mkdir -m 0700 /etc/skel/.ssh
touch /etc/skel/.ssh/authorized_keys
chmod 0600 /etc/skel/.ssh/authorized_keys
echo 'Port 6056' >/etc/ssh/sshd_config
echo 'LoginGraceTime 1m' >>/etc/ssh/sshd_config
echo 'PermitRootLogin without-password' >>/etc/ssh/sshd_config
echo '#PasswordAuthentication no' >>/etc/ssh/sshd_config
echo '#UsePAM yes ? default is no?' >>/etc/ssh/sshd_config
echo 'UseDNS no' >>/etc/ssh/sshd_config
echo 'MaxStartups 5' >>/etc/ssh/sshd_config
echo '# override default of no subsystems' >>/etc/ssh/sshd_config
echo 'Subsystem       sftp    /usr/libexec/openssh/sftp-server' >>/etc/ssh/sshd_config
service sshd restart

# disable firewall and SELinux

yum -y install ntp
chkconfig ntpd on
service ntpd start

# change ntpd options to allow large time sku change

vim /etc/sysconfig/ntpd
OPTIONS="-g -u ntp:ntp -p /var/run/ntpd.pid"

mkdir /root/src
cd /root/src

yum -y install readline-devel 'perl(Date::Format)' ImageMagick-perl 'perl(Time::CTime)' perl-TimeDate \
perl-XML-Simple perl-GD perl-GDGraph perl-DBD-Pg perl-DBI perl-Apache-DBI \
perl-MIME-tools expat-devel libxml2-devel openssl-devel pango-devel

wget http://wwwmaster.postgresql.org/redir/198/h/source/v8.2.20/postgresql-8.2.20.tar.gz
tar -zxf postgresql-8.2.20.tar.gz
cd postgresql-8.2.20
./configure
make
make install
rm -f /usr/bin/psql
ln -s /usr/local/pgsql/bin/psql /usr/bin
rm -f /usr/bin/createdb
ln -s /usr/local/pgsql/bin/createdb /usr/bin
rm -f /usr/bin/dropdb
ln -s /usr/local/pgsql/bin/dropdb /usr/bin
rm -f /usr/bin/pg_dump
ln -s /usr/local/pgsql/bin/pg_dump /usr/bin

# run cpan and set things up so stuff installs easier without a bunch of questions
cpan
o conf prerequisites_policy follow
o conf build_requires_install_policy yes
o conf commit

cpan -i LDS/Crypt-CBC-2.12.tar.gz Crypt::Blowfish XML::Dumper \
IO::Socket::SSL Net::SMTP::SSL Authen::SASL Template \
DateTime::Locale IO::Socket::INET Net::IMAP::Simple XML::Simple \
Lingua::EN::Numbers Google::SAML::Response

# Generally you don't need to install mysql, only if you need wordpress
yum -y install mysql-devel.x86_64 mysql-server.x86_64 mysql.x86_64
chkconfig --add mysqld
chkconfig mysqld on
vim /etc/my.cnf
# add bind-address=127.0.0.1
service mysqld start
/usr/bin/mysqladmin -u root password 'what ever you want password to be'

# now back to normal install packages
cd /root/src
mkdir apache
cd apache
wget http://www.apache.org/dist/perl/mod_perl-1.30.tar.gz
tar -zxf mod_perl-1.30.tar.gz
wget http://archive.apache.org/dist/httpd/apache_1.3.37.tar.gz
tar -zxf apache_1.3.37.tar.gz
wget http://www.modssl.org/source/mod_ssl-2.8.28-1.3.37.tar.gz
tar -zxf mod_ssl-2.8.28-1.3.37.tar.gz
wget http://us3.php.net/get/php-5.3.5.tar.gz/from/us.php.net/mirror
tar -zxf php-5.3.5.tar.gz
cd mod_perl-1.30
perl Makefile.PL APACHE_SRC=../apache_1.3.37/src DO_HTTPD=1 USE_APACI=1 PREP_HTTPD=1 EVERYTHING=1
make
make install

# PHP is generally not needed, unless you need wordpress or maybe something else that runs php
cd ../php-5.3.5

# only config with mysql if you need it for wordpress, otherwise use the next option
./configure --with-zlib \
--with-mysql=/usr/bin/ --with-libdir=lib64 \
--with-pgsql --with-apache=../apache_1.3.37

# Postgres only
./configure --with-zlib \
--with-pgsql --with-apache=../apache_1.3.37
make
make install

# now back to normal stuff
cd ../mod_ssl-2.8.28-1.3.37/
./configure --with-apache=../apache_1.3.37 --with-ssl=SYSTEM --prefix=/usr/local/apache --enable-shared=ssl

cd ../apache_1.3.37
wget http://www.awe.com/mark/dev/mod_status_xml/dist/mod_status_xml.c
mv mod_status_xml.c src/modules/extra/

