`cd` into your site directory, then run `git pull origin master`

after that just restart `supervisor` or whatever you're using to keep the site running


Installing the prerequisites

$ sudo apt install git gcc g++ make python-dev libxml2-dev libxslt1-dev zlib1g-dev ruby-sass gettext curl

$ wget -q --no-check-certificate -O- https://bootstrap.pypa.io/get-pip.py | sudo python

$ sudo pip install virtualenv

$ wget -O- https://deb.nodesource.com/setup_4.x | sudo -E bash -

$ sudo apt install nodejs

$ sudo npm install -g pleeease-cli

Creating the database

Next, we will set up the database using MySQL. The DMOJ is only tested to work with MySQL, and it is unlikely to work with anything else.

$ wget http://dev.mysql.com/get/mysql-apt-config_0.6.0-1_all.deb

$ sudo dpkg -i mysql-apt-config_0.6.0-1_all.deb

When asked, you should select the latest MySQL version.

$ sudo apt update

$ sudo apt install mysql-server libmysqlclient-dev

You will required to create a root password for MySQL. It's a good idea to remember it!

Next, we should set up the database itself. You will be asked for the root password you just set, after which you should execute the commands listed below to create the necessary database.

$ mysql -uroot -p


mysql> GRANT ALL PRIVILEGES ON dmoj.* to 'dmoj'@'localhost' IDENTIFIED BY '<password>';

mysql> exit

Installing the site

Now that you are done, you can start installing the site. First, create a virtualenv and activate it. Here, we'll create a virtualenv named dmojsite.

$ virtualenv dmojsite

$ . dmojsite/bin/activate

You should see (dmojsite) prepended to your shell. Henceforth, (dmojsite) commands assumes you are in the code directory, with virtualenv active.

The `virtualenv` will help keep the modules needed separate from the system package manager, and save you many headaches when updating. Read more about `virtualenv`s [here](#).

Now, fetch the site source code.

(dmojsite) $ git clone https://github.com/DMOJ/site.git

(dmojsite) $ cd site

(dmojsite) $ git submodule init

(dmojsite) $ git submodule update

Install Python dependencies into the virtualenv.

(dmojsite) $ pip install -r requirements.txt

(dmojsite) $ pip install mysqlclient

You will now need to configure dmoj/local_settings.py. You should make a copy of this sample settings file and read through it, making changes as necessary. Most importantly, you will want to update MySQL credentials.

Leave debug mode on for now; we'll disable it later after we've verified that the site works.

Generally, it's recommended that you add your settings in `dmoj/local_settings.py` rather than modifying `dmoj/settings.py` directly. `settings.py` will automatically read `local_settings.py` load it, so write your configuration there.

Now, you should verify that everything is going according to plan.

(dmojsite) $ python manage.py check

Setup database tables.

(dmojsite) $ python manage.py migrate

DMOJ uses sass and pleeease to generate the site stylesheets. DMOJ comes with a make_style.sh script that may be ran to compile and optimize the stylesheets.

(dmojsite) $ ./make_style.sh

Now collect static files into STATIC_ROOT as specified in dmoj/local_settings.py.

(dmojsite) $ python manage.py collectstatic

You will also need to generate i18n files.

(dmojsite) $ python manage.py compilemessages

(dmojsite) $ python manage.py compilejsi18n

Next, load some initial data so that your install is not entirely blank.

(dmojsite) $ python manage.py loaddata navbar

(dmojsite) $ python manage.py loaddata language_small

You should create an admin account with which to log in initially.

(dmojsite) $ python manage.py createsuperuser

At this point, you should attempt to run the server, and see if it all works.

(dmojsite) $ python manage.py runserver

You should Ctrl-C to exit after verifying.

Do not use runserver in production! We will set up a proper webserver using Nginx and UWsgi soon.

You should also test to see if bridged runs.

(dmojsite) $ python manage.py runbridged

If there are no errors after about 10 seconds, it probably works.

You should Ctrl-C to exit.

Your job is half done. You should now switch to a real python application server. The rest of this guide assumes you are using uwsgi and nginx to serve the site. It also assumes that you will be using supervisord to manage site and bridged. There be dragons should you use something else.

Now, copy uwsgi-template.ini to uwsgi.ini and edit it. You should at least change the paths to reflect your install.

You need to install uwsgi. The easiest way:

(dmojsite) $ curl http://uwsgi.it/install | bash -s default $PWD/uwsgi

To test:

(dmojsite) $ ./uwsgi --ini uwsgi.ini

If it says workers are spawned, it probably works. You should Ctrl-C to exit.

If it all works out, you should now install supervisord and configure it.

$ sudo apt install supervisor

Copy our site.conf to /etc/supervisor/conf.d/site.conf, and fill in the fields. Copy our bridged.conf to /etc/supervisor/conf.d/bridged.conf, and fill in the fields.

Reload supervisor configuration.

$ sudo supervisorctl update

Wait a few seconds, and run:

$ sudo supervisorctl status

If both processes are running, everything is good! Otherwise peek at the logs and see what's wrong.

Now it's time to set up nginx.

$ sudo apt install nginx

Typically, nginx site files are located in /etc/nginx/conf.d. Some installations might place it at /etc/nginx/sites-available and require a symlink in /etc/nginx/sites-enabled. You should copy the sample nginx.conf, edit it and place it in wherever it is supposed to be.

