Upgrade server
Upgrade server
Upgrade server
Divide and map. Now. -- the damn project -- helps mappers by dividing a big area into smaller squares that people can map together.
damn-deploy
contains docker-compose
-based deployment, including this
deployment guide. It is published under MIT License.
Report security issues. Send patches to:
git config format.subjectPrefix 'PATCH damn-deploy'
git config sendemail.to '~qeef/damn-dev@lists.sr.ht'
This is step-by-step guide to deploy the damn project on your domain. We expect you to have:
apt-get update ; apt-get -y upgrade
git
, docker
and docker-compose
installed (on that server),
apt-get update ; apt-get -y install git docker.io docker-compose
The following commands are run from /root
directory, i.e. home
directory of the root user, as root.
Clone the damn deploy repository:
git clone https://git.sr.ht/~qeef/damn-deploy ; cd damn-deploy
Set the environment variables in the .env
file accordingly:
POSTGRES_PASSWORD
: Password to PostgreSQL database.JWT_SECRET
: Secret for using JSON Web Tokens.SESSION_SECRET
: Secret for cookies (I think).OAUTH_CONSUMER_KEY
: API key, get from osm.org.OAUTH_CONSUMER_SECRET
: API secret, get from osm.org.DOMAIN_NAME
: Use your domain name.WWW_REPO
: Link to a docker git repository with web pages.Set the correct email address in the traefik.yml
file.
Create the file acme.json
and set its permissions to 600
:
touch acme.json ; chmod 600 acme.json
Commit your changes and set git
to always pull --rebase
:
git config user.email 'you@example.com'
git config user.name 'Your Name'
git add .env traefik.yml
git commit -m'DEPLOYEMENT CHANGES, DO NOT PUSH!'
git config pull.rebase true
Please, note that you cannot push the changes because you do not have the appropriate access rights.
Enable and start the damn services:
cd systemd
for i in `ls` ; do systemctl link `pwd`/$i ; done
cd
systemctl start damn-rebuild-client-js.service
NOTE: You may find interesting to see how the damn-http.service
is doing by typing journalctl -u damn-http.service -f
in separate
terminal.
NOTE: In /etc/systemd/journald.conf
, you may need to set the
Storage=persistent
and then systemctl restart systemd-journald
to see journalctl -u damn-http.service -f
.
Wait for the DNS records to settle up and start the damn services:
systemctl start damn.target
NOTE: Feel free to tune db
's command
in http.yml
, see PostgreSQL
documentation Resource Consumption and Write Ahead Log.
There are three reasons to upgrade the damn deploy:
When the web page at WWW_REPO
is upgraded, rebuild the www service:
systemctl start damn-rebuild-www.service
Or, when the damn (JavaScript) clients are upgraded, rebuild them:
systemctl start damn-rebuild-client-js.service
Or, when the damn server is upgraded, rebuild the server:
git pull
systemctl start damn-rebuild-api.service
docker image prune
systemctl start damn.target
Please, note that all the damn services are restarted in this case.
NOTE: To backup the database, run the following command from the
damn-deploy
directory:
pg_dump -a "postgresql://damnuser:$(cat .env | sed -n 's/^POSTGRES_PASSWORD=\(.\+\)$/\1/p')@$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' damndb)/damndb" > ../damndb-backup-$(date --iso-8601).sql
NOTE: To restore the database, run the following command from the
damn-deploy
directory:
psql "postgresql://damnuser:$(cat .env | sed -n 's/^POSTGRES_PASSWORD=\(.\+\)$/\1/p')@$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' damndb)/damndb" < ../damndb-backup-YEAR-MONTH-DAY.sql
NOTE: To run the commands above, you need postgresql-client-??
installed, where ??
stands for some version given by your Debian.
The main domain, DOMAIN_NAME
, serves the wep application of
WWW_REPO
. The subdomain www.
is redirected to the main domain.
There are two subdomains that provide areas in JSON format: current.
serves the areas that are currently being worked on, and finished.
serves the read-only areas.
There are three subdomains serving JavaScript clients: manager.
is the
interface for creating and managing areas, mapper.
is for mapping
beginners, and qa.
is for advanced mappers and reviewers.
JOSM mappers wanting to connect to your custom deployement are expected
to set the damn.server_url
in the Advanced Settings of the JOSM to
https://current.DOMAIN_NAME
.