Page 1 of 25 123411 ... LastLast
Results 1 to 25 of 603
  1. #1
    Join Date
    Nov 2009
    Location
    Cheltenham, UK
    Posts
    1,416

    Centmin - a low memory CentOS install script

    We're recently been re-working our CentOS install script so that it does the following:

    - Updates any already installed software (via YUM)
    - Secures /tmp (and /var/tmp)
    - Installs a limited selection of development tools (C, C++ compilers, autoconf, automake and pkgconfig)
    - Sets local timezone
    - Installs Nginx, MySQL, PHP 5.3.3 (/w FPM)
    - Installs NSD (DNS Server, alternative to BIND etc.)
    - Installs NTP to sync clock time - though obviously not on OpenVZ VPS (as you can not set the time on OpenVZ)
    - Installs SendMail

    There are a few last tweaks/bugfixes that need to be made, however I was wondering if anyone find this useful when it's done?
    If so, I will put it up on our site - though it will probably be in a day or two.

    For anyone interested, with the above installed and running it's currently using less than 50MB RAM (running CentOS 5.5 32bit on a Xen PV VPS).

    I am happy to announce that Centmin is now publicly available.

    Firstly, make sure that you read the readme.txt
    Secondly, 4 hours and two further revisions later, everything is now working fine.

    You can grab the script from here - enjoy
    Last edited by Quartz; 09-17-2010 at 03:20 PM.
    Ben Thomas, Director - BTCentral Web Development Services
    http://www.btcentral.org.uk - Need a custom Web App? Visit us online.

  2. #2
    Join Date
    Jun 2010
    Posts
    474
    Sure please share it, I guess it's a reworded LEA Debian script?

  3. #3
    Join Date
    Nov 2009
    Location
    Cheltenham, UK
    Posts
    1,416
    Quote Originally Posted by Kurikami View Post
    Sure please share it, I guess it's a reworded LEA Debian script?
    No, it's actually been made in-house from scratch.

    And in that case I will try to get it finished off either this evening, or tomorrow (depending on my free time) and get it uploaded (with a readme/howto).
    Ben Thomas, Director - BTCentral Web Development Services
    http://www.btcentral.org.uk - Need a custom Web App? Visit us online.

  4. #4
    Join Date
    May 2007
    Location
    Internet
    Posts
    661
    I'd love to see it
    SunShell™ Hosting
    Shared, Reseller, Master Reseller,VPS and Dedicated Server Hosting since 2006

  5. #5
    Join Date
    Feb 2004
    Location
    Sacramento CA
    Posts
    3,513
    = ) you know I would fine it useful! Good job Ben.

  6. #6
    Join Date
    Apr 2009
    Location
    inside wht
    Posts
    746
    Is it install The os is a fresh server , or just update an already installed os ?
    24x7 PROACTIVE SERVER MANAGEMENT | OUTSOURCED WEB HOSTING SUPPORT
    Sales : sales @ syslint.com | Call us : (+91)9447607799 | Are you looking for DevOps Admins ?

  7. #7
    Join Date
    Nov 2009
    Location
    Cheltenham, UK
    Posts
    1,416
    Quote Originally Posted by vcPanel View Post
    Is it install The os is a fresh server , or just update an already installed os ?
    It's something that personally I would normally install on a freshly installed CentOS server, however it can also be run on a server that has already been setup - as you have the option to enable/disable the various software installation options, and answer yes or no to the questions it asks you.

    Obviously for best results it would be used on a minimal CentOS template.

    ---

    I am about to wipe our test VPS and check that v1.0.1 is working properly, if there are not any problems with it this will be the version that is initially released.
    While I spent some time fixing various issues yesterday evening, by the time I had finished it had gone 1am, so did not get round to testing it then.

    This means hopefully assuming everything works OK then I will get the time to write up some documentation for it this evening, if not it should be tomorrow evening this gets uploaded by at the latest.
    Ben Thomas, Director - BTCentral Web Development Services
    http://www.btcentral.org.uk - Need a custom Web App? Visit us online.

  8. #8
    Join Date
    May 2008
    Location
    Germany
    Posts
    680
    Thanks a lot for sharing this script Ben!
    CoderJosh | Web Application Developer and Linux Server Admin
    █ Web & Mobile App Coding | Troubleshooting | Tuning | Hardening | SysAdmin Services
    https://www.coderjosh.com/

  9. #9
    Looks like a great script, ill try it out soon. a few questions though

    1. Will this work with CentOS 5.5 ?
    2. whats the RAM usage of this setup?
    3. Any recommended minimal CentOS template?
    4. Any specific reason why you used NSD over BIND ?


