Project-Insanity

Site Tools

Trace:
Hotfix release available: 2024-02-06a "Kaos". upgrade now! [55.1] (what's this?)
New release available: 2024-02-06 "Kaos". upgrade now! [55] (what's this?)
projectinsanity:server_setup_experimental

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

projectinsanity:server_setup_experimental [2018/06/06 13:05] – created 141.52.104.86projectinsanity:server_setup_experimental [2021/10/31 10:42] (current) – external edit 127.0.0.1
Line 1: Line 1:
 +====== http-d9.pi ======
 +===== pi_wordpress =====
 +Neuer zentraler http-Server, auf dem Caddy, Kryops, Baikal, Wordpress und TS3-Webfrontend in systemd-nspawn containern läuft.
 +<code bash>
 +useradd pi_ts3 -u -g
 +useradd -m -u $((4325376+33)) pi_wordpress                                                                                                   
 +</code>
 +Folgendes Skript erstellt ein ZFS-Volume mit dem angegebenen Namen. Führt danach ein deboostrap aus und installiert die in $name/vars angegebenen Packete. Die nspawn-Konfigurationsdatei, die Informationen enthält zu UserID- und Datei-Mapping des Containers, wird nach /etc/systemd/nspawn gesymlinkt.
 +<code bash>
 +/root/nspawn/build.sh pi_wordpress
 +/root/nspawn/build.sh pi_ts3
 +</code>
 +<file - /etc/systemd/nspawn/pi_wordpress.nspawn>
 +[Exec]
 +PrivateUsers=4325376
  
 +[Files]
 +PrivateUsersChown=true
 +BindReadOnly=/home/pi_wordpress/nginx_vhost:/etc/nginx/sites-available/default
 +Bind=/home/pi_wordpress/wordpress/:/var/www/html
 +</file>
 +<file - /etc/systemd/nspawn/pi_ts3.nspawn>
 +[Exec]
 +PrivateUsers=2097152
 +
 +[Files]
 +PrivateUsersChown=true
 +BindReadOnly=/home/pi_ts3/nginx_vhost:/etc/nginx/sites-available/default
 +Bind=/home/pi_ts3/www/:/var/www/html
 +</file>
 +<file - /etc/systemd/nspawn/caddy.nspawn>
 +[Exec]
 +PrivateUsers=4390912
 +
 +[Files]
 +PrivateUsersChown=true
 +Bind=/home/caddy/ssl:/etc/ssl/caddy
 +Bind=/home/caddy/logs:/var/log/caddy
 +BindReadOnly=/root/nspawn/caddy/Caddyfile:/etc/caddy/Caddyfile
 +BindReadOnly=/root/nspawn/caddy/caddy.sh:/usr/local/bin/caddy
 +
 +[Network]
 +VirtualEthernet=false
 +Private=false
 +</file>
 +<code>
 +systemctl start systemd-nspawn@pi_ts3
 +systemctl enable systemd-nspawn@pi_ts3
 +systemctl start systemd-nspawn@pi_wordpress
 +systemctl enable systemd-nspawn@pi_wordpress
 +systemctl start systemd-nspawn@caddy
 +systemctl enable systemd-nspawn@caddy
 +</code>
 +Todo: private-network oder firewall?
 +===== caddy =====
 +<code bash>
 +vim /root/nspawn/caddy/Caddyfile
 +systemctl restart systemd-nspawn@caddy
 +</code>
 +===== wordpress =====
 +
 +SSL für administrativen Bereich erzwingen:
 +<file php /var/www/project-insanity.org/wp-config.php>
 +define(‘FORCE_SSL_ADMIN’, true);
 +/* That’s all, stop editing! Happy blogging. */
 +</file>
 +Plugins und Wordpress ohne FTP-Zugang direkt aktualisieren:
 +<file php /var/www/project-insanity.org/wp-config.php>
 +define('FS_METHOD', 'direct');
 +/* That’s all, stop editing! Happy blogging. */
 +</file>
 +Möglicherweise müssen noch die Schreibrechte für den ''wp-content''-Ordner angepasst werden.
 +==== plugins ====
 +  * WP Statistics
 +  * Crayon Syntax Highlighter
 +  * Gallery Carousel Without JetPack

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
CC Attribution-Noncommercial-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki