UUGRN:Services/pad.uugrn.org: Unterschied zwischen den Versionen
Aus UUGRN
Sdk (Diskussion | Beiträge) |
Sdk (Diskussion | Beiträge) |
||
(16 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
Zeile 1: | Zeile 1: | ||
+ | {{Navigationsleiste Services}} | ||
<pre> | <pre> | ||
− | + | __ ____ ______ __________ ____ _________ _ | |
− | + | ASCII / / / / / / / __ `/ ___/ __ \ / __ \/ ___/ __ `/ | |
− | + | DRAW _/ /_/ / /_/ / /_/ / / / / / // /_/ / / / /_/ / | |
− | + | PAD (_)__,_/\__,_/\__, /_/ /_/ /_(_)____/_/ \__, / | |
− | + | ADMIN: /____/ sh+admin[at]uugrn.org /____/ | |
− | / | ||
OS: Debian Version: 10 (Buster) Architecture: amd64 | OS: Debian Version: 10 (Buster) Architecture: amd64 | ||
Zeile 11: | Zeile 11: | ||
SPEED: 2294Mhz Memory: 1983MB | SPEED: 2294Mhz Memory: 1983MB | ||
− | Welcome to pad.uugrn.org | + | Welcome to {ascii,draw,pad}.uugrn.org |
</pre> | </pre> | ||
Zeile 22: | Zeile 22: | ||
* Host: '''[https://pad.new.uugrn.org pad.new.uugrn.org]''' | * Host: '''[https://pad.new.uugrn.org pad.new.uugrn.org]''' | ||
− | '''ADMIN:''' sdk (sh+uugrn@ | + | '''ADMIN:''' sdk (sh+uugrn@uugrn.org) |
+ | |||
+ | == Update 2020-05-26 == | ||
+ | |||
+ | Die folgenden Etherpad Plugins wurden installiert: | ||
+ | |||
+ | * adminpads2 (zeigt Pads im Admin Frontend an) | ||
+ | * code_formatting (erlaubtes Text als Source Code zu formatieren - aka Monospace) | ||
+ | * image_upload (erlaubt es Fotos in ein pad einzubinden) | ||
+ | * webrtc (erlaubt Audio/Video Konferenz) | ||
+ | * draw (integration mit draw.uugrn.org) | ||
== INSTALL LOG == | == INSTALL LOG == | ||
Zeile 35: | Zeile 45: | ||
Etherpad Lite läuft unter dem User "etherpad". | Etherpad Lite läuft unter dem User "etherpad". | ||
Das Home directory des users ist /data/etherpad-lite. | Das Home directory des users ist /data/etherpad-lite. | ||
+ | |||
+ | === User anlegen === | ||
+ | |||
+ | <pre> | ||
+ | $ mkdir /data | ||
+ | $ adduser etherpad --system --group --home /data/etherpad-lite | ||
+ | $ chown -R etherpad:etherpad /data | ||
+ | </pre> | ||
+ | |||
+ | === Datenbank anlegen === | ||
+ | |||
+ | <pre> | ||
+ | $ apt-get install postgresql | ||
+ | $ pg_ctlcluster 11 main start | ||
+ | $ sudo -su postgresql | ||
+ | $ psql | ||
+ | CREATE USER etherpad; | ||
+ | ALTER USER etherpad WITH PASSWORD '******'; | ||
+ | CREATE DATABASE etherpad OWNER etherpad; | ||
+ | ^D | ||
+ | </pre> | ||
+ | |||
+ | === Etherpad installieren === | ||
+ | |||
+ | <pre> | ||
+ | $ cd /data | ||
+ | $ git clone --branch master git://github.com/ether/etherpad-lite.git | ||
+ | $ chown -R etherpad:etherpad etherpad-liste | ||
+ | </pre> | ||
Die Datei settings.json im ethernet-lite verzeichnis wurde folgendermaßen verändert: | Die Datei settings.json im ethernet-lite verzeichnis wurde folgendermaßen verändert: | ||
− | |||
− | |||
<pre> | <pre> | ||
+ | $ diff settings.json.orig settings.json | ||
171c171 | 171c171 | ||
+ | < | ||
+ | --- | ||
> /* | > /* | ||
175a176,184 | 175a176,184 | ||
Zeile 52: | Zeile 92: | ||
> "charset" : "utf8mb4" | > "charset" : "utf8mb4" | ||
> }, | > }, | ||
+ | 295c304 | ||
+ | < "abiword": null, | ||
+ | --- | ||
+ | > "abiword": "/usr/bin/abiword", | ||
+ | 303c312 | ||
+ | < "soffice": null, | ||
+ | --- | ||
+ | > "soffice": "/usr/bin/libreoffice", | ||
+ | 353c362 | ||
+ | < "automaticReconnectionTimeout": 0, | ||
+ | --- | ||
+ | > "automaticReconnectionTimeout": 15, | ||
407d415 | 407d415 | ||
< /* | < /* | ||
Zeile 59: | Zeile 111: | ||
< "password": "changeme1", | < "password": "changeme1", | ||
--- | --- | ||
− | > "password": "******", | + | > "password": "*******", |
414,419d419 | 414,419d419 | ||
< }, | < }, | ||
Zeile 69: | Zeile 121: | ||
422d421 | 422d421 | ||
< */ | < */ | ||
+ | </pre> | ||
+ | |||
+ | === SystemD Service installieren === | ||
+ | |||
+ | <pre> | ||
