UUGRN:Services/draw.uugrn.org
Aus UUGRN
__ ____ ______ __________ ____ _________ _ ASCII / / / / / / / __ `/ ___/ __ \ / __ \/ ___/ __ `/ DRAW _/ /_/ / /_/ / /_/ / / / / / // /_/ / / / /_/ / PAD (_)__,_/\__,_/\__, /_/ /_/ /_(_)____/_/ \__, / ADMIN: /____/ sh+admin[at]uugrn.org /____/ OS: Debian Version: 10 (Buster) Architecture: amd64 CPU: 1x Intel Xeon Processor (Skylake, IBRS) SPEED: 2294Mhz Memory: 1983MB Welcome to {ascii,draw,pad}.uugrn.org
ETHERDRAW SERVER
Etherdraw - wie Etherpad, nur zeichnen...
- Host: draw.uugrn.org
ADMIN: sdk (sh+uugrn@uugrn.org)
INSTALL LOG
OS: Debian Buster (10)
Installierte Software
- etherdraw
- nginx (als reverse proxy)
- posgresql
Etherdraw läuft unter dem User "etherpad". Das Home directory des users ist /data/etherpad-lite.
(ja, das stimmt wirklich so - ich habe den Etherpad-Benutzer wiederverwendet)
User anlegen
Schon erledigt (siehe pad.uugrn.org)
Datenbank anlegen
War schon installiert (siehe pad.uugrn.org)
$ sudo -su postgresql $ psql CREATE DATABASE etherdraw OWNER etherpad; ^D
Etherdraw installieren
$ cd /data $ git clone https://github.com/JohnMcLear/draw.git $ chown -R etherpad:etherpad draw
In der Datei settings.json die Datenbankverbindung hinterlegen:
"dbType" : "postgres", "dbSettings" : { "user" : "etherdraw", "host" : "/var/run/postgresql", "password": "*******", "database": "etherpad", "charset" : "utf8mb4" },
SystemD Service installieren
$ cat /etc/systemd/system/etherdraw.service [Unit] Description=etherdraw (real-time collaborative drawing) After=syslog.target network.target [Service] Type=simple User=etherpad Group=etherpad Environment=NODE_ENV=production ExecStart=/bin/sh /data/draw/bin/run.sh [Install] WantedBy=multi-user.target $ systemctl enable etherdraw $ service etherdraw start
NGINX Reverse Proxy installieren
War schon installiert (siehe pad.uugrn.org)
$ cat /etc/nginx/sites-enabled/etherdraw server { listen 443 ssl; server_name draw.uugrn.org; access_log /var/log/nginx/draw.uugrn.org.access.log; error_log /var/log/nginx/draw.uugrn.org.error.log; ssl_certificate /etc/letsencrypt/live/draw.uugrn.org/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/draw.uugrn.org/privkey.pem; include /etc/letsencrypt/options-ssl-nginx.conf; ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; location / { proxy_pass http://localhost:9002/; proxy_set_header Host $host; proxy_pass_header Server; proxy_buffering off; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; } } # we're in the http context here map $http_upgrade $connection_upgrade { default upgrade; '' close; } server { listen 80; server_name draw.uugrn.org; rewrite ^(.*) https://$server_name$1 permanent; }
Letsencrypt einrichten
War schon installiert (siehe pad.uugrn.org)
$ apt-get install certbot python3-certbot-nginx $ certbot -d draw.uugrn.org <run through wizard> service nginx reload