~sirodoht/mataroa

ref: HEAD mataroa/docs/server-playbook.md -rw-r--r-- 1.9 KiB
be462b70Theodore Keloglou add check for venv on deploy script 8 days ago

#Server Playbook

This is a basic playbook on how to setup a new server for hosting a mataroa instance.

Based on Ubuntu 20.04.

#Timezone

timedatectl set-timezone UTC

#Python and Git

apt install python3 python3-dev python3-venv build-essential git

#Caddy

apt install -y debian-keyring debian-archive-keyring apt-transport-https
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | apt-key add -
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | tee -a /etc/apt/sources.list.d/caddy-stable.list
apt update
apt install caddy

#User

useradd -m -s /bin/bash roa
passwd roa

#PostgreSQL

apt install postgresql
sudo -i -u postgres
createdb mataroa
createuser mataroa
psql
ALTER USER mataroa WITH PASSWORD 'xxx';
exit
exit

#Let's Encrypt

apt install snapd
snap install core && snap refresh core
snap install --classic certbot
snap set certbot trust-plugin-with-root=ok
certbot certonly -d mataroa.blog,*.mataroa.blog -m person@example.com --agree-tos

caddy reload --config /home/roa/mataroa/Caddyfile --force

#DNSimple plugin for Let's Encrypt

Only useful if DNS is managed by DNSimple.

snap install certbot-dns-dnsimple
vim /root/.secrets/certbot/dnsimple.ini
chmod 600 /root/.secrets/certbot/dnsimple.ini

#Disable root SSH

vim /etc/ssh/sshd_config
# change line 34 to PermitRootLogin no
# change line 58 to PasswordAuthentication no
systemctl restart ssh

#Clone and Start

sudo -i -u roa
git clone https://github.com/mataroa-blog/mataroa.git
cd mataroa/
uwsgi uwsgi.ini
caddy start --config /home/roa/mataroa/Caddyfile
exit

#Cron

apt install postfix # for cron log to send local emails
apt install mailutils

#MinIO

wget https://dl.min.io/client/mc/release/linux-amd64/mc
chmod +x mc
mv mc /usr/local/bin/