Now reload the nginx configuration.

$ sudo service nginx reload

You should be good to go. Visit the site at where you set it up. If it doesn't, check nginx logs and uwsgi log stdout/stderr.

Now that your site is installed, remember to set `DEBUG` to `False` in `local_settings`. Leaving it `True` is a security risk.

Configuration of event server

Create config.js. This assumes you use nginx, or there be dragons. You may need to shuffle ports if they are already used.

(dmojsite) $ cat > websocket/config.js

module.exports = {

    get_host: '',

    get_port: 15100,

    post_host: '',

    post_port: 15101,

    http_host: '',

    http_port: 15102,

    long_poll_timeout: 29000,


get_port should be the same as the port for /event/ in nginx.conf http_port should be the same as the port for /channels/ in nginx.conf post_port should be the same as the port in EVENT_DAEMON_POST in local_settings. You need to configure EVENT_DAEMON_GET and EVENT_DAEMON_POLL. You need to uncomment the relevant section in the nginx configuration.

Need to install the dependencies.

(dmojsite) $ npm install qu ws simplesets

(dmojsite) $ pip install websocket-client

Now copy wsevent.conf to /etc/supervisor/conf/wsevent.conf, changing paths. and then update supervisor.

$ sudo supervisorctl update

Now do remember to reload nginx, restart bridge and site.



Configure Virus-Scanning with Postfix + Clamav.
Install Clamav.
[2] Install Amavisd and Clamav Server, and start Clamav Server first.
# install from EPEL

[root@mail ~]#
yum --enablerepo=epel -y install amavisd-new clamav-server clamav-server-systemd
[root@mail ~]#
cp /usr/share/doc/clamav-server*/clamd.sysconfig /etc/sysconfig/clamd.amavisd

[root@mail ~]#
vi /etc/sysconfig/clamd.amavisd
# line 1, 2: uncomment and change


[root@mail ~]#
vi /etc/tmpfiles.d/clamd.amavisd.conf
# create new

d /var/run/clamd.amavisd 0755 amavis amavis -
[root@mail ~]#
vi /usr/lib/systemd/system/clamd@.service
# add follows to the end

[root@mail ~]#
systemctl start clamd@amavisd

[root@mail ~]#
systemctl enable clamd@amavisd

ln -s '/usr/lib/systemd/system/clamd@.service' '/etc/systemd/system/multi-user.target.wants/This email address is being protected from spambots. You need JavaScript enabled to view it.'
[3] Configure Amavisd.
[root@mail ~]#
vi /etc/amavisd/amavisd.conf
# line 20: change to the own domain name

$mydomain = '
# line 152: change to the own hostname

$myhostname = '
# line 154: uncomment

$notify_method = 'smtp:[]:10025';
$forward_method = 'smtp:[]:10025';
[root@mail ~]#
systemctl start amavisd

[root@mail ~]#
systemctl enable amavisd

[root@mail ~]#
systemctl start spamassassin

[root@mail ~]#
systemctl enable spamassassin
[4] Configure Postfix.
[root@mail ~]#
vi /etc/postfix/main.cf
# add follows to the end

[root@mail ~]#
vi /etc/postfix/master.cf
# add follows to the end

smtp-amavis unix -    -    n    -    2 smtp
    -o smtp_data_done_timeout=1200
    -o smtp_send_xforward_command=yes
    -o disable_dns_lookups=yes inet n    -    n    -    - smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_client_restrictions=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=
    -o strict_rfc821_envelopes=yes
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000

[root@mail ~]#
systemctl restart postfix
[5] It' OK all.
These lines below are added in the header section of emails after this configuration and emails with known Virus will not sent to Clients.

[1]. Cài ClamAV

#Download và cài clamAV

yum install clamav clamav-update

# Đánh dấu comment dòng Example:

sed -i -e "s/^Example/#Example/" /etc/freshclam.conf


#Cập nhật antivius


Kết quả tương tự như sau:

ClamAV update process started at Fri Aug 29 22:03:30 2014main.cld is up to date (version: 55, sigs: 2424225, f-level: 60, builder: neo)daily.cvd is up to date (version: 19314, sigs: 1094505, f-level: 63, builder: neo)

bytecode.cvd is up to date (version: 242, sigs: 46, f-level: 63, builder: dgoddard)

2. Thử nghiệm:

Ở trên đã xong cài đặt ClamAV. Để kiểm tra clamAV đã làm việc tốt chưa, thử quét 1 folder /home bằng lệnh:

clamscan --infected --remove --recursive /home

Kết quả:

----------- SCAN SUMMARY -----------
Known viruses: 3575245
Engine version: 0.98.4
Scanned directories: 2
Scanned files: 3
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)

Time: 10.369 sec (0 m 10 s)

Để kiểm tra khả năng phát hiện virus, download thử 1 virus và quét thử

curl -O http://www.eicar.org/download/eicar.com

clamscan --infected --remove --recursive .

Kết quả:

./eicar.com: Eicar-Test-Signature FOUND
./eicar.com: Removed.

# just detected

----------- SCAN SUMMARY -----------Known viruses: 3575245Engine version: 0.98.4Scanned directories: 3Scanned files: 10Infected files: 1Data scanned: 0.00 MBData read: 256.57 MB (ratio 0.00:1)

Time: 10.307 sec (0 m 10 s)