DC and Perforce?

dreamcompute

#1

I have this great install script to install Perforce version control (SVN on DreamHost is slower than tar in December)

[code]
#!/bin/sh

wget ftp://ftp.perforce.com/perforce/r15.1/bin.linux26x86_64/p4d
chmod +x p4d
sudo mv p4d /usr/local/bin
sudo adduser perforce
sudo mkdir /perforce_depot
sudo chown perforce /perforce_depot
sudo mkdir /var/log/perforce
sudo chown perforce /var/log/perforce
sudo apt-get install daemon
cd /etc/init.d
wget https://raw.githubusercontent.com/Allar/linux-perforce-installer/master/p4dservice
chmod +x /etc/init.d/p4dservice
sudo update-rc.d p4dservice defaults
sudo reboot[/code]

It works perfectly on a ubuntu 14.x shared dedicated server droplet.

Would I have the permissions available to me to install and run this 24/7 and also is DC suited for source control (SVN, Mercurial, Perforce, Git)?


#2

I’m not sure you’re referring to DreamCompute… If your question is “Can I install and run Perforce on a DreamCompute cloud server?” then the answer is absolutely, and you don’t need to ask for permissions. Remember that DreamCompute offers unmanaged servers: you spin them up the way you want them, and manage them the way you want.

BTW we just wrote a brief tutorial to install gitlab on DreamCompute: https://help.dreamhost.com/hc/en-us/articles/221034768-How-to-setup-Gitlab-on-DreamCompute


#3

I’m attempting to install perforce onto 14.04 ubuntu which is what worked without a hitch on a droplet, but this SSH stuff is screwing it up, and my unix knowledge is near nill.

I;ve tried some post-init scripts i found on the forums but I cannot set it up as I either need to login as user perforce (only allowed dhc-user obviously) or adding a user to SSH logins to install the script fully and get the service running via daemon but that didnt work via the post-initalize script for #cloud-users or however it goes. tried adding perforce with my key and it allowed login from that, great went to try logging in as dhc-user and just replied ssh error sent back ‘public-key’

Following this script as usual

And then tried this older manual way http://www.juanjchong.com/2013/installing-perforce-on-ubuntu-12-0-4-lts/

No luck, it does run as a service on dhc-user using the old method but on restart no way for me to connect at all.

Could it be the default security group? I have no idea how any of that even works. The server pings from cmd so I assume its fine for connections.
Editing: listing services on dhc-user it shows p4dservice running which is interesting, but not able to login from the 2users I triewd to add using the

#cloud-config
users:

  • name: demo
    groups: sudo
    shell: /bin/bash
    sudo: [‘ALL=(ALL) NOPASSWD:ALL’]
    ssh-authorized-keys:
    • ssh-rsa Your_Public_Key_Goes_Here you@machine.local

method

When I try to connect to the server on the :1666 perforce port I get “Connect to server failed; check $P4PORT.
TCP connect to 208.113.129.144:1666 failed.
connect: 208.113.129.144:1666: WSAETIMEDOUT” which tells me the service isnt running (it does have a ? next to it but is listed)

Tried a sudo su - script run too but no luck. obviously im not terminal savvy enough for encrypted setups, as SSH is optional on dreamcompute i may be jumping ship back if my team needs it this weekend svn is just too slow.

Running through all the wikis and such I need pip due to openstack and such and setup everything commandline setting up my ssh pub/priv keys and what not?


#4

I haven’t tried to run the install script but I have no reason to believe it wouldn’t run on DreamCompute as dhc-user. All the script does is to create a new user and install things as that user.

I have the impression you have not opened port 1666 on the new server. You need to add a new security group for 1666. You’ll find instructions on the KB:

The Security Groups are similar to firewall rules.


#5

Yeah after watching the install process I realize everything works the same, just teh “extra ssh security” here. I’ll look into that next month, I do get a better ping and more storage on DC.

Although I must add I spent an entire night trying to get perforce installed and responding, messing with ptty and puttygen and making about 100 new instances, when on digitalocean within 5 minutes I had redmine, ngynx, mysql, ruby, perforce the whole works setup and ready to go. Something to think aboutl.
Thanks.


#6

We are definitely thinking about it, there will be changes on that topic soon :slight_smile:


#7

As a long time dreamhost user ill definitly skip back over here if security is a bit more “open” if wanted/by default


#8

I’m not sure I understand what you mean… The comment I made was referring to the fact that DreamCompute servers by default don’t allow to use the username/password combination and default to SSH only. There are many reasons for this, security is one (all the guides for server hardening I read suggest to disable password access and use ssh keys in the first step) and convenience is another.

Defaulting to ssh keys for login is usually not a big issue for Mac and Linux users because those operating systems come with decent SSH clients. Windows users have been instead damaged for many years by Microsoft not shipping a good SSH client with the OS… Putty is a weird client that forces SSH keys that are not immediately usable and that adds more complication to a matter that is not simple to begin with. Things are going to slowly change with Windows 10 but it will take a generation of developers probably to unlearn.

That said, we’re taking steps to address the issues that affects Windows users and people not familiar with ssh in general.

Now, the Security Groups to manage access to services across networks are a common feature of cloud servers. Amazon, Rackspace, Google all have something similar because clouds like ours can manage security at that level and that allows for a lot more power when designing complex application architectures.

We’re having a conversation internally about what the default approach should be. Currently the default security group allows for HTTP, HTTPS, Ping and SSH traffic. Shall the default allow for more open ports? All (i.e. no filtering at all)? There are pros and cons on either side… Poll?