    Also I would recommend adding an option for Nginx to choose latest development or stable release.

  10. #10
    Join Date
    Nov 2009
    Location
    Cheltenham, UK
    Posts
    1,416
    Quote Originally Posted by CoderJosh View Post
    Thanks a lot for sharing this script Ben!
    No problem.

    Quote Originally Posted by Dregond Rahl View Post
    Looks like a great script, ill try it out soon. a few questions though

    1. Will this work with CentOS 5.5 ?
    2. whats the RAM usage of this setup?
    3. Any recommended minimal CentOS template?
    4. Any specific reason why you used NSD over BIND ?
    1. Of course - it's been tested on CentOS 5.3, 5.4 and 5.5 (32 and 64bit) - but it should work just fine with all versions of CentOS 5.

    2. Depends on what other services you have running, but on its own, around the 50-60MB RAM mark (it uses 47MB on our Xen PV VPS, where as around 60MB on our OpenVZ VPS in testing) - to disable unneeded services, see here.

    3. OpenVZ (CentOS minimal under Contributed templates), Xen, Dedicated server.
    Alternatively, the following providers I have used have actual minimal templates: ramhost, ThrustVPS, niXcom - I think both Server Complete, and Delimiter do too, but can not remember.

    4. Simple BIND is a memory hog, NSD is not - that and NSD uses BIND zone files (which keeps things simple for me).

    Bind running 12 zones:
    116020 VSZ / 31452 RSS (113.3 MB VSZ/30.7 MB RSS)

    NSD running the same 12 zones:

    VSZ RSS
    14168 924
    21032 852
    14340 628

    (48.3 MB VSZ/2.3 MB RSS overall)

    Where RSS is physical memory used, VSZ being the virtual memory used.


    Quote Originally Posted by Dregond Rahl View Post
    Also I would recommend adding an option for Nginx to choose latest development or stable release.
    Done - v1.0.4 released (grab it here), updated the readme.txt, added "NGINX_VERSION" flag (line 23).
    To use the development version instead simply change it to read: NGINX_VERSION='0.8.50'
    Last edited by BTCentral - Ben; 09-16-2010 at 06:34 AM.
    Ben Thomas, Director - BTCentral Web Development Services
    http://www.btcentral.org.uk - Need a custom Web App? Visit us online.

  11. #11
    Join Date
    Apr 2009
    Posts
    481
    Ben, thanks for contributing this script to the community it looks good.
    Unfortunately in my testing both nginx and nsd were not installed correctly in either 32 or 64 bit test runs. Is it just me or has someone else found the same issue? I can only assume it's due to a missing dependency since you're compiling both?

  12. #12
    Join Date
    Nov 2009
    Location
    Cheltenham, UK
    Posts
    1,416
    Quote Originally Posted by RavC View Post
    Ben, thanks for contributing this script to the community it looks good.
    Unfortunately in my testing both nginx and nsd were not installed correctly in either 32 or 64 bit test runs. Is it just me or has someone else found the same issue? I can only assume it's due to a missing dependency since you're compiling both?
    Hi RavC, thanks for the feedback.

    Any chance getting a log of any of the errors? - I have tried it on multiple VPS providers under both 64bit and 32bit environments so the only thing I can think of that would be causing that is as you said, a missing dependency that for whatever reason is not installed on your templates but on all the other minimal templates I have used.

    If you can provide a log, hopefully we can work out what is missing and add it to the development tools list.
    Ben Thomas, Director - BTCentral Web Development Services
    http://www.btcentral.org.uk - Need a custom Web App? Visit us online.

  13. #13
    Join Date
    Nov 2009
    Location
    Cheltenham, UK
    Posts
    1,416
    Meant to say - you can log the script output easily this way:
    source centmin.sh 2>&1 | tee centmin.log

    Thanks!
    Ben Thomas, Director - BTCentral Web Development Services
    http://www.btcentral.org.uk - Need a custom Web App? Visit us online.

  14. #14
    Join Date
    Sep 2010
    Posts
    77
    alot of people can make good use of it, especially the starters.

  15. #15
    Join Date
    May 2007
    Location
    Internet
    Posts
    661
    Thank you very much for this contribution. I am playing with nginx/php-fpm/bind since a month and I think this will help me.
    I am going to try this now.


