Hi all,

Following latest discussions and suggestions, I've had a look at how
to reorganize the checklist, containing pointers to what to do.
I've rewritten it a bit.

Do you have any suggestion to improve it?

Incidentally, maybe we could change default values in INN?
I'm wondering whether
- "organization" should not be unset by default (thus, no Organization
header field is added to locally posted articles) in inn.conf;
- "server" set to "localhost" by default in inn.conf;
- default expire value set to 90 days instead of 15 days in expire.ctl.

Introduction

This is an installation checklist initially written by Rebecca Ore,
intended to be the beginning of a different presentation of the
information in INSTALL, since getting started with installing INN can
be complex. Further clarifications, updates, and expansion are welcome.

This checklist explains the steps to follow for a standard installation
with reasonable defaults.

The first part of this documentation can be skipped if INN is already
installed on your system. Some distributions provide a package, which
should be used in preference of building from stratch.

Compile (when installing from scratch)

* Download the INN tarball and unpack. Make sure that you download
the last release from <https://ftp.isc.org/isc/inn/> or a snapshot
from <https://ftp.isc.org/isc/inn/snapshots/>.

* Make sure there is a "news" user (and a "news" group to which the
"news" user belongs). If necessary, you can use:

adduser --group --home /usr/local/news news

where /usr/local/news is the home directory for the "news" user.
This directory will be passed to "configure" via the --prefix
option. It will also be set as *pathnews* in inn.conf.

* Work out configure options ("./configure --help" for a list). If
you aren't working out of /usr/local/news, or want to put some files
on a different partition, you can set the directories now (or later
in *pathnews* in inn.conf if you change your mind). By default,
--prefix=/usr/local/news is used.

You probably want --with-perl. You might want to compile in TLS and
SQLite, if your system supports them. You will need to have the
relevant external libraries to compile (depending on whether you use
OpenSSL for TLS access to your news server, libcanlock to verify the
authenticity of cancel articles, Perl and/or Python for spam
filtering, etc.) and to correctly set the right paths to external
programs (like for GnuPG to verify the authenticity of Usenet
control messages).

./configure --with-perl --with-openssl --with-sqlite3 --with-canlock ...
make

su
make install

Note that if you update a previous installation of INN, you should
use "make update" instead of "make install" to keep your
configuration files.

If you wish to use TLS, you can use "make cert" to generate a
self-signed certificate and a private key.

* Make sure the directory /usr/local/news and its subdirectories are
owned by "news", group "news".

(If you ran "make install" as root, all of the ownerships and
permissions should be correct.)

You want to be careful that things in that directory stay owned by
"news" -- but you can't just "chown -R news:news" after the install,
because you may have binaries that are SUID root. You can do the
build as any user, but you need to be root when doing "make install"
so as to set the permissions correctly. After that point, though,
you may want to "su news -s /bin/sh" to avoid creating any files as
root. (For routine maintenance once INN is working, you can
generally be root. However, it is always better to be accustomed to
doing that as the news user.)

Parameter

* Find INSTALL and open a separate window for it. A printout is
probably a good idea -- it's long but very helpful. Any time the
instructions below ask you to make a decision, you can probably find
help in INSTALL.

* Now it's time to work on the configuration files in your *pathetc*
directory. Start with inn.conf; you must fill in or check
*organization* (which can be commented if you do not want to add a
default Organization header field to every post from your server),
your path in *pathhost* (usually your fully qualified domain name),
the NNTP server to use for posts (*server* is commonly set to
"localhost"), the maximum size of articles you accept (*maxartsize*,
set to 1 MB by default), the abuse e-mail address (*complaints*).

* To store articles, start with traditional spool (named tradspool),
but know that there various other options with their own pros and
cons, as detailed in INSTALL.

The default storage.conf file is already parametered to use that
storage method.

* Configure in expire.ctl how long articles should be kept in your
news spool. The default of 15 days is probably too short. You can
use different values for specific newsgroups or hierarchies
depending on your interest in them.

* Run "<pathbin in inn.conf>/inncheck -a -v -f --pedantic --perm" and
fix anything noted; inncheck gives a rough check on the
appropriateness of the configuration files as you go.

Note that inncheck is very conservative about permissions; there's
no reason most of the config files can't be world-readable if you
prefer that.

* You can now import an active file (*pathdb in inn.conf*/active) and
run inncheck again. You may want to look at
<https://ftp.isc.org/pub/usenet/CONFIG/active> and only keep the
lines corresponding to the newsgroups you are interested in. Also
import a newsgroups file which contains the descriptions of these
newsgroups (see for instance
<https://ftp.isc.org/pub/usenet/CONFIG/newsgroups>).

Note that it is not necessary to do that now. INN is shipped with
minimal active and newsgroups files and you can add newsgroups later
with "ctlinnd newgroup" or actsync (have a look at the examples at
the end of the actsync(8) man page for how to use it concretely).

* Review the subscriptions file, and update it according to the
newsgroups you carry on your news server. This file, which may be
empty, is used by a few news clients to suggest newsgroups on the
first time they connect to a news server.

* Create the cron jobs (especially news.daily), the log files, and
make the changes to your system's syslog.conf as noted in INSTALL.

* Create a local mail alias for "usenet" (editing your /etc/aliases
file for instance). It will be useful for daily Usenet reports sent
by news.daily and other parts of the system.

* If necessary, add the path to INN's binaries (as set in *pathbin* in
inn.conf) to the news user's path and the path to INN's man pages
(usually *pathnews*/share/man) to the news user's "MANPATH" in your
shell config files. (You may also want to do this, especially the
second part, on your regular account; the man pages are very
useful.)

You can do this now or later, but you will certainly want the man
pages to help with configuring INN.

For bash, try to add in your ~/.bashrc file:

PATH=<pathbin in inn.conf>:$PATH
export PATH
MANPATH=<pathnews in inn.conf>/share/man:$MANPATH
export MANPATH

or csh in your ~/.cshrc file:

setenv PATH <pathbin in inn.conf>:$PATH
setenv MANPATH <pathnews in inn.conf>/share/man:$MANPATH

although if you don't already have "MANPATH" set, the above may give
an error or override your defaults (making it so you can only read
the news man pages); if "echo $MANPATH" does not give some
reasonable path, you'll need to look up what the default is for your
system (such as /usr/man or /usr/share/man).

* For the time being, we can see if everything initially works without
worrying about feeds or reader access.

Run

* Start innd by running *pathbin*/rc.news as the news user. It is
also what you should launch in your init scripts, so that INN
starts when your server boots:

su news -s /bin/sh -c <pathbin in inn.conf>/rc.news

Le 14/01/2022 à 18:21, Julien ÉLIE a écrit :

> Do you have any suggestion to improve it?

I really don't think a mailing list is usable do do such things. much
better any free etherpad like this one:

https://semestriel.framapad.org/p/8uyhlhkb23-9rz5?lang=fr

clic on the small user icon on upper right, type your name and choose a
color (jdd is pink).

Then start making changes. Any number of people can work together at the
same time. Any change have the color of the author...

I think Google have the same but here it's a free one on an open source
friendly club

jdd