문서의 이전 판입니다!
미니 서버 운영 문서
서버 모델과 사양
모델: ZOTAC ZBOX CI320 nano ( 홈페이지)
- CPU: Intel Celeron N2930
- RAM: 8GB
- HDD: WD 1TB
lspci -v
00:00.0 Host bridge: Intel Corporation Atom Processor Z36xxx/Z37xxx Series SoC Transaction Register (rev 0e) Subsystem: ZOTAC International (MCO) Ltd. Atom Processor Z36xxx/Z37xxx Series SoC Transaction Register Flags: bus master, fast devsel, latency 0 Kernel modules: iosf_mbi 00:02.0 VGA compatible controller: Intel Corporation Atom Processor Z36xxx/Z37xxx Series Graphics & Display (rev 0e) (prog-if 00 [VGA controller]) DeviceName: Onboard IGD Subsystem: ZOTAC International (MCO) Ltd. Atom Processor Z36xxx/Z37xxx Series Graphics & Display Flags: bus master, fast devsel, latency 0, IRQ 7 Memory at d0000000 (32-bit, non-prefetchable) [size=4M] Memory at c0000000 (32-bit, prefetchable) [size=256M] I/O ports at f080 [size=8] Expansion ROM at <unassigned> [disabled] Capabilities: [d0] Power Management version 2 Capabilities: [90] MSI: Enable- Count=1/1 Maskable- 64bit- Capabilities: [b0] Vendor Specific Information: Len=07 <?> 00:12.0 SD Host controller: Intel Corporation Atom Processor Z36xxx/Z37xxx Series SDIO Controller (rev 0e) (prog-if 01) Subsystem: ZOTAC International (MCO) Ltd. Atom Processor Z36xxx/Z37xxx Series SDIO Controller Flags: bus master, fast devsel, latency 0, IRQ 47 Memory at d081a000 (32-bit, non-prefetchable) [size=4K] Memory at d0819000 (32-bit, non-prefetchable) [size=4K] Capabilities: [80] Power Management version 3 00:13.0 SATA controller: Intel Corporation Device 0f23 (rev 0e) (prog-if 01 [AHCI 1.0]) Subsystem: ZOTAC International (MCO) Ltd. Device b219 Flags: bus master, 66MHz, medium devsel, latency 0, IRQ 87 I/O ports at f070 [size=8] I/O ports at f060 [size=4] I/O ports at f050 [size=8] I/O ports at f040 [size=4] I/O ports at f020 [size=32] Memory at d0818000 (32-bit, non-prefetchable) [size=2K] Capabilities: [80] MSI: Enable+ Count=1/1 Maskable- 64bit- Capabilities: [70] Power Management version 3 Capabilities: [a8] SATA HBA v1.0 Kernel driver in use: ahci Kernel modules: ahci 00:14.0 USB controller: Intel Corporation Atom Processor Z36xxx/Z37xxx Series USB xHCI (rev 0e) (prog-if 30 [XHCI]) Subsystem: ZOTAC International (MCO) Ltd. Atom Processor Z36xxx/Z37xxx Series USB xHCI Flags: bus master, medium devsel, latency 0, IRQ 88 Memory at d0800000 (64-bit, non-prefetchable) [size=64K] Capabilities: [70] Power Management version 2 Capabilities: [80] MSI: Enable+ Count=1/8 Maskable- 64bit+ Kernel driver in use: xhci_hcd Kernel modules: xhci_hcd 00:17.0 SD Host controller: Intel Corporation Device 0f50 (rev 0e) (prog-if 01) Flags: bus master, fast devsel, latency 0, IRQ 44 Memory at d0817000 (32-bit, non-prefetchable) [size=4K] Memory at d0816000 (32-bit, non-prefetchable) [size=4K] Capabilities: [80] Power Management version 3 00:1a.0 Encryption controller: Intel Corporation Atom Processor Z36xxx/Z37xxx Series Trusted Execution Engine (rev 0e) Subsystem: ZOTAC International (MCO) Ltd. Atom Processor Z36xxx/Z37xxx