Server Linux configuration

From PowerFolder Wiki
Jump to: navigation, search

Contents

Preface

This article addresses configuration settings required to host a PowerFolder Server on Linux.

Java

Make sure Java version 1.6.0 or higher is installed and used by default. Test this by executing "java -version" from the command line. Java is available for all major platforms and can be downloaded for free at http://www.java.com


Hostname

Own server hostname (server.company.com) must not resolve to 127.0.0.1. Please check /etc/hosts.


UTF-8 file system encoding

Allows storing of non-ASCII filenames, e.g. German ÄÖÜß.

Please try to set this in your bash profile or in the script you start PowerFolder with: 

export LC_ALL=en_US.UTF-8
export LANG=en_US.UTF-8

If it's already in there, please also check if the UTF8 support for filesystems is enabled in your kernel configuration.

In the Linux Kernel menu config, you can find it here:

File systems -> Native language support -> Set "Default NLS Option" to "UTF8" and check "NLS UTF-8" at the end of the list.

Rotate logs

To rotate the debug log files you can add the following commands to your crontab (crontab -e), to have log files from the day before gzipped and older logs than 14 days deleted automatically (just adjust the path to your PowerFolder debug directory): 

15 0 * * * find /home/username/powerfolder/debug/ -mmin +10 -type f -name "*log.txt" -exec gzip {} \; >/dev/null 2>&1

30 0 * * * find /home/username/powerfolder/debug/ -mtime +14 -type f -name "*log.txt.gz" -exec rm {} \; >/dev/null 2>&1
logrotate script

The below configuration for the famous logrotate program on Linux has been submitted by Benedikt Wegmann from GWDG. You have to place it in /etc/logrotate.d and link the logs dir to /var/log/powerfolder/. 

/var/log/powerfolder/PowerFolder-*-log.txt {
	daily
	missingok
	maxage 7
	compress
	nocreate
}

/var/log/powerfolder/ReportAccountsRemove-*-log.txt {
        daily
        missingok
        maxage 7
        compress
        nocreate
}

File handles limit

Solves error message: "Too many open files"

TODO. contact us.

inotify/User watches limit

Fixes the problem "Error watching /mnt/PowerFolders/myfolder : No space left on device" although there is enough space available. This is caused by too less inotify watches.

Fix (temporary):

echo '16384' > /proc/sys/fs/inotify/max_user_watches

Fix (permanent):

echo 'fs.inotify.max_user_watches=16384' >> /etc/sysctl.conf

Apache Proxy / SSL encryption

It is possible to SSL encrypted HTTP/web connections to PowerFolder Server via an Apache web server for load balancing or security reasons. However PowerFolder Server has a built-in web server which supports SSL, so setting up Apache is optional.

It is also required to change the server configuration file entry "web.base.url".

Requires:

  • Apache V 2.2 web server. In general this software is bundled with your Linux distribution.
  • An valid certificate. NOTE: PowerFolder clients won't work with an invalid or self generated certificates.

Setup example:

  • Hostname: server.company.com
  • IP: 1.2.3.4
  • PowerFolder web port: 8080
  • PowerFolder server config entry: web.base.url=https://server.company.com
  • Apache web ports: 80 and 443 (SSL)

Add the following entries to the apache configuration file: 


# Put this after the other LoadModule directives
LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so
LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so

# Put this in the main section of your configuration (or desired virtual host, if using Apache virtual hosts)
ProxyRequests Off
ProxyPreserveHost On

<Proxy *>
   Order deny,allow
   Allow from all
</Proxy>

<VirtualHost *:80>
       ServerAdmin hostmaster@company.com
       ServerName server.company.com
       ProxyPass               /rpc                    http://1.2.3.4:8080/rpc
       ProxyPassReverse        /rpc                    http://1.2.3.4:8080/rpc
       ProxyPass               /rpc                    !
       ProxyPass               /                       http://1.2.3.4:8080/
       ProxyPassReverse        /                       http://1.2.3.4:8080/
</VirtualHost>
Listen 1.2.3.4:443
<VirtualHost 1.2.3.4:443>
       ServerAdmin hostmaster@company.com
       ServerName server.company.com
       SSLEngine  On
       SSLCACertificateFile   /etc/apache2/ssl/mykeyfile.ca-bundle
       SSLCertificateFile     /etc/apache2/ssl/mykeyfile.crt
       SSLCertificateKeyFile  /etc/apache2/ssl/mykeyfile.key
       SSLCipherSuite ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
       ProxyPass               /rpc                    http://1.2.3.4:8080/rpc
       ProxyPassReverse        /rpc                    http://1.2.3.4:8080/rpc
       ProxyPass               /rpc                    !
       ProxyPass               /                       http://1.2.3.4:8080/
       ProxyPassReverse        /                       http://1.2.3.4:8080/
</VirtualHost>

The SSL-configuration lines may differ depending on your SSL Provider. Please take a look at the Apache mod_ssl documentation for more details.

Retrieved from "http://www.powerfolder.com/w/index.php?title=Server_Linux_configuration&oldid=3642"
Personal tools
Navigation