Aktuelle Version |
Dein Text |
Zeile 8: |
Zeile 8: |
|
| |
|
| --[[Benutzer:PaulRiegel|Paul]] 06:14, 13. Dez. 2014 (CET) | | --[[Benutzer:PaulRiegel|Paul]] 06:14, 13. Dez. 2014 (CET) |
|
| |
| ----
| |
|
| |
| Plone 5 ist veröffentlicht!
| |
|
| |
| --[[Benutzer:PaulRiegel|Paul]] 04:43, 22. Okt. 2015 (CEST)
| |
|
| |
| ----
| |
|
| |
| Wer spielen mag kann, wenn auch nicht bequem aus den Ports (für [[FreeBSD]]), eine [[#Installation Plone 5]] vornehmen und sich ausleben.
| |
|
| |
| Wenn ich die Zeit finde, dann baue ich noch die Tage eine (derartige) Instanz für das Projekt [[Plone/Theming]] ([[website:stura/ref/verwaltung/web/plone-theming]]) als Jail auf [[srs1337]].
| |
|
| |
| --[[Benutzer:PaulRiegel|Paul]] 04:43, 22. Okt. 2015 (CEST)
| |
|
| |
|
| == Installation einer bestimmten (veralteten) Version von [[Plone]] mit ''UnifiedInstaller'' == | | == Installation einer bestimmten (veralteten) Version von [[Plone]] mit ''UnifiedInstaller'' == |
Zeile 469: |
Zeile 455: |
| </pre> | | </pre> |
| <pre> | | <pre> |
| chown -R www:www /usr/local/www/Zope213/var/ | | chown www:www /usr/local/www/Zope213/var |
| chown -R www:www /usr/local/www/Zope213/log/ | | chown www:www /usr/local/www/Zope213/log |
| echo 'zope213_enable="YES"' >> /etc/rc.conf | | echo 'zope213_enable="YES"' >> /etc/rc.conf |
| echo '#zope213_instances="<INSTANCEDIR>"' >> /etc/rc.conf | | echo '#zope213_instances="<INSTANCEDIR>"' >> /etc/rc.conf |
Zeile 724: |
Zeile 710: |
| : <code>cd Plone-5.0-UnifiedInstaller</code> | | : <code>cd Plone-5.0-UnifiedInstaller</code> |
|
| |
|
| ----
| |
|
| |
| [http://docs.plone.org/manage/installing/requirements.html#libraries Plone benennt Anforderungen an Pakete (Bibliotheken).]
| |
| * libz (dev)
| |
| *: ls /usr/lib/libz.so
| |
| * libjpeg (dev)*
| |
| *: pkg install jpeg
| |
| *: ls /usr/local/lib/libjpeg.so
| |
| *:* vielleicht wäre libjpeg-turbo eine Alternative
| |
| *:*: pkg install -y libjpeg-turbo
| |
| * readline (dev)*
| |
| *: pkg install -y readline
| |
| *: ls /usr/local/lib/python2.7/lib-dynload/readline.so
| |
| *: ls /usr/local/lib/libreadline.so
| |
| * libexpat (dev)
| |
| *: ls /usr/local/lib/libexpat.so
| |
| * libssl or openssl (dev)
| |
| *: ls /usr/lib/libssl.so
| |
| *: ls /usr/local/lib/apr-util-1/apr_crypto_openssl.so
| |
| * libxml2 >= 2.7.8 (dev)*
| |
| *: pkg install -y libxml2
| |
| *: ls /usr/local/lib/libxml2.so
| |
| * libxslt >= 1.1.26 (dev)*
| |
| *: pkg install -y libxslt
| |
| *: ls /usr/local/lib/libxslt.so
| |
|
| |
| [http://docs.plone.org/manage/installing/requirements.html#optional-libraries Plone benennt darüber hinaus weiter Anforderungen an Pakete (Bibliotheken).]
| |
|
| |
| * wv
| |
| *: pkg install -y wv
| |
| *: ls /usr/local/lib/libwv.so
| |
| * poppler-utils
| |
| *: pkg install -y poppler-utils
| |
| *: ls /usr/local/lib/libpoppler.so
| |
|
| |
| ----
| |
|
| |
| : <code>mkdir -p /usr/local/www/plone</code>
| |
| :: oder anderswo (statt /usr/local/www/plone)
| |
|
| |
| :: Die install.sh besteht, obwohl das eigentlich anders dokumentiert ist, auf <code>sudo</code>.<!-- Da könnte nochmal näher nachgeschaut werden. --> Das liegt wohl daran, dass sich Plone darum kümmert, dass der Prozess nicht als Account <code>root</code> privilegiert, sondern als Account <code>plone_deamon</code><!-- oder so ähnlich bezeichnet --> betrieben wird und vielleicht mit <code>sudo </code> versorgt werden muss.
