Template:Installation/Preparation/openSUSE: Difference between revisions

From diaspora* project wiki
(+cat)
m (Add switch for MariaDB)
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
=== Install packages ===
=== Install packages ===
As root run:


{{#tag:syntaxhighlight|
{{#tag:syntaxhighlight|
zypper install ruby-devel rubygem-bundler make automake gcc gcc-c++ git libcurl-devel ImageMagick ImageMagick-extra libtool bison libtool patch libxml2-devel libxslt-devel libffi-devel libyaml-devel nodejs
sudo zypper install make automake gcc gcc-c++ git libcurl-devel ImageMagick ImageMagick-extra libtool bison libtool patch libxml2-devel libxslt-devel libffi-devel libyaml-devel nodejs gdbm-devel libopenssl-devel
|lang=bash}}
|lang=bash}}


Line 10: Line 8:


If you already have one skip this step.
If you already have one skip this step.
As root run:
{{#tag:syntaxhighlight|
zypper install {{#switch: {{#var:DB}}|mysql=mysql-community-server mysql-community-server-client libmysqlclient-devel|postgres=postgresql-server}}
|lang=bash}}
=== Self-signed certificate ===
openSUSE didn't came with the SSL certificate so we are going to do it.
Create the Server Key and Certificate Signing Request
{{#tag:syntaxhighlight|
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
|lang=bash}}
Removing the passphrase
{{#tag:syntaxhighlight|
cp server.key server.key.org
openssl rsa -in server.key.org -out server.key
|lang=bash}}
Signing your SSL Certificate


{{#tag:syntaxhighlight|
{{#tag:syntaxhighlight|
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
sudo zypper install {{#switch: {{#var:DB}}|mysql=mariadb libdb-4_8|postgres=postgresql-server|mariadb=mariadb libdb-4_8}}
|lang=bash}}
|lang=bash}}
Copying certificate to '''/etc/ssl/certs/'''
{{#tag:syntaxhighlight|
cp server.crt server.key /etc/ssl/certs/
|lang=bash}}
=== NGINX ===
You can choose to user nginx.
==== Installing packages ====
As root run:
{{#tag:syntaxhighlight|
zypper install nginx rubygem-passenger-nginx
|lang=bash}}
==== nginx.conf ====
Attention to this options:
* '''root''' -> be sure to point diaspora directory
* '''your_domain_here''' -> replace it by your own domain
{{#tag:syntaxhighlight|
  worker_processes 1;
  error_log  /var/log/nginx/error.log;
  events { worker_connections  256; }
  http {
    include      mime.types;
    default_type  application/octet-stream;
    sendfile      on;
    keepalive_timeout 15;
    client_max_body_size 5m;
    passenger_root /usr/lib64/ruby/gems/2.0.0/gems/passenger-4.0.18;
    passenger_ruby /usr/bin/ruby;
    server {
        listen 80;
        server_name opensuse.ensol.org.br;
        rewrite ^/(.*) https://your_domain_here/$1 permanent;
    }
    upstream thin_cluster {
        server localhost:3000;
    }
    server {
        listen 443 ssl;
        server_name your_domain_here;
        ssl on;
        ssl_certificate      /etc/ssl/certs/server.crt;
        ssl_certificate_key  /etc/ssl/certs/server.key;
        passenger_enabled on;
        rails_env production;
        root /home/diaspora/diaspora/public;
        error_log  /var/log/nginx/diaspora.error-ssl.log;
        access_log /var/log/nginx/diaspora.access-ssl.log;
        error_page 500 502 503 504 /50x.html;
        location = /50x.html { root html; }
        location /uploads/images {
          expires 1d;
          add_header Cache-Control public;
        }
        location /assets {
          expires 1d;
          add_header Cache-Control public;
        }
    }
  }
|lang=bash}}


=== Firewall ===
=== Firewall ===
Line 134: Line 20:
To do so, do as follows:
To do so, do as follows:


As root run:
TODO: Adapt to systemd
 
{{#tag: syntaxhighlight|
SuSEfirewall2 stop
 
echo "TCP=\"80 443\"" > /etc/sysconfig/SuSEfirewall2.d/services/http
|lang="bash"}}
 
Edit '''/etc/sysconfig/SuSEfirewall2''' and add "http" into FW_CONFIGURATIONS_EXT=, like this:
 
{{#tag: syntaxhighlight|
FW_CONFIGURATIONS_EXT="http"
|lang="bash"}}
 
Finally run:
 
{{#tag: syntaxhighlight|
SuSEfirewall2 start
|lang="bash"}}


=== Setup REDIS ===
=== Setup REDIS ===
Line 159: Line 27:


{{#tag: syntaxhighlight|
{{#tag: syntaxhighlight|
zypper install redis
cp /etc/redis/default.conf.example /etc/redis/default.conf
cp /etc/redis/default.conf.example /etc/redis/default.conf
chown redis: /etc/redis/default.conf
chown redis: /etc/redis/default.conf
|lang="bash"}}


/etc/init.d/redis restart
TODO: Adapt properly to systemd
|lang="bash"}}


=== Creating a user for Diaspora ===
=== Creating a user for Diaspora ===
Line 170: Line 39:


{{#tag: syntaxhighlight|
{{#tag: syntaxhighlight|
useradd -m diaspora
sudo useradd -m diaspora
su - diaspora
sudo su - diaspora
cd ~
|lang="bash"}}
|lang="bash"}}




[[Category:Templates]]
[[Category:Templates]]

Latest revision as of 09:53, 25 March 2018

Install packages

sudo zypper install make automake gcc gcc-c++ git libcurl-devel ImageMagick ImageMagick-extra libtool bison libtool patch libxml2-devel libxslt-devel libffi-devel libyaml-devel nodejs gdbm-devel libopenssl-devel

Install database

If you already have one skip this step.

sudo zypper install

Firewall

openSUSE use to have a firewall turned on (good work!) but this filter the HTTP/s protocols. In this particular case we need ports 80 and 443 open.

To do so, do as follows:

TODO: Adapt to systemd

Setup REDIS

As root run:

zypper install redis
cp /etc/redis/default.conf.example /etc/redis/default.conf
chown redis: /etc/redis/default.conf

TODO: Adapt properly to systemd

Creating a user for Diaspora

As root run:

sudo useradd -m diaspora
sudo su - diaspora