forked from AkkomaGang/akkoma
Adding installation documentation for FreeBSD + rc.d script
This commit is contained in:
parent
014f91c1c3
commit
07376bd21a
2 changed files with 229 additions and 0 deletions
201
docs/installation/freebsd_en.md
Normal file
201
docs/installation/freebsd_en.md
Normal file
|
@ -0,0 +1,201 @@
|
|||
# Installing on FreeBSD
|
||||
|
||||
This document was written for FreeBSD 12.1, but should be trivially trailerable to future releases.
|
||||
Additionally, this guide document can be modified to
|
||||
|
||||
## Required software
|
||||
|
||||
This assumes the target system has `pkg(8)`.
|
||||
|
||||
`# pkg install elixir postgresql12-server postgresql12-client postgresql12-contrib git-lite sudo nginx gmake acme.sh`
|
||||
|
||||
Copy the rc.d scripts to the right directory:
|
||||
|
||||
Setup the required services to automatically start at boot, using `sysrc(8)`.
|
||||
|
||||
```
|
||||
# sysrc nginx_enable=YES
|
||||
# sysrc postgresql_enable=YES
|
||||
```
|
||||
|
||||
## Initialize postgres
|
||||
|
||||
```
|
||||
# service postgresql initdb
|
||||
# service postgresql start
|
||||
```
|
||||
|
||||
## Configuring Pleroma
|
||||
|
||||
Create a user for Pleroma:
|
||||
|
||||
```
|
||||
# pw add user pleroma -m
|
||||
# echo 'export LC_ALL="en_US.UTF-8"' >> /home/pleroma/.profile
|
||||
# su -l pleroma
|
||||
```
|
||||
|
||||
Clone the repository:
|
||||
|
||||
```
|
||||
$ cd $HOME # Should be the same as /home/pleroma
|
||||
$ git clone -b stable https://git.pleroma.social/pleroma/pleroma.git
|
||||
```
|
||||
|
||||
Configure Pleroma. Note that you need a domain name at this point:
|
||||
|
||||
```
|
||||
$ cd /home/pleroma/pleroma
|
||||
$ mix deps.get
|
||||
$ mix pleroma.instance gen # You will be asked a few questions here.
|
||||
$ cp config/generated_config.exs config/prod.secret.exs # The default values should be sufficient but you should edit it and check that everything seems OK.
|
||||
```
|
||||
|
||||
Since Postgres is configured, we can now initialize the database. There should
|
||||
now be a file in `config/setup_db.psql` that makes this easier. Edit it, and
|
||||
*change the password* to a password of your choice. Make sure it is secure, since
|
||||
it'll be protecting your database. As root, you can now initialize the database:
|
||||
|
||||
```
|
||||
# cd /home/pleroma/pleroma
|
||||
# sudo -Hu postgres -g postgres psql -f config/setup_db.psql
|
||||
```
|
||||
|
||||
Postgres allows connections from all users without a password by default. To
|
||||
fix this, edit `/var/db/postgres/data12/pg_hba.conf`. Change every `trust` to
|
||||
`password`.
|
||||
|
||||
Once this is done, restart Postgres with `# service postgresql restart`.
|
||||
|
||||
Run the database migrations.
|
||||
|
||||
Back as the pleroma user, you will need to do this whenever you update with `git pull`:
|
||||
|
||||
```
|
||||
# su -l pleroma
|
||||
$ cd /home/pleroma/pleroma
|
||||
$ MIX_ENV=prod mix ecto.migrate
|
||||
```
|
||||
|
||||
## Configuring nginx
|
||||
|
||||
Install the example configuration file
|
||||
`/home/pleroma/pleroma/installation/pleroma.nginx` to
|
||||
`/usr/local/etc/nginx/nginx.conf`.
|
||||
|
||||
Note that it will need to be wrapped in a `http {}` block. You should add
|
||||
settings for the nginx daemon outside of the http block, for example:
|
||||
|
||||
```
|
||||
user nginx nginx;
|
||||
error_log /var/log/nginx/error.log;
|
||||
worker_processes 4;
|
||||
|
||||
events {
|
||||
}
|
||||
```
|
||||
|
||||
Edit the defaults:
|
||||
|
||||
* Change `ssl_certificate` and `ssl_trusted_certificate` to
|
||||
`/etc/ssl/example.tld/fullchain`.
|
||||
* Change `ssl_certificate_key` to `/etc/ssl/example.tld/key`.
|
||||
* Change `example.tld` to your instance's domain name.
|
||||
|
||||
## Configuring acme.sh
|
||||
|
||||
We'll be using acme.sh in Stateless Mode for TLS certificate renewal.