| |
| <pre>
| |
| sudo utility is required to do a server-mode install.
| |
| </pre>
| |
| : <code>pkg install -y sudo</code> | | : <code>pkg install -y sudo</code> |
| | | : <code>pkg install -y libxml2</code> |
| : <code>./install.sh --target=/usr/local/www/plone standalone</code>
| | : <code>pkg install -y libxslt</code> |
| | |
| <pre>
| |
| | |
| Testing /usr/local/bin/python2.7 for Zope/Plone requirements....
| |
| /usr/local/bin/python2.7 looks OK. We will use it.
| |
| | |
| | |
| Root install method chosen. Will install for use by users:
| |
| ZEO & Client Daemons: plone_daemon
| |
| Code Resources & buildout: plone_buildout
| |
| | |
| | |
| Detailed installation log being written to /usr/local/install/plone/Plone-5.0-UnifiedInstaller/install.log
| |
| Installing Plone 5.0 at /usr/local/www/plone
| |
| | |
| Using pw to create users and groups
| |
| Creating Python virtual environment.
| |
| New python executable in /usr/local/www/plone/zinstance/bin/python2.7
| |
| Also creating executable in /usr/local/www/plone/zinstance/bin/python
| |
| Installing setuptools, pip, wheel...done.
| |
| Installing zc.buildout in virtual environment.
| |
| Unpacking buildout cache to /usr/local/www/plone/buildout-cache
| |
| Copying Plone-docs
| |
| Copying buildout skeleton
| |
| Building Zope/Plone; this takes a while...
| |
| Buildout completed
| |
|
| |
| #####################################################################
| |
| | |
| ###################### Installation Complete ######################
| |
| | |
| Plone successfully installed at /usr/local/www/plone
| |
| See /usr/local/www/plone/zinstance/README.html
| |
| for startup instructions.
| |
| | |
| Use the account information below to log into the Zope Management Interface
| |
| The account has full 'Manager' privileges.
| |
| | |
| Username: admin
| |
| Password: pa1ss2wo3rd4
| |
| | |
| This account is created when the object database is initialized. If you change
| |
| the password later (which you should!), you'll need to use the new password.
| |
| | |
| Use this account only to create Plone sites and initial users. Do not use it
| |
| for routine login or maintenance.- If you need help, ask in IRC channel #plone on irc.freenode.net. - The live support channel also exists at http://plone.org/chat - You can also ask for help on https://community.plone.org - Submit feedback and report errors at https://github.com/plone/Products.CMFPlone/issues (For install problems, https://github.com/plone/Installers-UnifiedInstaller/issues)
| |
| </pre>
| |
| | |
| : <code>cd /usr/local/www/plone/zinstance</code>
| |
| : <code>./bin/plonectl start</code>
| |
| | |
| ----
| |
| | |
| ; Laden von notwendige Module für Apache prüfen oder konfigurieren
| |
| | |
| : <code>$EDITOR /usr/local/etc/apache24/httpd.conf</code>
| |
| <pre></pre>
| |
| <pre>
| |
| LoadModule headers_module libexec/apache24/mod_headers.so
| |
| </pre>
| |
| <pre></pre>
| |
| <pre>
| |
| #LoadModule proxy_module libexec/apache24/mod_proxy.so
| |
| LoadModule proxy_module libexec/apache24/mod_proxy.so
| |
| </pre>
| |
| <pre></pre>
| |
| <pre>
| |
| #LoadModule proxy_http_module libexec/apache24/mod_proxy_http.so
| |
| LoadModule proxy_http_module libexec/apache24/mod_proxy_http.so
| |
| </pre>
| |
| <pre></pre>
| |
| <pre>
| |
| #LoadModule rewrite_module libexec/apache24/mod_rewrite.so
| |
| LoadModule rewrite_module libexec/apache24/mod_rewrite.so
| |
| </pre>
| |
| <pre></pre>
| |