+ | $ cat /etc/systemd/system/etherpad-lite.service | ||
+ | [Unit] | ||
+ | Description=etherpad-lite (real-time collaborative document editing) | ||
+ | After=syslog.target network.target | ||
+ | |||
+ | [Service] | ||
+ | Type=simple | ||
+ | User=etherpad | ||
+ | Group=etherpad | ||
+ | Environment=NODE_ENV=production | ||
+ | ExecStart=/bin/sh /data/etherpad-lite/bin/run.sh | ||
+ | |||
+ | [Install] | ||
+ | WantedBy=multi-user.target | ||
+ | |||
+ | $ systemctl enable etherpad-lite | ||
+ | $ service etherpad-lite start | ||
+ | </pre> | ||
+ | |||
+ | === NGINX Reverse Proxy installieren === | ||
+ | |||
+ | <pre> | ||
+ | $ apt-get install nginx === | ||
+ | $ rm /etc/nginx/sites-enabled/default | ||
+ | $ cat /etc/nginx/sites-enabled/etherpad | ||
+ | server { | ||
+ | |||
+ | listen 443 ssl; | ||
+ | server_name pad.uugrn.org; | ||
+ | |||
+ | access_log /var/log/nginx/pad.uugrn.org.access.log; | ||
+ | error_log /var/log/nginx/pad.uugrn.org.error.log; | ||
+ | |||
+ | ssl_certificate /etc/letsencrypt/live/pad.uugrn.org/fullchain.pem; | ||
+ | ssl_certificate_key /etc/letsencrypt/live/pad.uugrn.org/privkey.pem; | ||
+ | |||
+ | include /etc/letsencrypt/options-ssl-nginx.conf; | ||
+ | ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; | ||
+ | |||
+ | location / { | ||
+ | proxy_pass http://localhost:9001/; | ||
+ | proxy_set_header Host $host; | ||
+ | proxy_pass_header Server; | ||
+ | proxy_buffering off; | ||
+ | proxy_set_header X-Real-IP $remote_addr; | ||
+ | proxy_set_header X-Forwarded-For $remote_addr; | ||
+ | proxy_set_header X-Forwarded-Proto $scheme; | ||
+ | proxy_set_header Host $host; | ||
+ | proxy_http_version 1.1; | ||
+ | proxy_set_header Upgrade $http_upgrade; | ||
+ | proxy_set_header Connection $connection_upgrade; | ||
+ | } | ||
+ | } | ||
+ | |||
+ | # we're in the http context here | ||
+ | map $http_upgrade $connection_upgrade { | ||
+ | default upgrade; | ||
+ | '' close; | ||
+ | } | ||
+ | |||
+ | server { | ||
+ | listen 80; | ||
+ | server_name pad.uugrn.org; | ||
+ | rewrite ^(.*) https://$server_name$1 permanent; | ||
+ | } | ||
+ | </pre> | ||
+ | |||
+ | === Letsencrypt einrichten === | ||
+ | |||
+ | <pre> | ||
+ | $ apt-get install certbot python3-certbot-nginx | ||
+ | $ certbot -d pad.uugrn.org | ||
+ | <run through wizard> | ||
+ | |||
+ | $ cat /etc/cron.weekly/certbot.sh | ||
+ | #!/bin/sh | ||
+ | PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin | ||
+ | certbot renew | ||
+ | service nginx reload | ||
</pre> | </pre> |
Aktuelle Version vom 1. Juni 2020, 13:57 Uhr
Öffentliche → • IRC Chat • Drawing Pad • Ascii Pad • Text Pad • Vorstand Infoshare Für Mitglieder → • Shell Account • Usenet Zugang Infrastruktur → • DNS <edit>
__ ____ ______ __________ ____ _________ _ ASCII / / / / / / / __ `/ ___/ __ \ / __ \/ ___/ __ `/ DRAW _/ /_/ / /_/ / /_/ / / / / / // /_/ / / / /_/ / PAD (_)__,_/\__,_/\__, /_/ /_/ /_(_)____/_/ \__, / ADMIN: /____/ sh+admin[at]uugrn.org /____/ OS: Debian Version: 10 (Buster) Architecture: amd64 CPU: 1x Intel Xeon Processor (Skylake, IBRS) SPEED: 2294Mhz Memory: 1983MB Welcome to {ascii,draw,pad}.uugrn.org
ETHERPAD LITE SERVER[Bearbeiten]
Produktivschaltung am 20.06.2020
Das neue Etherpad Lite mit WebRTC Support
- Host: pad.new.uugrn.org
ADMIN: sdk (sh+uugrn@uugrn.org)
Update 2020-05-26[Bearbeiten]
Die folgenden Etherpad Plugins wurden installiert:
- adminpads2 (zeigt Pads im Admin Frontend an)
- code_formatting (erlaubtes Text als Source Code zu formatieren - aka Monospace)
- image_upload (erlaubt es Fotos in ein pad einzubinden)
- webrtc (erlaubt Audio/Video Konferenz)
- draw (integration mit draw.uugrn.org)
INSTALL LOG[Bearbeiten]
OS: Debian Buster (10)
Installierte Software
- etherpad-lite
- nginx (als reverse proxy)
- posgresql
Etherpad Lite läuft unter dem User "etherpad". Das Home directory des users ist /data/etherpad-lite.
