TildeClub
/
tilde.club
mirror of https://github.com/tildeclub/tilde.club.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
tilde.club/docs/shellserver.md

36 lines
2.2 KiB
Markdown
Raw Permalink Blame History

# Setting up the tilde.club shell server (user host)
We want to document the ins and outs of setting up the server so others who are interested can learn (and help!).
## System setup
For now, this is all [documented in a separate server-setup document](https://github.com/tildeclub/tilde.club/blob/master/docs/server.org); ultimately, I presume we'll consolidate it all here.
## /etc/skel directory
This is the directory that's used as the basis for all newly-created users' home directories, so it's good to get it right before adding new users to a shell server. We've created [a separate repo for the contents of the directory itself](https://github.com/tildeclub/tilde.etcskel), but since it's impossible to check in the appropriate file and directory permissions, [they're documented here](https://github.com/tildeclub/tilde.club/blob/master/docs/etc-skel-permissions.md).
## Email
The default MTA on CentOS is `postfix`. Our goal was to have a `localhost`-only mail service, which required that we configure `postfix` to listen only to `localhost`, and to bounce any email which local users try to send off-server. Both configuration changes are handled in `/etc/postfix/main.cf`.
* the `inet_interfaces` value should just be `localhost` (`inet_interfaces = localhost`)
* the `default_transport` parameter should be the bounce message we want (so add `default_transport = error: outside mail is not deliverable` to the bottom of the file)
### pine
Pine is sort of brain-dead about creating its `.addressbook` file in a user's home directory with `744` permissions; there doesn't appear to be an option to fix this. Instead, it's probably important to work around it before adding any new users:
1. Add `~/mail/` to `/etc/skel` with permissions `700` so that there's a user-accessible-only place for the file to live.
2. Create an `/etc/pine.conf` file that includes the config directive `address-book=mail/.addressbook` to put that file into this new home.
## identd
Users will connect from their shell account to an IRC server, so it is *very* handy to have an `identd` server. For us that just meant installing the standard CentOS `identd` server and configuring it to start automatically:
```
sudo yum install oidentd
sudo /etc/init.d/oidentd start
sudo chkconfig oidentd on
```
Reference in New Issue View Git Blame Copy Permalink