Series Trusted Execution Engine Flags: bus master, fast devsel, latency 0, IRQ 23 Memory at d0500000 (32-bit, non-prefetchable) [size=1M] Memory at d0400000 (32-bit, non-prefetchable) [size=1M] Capabilities: [80] Power Management version 3 Capabilities: [a0] MSI: Enable- Count=1/1 Maskable- 64bit- 00:1b.0 Audio device: Intel Corporation Atom Processor Z36xxx/Z37xxx Series High Definition Audio Controller (rev 0e) Subsystem: ZOTAC International (MCO) Ltd. Atom Processor Z36xxx/Z37xxx Series High Definition Audio Controller Flags: bus master, fast devsel, latency 0, IRQ 22 Memory at d0810000 (64-bit, non-prefetchable) [size=16K] Capabilities: [50] Power Management version 2 Capabilities: [60] MSI: Enable- Count=1/1 Maskable- 64bit+ 00:1c.0 PCI bridge: Intel Corporation Device 0f48 (rev 0e) (prog-if 00 [Normal decode]) Flags: bus master, fast devsel, latency 0, IRQ 16 Bus: primary=00, secondary=01, subordinate=01, sec-latency=0 I/O behind bridge: 0000e000-0000efff Memory behind bridge: d0700000-d07fffff Capabilities: [40] Express Root Port (Slot+), MSI 00 Capabilities: [80] MSI: Enable- Count=1/1 Maskable- 64bit- Capabilities: [90] Subsystem: ZOTAC International (MCO) Ltd. Device b219 Capabilities: [a0] Power Management version 3 Kernel driver in use: pcieport 00:1c.1 PCI bridge: Intel Corporation Device 0f4a (rev 0e) (prog-if 00 [Normal decode]) Flags: bus master, fast devsel, latency 0, IRQ 17 Bus: primary=00, secondary=02, subordinate=02, sec-latency=0 I/O behind bridge: 00001000-00001fff Capabilities: [40] Express Root Port (Slot+), MSI 00 Capabilities: [80] MSI: Enable- Count=1/1 Maskable- 64bit- Capabilities: [90] Subsystem: ZOTAC International (MCO) Ltd. Device b219 Capabilities: [a0] Power Management version 3 Kernel driver in use: pcieport 00:1c.2 PCI bridge: Intel Corporation Device 0f4c (rev 0e) (prog-if 00 [Normal decode]) Flags: bus master, fast devsel, latency 0, IRQ 18 Bus: primary=00, secondary=03, subordinate=03, sec-latency=0 I/O behind bridge: 00002000-00002fff Memory behind bridge: d0600000-d06fffff Capabilities: [40] Express Root Port (Slot+), MSI 00 Capabilities: [80] MSI: Enable- Count=1/1 Maskable- 64bit- Capabilities: [90] Subsystem: ZOTAC International (MCO) Ltd. Device b219 Capabilities: [a0] Power Management version 3 Kernel driver in use: pcieport 00:1c.3 PCI bridge: Intel Corporation Device 0f4e (rev 0e) (prog-if 00 [Normal decode]) Flags: bus master, fast devsel, latency 0, IRQ 19 Bus: primary=00, secondary=04, subordinate=04, sec-latency=0 I/O behind bridge: 00003000-00003fff Capabilities: [40] Express Root Port (Slot+), MSI 00 Capabilities: [80] MSI: Enable- Count=1/1 Maskable- 64bit- Capabilities: [90] Subsystem: ZOTAC International (MCO) Ltd. Device b219 Capabilities: [a0] Power Management version 3 Kernel driver in use: pcieport 00:1d.0 USB controller: Intel Corporation Atom Processor Z36xxx/Z37xxx Series USB EHCI (rev 0e) (prog-if 20 [EHCI]) Subsystem: ZOTAC International (MCO) Ltd. Atom Processor Z36xxx/Z37xxx Series USB