Aktuelle Version |
Dein Text |
Zeile 1: |
Zeile 1: |
− | {{Navigationsleiste Services}}
| + | in arbeit |
− | <pre>
| |
− | __ ____ ______ __________ ____ _________ _
| |
− | ASCII / / / / / / / __ `/ ___/ __ \ / __ \/ ___/ __ `/
| |
− | DRAW _/ /_/ / /_/ / /_/ / / / / / // /_/ / / / /_/ /
| |
− | PAD (_)__,_/\__,_/\__, /_/ /_/ /_(_)____/_/ \__, /
| |
− | ADMIN: /____/ sh+admin[at]uugrn.org /____/
| |
− | | |
− | OS: Debian Version: 10 (Buster) Architecture: amd64
| |
− | CPU: 1x Intel Xeon Processor (Skylake, IBRS)
| |
− | SPEED: 2294Mhz Memory: 1983MB
| |
− | | |
− | Welcome to {ascii,draw,pad}.uugrn.org
| |
− | </pre>
| |
− | | |
− | == ETHERPAD LITE SERVER ==
| |
− | | |
− | '''Produktivschaltung am 20.06.2020'''
| |
− | | |
− | Das neue Etherpad Lite mit WebRTC Support
| |
− | | |
− | * Host: '''[https://pad.new.uugrn.org pad.new.uugrn.org]'''
| |
− | | |
− | '''ADMIN:''' sdk (sh+uugrn@uugrn.org)
| |
− | | |
− | == Update 2020-05-26 ==
| |
− | | |
− | Die folgenden Etherpad Plugins wurden installiert:
| |
− | | |
− | * adminpads2 (zeigt Pads im Admin Frontend an)
| |
− | * code_formatting (erlaubtes Text als Source Code zu formatieren - aka Monospace)
| |
− | * image_upload (erlaubt es Fotos in ein pad einzubinden)
| |
− | * webrtc (erlaubt Audio/Video Konferenz)
| |
− | * draw (integration mit draw.uugrn.org)
| |
− | | |
− | == INSTALL LOG ==
| |
− | | |
− | OS: Debian Buster (10)
| |
− | | |
− | Installierte Software
| |
− | * etherpad-lite
| |
− | * nginx (als reverse proxy)
| |
− | * posgresql
| |
− | | |
− | Etherpad Lite läuft unter dem User "etherpad".
| |
− | Das Home directory des users ist /data/etherpad-lite.
| |
− | | |
− | === User anlegen ===
| |
− | | |
− | <pre>
| |
− | $ mkdir /data
| |
− | $ adduser etherpad --system --group --home /data/etherpad-lite
| |
− | $ chown -R etherpad:etherpad /data
| |
− | </pre>
| |
− | | |
− | === Datenbank anlegen ===
| |
− | | |
− | <pre>
| |
− | $ apt-get install postgresql
| |
− | $ pg_ctlcluster 11 main start
| |
− | $ sudo -su postgresql
| |
− | $ psql
| |
− | CREATE USER etherpad;
| |
− | ALTER USER etherpad WITH PASSWORD '******';
| |
− | CREATE DATABASE etherpad OWNER etherpad;
| |
− | ^D
| |
− | </pre>
| |
− | | |
− | === Etherpad installieren ===
| |
− | | |
− | <pre>
| |
− | $ cd /data
| |
− | $ git clone --branch master git://github.com/ether/etherpad-lite.git
| |
− | $ chown -R etherpad:etherpad etherpad-liste
| |
− | </pre>
| |
− | | |
− | Die Datei settings.json im ethernet-lite verzeichnis wurde folgendermaßen verändert:
| |
− | <pre>
| |
− | $ diff settings.json.orig settings.json
| |
− | 171c171
| |
− | <
| |
− | ---
| |
− | > /*
| |
− | 175a176,184
| |
− | > */
| |
− | > "dbType" : "postgres",
| |
− | > "dbSettings" : {
| |
− | > "user" : "etherpad",
| |
− | > "host" : "/var/run/postgresql",
| |
− | > "password": "*******",
| |
− | > "database": "etherpad",
| |
− | > "charset" : "utf8mb4"
| |
− | > },
| |
− | 295c304
| |
− | < "abiword": null,
| |
− | ---
| |
− | > "abiword": "/usr/bin/abiword",
| |
− | 303c312
| |
− | < "soffice": null,
| |
− | ---
| |
− | > "soffice": "/usr/bin/libreoffice",
| |
− | 353c362
| |
− | < "automaticReconnectionTimeout": 0,
| |
− | ---
| |
