diff --git a/INSTALL.md b/INSTALL.md new file mode 100644 index 0000000..99b2a8e --- /dev/null +++ b/INSTALL.md @@ -0,0 +1,149 @@ +# Preparing + +## Install and configure Mailsystem (postfix) so it is possible to send mails + +## apt install python3 python3-pip python3-venv python3-virtualenv + +## apt install uwsgi uwsgi-plugin-python3 + +## Install and configure mariadb-server + +## Install and configure nginx und selfencrypt + + +# Installation + +## Create databases for carom and carom-int + +``` +-- carom +CREATE DATABASE carom DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci; +CREATE USER 'carom'@'localhost' IDENTIFIED BY 'xxx'; +GRANT ALL PRIVILEGES ON carom.* TO 'carom'@'localhost'; +CREATE DATABASE carom-int DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci; +CREATE USER 'carom-int'@'localhost' IDENTIFIED BY 'xxx'; +GRANT ALL PRIVILEGES ON carom-int.* TO 'carom-int'@'localhost'; +FLUSH PRIVILEGES; +``` + +### Passphrases should be replaced by usefull characters + +## Create systemd unit file for uwsgi (/etc/systemd/system/uwsgi.service): + +``` +[Unit] +Description=uWSGI Emperor service + +[Service] +ExecStartPre=/bin/bash -c 'mkdir -p /run/uwsgi; chown www-data:www-data /run/uwsgi' +ExecStart=/usr/bin/uwsgi --emperor /etc/uwsgi/apps-enabled +Restart=always +KillSignal=SIGQUIT +Type=notify +NotifyAccess=all + +[Install] +WantedBy=multi-user.target +``` + +## Checkout carom + +``` +cd /srv +git clone http://git.einsle.de/carom/carom-server.git carom +git clone http://git.einsle.de/carom/carom-server.git carom-int +cd carom-int +git checkout develop +git pull +cd .. +``` + +## Install pipenv + +``` +Pip3 install –upgrade pipenv +``` + +## Create caromserver/local_settings.py for both environments: + +``` +cd caromserver +cp local_settings_example.py local_settings.py +vi local_settings.py +ALLOWED_HOSTS, ADMINS, DEBUG should be filled +SECRET_KEY use pwgen 50 1 to create content for +DATABASES settings +cd .. +mkdir .venv +pipenv install +pipenv run python manage.py migrate +pipenv run python manage.py collectstatic +``` + +Do it for /srv/carom and /srv/carom-int + +## Create config File for uwsgi/carom + +``` +# carom...ini file +[uwsgi] +plugin = python3 +chdir = /srv/carom/ +module = caromserver.wsgi:application +home = /srv/carom/.venv/ +master = true +processes = 5 +vacuum = true +uid = www-data +gid = www-data +workers = 2 +#socket = /run/uwsgi/app/carom.socket +chmod-socket = 660 +log-date = true +``` + +Create it for /etc/uwsgi/apps-available/carom and carom-int and link it +to /etc/uwsgi/apps-enabled/ +systemctl restart uwsgi +Show at syslog for errors and fix it. + +## Create Config File for nginx/carom + +``` +upstream socket_carom { + server unix:///run/uwsgi/app/carom.sock; +} + +server { + listen 80; + listen [::]:80; + server_name carom...; + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl; + listen [::]:443 ssl; + server_name carom...; + ssl_certificate /etc/ssl/certs/xxx; + ssl_certificate_key /etc/ssl/private/xxx; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers HIGH:!aNULL:!MD5; + charset utf-8; + client_max_body_size 75M; # adjust to taste + location /media { + alias /srv/carom/media; + } + location /static { + alias /srv/carom/static; + } + location / { + uwsgi_pass socket_carom; + include /etc/nginx/uwsgi_params; + } +} +``` + +Create it for /etc/ngin/sites-available/carom... and carom-int... and link it +to /etc/ngin/sites-enabled/ +systemctl restart nginx