UUGRN:Services/pad.uugrn.org: Unterschied zwischen den Versionen

Aus UUGRN
 
(14 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt)
Zeile 1: Zeile 1:
 +
{{Navigationsleiste Services}}
 
<pre>
 
<pre>
                    __
+
        __  ____  ______ __________  ____  _________ _
    ____  ____ _____/ / __  ____  ______ __________  ____  _________ _
+
ASCII / / / / / / / __ `/ ___/ __ \ / __ \/ ___/ __ `/
  / __ \/ __ `/ __ / / / / / / / / __ `/ ___/ __ \ / __ \/ ___/ __ `/
+
DRAW _/ /_/ / /_/ / /_/ / /  / / / // /_/ / /  / /_/ /
  / /_/ / /_/ / /_/ /_/ /_/ / /_/ / /_/ / /  / / / // /_/ / /  / /_/ /
+
PAD (_)__,_/\__,_/\__, /_/  /_/ /_(_)____/_/  \__, /
/ .___/\__,_/\__,_/(_)__,_/\__,_/\__, /_/  /_/ /_(_)____/_/  \__, /
+
        ADMIN:  /____/ sh+admin[at]uugrn.org /____/
/_/ Admin:sh+pad[at]uugrn.org   /____/                      /____/
 
  
 
  OS: Debian  Version: 10 (Buster)  Architecture: amd64
 
  OS: Debian  Version: 10 (Buster)  Architecture: amd64
Zeile 11: Zeile 11:
 
  SPEED: 2294Mhz  Memory: 1983MB
 
  SPEED: 2294Mhz  Memory: 1983MB
  
Welcome to pad.uugrn.org
+
Welcome to {ascii,draw,pad}.uugrn.org
 
</pre>
 
</pre>
  
Zeile 22: Zeile 22:
 
* Host: '''[https://pad.new.uugrn.org pad.new.uugrn.org]'''
 
* Host: '''[https://pad.new.uugrn.org pad.new.uugrn.org]'''
  
'''ADMIN:''' sdk (sh+uugrn@codevoid.de)
+
'''ADMIN:''' sdk (sh+uugrn@uugrn.org)
 +
 
 +
== Update 2020-05-26 ==
 +
 
 +
Die folgenden Etherpad Plugins wurden installiert:
 +
 
 +
* adminpads2 (zeigt Pads im Admin Frontend an)
 +
* code_formatting (erlaubtes Text als Source Code zu formatieren - aka Monospace)
 +
* image_upload (erlaubt es Fotos in ein pad einzubinden)
 +
* webrtc (erlaubt Audio/Video Konferenz)
 +
* draw (integration mit draw.uugrn.org)
  
 
== INSTALL LOG ==
 
== INSTALL LOG ==
Zeile 35: Zeile 45:
 
Etherpad Lite läuft unter dem User "etherpad".
 
Etherpad Lite läuft unter dem User "etherpad".
 
Das Home directory des users ist /data/etherpad-lite.
 
Das Home directory des users ist /data/etherpad-lite.
 +
 +
=== User anlegen ===
 +
 +
<pre>
 +
$ mkdir /data
 +
$ adduser etherpad --system --group --home /data/etherpad-lite
 +
$ chown -R etherpad:etherpad /data
 +
</pre>
 +
 +
=== Datenbank anlegen ===
 +
 +
<pre>
 +
$ apt-get install postgresql
 +
$ pg_ctlcluster 11 main start
 +
$ sudo -su postgresql
 +
$ psql
 +
CREATE USER etherpad;
 +
ALTER USER etherpad WITH PASSWORD '******';
 +
CREATE DATABASE etherpad OWNER etherpad;
 +
^D
 +
</pre>
 +
 +
=== Etherpad installieren ===
 +
 +
<pre>
 +
$ cd /data
 +
$ git clone --branch master git://github.com/ether/etherpad-lite.git
 +
$ chown -R etherpad:etherpad etherpad-liste
 +
</pre>
  
 
Die Datei settings.json im ethernet-lite verzeichnis wurde folgendermaßen verändert:
 
Die Datei settings.json im ethernet-lite verzeichnis wurde folgendermaßen verändert:
 
root@pad:/data/etherpad-lite# diff settings.json.orig settings.json
 
 
<pre>
 
<pre>
 +
$ diff settings.json.orig settings.json
 
171c171
 
171c171
 +
<
 +
---
 
>  /*
 
>  /*
 
175a176,184
 
175a176,184
Zeile 52: Zeile 92:
 
>      "charset" : "utf8mb4"
 
>      "charset" : "utf8mb4"
 
>  },
 
>  },
 +
295c304
 +
<  "abiword": null,
 +
---
 +
>  "abiword": "/usr/bin/abiword",
 +
303c312
 +
<  "soffice": null,
 +
---
 +
>  "soffice": "/usr/bin/libreoffice",
 +
353c362
 +
<  "automaticReconnectionTimeout": 0,
 +
---
 +
>  "automaticReconnectionTimeout": 15,
 
