Archive for July, 2006 (AKA nnwww), step 2

Monday, July 24th, 2006

After some more talk on #bsddocs (@EFnet), with many ideas for names for the new web-server, I decided on sky based on bluesky which erwin@ suggsted. bluesky just seemed so long to type all the time… :-). DNS has been updated so is the new official name.

The jail containing the static web pages is now mostly working, though it still need more magic in the apache configuration for all the reverse proxy, aliases etc. being done on the current setup. People have suggested using various other smaller web servers, but due to all the magic configuration we have that’s just not possible.

The cgi jail is also configured and most CGI script now works. That said I’m sure some tweaking is still needed to get all to run. In the process I also found one script which should have been removed long ago, so that has now been removed from CVS.

To take some of the load of the server for CGI scripts we use squid as a reverse proxy / HTTP accelerator. The reverse proxy jail, and the squid proxy within it, is also set up and working. In the latest stable squid version they changed how to set up a HTTP accelerator but they haven’t yet updated most of the documentation, so it took a bit of time find out out how to configure it (and I’m still not entirely sure I did it right, even if it works…).

peter@ got the firewall updated to allow traffic to the static and cgi jails, so basically all external requirements is done, and I just need to finish it all., step 1

Sunday, July 16th, 2006

The work on nnwww is continuing. I’m trying to find a better name of the box, but so far no genius names have been found, though the members of #bsddocs had some… interesting suggestions. and were both discarded…

The rest of the FreeBSD 4 -> 6 migration was rather painless and there were basically no problems related to the upgrade itself. That said, I did spent some time doing silly things, which took some hours to track down as just me doing silly things.

I have now started with the jail setup. This will be done with “lightweight” jails where most parts are shared via read-only nullfs mounts to (hopefully) make it less painful to maintain. Basically each “major” service will be put in its own jail.

So far the “cvsup” and “build” jails are partially ready. The cvsup jail continuously keeps the local CVSup mirror updated and build jail simply contains the build of the www/ repository. Other builds (like portaudit-db) will probably be added to build jail later.

The “static” and “cgi” jails which will be hosting the web servers for the static pages and the CGI scripts are created, but not yet configured., step 0

Thursday, July 13th, 2006

The current main FreeBSD web server ( is not very fast by today’s standards (dual 800MHz) and for years it has been suffering from some hardware issues (bad RAM), causing it to crash from time to time, so it has been due for replacement for some time.

A few month ago the main FreeBSD CVS server (repoman) was replaced with a faster system and “I” got the old server to use as a new replacement. Even though the old repoman was not quite fast enough to handle the load put on it as a CVS/Perforce server it’s still a dual 2.4GHz Intel XEON with 2GB RAM and SCSI RAID controller, so it should be plenty fast as a web server for some time.

Since the new, let’s call it nnwww for now, is many thousand KM away from me (it’s in California, USA and I’m in Denmark) I don’t have physical access to the box, only remote serial console access, so reinstalling the box from scratch is a bit troublesome. Instead I’m upgrading the already installed FreeBSD version on nnwww (FreeBSD 4.10) to FreeBSD 6.1-STABLE. Upgrading from FreeBSD 4 to something newer can be a bit painful and blow up badly, so I was a bit nervous about doing it, but so far it seems to be going without a hitch. As of this writing the system is happily running FreeBSD 5.5-STABLE (you have to go via FreeBSD 5 when upgrading from 4 -> 6).

So far so good, the real work will start when I’m going to prepare the system to run as… the current setup on is rather complex, so I expect it to take some time getting everything up and running.

So, this is one of the tasks I expect a good part of my vacation will be spent on :-). Stay tuned of more updates on the install process.