From 8514c54acf7bbdd25ff68efad7e2e71e45bfeff6 Mon Sep 17 00:00:00 2001 From: philc Date: Fri, 28 Apr 2023 14:06:09 +0000 Subject: [PATCH] =?UTF-8?q?Mise=20=C3=A0=20jour=20de=20'Setup'?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Setup.md | 57 +++++++++++++++++++++++++++++++++++++------------------- 1 file changed, 38 insertions(+), 19 deletions(-) diff --git a/Setup.md b/Setup.md index 9d2775f..0267004 100644 --- a/Setup.md +++ b/Setup.md @@ -12,8 +12,11 @@ In any doubt ask the community to set up a production server for small cost for * a **townName** that does not exist (example:) [towns list](https://apxtrib.crabdance.com/socialworld/objects/nations/searchindex/townslist.json) * **sudoerUser** that will be create with root access right on your machine * a **dns** that redirect to your public IP server - - For dev: we'll use keyword unchain set in /etc/hosts with 127.0.0.1 townName.nationName.unchain - - For prod: example: mooo.com, register a townname.nationname A IP adresss with your own domaine (see the free DNS Solution if you have not a domain)[https://gitea.ndda.fr/apxtrib/apxtrib/wiki/UsefullfreeDNS] to get your public IP [https://www.whatismyip.com/](https://www.whatismyip.com) + - For dev: set in /etc/hosts with 127.0.0.1 townName.nationName + - For prod: example: mooo.com, register a townname.nationname A IP adresss with your own domaine + +see the free DNS Solution if you have not a domain [https://gitea.ndda.fr/apxtrib/apxtrib/wiki/UsefullfreeDNS]
+to get your public IP [https://www.whatismyip.com/](https://www.whatismyip.com) **Physical pre-request:** @@ -28,12 +31,11 @@ This tuto will: * use nginx as reverse proxy based on dns abd url to the apXtrib routes * use nginx to serve static file based on dns and file name * use pm2 to manage apxtrib.js, see [pm2 doc](https://pm2.keymetrics.io/docs/usage/pm2-doc-single-page/) -* create your tribes space with your tribe call townname with a Pagan's accessright of druid of your tribe and mayor of your town. * serve the apxtrib webapp graphical interface to manage your env (create new ClientId space, manage your server's ressource,... ) **At the end** * **For production:** you will have a town live instance link to the nationchains. Graphical interface will be on https://townName.nationName.dns with your data -* **For dev:** a local town with **no link to the nationchains**, to create/test plugins/new feature, that you can also use as pre-prod available in http://townname.nationName.unchain +* **For dev:** a local town with **no link to the nationchains**, to create/test plugins/new feature, that you can also use as pre-prod available in http://townname.nationName ## To set up a machine @@ -64,8 +66,6 @@ Create a safe user (with sudo access) in this example phil node --version #to check npm install --global yarn yarn --version - # OPTION if needed Allow a simple user to listen on port 80 on this machine - sudo setcap cap_net_bind_service=+ep /usr/local/bin/node ``` **install nginx and apixpress** @@ -93,16 +93,14 @@ FYI: dev will work without ssl, in production server nginx will manage ssl as a ``` **if you run for the 1st time then you need to set properly ~/workspace/apxtrib/nationchains/www/adminapx/townconf.json ** -Open your browser and type in the url http://localhost/setup.html - ``` { "nationId": "ants", // an existing nation "townId": "wall", // a new town name - "IP":"213.32.65.213", // your public IP adresse where the trafic come from + "IP":"213.32.65.213", // your public IP adresse where the trafic come from or 127.0.0.1 for dev "tribeId":"ndda", // The first tribe of this town to manage the city of tribes - "dns": ["wallant.ndda.fr"],// The dns to access that have to be redirect to the server - "mayorId":"philc", // An alias pagan that can exist or will be created as mayor + "dns": ["wallants.ndda.fr"],// The dns to access that have to be redirect to the server for dev add this line to your /etc/hosts: 127.0.0.1 myapxtrib + "mayorId":"philc", // An alias pagan that can exist or will be created as mayor (check that you own the private key "passphrase":"", // Can be empty or not (if not each time something try to use your private key, it will request you a passphrase. let other setup, except if you understand what you are doing @@ -117,17 +115,40 @@ $ cp /media/phil/HD1To/apixpress/data/nginx/nginx.conf /etc/nginx/nginx.conf # in dev check all servername exist into /etc/hosts as 127.0.0.1 website.clientid $ sudo systemctl restart nginx $ yarn dev # to test or dev
-if it is a production server then
-$ yarn startpm2 +$ yarn unittest # to run unittesting + ``` -Usefull command: +### For production + +Follow the same process than for dev. Main differences are: +* the dns must be register to a physical IP adress check in your browser http://dns answer the apx admin page +* + +**install certbot of let's encrypt for https within nginx conf** + +replace townName.nationName.mooo.com by your data + + ``` -# in DEV -yarn dev = "node apixpress.js" all is log in the terminal -# in PRODUCTION +# in PRODUCTION with your root or sudoer +sudo snap install core +sudo snap refresh core +sudo apt remove certbot +sudo snap install --classic certbot +sudo ln -s /snap/bin/certbot /usr/bin/certbot + +# manual command this is done by the setup sudo certbot --nginx -d townName.nationName.mooo.com +``` + +The last command line is for information this will be run from you admin interface. + + +Ussefull command + +``` To list all the nginx conf that run under nginx, type in apxtrib folder find . -name nginx_*.conf @@ -163,8 +184,6 @@ As dev you'll squeeze many steps, you can use this dev install to: * You can also try to pentest other towns to improve security - - **DEVELOPMENT PURPOSE** Install the document to update it