− | > "automaticReconnectionTimeout": 15,
| |
− | 407d415
| |
− | < /*
| |
− | 410,412c418
| |
− | < // 1) "password" can be replaced with "hash" if you install ep_hash_auth
| |
− | < // 2) please note that if password is null, the user will not be created
| |
− | < "password": "changeme1",
| |
− | ---
| |
− | > "password": "*******",
| |
− | 414,419d419
| |
− | < },
| |
− | < "user": {
| |
− | < // 1) "password" can be replaced with "hash" if you install ep_hash_auth
| |
− | < // 2) please note that if password is null, the user will not be created
| |
− | < "password": "changeme1",
| |
− | < "is_admin": false
| |
− | 422d421
| |
− | < */
| |
− | </pre>
| |
− | | |
− | === SystemD Service installieren ===
| |
− | | |
− | <pre>
| |
− | $ cat /etc/systemd/system/etherpad-lite.service
| |
− | [Unit]
| |
− | Description=etherpad-lite (real-time collaborative document editing)
| |
− | After=syslog.target network.target
| |
− | | |
− | [Service]
| |
− | Type=simple
| |
− | User=etherpad
| |
− | Group=etherpad
| |
− | Environment=NODE_ENV=production
| |
− | ExecStart=/bin/sh /data/etherpad-lite/bin/run.sh
| |
− | | |
− | [Install]
| |
− | WantedBy=multi-user.target
| |
− | | |
− | $ systemctl enable etherpad-lite
| |
− | $ service etherpad-lite start
| |
− | </pre>
| |
− | | |
− | === NGINX Reverse Proxy installieren ===
| |
− | | |
− | <pre>
| |
− | $ apt-get install nginx ===
| |
− | $ rm /etc/nginx/sites-enabled/default
| |
− | $ cat /etc/nginx/sites-enabled/etherpad
| |
− | server {
| |
− | | |
− | listen 443 ssl;
| |
− | server_name pad.uugrn.org;
| |
− | | |
− | access_log /var/log/nginx/pad.uugrn.org.access.log;
| |
− | error_log /var/log/nginx/pad.uugrn.org.error.log;
| |
− | | |
− | ssl_certificate /etc/letsencrypt/live/pad.uugrn.org/fullchain.pem;
| |
− | ssl_certificate_key /etc/letsencrypt/live/pad.uugrn.org/privkey.pem;
| |
− | | |
− | include /etc/letsencrypt/options-ssl-nginx.conf;
| |
− | ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
| |
− | | |
− | location / {
| |
− | proxy_pass http://localhost:9001/;
| |
− | proxy_set_header Host $host;
| |
− | proxy_pass_header Server;
| |
− | proxy_buffering off;
| |
− | proxy_set_header X-Real-IP $remote_addr;
| |
− | proxy_set_header X-Forwarded-For $remote_addr;
| |
− | proxy_set_header X-Forwarded-Proto $scheme;
| |
− | proxy_set_header Host $host;
| |
− | proxy_http_version 1.1;
| |
− | proxy_set_header Upgrade $http_upgrade;
| |
− | proxy_set_header Connection $connection_upgrade;
| |
− | }
| |
− | }
| |
− | | |
− | # we're in the http context here
| |
− | map $http_upgrade $connection_upgrade {
| |
− | default upgrade;
| |
− | '' close;
| |
− | }
| |
− | | |
− | server {
| |
− | listen 80;
| |
− | server_name pad.uugrn.org;
| |
− | rewrite ^(.*) https://$server_name$1 permanent;
| |
− | }
| |
− | </pre>
| |
− | | |
− | === Letsencrypt einrichten ===
| |
− | | |
− | <pre>
| |
− | $ apt-get install certbot python3-certbot-nginx
| |
− | $ certbot -d pad.uugrn.org
| |
− | <run through wizard>
| |
− | | |
− | $ cat /etc/cron.weekly/certbot.sh
| |
− | #!/bin/sh
| |
− | PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
| |
− | certbot renew
| |
− | service nginx reload
| |
− | </pre>
| |