[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Instructions : host multiple unrelated companies on a server



Please find detailed instructions, including configuration file snippets, attached as a text file.

Thanks.
Brian

Brian Wolf
Phone: 410.367.2958
Email: ..hidden..
Try out Activus Secure Payments™, our recurring payments application.
On 09/20/2012 10:50 AM, Håvard Sørli wrote:
On 20. sep. 2012 02:21, Brian Wolf wrote:
Thanks to Håvard et al, problem has been resolved.  We're up and
running, hosting multiple (unrelated) companies.
Could you give a short description on how you did the install on CentOS 
release 5.7 (Final) with psql (PostgreSQL) 8.4.11? I would like to post 
it on http://www.ledgersmb.org/faq

Your settings in /etc/sysconfig/pgsql  ?

What about your pg_hba.conf ?
http://www.postgresql.org/docs/8.4/static/auth-pg-hba-conf.html
http://wiki.postgresql.org/wiki/Client_Authentication

What about SELinux ?
"default SELinux configuration in recent Red Hat releases will prevent 
the postmaster daemon from writing anywhere except /var/lib/pgsql/data"
http://wiki.postgresql.org/wiki/PostgreSQL_on_RedHat_Linux

one url on the subject:
http://blog.2ndquadrant.com/install_multiple_postgresql_servers_redhat_linux/


How to set up an additional, independent company to run LedgerSMB

Reference:
http://permalink.gmane.org/gmane.comp.finance.ledger.smb.user/6243


PostgreSQL:
--------------------
1.Create a new PostgreSQL instance.

sudo -u postgres initdb -D /var/lib/pgsql/data-acme

where acme is the customer's name.


2. Edit /var/lib/pgsql/data-acme/postgresql.conf to listen on a different port

3. Copy pg_hba.conf from a stock version.
Make sure the web server's IP address and my office IP address are permitted via md5.
Possibly add the customer's IP address, too.

4. Edit startup scripts.
(a). Copy /etc/init.d/postgresql
(i.e. the one that is run by "service postgresql restart")
and name it based on what you name the conf file in /etc/sysconfig/pgsql/

cd /etc/init.d/
cp postgresql acme

(b). Modify
chkconfig --add acme

(c). Make sure /etc/sysconfig/pgsql/acme.conf exists
and has correct parameters, particularly the port setting.

5. Create a user and database:

CREATE USER joe password 'secret_password';
CREATE DATABASE acme OWNER joe;

[...not sure whether the next two instructions are necessary; setup.pl probably handles them...]
CREATE SCHEMA acme AUTHORIZATION joe;
ALTER USER joe SET search_path TO acme;

6. Edit pg_hba.conf

7. Edit postgresql.conf in the data directory and change:
listen_addresses = '*'
When you do this, postgres will now listen on the port for all incoming TCP sessions.

8. Highly recommended:
Firewall off that port so that it is only accessible from known systems
(e.g. lsmb.activustech.com and your office systems).

9. Start PostgreSQL
su postgres
pg_ctl start -D /var/lib/pgsql/data-acme


LedgerSMB:
--------------------
1. Copy the LedgerSMB directory to a new one
(eg, lsmb-demo to lsmb-acme)
and alter the ledgersmb.conf to point at the new port number.

2. Re-generate a new configuration for this service.
This can be done by by running sed on the existing configuration file
(in /etc/httpd/conf.d on Red Hat-like systems) to change one directory to another,
and outputting that to a new file.

3. Restart Apache
service httpd restart

4. Create the database
https://ledgersmb.biz/acme/setup.pl


Configuration files:
--------------------
1. postgresql

# Set defaults for configuration variables
PGENGINE=/usr/bin
PGPORT=5433
PGDATA=/var/lib/pgsql/data-acme
PGLOG=/var/lib/pgsql/pgstartup-acme.log

# Override defaults from /etc/sysconfig/pgsql if file is present
[ -f /etc/sysconfig/pgsql/${NAME} ] && . /etc/sysconfig/pgsql/${NAME}.conf

2. pg_ident.conf

# MAPNAME     SYSTEM-USERNAME    PG-USERNAME
special       root               postgres

3. pg_hba.conf

NOTE: 192.168.1.100 is the IP address of the web server
where LedgerSMB code resides.  193.169.2.200 is the company's
IP address.  It was added so a tool like pgAdmin III can be used.

# "local" is for Unix domain socket connections only
local   all         postgres                          ident map=special
local   all         all                               ident

# IPv4 local connections:
host    all         all         192.168.1.100/32      md5
host    all         all         193.169.2.200/32      md5
host    all         all         127.0.0.1/32          md5

# IPv6 local connections:
host    all         all         ::1/128               ident

4. acme.conf

PGENGINE=/usr/bin
PGPORT=5433
PGDATA=/var/lib/pgsql/data-acme
PGLOG=/var/lib/pgsql/pgstartup-acme.log