carom-server/INSTALL.md
2019-02-25 10:04:56 +01:00

4.3 KiB
Raw Blame History

Preparing

  • Install and configure Mailsystem (postfix) so it is possible to send mails
  • Install python apt install python3 python3-pip python3-venv python3-virtualenv
  • Install uwsgi apt install uwsgi uwsgi-plugin-python3
  • Install and configure mariadb-server mysql_secure_installation
  • Install and configure nginx und let's encrypt or similar
  • Install git apt install git

Installation

  • Create databases for carom and carom-int
-- carom
CREATE DATABASE carom DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
CREATE USER 'carom'@'localhost' IDENTIFIED BY 'xxx';
GRANT ALL PRIVILEGES ON carom.* TO 'carom'@'localhost';
CREATE DATABASE `carom-int` DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
CREATE USER 'carom-int'@'localhost' IDENTIFIED BY 'xxx';
GRANT ALL PRIVILEGES ON `carom-int`.* TO 'carom-int'@'localhost';
FLUSH PRIVILEGES;

Passphrases should be replaced by useful characters

  • Create systemd unit file for uwsgi (/etc/systemd/system/uwsgi.service):
[Unit]
Description=uWSGI Emperor service

[Service]
ExecStartPre=/bin/bash -c 'mkdir -p /run/uwsgi; chown www-data:www-data /run/uwsgi'
ExecStart=/usr/bin/uwsgi --emperor /etc/uwsgi/apps-enabled
Restart=always
KillSignal=SIGQUIT
Type=notify
NotifyAccess=all

[Install]
WantedBy=multi-user.target
  • Reread systemd configs for uwsgi
systemctl daemon-reload
systemctl enable uwsgi.service
systemctl restart uwsgi.service
  • Checkout carom
cd /srv
git clone http://git.einsle.de/carom/carom-server.git carom
git clone http://git.einsle.de/carom/carom-server.git carom-int
cd carom-int
git checkout develop
git pull
cd ..
  • Install pipenv
pip3 install upgrade pipenv
  • Install mysqlclient
apt install  libmariadbclient-dev

In environments carom run

pipenv install mysqlclient
git checkout -- Pipfile Pipfile.lock
git status
  • Create caromserver/local_settings.py for both environments:
cd caromserver
cp local_settings_example.py local_settings.py
vi local_settings.py
ALLOWED_HOSTS, ADMINS, DEBUG should be filled
SECRET_KEY use pwgen 50 1 to create content for
DATABASES settings
cd ..
mkdir .venv
pipenv install
pipenv run python manage.py migrate
pipenv run python manage.py collectstatic

Do it for /srv/carom and /srv/carom-int

  • Create Superuser Accounts using:
pipenv run python manage.py createsuperuser
  • Create config File for uwsgi/carom
# carom...ini file
[uwsgi]
plugin          = python3
chdir           = /srv/carom/
module          = caromserver.wsgi:application
home            = /srv/carom/.venv/
master          = true
processes       = 5
vacuum          = true
uid             = www-data
gid             = www-data
workers         = 2
socket          = /run/uwsgi/carom.socket
chmod-socket    = 660
log-date        = true

Create it for /etc/uwsgi/apps-available/carom.ini and carom-int.ini and link it to /etc/uwsgi/apps-enabled/

systemctl restart uwsgi.service

Show at syslog for errors and fix it.

  • Create Config File for nginx/carom
upstream socket_carom {
    server unix:///run/uwsgi/carom.socket;
}

server {
    listen 80;
    listen [::]:80;
    server_name carom...;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name carom...;
    ssl_certificate     /etc/ssl/certs/xxx;
    ssl_certificate_key /etc/ssl/private/xxx;
    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers         HIGH:!aNULL:!MD5;
    charset     utf-8;
    client_max_body_size 75M;   # adjust to taste
    location /media  {
        alias /srv/carom/media;
    }
    location /static {
        alias /srv/carom/staticfiles;
    }
    location / {
        uwsgi_pass  socket_carom;
        include     /etc/nginx/uwsgi_params;
    }
}

Create it for /etc/ngin/sites-available/carom... and carom-int... and link it to /etc/ngin/sites-enabled/

Path to certificates must be modified.

systemctl restart nginx
  • Create update.sh in carom and carom-int root dir
pushd /srv/carom/
git pull
pipenv update
pipenv run python manage.py migrate
pipenv run python manage.py collectstatic --noinput
touch /etc/uwsgi/apps-enabled/carom.ini
popd

Path to uwsgi config file (in apps-enabled) musst be matching.