EHCI Flags: bus master, medium devsel, latency 0, IRQ 23 Memory at d0815000 (32-bit, non-prefetchable) [size=1K] Capabilities: [50] Power Management version 3 Capabilities: [58] Debug port: BAR=1 offset=00a0 Capabilities: [98] PCI Advanced Features Kernel driver in use: ehci-pci Kernel modules: ehci_pci 00:1f.0 ISA bridge: Intel Corporation Atom Processor Z36xxx/Z37xxx Series Power Control Unit (rev 0e) Subsystem: ZOTAC International (MCO) Ltd. Atom Processor Z36xxx/Z37xxx Series Power Control Unit Flags: bus master, medium devsel, latency 0 Capabilities: [e0] Vendor Specific Information: Len=0c <?> 00:1f.3 SMBus: Intel Corporation Device 0f12 (rev 0e) Subsystem: ZOTAC International (MCO) Ltd. Device b219 Flags: medium devsel, IRQ 10 Memory at d0814000 (32-bit, non-prefetchable) [size=32] I/O ports at f000 [size=32] Capabilities: [50] Power Management version 3 Kernel modules: i2c_i801 01:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 07) Subsystem: ZOTAC International (MCO) Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller Flags: bus master, fast devsel, latency 0, IRQ 89 I/O ports at e000 [size=256] Memory at d0704000 (64-bit, prefetchable) [size=4K] Memory at d0700000 (64-bit, prefetchable) [size=16K] Capabilities: [40] Power Management version 3 Capabilities: [50] MSI: Enable+ Count=1/1 Maskable- 64bit+ Capabilities: [70] Express Endpoint, MSI 01 Capabilities: [b0] MSI-X: Enable- Count=4 Masked- Capabilities: [d0] Vital Product Data Capabilities: [100] Advanced Error Reporting Capabilities: [140] Virtual Channel Capabilities: [160] Device Serial Number 01-00-00-00-68-4c-e0-00 Kernel driver in use: r8169 Kernel modules: r8169 03:00.0 Network controller: Intel Corporation Wireless 3160 (rev 83) Subsystem: Intel Corporation Dual Band Wireless-AC 3160 Flags: bus master, fast devsel, latency 0, IRQ 90 Memory at d0600000 (64-bit, non-prefetchable) [size=8K] Capabilities: [c8] Power Management version 3 Capabilities: [d0] MSI: Enable+ Count=1/1 Maskable- 64bit+ Capabilities: [40] Express Endpoint, MSI 00 Capabilities: [100] Advanced Error Reporting Capabilities: [140] Device Serial Number 30-3a-64-ff-ff-4f-b9-38 Capabilities: [14c] Latency Tolerance Reporting Capabilities: [154] Vendor Specific Information: ID=cafe Rev=1 Len=014 <?> Kernel driver in use: iwlwifi Kernel modules: iwlwifi
현재 젠투 리눅스 설치하여 사용 중이다. gentooserver에 이전에 아주 약간의 기록이 있긴 한데 그다지 많은 내용은 아니나 참고하시라.
서비스 목록은 다음과 같다.
- 아파치 서버
- PHP, wsgi (flask)
- Wordpress (http://changwoo.pe.kr)
- Dokuwiki (http://wiki.changwoo.pe.kr)
- ownCloud (http://cloud.changwoo.pe.kr)
- 토렌트 서버: transmission (http://changwoo.pe.kr:8112)
아파치2 SSL 구축
# apt-get install apache2 # a2enmod ssl # service apache2 restart # mkdir /etc/apache2/ssl # openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt # Common Name 에서 도메인 이름을 제대로 적어줄 것.
default-ssl 파일 조정. ServerAdmin, ServerName 올바르게 조정하고 바로 아래에,
SSLEngine On SSLCertificateFile /etc/apache2/ssl/apache.crt SSLCertificateKeyFile /etc/apache2/ssl/apache.key
그리고 사이트 열기.
