aegir/cache # add web servers # add web cluster #TODO: Add DR web servers to cluster #TODO: Add WR, re: DR web servers & firewall # set date/time settings in Aegir #TODO: Logrotate webserver logs #TODO: Add an alias for the aegir user: #aegir: "admin@domain.com"" ======================== aegirweb{1,2}: #TODO: Check puppeted stuff, fix, etc sudo apt-get update sudo apt-get upgrade sudo mkdir -p /var/www/nginx-default CATWEBDEBDEPS="mysql-client-5.1 vim nginx-custom drush postfix php5-cli php5-mysql php5-fpm php5-gd rsync unzip patch" sudo apt-get -V install $CATWEBDEBDEPS sudo adduser --system --group --home /var/aegir aegir sudo adduser aegir www-data sudo chsh -s /bin/bash aegir #install SSL cert to: /etc/ssl/private/domain.com.cert.pem cd /etc/ssl/private/ ln -s domain.com.cert.pem nginx-wild-ssl.crt ln -s domain.com.cert.pem nginx-wild-ssl.key #install SSL config to: /var/aegir/config/server_master/nginx/pre.d/nginx_wild_ssl.conf #TODO: also install for /var/aegir/config/server_aegirweb{1,2}.host.name #as root: echo "aegir ALL=NOPASSWD: /etc/init.d/nginx" >> /etc/sudoers #as aegir: mkdir /var/aegir/.ssh cat aegir.aegircontrol.id_rsa.pub >> /var/aegir/.ssh/authorized_keys2 #TODO: Logrotate webserver logs ==========================
nginx / MariaDB / PHP-FPM Single Server Installation
Note: This installation process assumes that you're using a fresh install of Ubuntu 14.04 x64. If you use a lower version of Ubuntu, you may have trouble with this guide.
On most VPS providers, you'll be logged in as root initially. The installation process below assumes that you are logged in as root. Obviously, this is not a secure long-term solution, so once you're done with this guide, I suggest setting up public key authentication, turning off root login over SSH, and creating yourself a new unprivileged user. That's out of scope for this doc page, so you're probably on your own for that.
Finally, this document assumes that you're going to be installing aegir at aegir.example.com. Any time you see example.com, replace it with your domain.
1. Housekeeping
Make sure you're up to date:
apt-get update
apt-get upgrade
And that you have the the python-software-properties package (we'll need it later):
apt-get install python-software-properties
2. Install MariaDB
From mariadb.org:
MariaDB is a database server that offers drop-in replacement functionality for MySQL.
MariaDB is built by some of the original authors of MySQL, with assistance from the
broader community of Free and open source software developers. In addition to the core
functionality of MySQL, MariaDB offers a rich set of feature enhancements including
alternate storage engines, server optimizations, and patches.
Install MariaDB:
apt-get install mariadb-server
You'll need to set your root password for the MariaDB server
3. Install Nginx
Next, install Nginx and PHP-FPM:
apt-get install nginx php5-cli php5-mysql php5-fpm php5-gd
Create the default docroot for Nginx as well:
mkdir -p /var/www/nginx-default
4. Install all the other stuff
apt-get install git-core git-doc vim drush postfix rsync unzip bzr patch curl
When prompted for Postfix configuration, select "Internet Site", then use "example.com" for the System mail name.
5. Create the Aegir user
Easy:
adduser --system --group --home /var/aegir aegir
adduser aegir www-data
chsh -s /bin/bash aegir
6. Misc Configuration
Make sure the Aegir user is allowed to restart Nginx:
echo "aegir ALL=NOPASSWD: /etc/init.d/nginx" >> /etc/sudoers
Symlink Aegir's nginx configuration into place:
ln -s /var/aegir/config/nginx.conf /etc/nginx/conf.d/aegir.conf
Disable duplicated directives in /etc/nginx/nginx.conf
(the Aegir config specifies these values as well - if you do not disable them in the main nginx.conf, nginx will fail to restart). You can just remove (or comment them out with a "#") the lines that start with the following
types_hash_max_size
tcp_nopush
error_log
Then, restart Nginx:
service nginx restart
7. Install Aegir
IMPORTANT Switch to the Aegir user now: IMPORTANT
su - aegir
cd ~/
Download the latest Provision release:
mkdir ~/.drush
cd ~/.drush
wget -c http://ftp.drupal.org/files/projects/provision-6.x-2.1.tar.gz
tar -zxf provision-6.x-2.1.tar.gz
rm provision-6.x-2.1.tar.gz
Start the Aegir install process:
cd ~/
drush hostmaster-install aegir.example.com \
--aegir_host="aegir.example.com" \
--http_service_type="nginx" \
--aegir_db_user="root" \
--aegir_db_pass="[YOUR ROOT DATABASE PASSWORD]" \
--db_service_type="mysql" \
--db_port=3306 \
--aegir_db_host="localhost" \
--client_email="[YOUR EMAIL ADDRESS]" \
--script_user="aegir" \
--web_group="www-data" \
--profile=hostmaster
8. Optional Improvements
drupal.org/project/hosting_queue_runner
drupal.org/project/provision_boost
#1
A few points just on installing drush with RedHat 6 that I seem to run in to every time.
When I try to discover the pear channel as aegir user I get
could not create lock file: fopen(/usr/share/pear/.lock): failed to open stream: Permission denied
I also get the following after I make the aegir user owner of the .lock file
pear channel-discover pear.drush.org
Discovering channel pear.drush.org over http:// failed with message: channel-add: adding Channel "pear.drush.org" to registry failed
Trying to discover channel pear.drush.org over https:// instead
Discovery of channel "pear.drush.org" failed (channel-add: Cannot open "https://pear.drush.org/channel.xml" (Connection to `pear.drush.org:443' failed: Connection refused))
I can add it with root user but when installing drush I get
pear install drush/drush-5.8.0
Cannot install, php_dir for channel "pear.drush.org" is not writeable by the current user
I always have to install drush as root and then modify ownership/permissions to aegir user. Is the documentation wrong, or am I missing something?
Also, for drush 5 it seems that 'http://download.pear.php.net/package/Console_Table-1.1.3.tgz' is a dependency!