    Any chance you could add mail server ?
    SunShell™ Hosting
    Shared, Reseller, Master Reseller,VPS and Dedicated Server Hosting since 2006

  16. #16
    Thank you sharing the script and making it Gpl.
    Now I feel good for buying some cheap vps. I can try the script easily :-)
    Will let you know how it goes..

  17. #17
    Join Date
    Mar 2008
    Location
    Suffolk, England.
    Posts
    647
    Very, very useful script - thanks a lot for sharing it! Testing it out on a few other servers to test compatibility but so far everything's great!
    NetHosted Ltd. - UK Based Web Hosting
    Like us on Facebook!

  18. #18
    Join Date
    Nov 2009
    Location
    Cheltenham, UK
    Posts
    1,416
    Quote Originally Posted by qualityhostings View Post
    Any chance you could add mail server ?
    I am afraid not at this stage - we want to make sure that it is actually working properly for everyone before thinking about expanding the features of it.

    It's open source though, so if you're up to it - feel free to add one yourself

    Quote Originally Posted by nmridul View Post
    Thank you sharing the script and making it Gpl.
    Now I feel good for buying some cheap vps. I can try the script easily :-)
    Will let you know how it goes..
    Best of luck, hope it helps you out!

    Quote Originally Posted by BretW View Post
    Very, very useful script - thanks a lot for sharing it! Testing it out on a few other servers to test compatibility but so far everything's great!
    No problem, and great to hear - let me know if you run into any bugs (preferably via the contact us form on the website, rather than PM) and I will fix them.
    Ben Thomas, Director - BTCentral Web Development Services
    http://www.btcentral.org.uk - Need a custom Web App? Visit us online.

  19. #19
    Quote Originally Posted by BTCentral - Ben View Post
    No problem.



    1. Of course - it's been tested on CentOS 5.3, 5.4 and 5.5 (32 and 64bit) - but it should work just fine with all versions of CentOS 5.

    2. Depends on what other services you have running, but on its own, around the 50-60MB RAM mark (it uses 47MB on our Xen PV VPS, where as around 60MB on our OpenVZ VPS in testing) - to disable unneeded services, see here.

    3. OpenVZ (CentOS minimal under Contributed templates), Xen, Dedicated server.
    Alternatively, the following providers I have used have actual minimal templates: ramhost, ThrustVPS, niXcom - I think both Server Complete, and Delimiter do too, but can not remember.

    4. Simple BIND is a memory hog, NSD is not - that and NSD uses BIND zone files (which keeps things simple for me).

    Bind running 12 zones:
    116020 VSZ / 31452 RSS (113.3 MB VSZ/30.7 MB RSS)

    NSD running the same 12 zones:

    VSZ RSS
    14168 924
    21032 852
    14340 628

    (48.3 MB VSZ/2.3 MB RSS overall)

    Where RSS is physical memory used, VSZ being the virtual memory used.




    Done - v1.0.4 released (grab it here), updated the readme.txt, added "NGINX_VERSION" flag (line 23).
    To use the development version instead simply change it to read: NGINX_VERSION='0.8.50'
    Thanks for the information and the update! ill try it out as soon as I get my test VPS ready.

    Personally I think you should also add a MailServer as suggested if its not too much trouble, maybe even phpmyadmin. Either case once I test it out and i'll give you a report.

    Most of the OpenVZ templates are pretty old, but your script updates the OS so it should work out anyways.

    Thanks for this script, i'm surprised no-one has added something similar to WHT sooner!


  20. #20
    Join Date
    Jun 2010
    Posts
    474
    Quote Originally Posted by Dregond Rahl View Post
    Thanks for the information and the update! ill try it out as soon as I get my test VPS ready.

    Personally I think you should also add a MailServer as suggested if its not too much trouble, maybe even phpmyadmin. Either case once I test it out and i'll give you a report.

    Most of the OpenVZ templates are pretty old, but your script updates the OS so it should work out anyways.

    Thanks for this script, i'm surprised no-one has added something similar to WHT sooner!