User anlegen[Bearbeiten]
$ mkdir /data $ adduser etherpad --system --group --home /data/etherpad-lite $ chown -R etherpad:etherpad /data
Datenbank anlegen[Bearbeiten]
$ apt-get install postgresql $ pg_ctlcluster 11 main start $ sudo -su postgresql $ psql CREATE USER etherpad; ALTER USER etherpad WITH PASSWORD '******'; CREATE DATABASE etherpad OWNER etherpad; ^D
Etherpad installieren[Bearbeiten]
$ cd /data $ git clone --branch master git://github.com/ether/etherpad-lite.git $ chown -R etherpad:etherpad etherpad-liste
Die Datei settings.json im ethernet-lite verzeichnis wurde folgendermaßen verändert:
$ diff settings.json.orig settings.json 171c171 < --- > /* 175a176,184 > */ > "dbType" : "postgres", > "dbSettings" : { > "user" : "etherpad", > "host" : "/var/run/postgresql", > "password": "*******", > "database": "etherpad", > "charset" : "utf8mb4" > }, 295c304 < "abiword": null, --- > "abiword": "/usr/bin/abiword", 303c312 < "soffice": null, --- > "soffice": "/usr/bin/libreoffice", 353c362 < "automaticReconnectionTimeout": 0, --- > "automaticReconnectionTimeout": 15, 407d415 < /* 410,412c418 < // 1) "password" can be replaced with "hash" if you install ep_hash_auth < // 2) please note that if password is null, the user will not be created < "password": "changeme1", --- > "password": "*******", 414,419d419 < }, < "user": { < // 1) "password" can be replaced with "hash" if you install ep_hash_auth < // 2) please note that if password is null, the user will not be created < "password": "changeme1", < "is_admin": false 422d421 < */
SystemD Service installieren[Bearbeiten]
$ cat /etc/systemd/system/etherpad-lite.service [Unit] Description=etherpad-lite (real-time collaborative document editing) After=syslog.target network.target [Service] Type=simple User=etherpad Group=etherpad Environment=NODE_ENV=production ExecStart=/bin/sh /data/etherpad-lite/bin/run.sh [Install] WantedBy=multi-user.target $ systemctl enable etherpad-lite $ service etherpad-lite start
NGINX Reverse Proxy installieren[Bearbeiten]
$ apt-get install nginx === $ rm /etc/nginx/sites-enabled/default $ cat /etc/nginx/sites-enabled/etherpad server { listen 443 ssl; server_name pad.uugrn.org; access_log /var/log/nginx/pad.uugrn.org.access.log; error_log /var/log/nginx/pad.uugrn.org.error.log; ssl_certificate /etc/letsencrypt/live/pad.uugrn.org/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/pad.uugrn.org/privkey.pem; include /etc/letsencrypt/options-ssl-nginx.conf; ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; location / { proxy_pass http://localhost:9001/; proxy_set_header Host $host; proxy_pass_header Server; proxy_buffering off; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; } } # we're in the http context here map $http_upgrade $connection_upgrade { default upgrade; '' close; } server { listen 80; server_name pad.uugrn.org; rewrite ^(.*) https://$server_name$1 permanent; }
Letsencrypt einrichten[Bearbeiten]
$ apt-get install certbot python3-certbot-nginx $ certbot -d pad.uugrn.org <run through wizard> $ cat /etc/cron.weekly/certbot.sh #!/bin/sh PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin certbot renew service nginx reload