# a2ensite default-ssl # service apache2 restart
여기서 서버가 제대로 동작하지 않으면, 에러 로그를 살펴 보자. Server should be SSL-aware but has no certificate configured [Hint: SSLCertificateFile]
이런 로그를 발견한다면 제대로 설정이 안 된 것이다.
가상 호스트 설정 또한 위와 마찬가지로 각각의 ServerName 마다 SSLEngine/SSLCertificateFile/SSLCertificateKeyFile 항목을 설정한다. 마지막으로 SSL에서도 VirtualHost를 하도록
NameVirtualHost *:443 Listen 443
설정도 추가한다.
이건 우분투 관련 설정이므로 적당히 고쳐서 써야 한다는 점 주의.
사운드 설정
$ sudo apt-get remove --purge alsa-base pulseaudio $ sudo apt-get install alsa-base pulseaudio $ sudo alsa force-reload
alsamixer 에서 MUTED 해제. 'MM'이라고 써져 있음 안됨.
블루투스 사용
# apt-get install bluez python-gobject python-dbus
블루투스 스피커를 사용해 보고 싶어 작업을 진행해 보았다. bluez, bluez-tools 패키지 설치. 설치 후 장비 검색 명령
$ hcitool scan Scanning ... 40:EF:4C:15:DF:B2 IA160 28:E3:47:83:C2:0A laptop
40:EF:4C:15:DF:B2
주소의 'IA160'이 내가 연결하고 싶은 블루투스 스피커이다.
서버에 사운드 설정을 하지 않아서 pulseaudio를 설치했다.
$ sudo apt-get install pulseaudio bluez-alsa $ sudo update-rc.d pulseaudio defaults $ sudo update-rc.d bluetooth defaults
bluetooth_sound 문서에서 기록
BitTorrent Sync 사용
vagrant와 이를 이용한 virtual machine 내역을 공유하기 위하여 NAS에 BitTorrent Sync를 이용해 보았다. 대용량 파일 변화 감지에 매우 유용하므로, 꽤 괜찮은 선택이 될 듯하다.
우선 이전 btsyncforrpi 문서에 많은 내용이 우선 기록되어 있다. 문서를 작성하는 2015년 11월까지도 리눅스는 별도의 GUI는 제공하지 않으므로, 데스크탑에서는 적당히 btsync를 꺼내 쓰면 될 것 같다.
NAS Config
별도의 사용자 btsync를 만들고 홈디렉토리에 .sync 디렉토리를 생성하고 여기에 모든 설정 파일등을 집어 넣는 식으로 작성하였다 이와 관련해서는 이전 문서를 참고.
{ "device_name": "MiniServer", "listening_port" : 0, // 0 - randomize port /* storage_path dir contains auxilliary app files if no storage_path field: .sync dir created in the directory where binary is located. otherwise user-defined directory will be used */ "storage_path" : "/home/btsync/.sync", /* set location of pid file */ "pid_file" : "/home/btsync/.sync/btsync.pid", /* use UPnP for port mapping */ "use_upnp" : true, /* limits in kB/s. 0 - no limit */ "download_limit" : 0, "upload_limit" : 0, /* proxy configuration */ // "proxy_type" : "socks4", // Valid types: "socks4", "socks5", "http_connect". Any other value means no proxy // "proxy_addr" : "192.168.1.2", // IP address of proxy server. // "proxy_port" : 1080, // "proxy_auth" : false, // Use authentication for proxy. Note: only username/password for socks5 (RFC 1929) is supported, and it is not really secure // "proxy_username" : "user", // "proxy_password" : "password", "webui" : { "listen" : "0.0.0.0:8888" // remove field to disable WebUI /* preset credentials. Use password or password_hash */ // ,"login" : "admin" // ,"password" : "password" // ,"password_hash" : "some_hash" // password hash in crypt(3) format // ,"allow_empty_password" : false // Defaults to true /* ssl configuration */ // ,"force_https" : true // disable http // ,"ssl_certificate" : "/path/to/cert.pem" // ,"ssl_private_key" : "/path/to/private.key" /* directory_root path defines where the WebUI Folder browser starts (linux only). Default value is / */ // ,"directory_root" : "/home/user/MySharedFolders/" /* directory_root_policy defines how directory_root is used (linux only). Valid values are: "all" - accepts directory_root and its subdirectories for 'getdir' and 'adddir' actions "belowroot" - accepts directory_root's subdirectories for 