Hi all,
Following latest discussions and suggestions, I've had a look at how
to reorganize the checklist, containing pointers to what to do.
I've rewritten it a bit.
Do you have any suggestion to improve it?
Incidentally, maybe we could change default values in INN?
I'm wondering whether
- "organization" should not be unset by default (thus, no Organization
header field is added to locally posted articles) in inn.conf;
- "server" set to "localhost" by default in inn.conf;
- default expire value set to 90 days instead of 15 days in expire.ctl.
Introduction
This is an installation checklist initially written by Rebecca Ore,
intended to be the beginning of a different presentation of the
information in INSTALL, since getting started with installing INN can
be complex. Further clarifications, updates, and expansion are welcome.
This checklist explains the steps to follow for a standard installation
with reasonable defaults.
The first part of this documentation can be skipped if INN is already
installed on your system. Some distributions provide a package, which
should be used in preference of building from stratch.
Compile (when installing from scratch)
* Download the INN tarball and unpack. Make sure that you download
the last release from <
https://ftp.isc.org/isc/inn/> or a snapshot
from <
https://ftp.isc.org/isc/inn/snapshots/>.
* Make sure there is a "news" user (and a "news" group to which the
"news" user belongs). If necessary, you can use:
adduser --group --home /usr/local/news news
where /usr/local/news is the home directory for the "news" user.
This directory will be passed to "configure" via the --prefix
option. It will also be set as *pathnews* in inn.conf.
* Work out configure options ("./configure --help" for a list). If
you aren't working out of /usr/local/news, or want to put some files
on a different partition, you can set the directories now (or later
in *pathnews* in inn.conf if you change your mind). By default,
--prefix=/usr/local/news is used.
You probably want --with-perl. You might want to compile in TLS and
SQLite, if your system supports them. You will need to have the
relevant external libraries to compile (depending on whether you use
OpenSSL for TLS access to your news server, libcanlock to verify the
authenticity of cancel articles, Perl and/or Python for spam
filtering, etc.) and to correctly set the right paths to external
programs (like for GnuPG to verify the authenticity of Usenet
control messages).
./configure --with-perl --with-openssl --with-sqlite3 --with-canlock ...
make
su
make install
Note that if you update a previous installation of INN, you should
use "make update" instead of "make install" to keep your
configuration files.
If you wish to use TLS, you can use "make cert" to generate a
self-signed certificate and a private key.
* Make sure the directory /usr/local/news and its subdirectories are
owned by "news", group "news".
(If you ran "make install" as root, all of the ownerships and
permissions should be correct.)
You want to be careful that things in that directory stay owned by
"news" -- but you can't just "chown -R news:news" after the install,
because you may have binaries that are SUID root. You can do the
build as any user, but you need to be root when doing "make install"
so as to set the permissions correctly. After that point, though,
you may want to "su news -s /bin/sh" to avoid creating any files as
root. (For routine maintenance once INN is working, you can
generally be root. However, it is always better to be accustomed to
doing that as the news user.)
Parameter
* Find INSTALL and open a separate window for it. A printout is
probably a good idea -- it's long but very helpful. Any time the
instructions below ask you to make a decision, you can probably find
help in INSTALL.
* Now it's time to work on the configuration files in your *pathetc*
directory. Start with inn.conf; you must fill in or check
*organization* (which can be commented if you do not want to add a
default Organization header field to every post from your server),
your path in *pathhost* (usually your fully qualified domain name),
the NNTP server to use for posts (*server* is commonly set to
"localhost"), the maximum size of articles you accept (*maxartsize*,
set to 1 MB by default), the abuse e-mail address (*complaints*).
* To store articles, start with traditional spool (named tradspool),
but know that there various other options with their own pros and
cons, as detailed in INSTALL.
The default storage.conf file is already parametered to use that
storage method.
* Configure in expire.ctl how long articles should be kept in your
news spool. The default of 15 days is probably too short. You can
use different values for specific newsgroups or hierarchies
depending on your interest in them.
* Run "<pathbin in inn.conf>/inncheck -a -v -f --pedantic --perm" and
fix anything noted; inncheck gives a rough check on the
appropriateness of the configuration files as you go.
