From b8d5ce2542d06b1b86241db10e2c1d666f2a33ff Mon Sep 17 00:00:00 2001 From: Wookey Date: Sun, 21 Apr 2024 00:01:49 +0100 Subject: [PATCH] Update for bulseye --- _deploy/debian-server/serversetup | 114 ++++++++++++++++++++++++++---- 1 file changed, 102 insertions(+), 12 deletions(-) diff --git a/_deploy/debian-server/serversetup b/_deploy/debian-server/serversetup index 1c54546..7707a90 100644 --- a/_deploy/debian-server/serversetup +++ b/_deploy/debian-server/serversetup @@ -1,15 +1,105 @@ Instructions for setting up new expo debian server/VM -For Debian Stretch, June 2019. - -[Note added March 2021: -See also http://expo.survex.com/handbook/troggle/serverconfig.html -and troggle/README.txt ] +======= +See also http://expo.survex.com/handbook/troggle/serverconfig.html +and troggle/README.txt + +For Debian Bullseye (Debian 11) June 2022 adduser expo apt install openssh-server mosh tmux mc zile emacs-nox mc most ncdu -apt install python-django apache2 mysql-server survex make rsync -apt install libjs-openlayers make +apt install python-django apache2 certbot mysql-server survex make rsync +apt install libjs-openlayers +apt install git mercurial +(certbot does https certs) + +for boe: +apt install libcgi-session-perl libcrypt-passwdmd5-perl libfile-slurp-perl libgit-wrapper-perl libhtml-template-perl libhtml-template-pro-perl libmime-lite-perl libtext-password-pronounceable-perl libtime-parsedate-perl libuuid-tiny-perl libcrypt-cracklib-perl + +setup apache configs for cucc and expo +#disable default website +a2dissite 000-default +a2ensite cucc-ssl +a2ensite expo-ssl +#a2enmod cgid + +Boe config: +Alias /boe /home/expo/boe/boc/boc.pl + + AddHandler cgi-script .pl + SetHandler cgi-script + Options +ExecCGI + Require all granted + +And remember to set both program and data dir to be +www-data:www-data +(optionally make file group read/write by treasurer account) +create empty repo by clicking create in boe interface +then set names in 'settings' + +Set up mysql (as root) +mysql -p +CREATE DATABASE troggle; +GRANT ALL PRIVILEGES ON troggle.* TO 'expo'@'localhost' IDENTIFIED BY 'somepassword'; + +install django: +sudo apt install python3-django python3-django-registration python3-django-imagekit python3-django-tinymce fonts-freefont-ttf libapache2-mod-wsgi-py3 + +python-django-imagekit comes from https://salsa.debian.org/python-team/modules/python-django-imagekit +python-django-tinymce comes from https://salsa.debian.org/python-team/modules/python-django-tinymce +(both modified for stretch/python2). packages under /home/wookey/packages/ + +need fonts-freefont-ttf (to have truetype freesans available for troggle via PIL) +need libapache2-mod-wsgi for apache wsgi support. + +To keep bots from overloading server use mpm_event intead of mpm_worker +sudo a2dismod mpm_prefork +sudo a2enmod mpm_event + +Also adjust the numbers in the config file (~/config/apache/mods-available/mpm_event.conf) + for our tiddly server: + StartServers 1 + MinSpareThreads 2 + MaxSpareThreads 15 + ThreadLimit 25 + ThreadsPerChild 5 + MaxRequestWorkers 25 + MaxConnectionsPerChild 500 + +Kanboard: +debian python3-kanboard is a bit too simple, so use http://kanboard.org/ instead +unpack release files into /home/expo/kanboard +add this stanza to ~/config/apache/expo.conf +Alias /kanboard /home/expo/kanboard + + AllowOverride All + Require all granted + + +Dependencies are php and php-bcmath +php with mpm_worker and cgi is simple, but we are not using +mpm_worker any more so this is not possible anyway. + +php with mpm_event needs fpm mechanism and apache proxy_fcgi enabled +This mechanism is a lot more efficient on the server. +Good docs here: https://www.digitalocean.com/community/tutorials/how-to-configure-apache-http-with-mpm-event-and-php-fpm-on-ubuntu-18-04 + +apt install php-fpm libapache2-mod-fcgid +sudo a2dismod php7.4 (this normal config works via mpm_worker) +sudo a2enconf php7.4-fpm (this one works with mpm_event via proxy magic) +sudo a2enmod proxy +sudo a2enmod proxy_fcgi + +apt install php-bcmath (for kanboard) + + +------------------------------ +For Debian Stretch, June 2019. +----------------------------- +adduser expo +apt install openssh-server mosh tmux mc zile emacs-nox mc most ncdu +apt install python-django apache2 mysql-server survex make rsync +apt install libjs-openlayers make apt install git mercurial mercurial-server? for boe: @@ -45,10 +135,10 @@ a2enmod cgid Boe config: Alias /boe /home/expo/boe/boc/boc.pl - AddHandler cgi-script .pl - SetHandler cgi-script - Options +ExecCGI - Require all granted + AddHandler cgi-script .pl + SetHandler cgi-script + Options +ExecCGI + Require all granted And remember to set both program and data dir to be www-data:www-data @@ -59,7 +149,7 @@ then set names in 'settings' Set up mysql (as root) mysql -p CREATE DATABASE troggle; -GRANT ALL PRIVILEGES ON troggle.* TO 'expo'@'localhost' IDENTIFIED BY 'somepassword'; +GRANT ALL PRIVILEGES ON troggle.* TO 'expo'@'localhost' IDENTIFIED BY 'somepassword'; install django: NO!