From dae027e21dbed187a834e67be4234519c23f69ce Mon Sep 17 00:00:00 2001 From: lucidiot Date: Sun, 4 Dec 2022 19:46:13 +0100 Subject: [PATCH] Migrate Brainshit to forest --- content/forest.md | 107 +++++++++++++++++++++++++++++++++++++++----- content/mountain.md | 4 +- 2 files changed, 100 insertions(+), 11 deletions(-) diff --git a/content/forest.md b/content/forest.md index f8f65dc..5958402 100644 --- a/content/forest.md +++ b/content/forest.md @@ -121,30 +121,115 @@ Those are the notes I was supposed to make for `mountain` really, but never got ### MariaDB -TODO +- Install and start MariaDB: -``` -sudo apk add mariadb mariadb-client -``` + ``` + sudo apk add mariadb mariadb-client + sudo rc-service mariadb setup + sudo rc-service mariadb start + ``` + +- Run the setup wizard: `sudo mariadb-secure-installation` + +- Keep passwordless access for root without UNIX socket so you can do `sudo mariadb` + +- Disallow remote login + +- Remove anonymous users and the `test` database + +- Run `INSTALL SONAME 'auth_ed25519';` on the database + +- Start on boot: `sudo rc-update add mariadb default` ### PHP -TODO +- Install PHP: `sudo apk add php81-fpm` -``` -sudo apk add php81-fpm php81-mbstring php81-mysqli php81-session -``` +- Edit `/etc/php81/php-fpm.d/www.conf`: + + ``` + group = nginx + listen = /run/php-fpm81/php.sock + listen.user = nobody + listen.group = nginx + ``` + +- Start PHP: `sudo rc-service php-fpm81 start` + +- Start on boot: `sudo rc-update add php-fpm81 default` ### Brainshit -TODO +- `sudo mkdir -p /var/www/brainshit.fr` + +- Upload Brainshit source code to `/var/www/brainshit.fr/` + +- `sudo chown -R root:nginx /var/www/brainshit.fr` + +- Install dependencies: `sudo apk add certbot-nginx php81-mbstring php81-mysqli php81-session` + +- Edit nginx config: `sudo vim /etc/nginx/http.d/default.conf` + +- Carry over Let's Encrypt config and certs and DB dump from the previous server: + + ``` + ssh mountain + sudo tar czf letsencrypt.tar.gz /etc/letsencrypt + sudo mariadb-dump -p brainshit > brainshit.sql + ^D + + scp mountain:letsencrypt.tar.gz mountain:brainshit.sql forest: + + ssh forest + sudo mariadb -e 'CREATE DATABASE brainshit;' + sudo mariadb -p brainshit < brainshit.sql + sudo mariadb -e "CREATE USER brainshit@localhost IDENTIFIED BY '$PASSWORD';" + sudo mariadb -e 'REVOKE ALL PRIVILEGES, GRANT OPTION FROM brainshit@localhost' + sudo mariadb -e 'GRANT SELECT, INSERT, UPDATE, DELETE ON brainshit.* TO brainshit@localhost' + cd / + sudo tar xf ~/letsencrypt.tar.gz + cd ~ + rm letsencrypt.tar.gz brainshit.sql + ``` + +- Edit `/var/www/brainshit.fr/config.inc.php` to set the database credentials + +- Start nginx: `sudo rc-service nginx start` + +- Start nginx on boot: `sudo rc-update add nginx default` + +### Caddy + +Failed attempt at setting up Caddy instead of nginx: + +- ``` + sudo apk add caddy + sudo mkdir -p /var/log/caddy + sudo chown caddy:caddy /var/log/caddy + sudo chown -R root:caddy /var/www/brainshit.fr + ``` + +- Edit `/etc/php81/php-fpm.d/www.conf`: + + ``` + group = caddy + listen = /run/php-fpm81/php.sock + listen.user = nobody + listen.group = caddy + ``` + +- Edit `/etc/caddy/Caddyfile` + +- Start Caddy: `sudo rc-service caddy start` + +- Start Caddy on boot: `sudo rc-update add caddy default` ### CUPS A CUPS server to print on a SII RP-D10 thermal printer, also advertised over SMB. * ``` - apk add build-base cups cups-filters cups-dev cups-filters-dev libjpeg libpng tiff ghostscript eudev + sudo apk add build-base cups cups-filters cups-dev cups-filters-dev libjpeg libpng tiff ghostscript eudev wget https://www.seiko-instruments.de/fileadmin/user_upload/CUPSFilter_Ver.1.2.0.zip unzip CUPSFilter_Ver.1.2.0.zip cd CUPSFilter_Ver.1.2.0 @@ -236,6 +321,8 @@ TODO TODO +https://lambdacreate.com/posts/37 + ### msmtp - `sudo apk add msmtp` diff --git a/content/mountain.md b/content/mountain.md index a979dea..541e00d 100644 --- a/content/mountain.md +++ b/content/mountain.md @@ -23,7 +23,9 @@ versions and my Linux systems easier. I tried to write some setup docs when I first set it up, but of course I did not write everything down, that would be too easy. -`mountain` is now slowly being migrated over to [forest](./forest.html). +`mountain` has been migrated to [forest](./forest.html), a more +energy-efficient server. All services on `mountain` have been officially +stopped on 2022-12-04. ## Base setup