Date: Wed, 7 Aug 2002 22:27:01 -0400 From: Rich Kulawiec <rsk@magpage.com> To: FreeBSD Questions <freebsd-questions@FreeBSD.ORG> Subject: Re: There must be a better way to maintain older systems Message-ID: <20020808022701.GA2251@gsp.org> In-Reply-To: <ddbe48dd7dec.dd7decddbe48@mbox.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Aug 07, 2002 at 11:02:12AM +1000, BSD Freak wrote: > Am I missing something? (i.e. is there a better way?) I don't know if this is a better way, but it's *a* way. 1. I run various BSD flavor machines, plus Solaris, plus the odd Linux box here and there. 2. I keep a checklist (just a simple page of HTML that I can print out and scribble on) for each kind of system. It tells me what options to select on install and what manual steps I have to do post-install. For example, the checklist entry for OpenBSD says that I should do this post-install: Uncoment ddb.panic=0 in /etc/sysctl.conf and execute x sysctl ddb.panic sysctl -w ddb.panic=0 sysctl ddb.panic among a couple dozen other things. This makes it easy to build a machine from scratch -- or rebuild an existing one -- even if I'm tired or rushed, without forgetting that one little config file line someplace which will later drive me nuts. 3. I also keep lists of basic packages that I install on each OS (and basic patches) that track which are dependent on which. For example, one entry in that list says: radiusd-cistron-1.6.6, radiusniff-0.2, xradiusreport-0.3b6 meaning that I should install those together. 4. I try to use the packages supplied with each OS (whether as part of the distribution or via a site like sunfreeware.com). But if the packages aren't at the rev level I need; or if they're not compiled the way I want them; or if in my judgement they're so critical to my operation that I want to compile them myself, then I keep the source code trees around. 5. For each source code tree, I keep notes like this: bind-9.2.1 ./configure --disable-threads wget-1.7 ./configure --with-ssl=/usr/local/ssl --disable-nls so that I can quickly build them -- or quickly update them when the next version come out without trying to remember how I built them the last time. My idea of critical things (this week) is something like: bind, sendmail, apache, php, proftpd, ssh. 6. I use a combination of makefiles and shell scripts to build critical files like named.conf and sendmail's virtusertable. I also have the critical config files mailed to me daily so that I have off-machine copies very handy just in case. 7. I keep all this stuff under RCS so that I can undo my mistakes, or prod my memory if it needs it. (Basically 6 & 7 are self-defense as much as they are ease-of-use.) So in summary, what I've done isn't to automate this entirely, but to use a combination of limited automation and checklists to enable me to do a task like "build a new Debian web server" without having to think about it too much, since I've already (I hope) done enough to make it something of a no-brainer. The hardest part isn't using it -- the hardest part is having the discipline to go back and update it every time it turns out that something has been superseded or outdated or just turns out to be wrong. But after I've solved the same problem three times because I was too lazy to document it, I usually get around to noting it for future reference. ;-) ---Rsk To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020808022701.GA2251>