UUGRN:Services/draw.uugrn.org: Unterschied zwischen den Versionen
Aus UUGRN
Sdk (Diskussion | Beiträge) |
Sdk (Diskussion | Beiträge) |
||
(4 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
Zeile 1: | Zeile 1: | ||
+ | {{Navigationsleiste Services}} | ||
<pre> | <pre> | ||
__ ____ ______ __________ ____ _________ _ | __ ____ ______ __________ ____ _________ _ | ||
Zeile 13: | Zeile 14: | ||
</pre> | </pre> | ||
− | = ETHERDRAW = | + | == ETHERDRAW SERVER == |
− | Etherdraw | + | Etherdraw - wie Etherpad, nur zeichnen... |
− | |||
− | + | * Host: '''[https://draw.uugrn.org draw.uugrn.org]''' | |
− | ''' | + | '''ADMIN:''' sdk (sh+uugrn@uugrn.org) |
− | |||
− | |||
− | |||
− | + | == INSTALL LOG == | |
+ | |||
+ | OS: Debian Buster (10) | ||
+ | |||
+ | Installierte Software | ||
+ | * etherdraw | ||
+ | * nginx (als reverse proxy) | ||
+ | * posgresql | ||
+ | |||
+ | Etherdraw läuft unter dem User "etherpad". | ||
+ | Das Home directory des users ist /data/etherpad-lite. | ||
+ | |||
+ | (ja, das stimmt wirklich so - ich habe den Etherpad-Benutzer wiederverwendet) | ||
+ | |||
+ | === User anlegen === | ||
+ | |||
+ | Schon erledigt (siehe pad.uugrn.org) | ||
+ | |||
+ | === Datenbank anlegen === | ||
+ | |||
+ | War schon installiert (siehe pad.uugrn.org) | ||
+ | |||
+ | <pre> | ||
+ | $ sudo -su postgresql | ||
+ | $ psql | ||
+ | CREATE DATABASE etherdraw OWNER etherpad; | ||
+ | ^D | ||
+ | </pre> | ||
+ | |||
+ | === Etherdraw installieren === | ||
+ | |||
+ | <pre> | ||
+ | $ cd /data | ||
+ | $ git clone https://github.com/JohnMcLear/draw.git | ||
+ | $ chown -R etherpad:etherpad draw | ||
+ | </pre> | ||
+ | |||
+ | In der Datei settings.json die Datenbankverbindung hinterlegen: | ||
+ | <pre> | ||
+ | "dbType" : "postgres", | ||
+ | "dbSettings" : { | ||
+ | "user" : "etherdraw", | ||
+ | "host" : "/var/run/postgresql", | ||
+ | "password": "*******", | ||
+ | "database": "etherpad", | ||
+ | "charset" : "utf8mb4" | ||
+ | }, | ||
+ | </pre> | ||
+ | |||
+ | === SystemD Service installieren === | ||
+ | |||
+ | <pre> | ||
+ | $ cat /etc/systemd/system/etherdraw.service | ||
+ | [Unit] | ||
+ | Description=etherdraw (real-time collaborative drawing) | ||
+ | After=syslog.target network.target | ||
+ | |||
+ | [Service] | ||
+ | Type=simple | ||
+ | User=etherpad | ||
+ | Group=etherpad | ||
+ | Environment=NODE_ENV=production | ||
+ | ExecStart=/bin/sh /data/draw/bin/run.sh | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=multi-user.target | ||
+ | |||
+ | $ systemctl enable etherdraw | ||
+ | $ service etherdraw start | ||
+ | </pre> | ||
+ | |||
+ | === NGINX Reverse Proxy installieren === | ||
+ | |||
+ | War schon installiert (siehe pad.uugrn.org) | ||
+ | |||
+ | <pre> | ||
+ | $ cat /etc/nginx/sites-enabled/etherdraw | ||
+ | server { | ||
+ | |||
+ | listen 443 ssl; | ||
+ | server_name draw.uugrn.org; | ||
+ | |||
+ | access_log /var/log/nginx/draw.uugrn.org.access.log; | ||
+ | error_log /var/log/nginx/draw.uugrn.org.error.log; | ||
+ | |||
+ | ssl_certificate /etc/letsencrypt/live/draw.uugrn.org/fullchain.pem; | ||
+ | ssl_certificate_key /etc/letsencrypt/live/draw.uugrn.org/privkey.pem; | ||
+ | |||
+ | include /etc/letsencrypt/options-ssl-nginx.conf; | ||
+ | ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; | ||
+ | |||
+ | location / { | ||
+ | proxy_pass http://localhost:9002/; | ||
+ | proxy_set_header Host $host; | ||
+ | proxy_pass_header Server; | ||
+ | proxy_buffering off; | ||
+ | proxy_set_header X-Real-IP $remote_addr; | ||
+ | proxy_set_header X-Forwarded-For $remote_addr; | ||
+ | proxy_set_header X-Forwarded-Proto $scheme; | ||
+ | proxy_set_header Host $host; | ||
+ | proxy_http_version 1.1; | ||