| | |
| : <code>service apache24 restart</code>
| |
| | |
| ----
| |
| | |
| : <code>$EDITOR /usr/local/etc/apache24/httpd.conf</code>
| |
| <pre></pre>
| |
| <pre>
| |
| #ServerAdmin you@example.com
| |
| ###
| |
| ServerAdmin beastie@space.bsd
| |
| ###
| |
| </pre>
| |
| <pre></pre>
| |
| <pre>
| |
| #ServerName www.example.com:80
| |
| ###
| |
| ServerName plone-5.space.bsd:80
| |
| ###
| |
| </pre>
| |
| <pre></pre>
| |
| | |
| : <code>service apache24 restart</code>
| |
| | |
| ----
| |
| | |
| * in Anlehnung an [http://docs.plone.org/manage/deploying/front-end/apache.html#installing-apache-front-end-for-plone Installing Apache front-end for Plone]
| |
| * in Verbindung mit [https://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewriterule Apache Module mod_rewrite#RewriteRule Directive]
| |
| | |
| : <code>$EDITOR /usr/local/etc/apache24/Includes/vhost-plone.conf</code>
| |
| <pre>
| |
| UseCanonicalName On
| |
| | |
| #NameVirtualHost *
| |
| <VirtualHost *>
| |
| ServerAlias plone-5.space.bsd
| |
| ServerSignature On
| |
| | |
| Header set X-Frame-Options "SAMEORIGIN"
| |
| Header set Strict-Transport-Security "max-age=15768000; includeSubDomains"
| |
| Header set X-XSS-Protection "1; mode=block"
| |
| Header set X-Content-Type-Options "nosniff"
| |
| Header set Content-Security-Policy-Report-Only "default-src 'self'; img-src *; style-src 'unsafe-inline'; script-src 'unsafe-inline' 'unsafe-eval'"
| |
| | |
| ProxyVia On
| |
| | |
| <LocationMatch "^[^/]">
| |
| Deny from all
| |
| </LocationMatch>
| |
| | |
| <Proxy *>
| |
| Order deny,allow
| |
| Allow from all
| |
| </Proxy>
| |
| | |
| RewriteEngine on
| |
| RewriteRule ^/(.*) http://localhost:8080/VirtualHostBase/http/plone-5.space.bsd:80/Plone/VirtualHostRoot/$1 [P,L]
| |
| | |
| </VirtualHost>
| |
| | |
| #<VirtualHost *>
| |
| # ServerAlias *
| |
| # ServerRoot /var/www
| |
| # ServerRoot /usr/local/www
| |
| # ServerSignature On
| |
| #</VirtualHost>
| |
| </pre>
| |
| | |
| : <code>$EDITOR /usr/local/etc/apache24/httpd.conf</code>
| |
| <pre></pre>
| |
| <pre>
| |
| #Include etc/apache24/extra/httpd-vhosts.conf
| |
| Include etc/apache24/extra/httpd-vhost-plone.conf
| |
| </pre>
| |
| <pre></pre>
| |
| | |
| : <code>service apache24 restart</code>
| |
| | |
| ----
| |
| | |
| Einrichtung von subdomains
| |
| : angenommen es gäbe eine bei Zope eine weitere Instanz Plone (für Puffy http://plone-5.space.bsd:8080/puffy) und soll bei der Domain puffy.plone-5.space.bsd erreichbar sein
| |
| | |
| * http://betabug.ch/zope/witch
| |
| | |
| ----
| |
| | |
| Einrichtung von ssl
| |
| | |
| ----
| |
| | |
| Einrichtung caching
| |
| | |
| ; Varnish 4
| |
| | |
| * [http://docs.plone.org/manage/deploying/caching/varnish4.html Plone: Documentation -> Installing, Managing and Updating Plone -> Guide to deploying and installing Plone in production -> Guide to Caching -> Varnish 4.x]
| |
| | |
| : <code>pkg search -D varnish4</code>
| |
| : <code>pkg install varnish4</code> | |
| | |
| ----
| |
| | |
| Einrichtung Mail
| |
| | |
| : <code>$EDITOR /etc/rc.conf</code>
| |
| <pre></pre>
| |
| <pre>
| |
| sendmail_enable="NO"
| |
| #sendmail_submit_enable="NO"
| |
| sendmail_submit_enable="YES"
| |
| sendmail_outbound_enable="NO"
| |
| sendmail_msp_queue_enable="NO"
| |
| </pre>
| |
| <pre></pre>
| |
| | |
| Theoretisch könnte/sollte auch [https://www.freebsd.org/doc/handbook/outgoing-only.html nur das Versendung (von Mails)] eingerichtet werden.
