carom-server/INSTALL.md
2019-02-25 10:04:56 +01:00

200 lines
4.3 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Preparing
- [ ] Install and configure Mailsystem (postfix) so it is possible to send mails
- [ ] Install python ```apt install python3 python3-pip python3-venv python3-virtualenv```
- [ ] Install uwsgi ```apt install uwsgi uwsgi-plugin-python3```
- [ ] Install and configure mariadb-server ```mysql_secure_installation```
- [ ] Install and configure nginx und let's encrypt or similar
- [ ] Install git ```apt install git```
# Installation
- [ ] Create databases for carom and carom-int
```
-- carom
CREATE DATABASE carom DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
CREATE USER 'carom'@'localhost' IDENTIFIED BY 'xxx';
GRANT ALL PRIVILEGES ON carom.* TO 'carom'@'localhost';
CREATE DATABASE `carom-int` DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
CREATE USER 'carom-int'@'localhost' IDENTIFIED BY 'xxx';
GRANT ALL PRIVILEGES ON `carom-int`.* TO 'carom-int'@'localhost';
FLUSH PRIVILEGES;
```
Passphrases should be replaced by useful characters
- [ ] Create systemd unit file for uwsgi (/etc/systemd/system/uwsgi.service):
```
[Unit]
Description=uWSGI Emperor service
[Service]
ExecStartPre=/bin/bash -c 'mkdir -p /run/uwsgi; chown www-data:www-data /run/uwsgi'
ExecStart=/usr/bin/uwsgi --emperor /etc/uwsgi/apps-enabled
Restart=always
KillSignal=SIGQUIT
Type=notify
NotifyAccess=all
[Install]
WantedBy=multi-user.target
```
- [ ] Reread systemd configs for uwsgi
```
systemctl daemon-reload
systemctl enable uwsgi.service
systemctl restart uwsgi.service
```
- [ ] Checkout carom
```
cd /srv
git clone http://git.einsle.de/carom/carom-server.git carom
git clone http://git.einsle.de/carom/carom-server.git carom-int
cd carom-int
git checkout develop
git pull
cd ..
```
- [ ] Install pipenv
```
pip3 install upgrade pipenv
```
- [ ] Install mysqlclient
```
apt install libmariadbclient-dev
```
In environments carom run
```
pipenv install mysqlclient
```
```
git checkout -- Pipfile Pipfile.lock
git status
```
- [ ] Create caromserver/local_settings.py for both environments:
```
cd caromserver
cp local_settings_example.py local_settings.py
vi local_settings.py
ALLOWED_HOSTS, ADMINS, DEBUG should be filled
SECRET_KEY use pwgen 50 1 to create content for
DATABASES settings
cd ..
mkdir .venv
pipenv install
pipenv run python manage.py migrate
pipenv run python manage.py collectstatic
```
Do it for /srv/carom and /srv/carom-int
- [ ] Create Superuser Accounts using:
```
pipenv run python manage.py createsuperuser
```
- [ ] Create config File for uwsgi/carom
```
# carom...ini file
[uwsgi]
plugin = python3
chdir = /srv/carom/
module = caromserver.wsgi:application
home = /srv/carom/.venv/
master = true
processes = 5
vacuum = true
uid = www-data
gid = www-data
workers = 2
socket = /run/uwsgi/carom.socket
chmod-socket = 660
log-date = true
```
Create it for /etc/uwsgi/apps-available/carom.ini and carom-int.ini and link it
to /etc/uwsgi/apps-enabled/
```
systemctl restart uwsgi.service
```
Show at syslog for errors and fix it.
- [ ] Create Config File for nginx/carom
```
upstream socket_carom {
server unix:///run/uwsgi/carom.socket;
}
server {
listen 80;
listen [::]:80;
server_name carom...;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name carom...;
ssl_certificate /etc/ssl/certs/xxx;
ssl_certificate_key /etc/ssl/private/xxx;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
charset utf-8;
client_max_body_size 75M; # adjust to taste
location /media {
alias /srv/carom/media;
}
location /static {
alias /srv/carom/staticfiles;
}
location / {
uwsgi_pass socket_carom;
include /etc/nginx/uwsgi_params;
}
}
```
Create it for /etc/ngin/sites-available/carom... and carom-int... and link it
to /etc/ngin/sites-enabled/
Path to certificates must be modified.
```
systemctl restart nginx
```
- [ ] Create update.sh in carom and carom-int root dir
```
pushd /srv/carom/
git pull
pipenv update
pipenv run python manage.py migrate
pipenv run python manage.py collectstatic --noinput
touch /etc/uwsgi/apps-enabled/carom.ini
popd
```
Path to uwsgi config file (in apps-enabled) musst be matching.