Template:Installation/Preparation/openSUSE: Difference between revisions

From diaspora* project wiki
(+cat)
Line 174: Line 174:
cd ~
cd ~
|lang="bash"}}
|lang="bash"}}
[[Category:Templates]]

Revision as of 07:40, 16 August 2017

Install packages

As root run:

zypper install ruby-devel rubygem-bundler make automake gcc gcc-c++ git libcurl-devel ImageMagick ImageMagick-extra libtool bison libtool patch libxml2-devel libxslt-devel libffi-devel libyaml-devel nodejs

Install database

If you already have one skip this step.

As root run:

zypper install

Self-signed certificate

openSUSE didn't came with the SSL certificate so we are going to do it.

Create the Server Key and Certificate Signing Request

openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr

Removing the passphrase

cp server.key server.key.org
openssl rsa -in server.key.org -out server.key

Signing your SSL Certificate

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Copying certificate to /etc/ssl/certs/

cp server.crt server.key /etc/ssl/certs/

NGINX

You can choose to user nginx.

Installing packages

As root run:

zypper install nginx rubygem-passenger-nginx

nginx.conf

Attention to this options:

  • root -> be sure to point diaspora directory
  • your_domain_here -> replace it by your own domain


  worker_processes 1;
  error_log  /var/log/nginx/error.log;
  events { worker_connections  256; }

  http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile      on;
    keepalive_timeout 15;
    client_max_body_size 5m;

    passenger_root /usr/lib64/ruby/gems/2.0.0/gems/passenger-4.0.18;
    passenger_ruby /usr/bin/ruby;

    server {
        listen 80;
        server_name opensuse.ensol.org.br;
         rewrite ^/(.*) https://your_domain_here/$1 permanent;
    }

    upstream thin_cluster {
        server localhost:3000;
    }

    server {
        listen 443 ssl;
        server_name your_domain_here;

        ssl on;
        ssl_certificate      /etc/ssl/certs/server.crt;
        ssl_certificate_key  /etc/ssl/certs/server.key;

        passenger_enabled on;
        rails_env production;

        root /home/diaspora/diaspora/public;

        error_log  /var/log/nginx/diaspora.error-ssl.log;
        access_log /var/log/nginx/diaspora.access-ssl.log;

        error_page 500 502 503 504 /50x.html;
        location = /50x.html { root html; }

        location /uploads/images {
          expires 1d;
          add_header Cache-Control public;
        }

        location /assets {
          expires 1d;
          add_header Cache-Control public;
        }
    }
  }


Firewall

openSUSE use to have a firewall turned on (good work!) but this filter the HTTP/s protocols. In this particular case we need ports 80 and 443 open.

To do so, do as follows:

As root run:

SuSEfirewall2 stop

echo "TCP=\"80 443\"" > /etc/sysconfig/SuSEfirewall2.d/services/http

Edit /etc/sysconfig/SuSEfirewall2 and add "http" into FW_CONFIGURATIONS_EXT=, like this:

FW_CONFIGURATIONS_EXT="http"

Finally run:

SuSEfirewall2 start

Setup REDIS

As root run:

cp /etc/redis/default.conf.example /etc/redis/default.conf
chown redis: /etc/redis/default.conf

/etc/init.d/redis restart

Creating a user for Diaspora

As root run:

useradd -m diaspora
su - diaspora
cd ~