# without php
./configure --activate-module=src/modules/perl/libperl.a --enable-module=env \
--enable-module=log_config --enable-module=log_agent --enable-module=log_referer \
--enable-module=mime --enable-module=status --enable-module=info --enable-module=dir \
--enable-module=cgi --enable-module=alias --enable-module=proxy --enable-module=rewrite \
--enable-module=access --enable-module=expires --enable-module=setenvif --enable-module=so \
--activate-module=src/modules/ssl/libssl.a --enable-module=dir --disable-shared=dir \
--add-module=src/modules/extra/mod_status_xml.c

# with php
./configure --activate-module=src/modules/perl/libperl.a --enable-module=env \
--enable-module=log_config --enable-module=log_agent --enable-module=log_referer \
--enable-module=mime --enable-module=status --enable-module=info --enable-module=dir \
--enable-module=cgi --enable-module=alias --enable-module=proxy --enable-module=rewrite \
--enable-module=access --enable-module=expires --enable-module=setenvif --enable-module=so \
--activate-module=src/modules/ssl/libssl.a --enable-module=dir --disable-shared=dir \
--activate-module=src/modules/php5/libphp5.a --add-module=src/modules/extra/mod_status_xml.c

make
make install

# php final install stuff
cd ../php-5.3.5
cp php.ini-production /usr/local/lib/php.ini

# create our empty directories that will house all the code and data from the sites
mkdir /code
mkdir /data

useradd chrissutton
passwd chrissutton

# add postgres users
useradd postgres
mkdir /usr/local/pgsql/data
chown postgres /home/postgres
chown postgres /usr/local/pgsql/data
cd /root/src/postgresql-8.2.20/contrib/start-scripts/
cp linux /etc/rc.d/init.d/postgresql
# EDIT /etc/rc.d/init.d/postgresql and make it start at 80 instead of 98
# because it needs to start before apache
chkconfig --add postgresql
chmod +x /etc/rc.d/init.d/postgresql

# initialize the database
su - postgres
cd /usr/local/pgsql/bin/
./initdb /usr/local/pgsql/data
exit

service postgresql start

# create some symbolic links so apache will start in a special way that will work 
# with code that is installed later.
ln -s /code/httpd/bin/conf.pl /usr/local/apache/conf/conf.pl
rm -f /etc/rc.d/init.d/httpd
ln -s /code/httpd/bin/apachectl /etc/rc.d/init.d/httpd

mkdir /usr/lib/perl5/vendor_perl/5.8.8/Apache/
ln -s /code/Apache-SdnFw/lib/Apache/SdnFw/ /usr/lib/perl5/vendor_perl/5.8.8/Apache/
ln -s /code/Apache-SdnFw/lib/Apache/SdnFw.pm /usr/lib/perl5/vendor_perl/5.8.8/Apache/

cd /usr/local/pgsql/bin
./createuser -S -D -R -U postgres sdnfw

# get htmldoc - for creating PDFs
tar -zxf htmldoc-1.8.27-source.tar.gz
cd htmldoc-1.8.27
./configure
make
make install

# wordpress
cd /root/src
wget http://wordpress.org/latest.tar.gz
mv latest.tar.gz wordpress.tar.gz
cd /data/oicf/content
tar -zxf /root/src/wordpress.tar.gz
mv wordpress/* .
rmdir wordpress

# install pisa for better html to pdf options
cd /root/src
wget http://pypi.python.org/packages/source/p/pisa/pisa-3.0.33.tar.gz
wget http://www.reportlab.com/ftp/reportlab-2.5.tar.gz
wget http://html5lib.googlecode.com/files/html5lib-0.11.1.zip
wget http://pybrary.net/pyPdf/pyPdf-1.13.tar.gz
tar -zxf pisa-3.0.33.tar.gz
cd pisa-3.0.33
python setup.py install
cd ../
tar -zxf reportlab-2.5.tar.gz
cd reportlab-2.5
python setup.py install
cd ../
unzip -o html5lib-0.11.1.zip
cd html5lib-0.11.1
python setup.py install
cd ../
tar -zxf pyPdf-1.13.tar.gz
cd pyPdf-1.13
python setup.py install

# If you need SFTP
cd /root/src
wget wget http://dag.wieers.com/rpm/packages/rssh/rssh-2.3.2-1.2.el5.rf.i386.rpm
rpm -Uvh rssh-2.3.2-1.2.el5.rf.i386.rpm
wget http://olivier.sessink.nl/jailkit/jailkit-2.11.tar.gz
tar -zxf jailkit-2.11.tar.gz
cd jailkit-2.11
./configure
make
make install

# edit /etc/rssh.conf, change chrootpath
mkdir /data/chroot

useradd -m -d /home/odfl -s /usr/bin/rssh odfl
passwd odfl 

jk_init -j /data/chroot/odfl sftp
mkdir /data/chroot/odfl/inbox
chown odfl.odfl /data/chroot/odfl/inbox/