407d415
 
407d415
 
<  /*
 
<  /*
Zeile 59: Zeile 111:
 
<      "password": "changeme1",
 
<      "password": "changeme1",
 
---
 
---
>      "password": "******",
+
>      "password": "*******",
 
414,419d419
 
414,419d419
 
<    },
 
<    },
Zeile 71: Zeile 123:
 
</pre>
 
</pre>
  
Etherpad wird über einen systemd service gestartet
+
=== SystemD Service installieren ===
  
cat /etc/systemd/system/etherpad-lite.service
 
 
<pre>
 
<pre>
 +
$ cat /etc/systemd/system/etherpad-lite.service
 
[Unit]
 
[Unit]
 
Description=etherpad-lite (real-time collaborative document editing)
 
Description=etherpad-lite (real-time collaborative document editing)
Zeile 88: Zeile 140:
 
[Install]
 
[Install]
 
WantedBy=multi-user.target
 
WantedBy=multi-user.target
 +
 +
$ systemctl enable etherpad-lite
 +
$ service etherpad-lite start
 +
</pre>
 +
 +
=== NGINX Reverse Proxy installieren ===
 +
 +
<pre>
 +
$ apt-get install nginx ===
 +
$ rm /etc/nginx/sites-enabled/default
 +
$ cat /etc/nginx/sites-enabled/etherpad
 +
server {
 +
 +
        listen      443 ssl;
 +
        server_name  pad.uugrn.org;
 +
 +
        access_log  /var/log/nginx/pad.uugrn.org.access.log;
 +
        error_log  /var/log/nginx/pad.uugrn.org.error.log;
 +
 +
        ssl_certificate /etc/letsencrypt/live/pad.uugrn.org/fullchain.pem;
 +
        ssl_certificate_key /etc/letsencrypt/live/pad.uugrn.org/privkey.pem;
 +
 +
        include /etc/letsencrypt/options-ssl-nginx.conf;
 +
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
 +
 +
        location / {
 +
            proxy_pass            http://localhost:9001/;
 +
            proxy_set_header      Host $host;
 +
            proxy_pass_header Server;
 +
            proxy_buffering off;
 +
            proxy_set_header X-Real-IP $remote_addr;
 +
            proxy_set_header X-Forwarded-For $remote_addr;
 +
            proxy_set_header X-Forwarded-Proto $scheme;
 +
            proxy_set_header Host $host;
 +
            proxy_http_version 1.1;
 +
            proxy_set_header Upgrade $http_upgrade;
 +
            proxy_set_header Connection $connection_upgrade;
 +
        }
 +
}
 +
 +
# we're in the http context here
 +
map $http_upgrade $connection_upgrade {
 +
  default upgrade;
 +
  ''      close;
 +
}
 +
 +
server {
 +
    listen      80;
 +
    server_name pad.uugrn.org;
 +
    rewrite    ^(.*)  https://$server_name$1 permanent;
 +
}
 
</pre>
 
</pre>
  
Die Postgresql DB wurde angelegt mit:
+
=== Letsencrypt einrichten ===
 +
 
 
<pre>
 
<pre>
$ psql
+
$ apt-get install certbot python3-certbot-nginx
CREATE USER etherpad;
+
$ certbot -d pad.uugrn.org
ALTER USER etherpad WITH PASSWORD '******';
+
<run through wizard>
CREATE DATABASE etherpad OWNER etherpad;
+
 
^D
+
$ cat /etc/cron.weekly/certbot.sh
 +
#!/bin/sh
 +
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
 +
certbot renew
 +
service nginx reload
 
</pre>
 
</pre>

Aktuelle Version vom 1. Juni 2020, 13:57 Uhr

Öffentliche →   • IRC ChatDrawing PadAscii PadText PadVorstand Infoshare  Für Mitglieder →   • Shell AccountUsenet Zugang  Infrastruktur →   • DNS   <edit> 

        __  ____  ______ __________   ____  _________ _
ASCII  / / / / / / / __ `/ ___/ __ \ / __ \/ ___/ __ `/
DRAW _/ /_/ / /_/ / /_/ / /  / / / // /_/ / /  / /_/ /
PAD (_)__,_/\__,_/\__, /_/  /_/ /_(_)____/_/   \__, /
         ADMIN:  /____/ sh+admin[at]uugrn.org /____/

 OS: Debian  Version: 10 (Buster)  Architecture: amd64
 CPU: 1x Intel Xeon Processor (Skylake, IBRS)
 SPEED: 2294Mhz  Memory: 1983MB

Welcome to {ascii,draw,pad}.uugrn.org

ETHERPAD LITE SERVER[Bearbeiten]