    Not a WHT exclusive, but the admin of lowendbox.com has made a good Debian script some time ago.

    http://www.lowendbox.com/blog/wordpr...-lowendscript/

  21. #21
    Join Date
    Nov 2009
    Location
    Cheltenham, UK
    Posts
    1,416
    Quote Originally Posted by RavC View Post
    Ben, thanks for contributing this script to the community it looks good.
    Unfortunately in my testing both nginx and nsd were not installed correctly in either 32 or 64 bit test runs. Is it just me or has someone else found the same issue? I can only assume it's due to a missing dependency since you're compiling both?
    RavC noticed after running the script again it was due to not installing the "make" package - most minimal installs already have this it seems, but not all of them.
    This has now been added to the script, and I have tested it on one of their VPS - everything seems to be working fine now

    Just grab v1.0.5 from here if you're having problems.
    Last edited by BTCentral - Ben; 09-17-2010 at 11:34 AM.
    Ben Thomas, Director - BTCentral Web Development Services
    http://www.btcentral.org.uk - Need a custom Web App? Visit us online.

  22. #22
    Join Date
    Feb 2004
    Location
    Sacramento CA
    Posts
    3,513
    Ben,

    you and RavC working on something could be dangerous! ; ) As soon as I have time I'm going to try running this on my test accounts.

  23. #23
    Quote Originally Posted by BTCentral - Ben View Post
    RavC noticed after running the script again it was due to not installing the "make" package - most minimal installs already have this it seems, but not all of them.
    This has now been added to the script, and I have tested it on one of their VPS - everything seems to be working fine now

    Just grab v1.0.5 from here if you're having problems.


    I'm probably asking too much, but would it be possible to add further security to this script? like a firewall, folder permissions, securing SSH, rkhunter or something?
    Last edited by Dregond Rahl; 09-17-2010 at 12:56 PM.

  24. #24
    Join Date
    Nov 2009
    Location
    Cheltenham, UK
    Posts
    1,416
    Quote Originally Posted by Dregond Rahl View Post
    I'm probably asking too much, but would it be possible to add further security to this script? like a firewall, folder permissions, securing SSH, rkhunter or something?
    I'm looking for more people to report back on if it actually works for them or not first, but I was planning on adding an option to install CSF (as that is something we use on all our servers) too.
    Securing SSH would not be hard, again that is something we do too. rkhunter? Probably... we don't actually use it, but if it doesn't take too long to implement I don't see why not.

    What exactly would you be looking for in the way of folder permissions? It already secures /tmp and /var/tmp.

    I registered the centmin.com domain yesterday, as I figured it might turn into a larger project (though have not done anything with it yet)
    The only thing I would say right now is, bear in mind this is something I am working on in my spare time.
    Last edited by BTCentral - Ben; 09-17-2010 at 03:16 PM.
    Ben Thomas, Director - BTCentral Web Development Services
    http://www.btcentral.org.uk - Need a custom Web App? Visit us online.

  25. #25
    Quote Originally Posted by BTCentral - Ben View Post
    I'm looking for more people to report back on if it actually works for them or not first, but I was planning on adding an option to install CSF (as that is something we use on all our servers) too.
    Securing SSH would not be hard, again that is something we do too. rkhunter? Probably... we don't actually use it, but if it doesn't take too long to implement I don't see why not.

    What exactly would you be looking for in the way of folder permissions? It already secures /tmp and /var/tmp.

    I registered the centmin.com domain yesterday, as I figured it might turn into a larger project (though have not done anything with it yet)
    The only thing I would say right now is, bear in mind this is something I am working on in my spare time.
    A good combo would be CSF + LFD (Auto whitelist installing user IP?), maybe logwatch but it needs some configuration. chkrootkit and rkhunter are both rootkit checkers, although not very useful usually it doesn't hurt to configure it to run nightly and send an email to report things.

    I'm not sure about DDos protection as I usually use cPanel/Apache, so not to firmilar with what works with Nginx, however Nginx can handle most attacks.

    Hardening SSH and the mailserver would be good too, as for folder permissions, I think it would be hard configuring SElinux and not sure how much memory it will consume, so better scratch that.

Page 1 of 25 123411 ... LastLast

Similar Threads

  1. Perfect CentOs Server Setup (Low Memory)
    By skoobi2 in forum VPS Hosting
    Replies: 9
    Last Post: 07-20-2010, 10:16 AM
  2. Replies: 2
    Last Post: 06-12-2009, 11:31 PM
  3. Script Install service, very low rates!
    By Justin in forum Employment / Job Offers
    Replies: 0
    Last Post: 12-17-2006, 07:10 PM
  4. centos:apache,php, yum install or source install?
    By cchere in forum Hosting Security and Technology
    Replies: 2
    Last Post: 08-29-2006, 05:14 PM
  5. How do I install GD on a default CentOS 4.x install?
    By Fabalo.com in forum Hosting Security and Technology
    Replies: 3
    Last Post: 02-12-2006, 11:43 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •