Server Setup Demo

watch on YouTube for needed subtitles https://www.youtube.com/watch?v=X1qbba7_tgI

video for https://steamcommunity.com/sharedfiles/filedetails/?id=2613362570

timestamps
0:00 Introduction
0:05 Tools - Cygwin
2:58 Tools - Rufus
3:23 Downloading OpenBSD
6:15 Installing OpenBSD
10:13 OpenBSD First Boot
12:04 OpenBSD Server
13:54 OpenBSD Server - Web Site
15:13 OpenBSD Server - Mumble
17:28 OpenBSD Server - Testing Web Site and Mumble
21:40 OpenBSD Server - SSL
29:07 OpenBSD Server - Web Site (Uploading Content)
32:25 Downloading Oracle Linux
37:26 Installing Oracle Linux
46:44 Oracle Linux First Boot
48:07 Oracle Linux Server
52:54 Oracle Linux Server - Web Site
57:37 Oracle Linux Server - Dedicated Servers for Games
1:11:48 End

1
00:00:06,297 --> 00:00:11,302
To begin you will need to install some tools.

2
00:01:04,522 --> 00:01:10,820
OpenSSH for remote shell to server (I already have it installed).

3
00:01:11,863 --> 00:01:16,868
GnuPG for file verification.

4
00:01:18,745 --> 00:01:23,750
wget for downloading files.

5
00:01:25,710 --> 00:01:30,715
nano for editing files.

6
00:01:38,807 --> 00:01:43,812
rsync for copying files.

7
00:01:55,240 --> 00:02:00,245
Now to verify integrity of Cygwin.

8
00:02:51,004 --> 00:02:58,219
Forgot to demonstrate this, but you can compare fingerprint with one on the website.

9
00:02:59,137 --> 00:03:04,142
Next tool: Rufus.

10
00:03:24,954 --> 00:03:31,169
Finally, time to download the OpenBSD operating system.

11
00:03:37,383 --> 00:03:42,388
You can download from a mirror site here.

12
00:03:46,059 --> 00:03:48,978
miniroot for USB.

13
00:03:50,271 --> 00:03:55,276
cd for CD.

14
00:04:39,279 --> 00:04:45,535
(NOTE: This will only verify installer against corruption.)

15
00:04:45,535 --> 00:04:51,166
(NOTE: OpenBSD signature tool is only available for OpenBSD and possibly GNU/Linux)

16
00:05:10,310 --> 00:05:15,315
To copy ISO to CD:

17
00:05:27,035 --> 00:05:32,040
To copy IMG to USB:

18
00:06:09,911 --> 00:06:14,916
You can now insert this CD or USB into the computer you plan to use as a server.

19
00:10:02,727 --> 00:10:07,732
Don't forget to remove the CD or USB after reboot.

20
00:10:16,949 --> 00:10:23,664
Last thing needed is the IP address and SSH fingerprints before going back to the desktop.

21
00:10:52,026 --> 00:10:57,740
Switch to the second virtual terminal before logging in (Ctrl-Alt-F2).

22
00:11:02,078 --> 00:11:07,083
ifconfig for the IP address

23
00:11:11,337 --> 00:11:16,342
ssh-keygen for the SSH fingerprints.

24
00:11:57,550 --> 00:12:02,555
Time to return to the desktop.

25
00:12:05,975 --> 00:12:12,022
Log in to the server with OpenSSH knowing the IP address and SSH fingerprints.

26
00:12:37,798 --> 00:12:42,803
Switch user to root and run 'syspatch' to update system.

27
00:13:08,537 --> 00:13:13,542
'pkg_add -u' to update packages.

28
00:13:19,924 --> 00:13:24,929
'rcctl' to manage services.

29
00:13:27,723 --> 00:13:32,728
sndiod is for audio which is generally not needed on a server.

30
00:13:40,861 --> 00:13:45,866
For checking and updating your hostname:

31
00:13:54,708 --> 00:13:59,046
Now to set up httpd (web server)

32
00:14:06,428 --> 00:14:11,433
Using HTTP only for now.

33
00:14:12,351 --> 00:14:17,356
Using an IP address instead of domian name for now.

34
00:14:34,248 --> 00:14:40,629
Now to create the htdocs2 folder with proper permissions.

35
00:15:04,111 --> 00:15:07,740
Now enable and start httpd.

36
00:15:15,581 --> 00:15:20,586
Now to show installing other services. In this case, a Mumble service.

37
00:16:17,184 --> 00:16:22,189
Now enable murmurd and set a superuser password.

38
00:16:53,971 --> 00:16:56,849
Now start the murmurd service.

39
00:17:01,979 --> 00:17:05,149
To check the status of all services:

40
00:17:31,175 --> 00:17:36,180
Now to test the services.

41
00:17:45,147 --> 00:17:50,152
Domain name not set up (as expected)

42
00:17:58,827 --> 00:18:02,498
Web server working, but with no files to serve.

43
00:18:28,315 --> 00:18:32,486
File to serve now.

44
00:18:59,680 --> 00:19:03,141
Mumble not working.

45
00:19:18,782 --> 00:19:23,787
Superuser password is different and IP is 0.0.0.0 (can cause problems)

46
00:19:49,521 --> 00:19:54,526
rcctl restart or reload to apply new configuration.

47
00:20:47,079 --> 00:20:52,084
No domain name and thus no SSL certificate so Mumble fallbacks to self-signed certificate.

48
00:21:40,882 --> 00:21:45,887
Now to set up a domain name and SSL certificates.

49
00:21:46,430 --> 00:21:51,435
Every domain name provider is different so I will not be covering this.

50
00:21:51,977 --> 00:21:56,982
For the SSL certificates I shall be using ACME and LetsEncrypt

51
00:22:39,733 --> 00:22:44,738
Resetting httpd configuration to default.

52
00:23:52,013 --> 00:23:57,018
Press Ctrl+Shift+I or use the menus to activate developer tools.

53
00:23:59,521 --> 00:24:04,526
Enable 'Disable cache' for testing purposes.

54
00:24:16,663 --> 00:24:21,668
Web server does not have certificate to support HTTPS, but can now support ACME.

55
00:24:44,983 --> 00:24:49,988
Request certificate with ACME.

56
00:24:59,956 --> 00:25:07,714
It should complete, but for me it doesn't because I do not wish to add DNS records for this demo.

57
00:25:07,714 --> 00:25:14,471
So I shall be using a self-signed certificate in place of a real certificate.

58
00:25:46,878 --> 00:25:51,883
Once you have a certificate from ACME you will have to restart or reload httpd.

59
00:26:15,532 --> 00:26:20,537
Certificate should be valid, but won't be for me because self-signed.

60
00:26:44,769 --> 00:26:49,774
Certificate still self-signed so time to update it.

61
00:28:13,066 --> 00:28:18,071
Ignore restarting httpd here.

62
00:29:08,246 --> 00:29:13,251
Now to easily upload content to the website.

63
00:31:24,966 --> 00:31:29,971
Time to fix broken directory and file permissions.

64
00:32:28,821 --> 00:32:33,826
Now time to install Oracle Linux instead of OpenBSD.

65
00:32:56,766 --> 00:33:01,771
Boot ISO if you want Red Hat compatibility.

66
00:33:02,605 --> 00:33:07,610
UEK Boot ISO if you don't care about Red Hat compatibility.

67
00:36:33,524 --> 00:36:38,529
Forgot to demonstrate this, but you can burn this ISO to a DVD.

68
00:37:19,195 --> 00:37:25,993
You can now insert this CD or USB into the computer you plan to use as a server.

69
00:37:33,292 --> 00:37:38,297
Move up and press tab.
Add ' inst.text' and press enter to boot.

70
00:39:56,394 --> 00:40:03,651
For custom partitioning you can switch terminals (Ctrl-Alt-F2) and use fdisk.

71
00:42:03,020 --> 00:42:08,025
You may want to write down the repo URL.

72
00:46:12,978 --> 00:46:17,983
Don't forget to remove the DVD or USB after reboot.

73
00:46:27,117 --> 00:46:33,832
Last thing needed is the IP address and SSH fingerprints before going back to the desktop.

74
00:47:14,998 --> 00:47:20,003
ifconfig for the IP address

75
00:47:25,884 --> 00:47:30,889
ssh-keygen for the SSH fingerprints.

76
00:48:00,836 --> 00:48:05,841
Time to return to the desktop.

77
00:48:10,596 --> 00:48:16,643
Log in to the server with OpenSSH knowing the IP address and SSH fingerprints.

78
00:48:39,082 --> 00:48:46,923
After installation you will still need to install the UE Kernel if you want it.

79
00:48:56,266 --> 00:49:03,690
Swith to user root and update system with 'yum'.

80
00:49:46,066 --> 00:49:51,071
Check fingerprints.

81
00:50:57,429 --> 00:51:02,434
To install UE Kernel:

82
00:51:31,379 --> 00:51:36,384
Reboot to load new kernel.

83
00:52:03,954 --> 00:52:08,959
UE Kernel now installed and in use.

84
00:52:12,504 --> 00:52:17,509
If you want EPEL and other extra packages:

85
00:52:56,631 --> 00:53:01,636
Now to set up a web server.

86
00:53:24,576 --> 00:53:29,581
Control services with 'systemctl'

87
00:53:44,346 --> 00:53:49,351
Change permissions of web directory.

88
00:54:12,332 --> 00:54:17,337
Press Ctrl+Shift+I or use the menus to activate developer tools.

89
00:54:19,839 --> 00:54:24,844
Enable 'Disable cache' for testing purposes.

90
00:54:29,599 --> 00:54:34,604
Firewall has HTTP port closed.

91
00:55:41,463 --> 00:55:46,468
Now to update web site content.

92
00:56:29,094 --> 00:56:34,099
Time to fix directory and file permissions.

93
00:57:28,319 --> 00:57:37,328
I will not be showing how to set up HTTPS
If you want HTTPS you can install mod_ssl and acme.sh

94
00:57:37,620 --> 00:57:42,625
Now to set up 'dedicated servers' for games.

95
01:06:25,648 --> 01:06:35,783
TCP port (RCON) should not be public.
Only open TCP for LAN. Otherwise tunnel port with SSH.

96
01:10:39,276 --> 01:10:44,281
Fix permissions for the folder or else pid and log creation fails.