The parts of this install article: (1) Disk partiton; (2) Install PostgreSQL 9.4; (3) Auto Start of Services; (4) Security.
1. Disk Partition
/boot 2GB /swap 12GB swap (similar to size of RAM) / 100GB ext4 /home 1.7TB ext4 /var 120GB ext4 (preferably SSD)
2. Install PostgreSQL 9.4
Add http://download.opensuse.org/repositories/server:/database:/postgresql/openSUSE_13.2/ to repositories.Install through YaST:
postgresql94 postgresql94-server
3. Services Autostart at Boot
systemctl enable apache2.servicesystemctl enable sshd.service
chkconfig --add postgresql
--
Use chkconfig --list to list all available services run-level status
4. Security
(1) Disable root ssh access
Edit
/etc/ssh/sshd_config
Set and unmark
PermitRootLogin no
Restart
systemctl restart sshd.service
(2) Restrict swith user (su)
Add to the gorup of wheel
usermod -a -G wheel username
Edit
/etc/pam.d/su
Add this line below "auth sufficient pam_rootok.so"
auth required pam_wheel.so use_uid
5. Apache
1. Configuration:
/etc/sysconfig/apache (Include Modules)
/etc/apache2/ (configuration)
2. Edit default conf (/etc/apache2/default-server.conf)
TraceEnable off (Disable HTTP TRACE method)
3. Service setting
vi /usr/lib/systemd/system/apache2.service
PrivateTmp=false
6. PHP
Edit php.ini (/etc/php5/cli/php.ini)
short_open_tag = On
output_handler = ob_gzhandler
upload_max_filesize = 8M
memory_limit = 512M
date.timezone = 'Asian/Taipei'
session.cookie_httponly = 1
session.cookie_secure = 1
7. Firewall
Enable HTTP Server
Custom Rules for SSH