Produktivschaltung am 20.06.2020

Das neue Etherpad Lite mit WebRTC Support

ADMIN: sdk (sh+uugrn@uugrn.org)

Update 2020-05-26[Bearbeiten]

Die folgenden Etherpad Plugins wurden installiert:

  • adminpads2 (zeigt Pads im Admin Frontend an)
  • code_formatting (erlaubtes Text als Source Code zu formatieren - aka Monospace)
  • image_upload (erlaubt es Fotos in ein pad einzubinden)
  • webrtc (erlaubt Audio/Video Konferenz)
  • draw (integration mit draw.uugrn.org)

INSTALL LOG[Bearbeiten]

OS: Debian Buster (10)

Installierte Software

  • etherpad-lite
  • nginx (als reverse proxy)
  • posgresql

Etherpad Lite läuft unter dem User "etherpad". Das Home directory des users ist /data/etherpad-lite.

User anlegen[Bearbeiten]

$ mkdir /data
$ adduser etherpad --system --group --home /data/etherpad-lite
$ chown -R etherpad:etherpad /data

Datenbank anlegen[Bearbeiten]

$ apt-get install postgresql
$ pg_ctlcluster 11 main start
$ sudo -su postgresql
$ psql
CREATE USER etherpad;
ALTER USER etherpad WITH PASSWORD '******';
CREATE DATABASE etherpad OWNER etherpad;
^D

Etherpad installieren[Bearbeiten]

$ cd /data
$ git clone --branch master git://github.com/ether/etherpad-lite.git
$ chown -R etherpad:etherpad etherpad-liste

Die Datei settings.json im ethernet-lite verzeichnis wurde folgendermaßen verändert: 

$ diff settings.json.orig settings.json
171c171
<
---
>   /*
175a176,184
>   */
>   "dbType" : "postgres",
>   "dbSettings" : {
>       "user"    : "etherpad",
>       "host"    : "/var/run/postgresql",
>       "password": "*******",
>       "database": "etherpad",
>       "charset" : "utf8mb4"
>   },
295c304
<   "abiword": null,
---
>   "abiword": "/usr/bin/abiword",
303c312
<   "soffice": null,
---
>   "soffice": "/usr/bin/libreoffice",
353c362
<   "automaticReconnectionTimeout": 0,
---
>   "automaticReconnectionTimeout": 15,
407d415
<   /*
410,412c418
<       // 1) "password" can be replaced with "hash" if you install ep_hash_auth
<       // 2) please note that if password is null, the user will not be created
<       "password": "changeme1",
---
>       "password": "*******",
414,419d419
<     },
<     "user": {
<       // 1) "password" can be replaced with "hash" if you install ep_hash_auth
<       // 2) please note that if password is null, the user will not be created
<       "password": "changeme1",
<       "is_admin": false
422d421
<   */

SystemD Service installieren[Bearbeiten]

$ cat /etc/systemd/system/etherpad-lite.service
[Unit]
Description=etherpad-lite (real-time collaborative document editing)
After=syslog.target network.target

[Service]
Type=simple
User=etherpad
Group=etherpad
Environment=NODE_ENV=production
ExecStart=/bin/sh /data/etherpad-lite/bin/run.sh

[Install]
WantedBy=multi-user.target

$ systemctl enable etherpad-lite
$ service etherpad-lite start

NGINX Reverse Proxy installieren[Bearbeiten]

$ apt-get install nginx ===
$ rm /etc/nginx/sites-enabled/default
$ cat /etc/nginx/sites-enabled/etherpad
server {

        listen       443 ssl;
        server_name  pad.uugrn.org;

        access_log  /var/log/nginx/pad.uugrn.org.access.log;
        error_log   /var/log/nginx/pad.uugrn.org.error.log;

        ssl_certificate /etc/letsencrypt/live/pad.uugrn.org/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/pad.uugrn.org/privkey.pem;

        include /etc/letsencrypt/options-ssl-nginx.conf;
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

        location / {
            proxy_pass             http://localhost:9001/;
            proxy_set_header       Host $host;
            proxy_pass_header Server;
            proxy_buffering off;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header Host $host;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection $connection_upgrade;
        }
}

# we're in the http context here
map $http_upgrade $connection_upgrade {
  default upgrade;
  ''      close;
}

server {
    listen      80;
    server_name pad.uugrn.org;
    rewrite     ^(.*)   https://$server_name$1 permanent;
}

Letsencrypt einrichten[Bearbeiten]

$ apt-get install certbot python3-certbot-nginx
$ certbot -d pad.uugrn.org
<run through wizard>

$ cat /etc/cron.weekly/certbot.sh
#!/bin/sh
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
certbot renew
service nginx reload
Abgerufen von „https://wiki.uugrn.org/index.php?title=UUGRN:Services/pad.uugrn.org&oldid=12719