|
||||
|
||||
First, get your account fingerprint:
|
||||
|
||||
```
|
||||
$ sudo -Hu nginx -g nginx acme.sh --register-account
|
||||
```
|
||||
|
||||
You need to add the following to your nginx configuration for the server
|
||||
running on port 80:
|
||||
|
||||
```
|
||||
location ~ ^/\.well-known/acme-challenge/([-_a-zA-Z0-9]+)$ {
|
||||
default_type text/plain;
|
||||
return 200 "$1.6fXAG9VyG0IahirPEU2ZerUtItW2DHzDzD9wZaEKpqd";
|
||||
}
|
||||
```
|
||||
|
||||
Replace the string after after `$1.` with your fingerprint.
|
||||
|
||||
Start nginx:
|
||||
|
||||
```
|
||||
# service nginx start
|
||||
```
|
||||
|
||||
It should now be possible to issue a cert (replace `example.com`
|
||||
with your domain name):
|
||||
|
||||
```
|
||||
$ sudo -Hu nginx -g nginx acme.sh --issue -d example.com --stateless
|
||||
$ acme.sh --install-cert -d example.com \
|
||||
--key-file /path/to/keyfile/in/nginx/key.pem \
|
||||
--fullchain-file /path/to/fullchain/nginx/cert.pem \
|
||||
```
|
||||
|
||||
Let's add auto-renewal to `/etc/daily.local`
|
||||
(replace `example.com` with your domain):
|
||||
|
||||
```
|
||||
/usr/pkg/bin/sudo -Hu nginx -g nginx \
|
||||
/usr/pkg/sbin/acme.sh -r \
|
||||
-d example.com \
|
||||
--cert-file /etc/nginx/tls/cert \
|
||||
--key-file /etc/nginx/tls/key \
|
||||
--ca-file /etc/nginx/tls/ca \
|
||||
--fullchain-file /etc/nginx/tls/fullchain \
|
||||
--stateless
|
||||
```
|
||||
|
||||
## Creating a startup script for Pleroma
|
||||
|
||||
Pleroma will need to compile when it initially starts, which typically takes a longer
|
||||
period of time. Therefore, it is good practice to initially run pleroma from the
|
||||
command-line before utilizing the rc.d script. That is done as follows:
|
||||
|
||||
```
|
||||
# su -l pleroma
|
||||
$ cd $HOME/pleroma
|
||||
$ MIX_ENV=prod mix phx.server
|
||||
```
|
||||
|
||||
Copy the startup script to the correct location and make sure it's executable:
|
||||
|
||||
```
|
||||
# cp /home/pleroma/pleroma/installation/freebsd/rc.d/pleroma /usr/local/etc/rc.d/pleroma
|
||||
# chmod +x /etc/rc.d/pleroma
|
||||
```
|
||||
|
||||
Add the following to `/etc/rc.conf`:
|
||||
|
||||
```
|
||||
pleroma=YES
|
||||
pleroma_home="/home/pleroma"
|
||||
pleroma_user="pleroma"
|
||||
```
|
||||
|
||||
Run `# /etc/rc.d/pleroma start` to start Pleroma.
|
||||
|
||||
## Conclusion
|
||||
|
||||
Restart nginx with `# /etc/rc.d/nginx restart` and you should be up and running.
|
||||
|
||||
If you need further help, contact niaa on freenode.
|
||||
|
||||
Make sure your time is in sync, or other instances will receive your posts with
|
||||
incorrect timestamps. You should have ntpd running.
|
||||
|
||||
#### Further reading
|
||||
|
||||
{! backend/installation/further_reading.include !}
|
||||
|
||||
## Questions
|
||||
|
||||
Questions about the installation or didn’t it work as it should be, ask in [#pleroma:matrix.org](https://matrix.heldscal.la/#/room/#freenode_#pleroma:matrix.org) or IRC Channel **#pleroma** on **Freenode**.
|
28
installation/freebsd/rc.d/pleroma
Executable file
28
installation/freebsd/rc.d/pleroma
Executable file
|
@ -0,0 +1,28 @@
|
|||
#!/bin/sh
|
||||
# REQUIRE: DAEMON postgresql
|
||||
# PROVIDE: pleroma
|
||||
|
||||
# sudo -u pleroma MIX_ENV=prod elixir --erl \"-detached\" -S mix phx.server
|
||||
|
||||
. /etc/rc.subr
|
||||
|
||||
name="pleroma"
|
||||
desc="Pleroma Social Media Platform"
|
||||
rcvar=${name}_enable
|
||||
command="/usr/local/bin/elixir"
|
||||
command_args="--erl \"-detached\" -S /usr/local/bin/mix phx.server"
|
||||
pidfile="/dev/null"
|
||||
|
||||
pleroma_user="pleroma"
|
||||
pleroma_home="/home/pleroma"
|
||||
pleroma_chdir="${pleroma_home}/pleroma"
|
||||
pleroma_env="HOME=${pleroma_home} MIX_ENV=prod"
|
||||
|
||||
check_pidfile()
|
||||
{
|
||||
pid=$(pgrep beam.smp$)
|
||||
echo -n "${pid}"
|
||||
}
|
||||
|
||||
load_rc_config ${name}
|
||||
run_rc_command "$1"
|
Loading…
Reference in a new issue