+ | proxy_set_header Upgrade $http_upgrade; | ||
+ | proxy_set_header Connection $connection_upgrade; | ||
+ | } | ||
+ | } | ||
+ | |||
+ | # we're in the http context here | ||
+ | map $http_upgrade $connection_upgrade { | ||
+ | default upgrade; | ||
+ | '' close; | ||
+ | } | ||
+ | |||
+ | server { | ||
+ | listen 80; | ||
+ | server_name draw.uugrn.org; | ||
+ | rewrite ^(.*) https://$server_name$1 permanent; | ||
+ | } | ||
+ | </pre> | ||
+ | |||
+ | === Letsencrypt einrichten === | ||
+ | |||
+ | War schon installiert (siehe pad.uugrn.org) | ||
+ | |||
+ | <pre> | ||
+ | $ certbot -d draw.uugrn.org | ||
+ | <run through wizard> | ||
+ | service nginx reload | ||
+ | </pre> |
Aktuelle Version vom 1. Juni 2020, 13:57 Uhr
Öffentliche → • IRC Chat • Drawing Pad • Ascii Pad • Text Pad • Vorstand Infoshare Für Mitglieder → • Shell Account • Usenet Zugang Infrastruktur → • DNS <edit>
__ ____ ______ __________ ____ _________ _ ASCII / / / / / / / __ `/ ___/ __ \ / __ \/ ___/ __ `/ DRAW _/ /_/ / /_/ / /_/ / / / / / // /_/ / / / /_/ / PAD (_)__,_/\__,_/\__, /_/ /_/ /_(_)____/_/ \__, / ADMIN: /____/ sh+admin[at]uugrn.org /____/ OS: Debian Version: 10 (Buster) Architecture: amd64 CPU: 1x Intel Xeon Processor (Skylake, IBRS) SPEED: 2294Mhz Memory: 1983MB Welcome to {ascii,draw,pad}.uugrn.org
ETHERDRAW SERVER[Bearbeiten]
Etherdraw - wie Etherpad, nur zeichnen...
- Host: draw.uugrn.org
ADMIN: sdk (sh+uugrn@uugrn.org)
INSTALL LOG[Bearbeiten]
OS: Debian Buster (10)
Installierte Software
- etherdraw
- nginx (als reverse proxy)
- posgresql
Etherdraw läuft unter dem User "etherpad". Das Home directory des users ist /data/etherpad-lite.
(ja, das stimmt wirklich so - ich habe den Etherpad-Benutzer wiederverwendet)
User anlegen[Bearbeiten]
Schon erledigt (siehe pad.uugrn.org)
Datenbank anlegen[Bearbeiten]
War schon installiert (siehe pad.uugrn.org)
$ sudo -su postgresql $ psql CREATE DATABASE etherdraw OWNER etherpad; ^D
Etherdraw installieren[Bearbeiten]
$ cd /data $ git clone https://github.com/JohnMcLear/draw.git $ chown -R etherpad:etherpad draw
In der Datei settings.json die Datenbankverbindung hinterlegen:
"dbType" : "postgres", "dbSettings" : { "user" : "etherdraw", "host" : "/var/run/postgresql", "password": "*******", "database": "etherpad", "charset" : "utf8mb4" },
SystemD Service installieren[Bearbeiten]
$ cat /etc/systemd/system/etherdraw.service [Unit] Description=etherdraw (real-time collaborative drawing) After=syslog.target network.target [Service] Type=simple User=etherpad Group=etherpad Environment=NODE_ENV=production ExecStart=/bin/sh /data/draw/bin/run.sh [Install] WantedBy=multi-user.target $ systemctl enable etherdraw $ service etherdraw start
NGINX Reverse Proxy installieren[Bearbeiten]
War schon installiert (siehe pad.uugrn.org)
$ cat /etc/nginx/sites-enabled/etherdraw server { listen 443 ssl; server_name draw.uugrn.org; access_log /var/log/nginx/draw.uugrn.org.access.log; error_log /var/log/nginx/draw.uugrn.org.error.log; ssl_certificate /etc/letsencrypt/live/draw.uugrn.org/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/draw.uugrn.org/privkey.pem; include /etc/letsencrypt/options-ssl-nginx.conf; ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; location / { proxy_pass http://localhost:9002/; proxy_set_header Host $host; proxy_pass_header Server; proxy_buffering off; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; } } # we're in the http context here map $http_upgrade $connection_upgrade { default upgrade; '' close; } server { listen 80; server_name draw.uugrn.org; rewrite ^(.*) https://$server_name$1 permanent; }
Letsencrypt einrichten[Bearbeiten]
War schon installiert (siehe pad.uugrn.org)
$ certbot -d draw.uugrn.org <run through wizard> service nginx reload