'getdir' and 'adddir' actions, but denies attempts to use 'adddir' to create directories directly within directory_root Default value is "all". */ // ,"directory_root_policy" : "all" /* dir_whitelist defines which directories can be shown to user or have folders added (linux only) relative paths are relative to directory_root setting */ // ,"dir_whitelist" : [ "/home/user/MySharedFolders/personal", "work" ] } /* !!! if you set shared folders in config file WebUI will be DISABLED !!! shared directories specified in config file override the folders previously added from WebUI. */ , "shared_folders" : [ /* { "secret" : "MY_SECRET_1", // required field - use --generate-secret in command line to create new secret "dir" : "/home/user/bittorrent/sync_test", // * required field "use_relay_server" : true, // use relay server when direct connection fails "use_tracker" : true, "use_dht" : false, "search_lan" : true, "use_sync_trash" : true, // enable SyncArchive to store files deleted on remote devices "overwrite_changes" : false, // restore modified files to original version, ONLY for Read-Only folders "known_hosts" : // specify hosts to attempt connection without additional Dsearch [ "192.168.1.2:44444" ] } */ { "secret" : "<code>", "dir" : "/home/btsync/<path>", "use_relay_server" : true, "use_tracker" : true, "search_lan" : true, "use_sync_trash" : true, "overwrite_changes" : false, "known_hosts" : [ "192.168.0.4:48867" ] } ] /* Advanced preferences can be added to config file. Info is available at "http://help.getsync.com/customer/portal/articles/1902048-sync-advanced-preferences--more-options" For example see folder_rescan_interval below */ // "folder_rescan_interval" : "86400" }
이 정도 예로 만들면 될 것 같다. 아래는 우분투에서 쓸 init script
#!/bin/sh ### BEGIN INIT INFO # Provides: btsync # Required-Start: $local_fs $remote_fs # Required-Stop: $local_fs $remote_fs # Should-Start: $network # Should-Stop: $network # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Multi-user daemonized version of btsync. # Description: Starts the btsync daemon for all registered users. ### END INIT INFO # Replace with linux users you want to run BTSync clients for BTSYNC_USERS="btsync" DAEMON=/usr/local/bin/btsync start() { for btsuser in $BTSYNC_USERS; do HOMEDIR=`getent passwd $btsuser | cut -d: -f6` config=$HOMEDIR/.sync/config.json if [ -f $config ]; then echo "Starting BTSync for $btsuser" start-stop-daemon -b -o -c $btsuser -S -u $btsuser -x $DAEMON -- --config $config else echo "Couldn't start BTSync for $btsuser (no $config found)" fi done } stop() { for btsuser in $BTSYNC_USERS; do dbpid=`pgrep -fu $btsuser $DAEMON` if [ ! -z "$dbpid" ]; then echo "Stopping btsync for $btsuser" start-stop-daemon -o -c $btsuser -K -u $btsuser -x $DAEMON fi done } status() { for btsuser in $BTSYNC_USERS; do dbpid=`pgrep -fu $btsuser $DAEMON` if [ -z "$dbpid" ]; then echo "btsync for USER $btsuser: not running." else echo "btsync for USER $btsuser: running (pid $dbpid)" fi done } case "$1" in start) start ;; stop) stop ;; restart|reload|force-reload) stop start ;; status) status ;; *) echo "Usage: /etc/init.d/btsync {start|stop|reload|force-reload|restart|status}" exit 1 esac exit 0