Note that inncheck is very conservative about permissions; there's
no reason most of the config files can't be world-readable if you
prefer that.
* You can now import an active file (*pathdb in inn.conf*/active) and
run inncheck again. You may want to look at
<
https://ftp.isc.org/pub/usenet/CONFIG/active> and only keep the
lines corresponding to the newsgroups you are interested in. Also
import a newsgroups file which contains the descriptions of these
newsgroups (see for instance
<
https://ftp.isc.org/pub/usenet/CONFIG/newsgroups>).
Note that it is not necessary to do that now. INN is shipped with
minimal active and newsgroups files and you can add newsgroups later
with "ctlinnd newgroup" or actsync (have a look at the examples at
the end of the actsync(8) man page for how to use it concretely).
* Review the subscriptions file, and update it according to the
newsgroups you carry on your news server. This file, which may be
empty, is used by a few news clients to suggest newsgroups on the
first time they connect to a news server.
* Create the cron jobs (especially news.daily), the log files, and
make the changes to your system's syslog.conf as noted in INSTALL.
* Create a local mail alias for "usenet" (editing your /etc/aliases
file for instance). It will be useful for daily Usenet reports sent
by news.daily and other parts of the system.
* If necessary, add the path to INN's binaries (as set in *pathbin* in
inn.conf) to the news user's path and the path to INN's man pages
(usually *pathnews*/share/man) to the news user's "MANPATH" in your
shell config files. (You may also want to do this, especially the
second part, on your regular account; the man pages are very
useful.)
You can do this now or later, but you will certainly want the man
pages to help with configuring INN.
For bash, try to add in your ~/.bashrc file:
PATH=<pathbin in inn.conf>:$PATH
export PATH
MANPATH=<pathnews in inn.conf>/share/man:$MANPATH
export MANPATH
or csh in your ~/.cshrc file:
setenv PATH <pathbin in inn.conf>:$PATH
setenv MANPATH <pathnews in inn.conf>/share/man:$MANPATH
although if you don't already have "MANPATH" set, the above may give
an error or override your defaults (making it so you can only read
the news man pages); if "echo $MANPATH" does not give some
reasonable path, you'll need to look up what the default is for your
system (such as /usr/man or /usr/share/man).
* For the time being, we can see if everything initially works without
worrying about feeds or reader access.
Run
* Start innd by running *pathbin*/rc.news as the news user. It is
also what you should launch in your init scripts, so that INN
starts when your server boots:
su news -s /bin/sh -c <pathbin in inn.conf>/rc.news
Samples of init.d and systemd init scripts are present in the
contrib directory (and certainly already set up on your system if
you installed INN with a package for your distrubtion).
* Check news.crit, news.err and news.notice in your *pathlog*
directory to see if everything went well; also use "ps" to see if
innd is running.
* "telnet localhost 119" and you should see either a welcome banner or
a "no permission to talk" message. If not, investigate.
Send "QUIT" to end the telnet connection.
* When you complete your configuration, do not forget to reload
changed files (see the "ctlinnd reload" command in the ctlinnd(8)
man page). You can also see whether "ctlinnd checkfile" reports any
problems.
Additional Configuration
The following features are commonly used. Though not mandatory, they
are recommended and can of course be set up later.
* You may want to configure the process of newsgroup control messages
to keep your list of newsgroups up to date (see the corresponding
section in INSTALL).
* You may want to configure the process of NoCeM notices used to
cancel unwanted articles like spam (see the perl-nocem(8) man page).
* You may want to install a spam-filtering filter. Good choices are
either Cleanfeed (a widely used Perl filter you can find at
<
http://www.mixmin.net/cleanfeed/>) or PyClean (also a great Python
filter you can find at <
https://github.com/crooks/PyClean>).
* You may want to submit your Path header field statistics to
<
http://top1000.anthologeek.net/>. Have a look at the ninpaths(8)
man page to see how to do that.
Feeds
[Still to be proof-read]
Readers
[Still to be proof-read]
That's it!
--
Julien ÉLIE
« Une fois rien, c'est rien ; deux fois rien, c'est pas beaucoup, mais
pour trois fois rien, on peut déjà acheter quelque chose, et pour pas
cher. » (Raymond Devos)
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)