From 58b15f11a0984b69697872814359ae652515735e Mon Sep 17 00:00:00 2001 From: James Aylett Date: Sun, 12 Sep 2010 04:29:53 -0700 Subject: [PATCH 1/2] Remove fort-specific bind options, which will blow up for people who don't have /dev/fort's ACLs. --- INSTALL.md | 3 --- 1 file changed, 3 deletions(-) diff --git a/INSTALL.md b/INSTALL.md index d965d49..773653e 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -35,9 +35,6 @@ Add to ``/etc/bind/named.conf.local``: zone "twitter.com." { type master; file "/etc/bind/db.twitter.com"; - allow-transfer { - forts; - }; }; Create ``/etc/apache2/sites-available/bugle``: From 21a2426b256c1ad239e60c0405ffe5bdfae91572 Mon Sep 17 00:00:00 2001 From: James Aylett Date: Sun, 12 Sep 2010 04:54:19 -0700 Subject: [PATCH 2/2] Add some (hopefully useful) pointers to this, particularly noting that you don't *have* to intercept twitter for your entire local network. Remove the twitter bind configuration that assumes you'll have a second machine serving DNS. If you do have, then you want some slave configuration at the other end, and it doesn't seem worth documenting; if you need resilience in your DNS serving, you probably know what you're doing (or should learn ;-). --- INSTALL.md | 60 ++++++++++++++++++++++++++++++++++-------------------- 1 file changed, 38 insertions(+), 22 deletions(-) diff --git a/INSTALL.md b/INSTALL.md index 773653e..d34c5c2 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -1,6 +1,9 @@ Fort installation instructions ============================== +Setting up the bugle project +---------------------------- + Install Django and mod-wsgi (``libapache2-mod-wsgi`` on Debian). Checkout ``bugle_project`` into ``/home/bugle`` and run: @@ -14,34 +17,15 @@ Create MySQL database ``bugle`` and an SSL certificate: $ make-ssl-cert generate-default-snakeoil --force-overwrite $ a2enmod ssl -Create ``/etc/bind/db.twitter.com``: - - $TTL 604800 - @ IN SOA localhost. root.localhost. ( - 4 ; Serial - 604800 ; Refresh - 86400 ; Retry - 2419200 ; Expire - 604800 ; Negative Cache TTL - ) - - @ IN NS 10.0.0.1 - @ IN NS 10.0.0.2 - @ IN A 10.0.0.1 - api IN A 10.0.0.1 - -Add to ``/etc/bind/named.conf.local``: - - zone "twitter.com." { - type master; - file "/etc/bind/db.twitter.com"; - }; +Configuring apache +------------------ Create ``/etc/apache2/sites-available/bugle``: ServerName twitter.com ServerAlias api.twitter.com + #ServerAlias bugle.fort WSGIPassAuthorization On WSGIScriptAlias / /home/bugle/bugle_project/bugle.wsgi ErrorLog /var/log/apache2/bugle-error.log @@ -52,6 +36,7 @@ Create ``/etc/apache2/sites-available/bugle``: ServerName twitter.com ServerAlias api.twitter.com + #ServerAlias bugle.fort WSGIPassAuthorization On WSGIScriptAlias / /home/bugle/bugle_project/bugle.wsgi ErrorLog /var/log/apache2/bugle-error.log @@ -69,3 +54,34 @@ Run: $ a2ensite bugle $ /etc/init.d/apache2 force-reload +Note that if you also want bugle to respond to a non-twitter hostname (say, `bugle.fort`), then you'll need to uncomment and edit the additional ServerAlias lines and also ensure that the relevant hostnames are in your local DNS (for instance by using [the configuration files from /dev/fort](http://github.com/devfort/hostsetup)). + +Making local clients see bugle instead of twitter +------------------------------------------------- + +This is optional, and evil, but may be convenient in some cases; it requires that the machine running bind as a name server for the local network is that same as the machine running bugle. Alternatively, people can edit their machine's `/etc/hosts` or [the equivalent file on Windows](https://secure.wikimedia.org/wikipedia/en/wiki/Hosts_%28file%29) to point to wherever you're running bugle. + +Create ``/etc/bind/db.twitter.com``, assuming below that your machine is `10.0.0.1`: + + $TTL 604800 + @ IN SOA localhost. root.localhost. ( + 4 ; Serial + 604800 ; Refresh + 86400 ; Retry + 2419200 ; Expire + 604800 ; Negative Cache TTL + ) + + @ IN NS 10.0.0.1 + @ IN A 10.0.0.1 + api IN A 10.0.0.1 + +Add to ``/etc/bind/named.conf.local``: + + zone "twitter.com." { + type master; + file "/etc/bind/db.twitter.com"; + }; + +Run: + $ rndc reload