| |
| | |
| ----
| |
| | |
| ; rc.d scripting
| |
| | |
| : <code>$EDITOR /usr/local/etc/rc.d/plone</code>
| |
| <pre>
| |
| #!/bin/sh
| |
| # PROVIDE: plone
| |
| # REQUIRE: LOGIN
| |
| # KEYWORD: shutdown
| |
| | |
| . /etc/rc.subr
| |
| | |
| name="plone"
| |
| rcvar=plone_enable
| |
| | |
| start_cmd="${name}_start"
| |
| stop_cmd="${name}_stop"
| |
| restart_cmd="${name}_restart"
| |
| status_cmd="${name}_status"
| |
| | |
| extra_commands="status"
| |
| | |
| load_rc_config ${name}
| |
| #: ${plone_enable:="NO"}
| |
| | |
| plone_stop()
| |
| {
| |
| /usr/local/www/plone/zinstance/bin/plonectl stop
| |
| }
| |
| | |
| plone_status()
| |
| {
| |
| /usr/local/www/plone/zinstance/bin/plonectl status
| |
| }
| |
| | |
| plone_start()
| |
| {
| |
| /usr/local/www/plone/zinstance/bin/plonectl start
| |
| }
| |
| | |
| plone_restart()
| |
| {
| |
| /usr/local/www/plone/zinstance/bin/plonectl restart
| |
| }
| |
| | |
| run_rc_command "$1"
| |
| </pre>
| |
| | |
| : <code>chmod 540 /usr/local/etc/rc.d/plone</code>
| |
| | |
| : <code>service plone onestart</code>
| |
| : <code>service plone status</code>
| |
| : <code>service plone onestop</code>
| |
| | |
| :: <code>sysrc plone_enable="YES"</code>
| |
| : oder
| |
| :: <code>echo 'plone_enable="YES"' >> /etc/rc.conf</code>
| |
| : oder
| |
| :: <code>$EDITOR /etc/rc.conf</code>
| |
| <pre></pre>
| |
| <pre>
| |
| plone_enable="YES"
| |
| </pre>
| |
| <pre></pre>
| |
| | |
| : <code>service plone start</code>
| |
| : <code>service plone restart</code>
| |
| : <code>service plone status</code>
| |
| : <code>service plone stop</code>
| |
| | |
| == Installation Plone 3 ==
| |
| | |
| ; Siehe auch: https://pentapad.c3d2.de/p/stura-htw-dresden_server_plone-3
| |
| | |
| * FreeNAS 9.3 (Jail)
| |
| | |
| : <code>pkg upgrade -y</code>
| |
| <!--
| |
| : <code>mkdir -p /usr/local/install/plone; cd /usr/local/install/plone</code>
| |
| :: oder anderswo (statt /usr/local/install/plone)
| |
| | |
| : <code>pkg install -y wget</code> | |
| : <code>wget http://launchpad.net/plone/5.0/5.0/+download/Plone-5.0-UnifiedInstaller.tgz</code>
| |
| | |
| : <code>tar -xvf Plone-5.0-UnifiedInstaller.tgz</code>
| |
| : <code>cd Plone-5.0-UnifiedInstaller</code>
| |
| | |
| ----
| |
| | |
| [http://docs.plone.org/manage/installing/requirements.html#libraries Plone benennt Anforderungen an Pakete (Bibliotheken).]
| |
| * libz (dev)
| |
| *: ls /usr/lib/libz.so
| |
| * libjpeg (dev)*
| |
| *: pkg install jpeg
| |
| *: ls /usr/local/lib/libjpeg.so
| |
| *:* vielleicht wäre libjpeg-turbo eine Alternative
| |
| *:*: pkg install -y libjpeg-turbo
| |
| * readline (dev)*
| |
| *: pkg install -y readline
| |
| *: ls /usr/local/lib/python2.7/lib-dynload/readline.so
| |
| *: ls /usr/local/lib/libreadline.so
| |
| * libexpat (dev)
| |
| *: ls /usr/local/lib/libexpat.so
| |
| * libssl or openssl (dev)
| |
| *: ls /usr/lib/libssl.so
| |
| *: ls /usr/local/lib/apr-util-1/apr_crypto_openssl.so
| |
| * libxml2 >= 2.7.8 (dev)*
| |
| *: pkg install -y libxml2
| |
| *: ls /usr/local/lib/libxml2.so
| |
| * libxslt >= 1.1.26 (dev)*
| |
| *: pkg install -y libxslt
| |
| *: ls /usr/local/lib/libxslt.so
| |
| | |
| [http://docs.plone.org/manage/installing/requirements.html#optional-libraries Plone benennt darüber hinaus weiter Anforderungen an Pakete (Bibliotheken).]
| |
| | |
| * wv
| |
| *: pkg install -y wv
| |
| *: ls /usr/local/lib/libwv.so
| |
| * poppler-utils
| |
| *: pkg install -y poppler-utils
| |
| *: ls /usr/local/lib/libpoppler.so
| |
| | |
| ----
| |
|
| |
|
| : <code>mkdir -p /usr/local/www/plone</code> | | : <code>mkdir -p /usr/local/www/plone</code> |
| :: oder anderswo (statt /usr/local/www/plone) | | :: oder anderswo (statt /usr/local/www/plone) |
|
| |
| :: Die install.sh besteht, obwohl das eigentlich anders dokumentiert ist, auf <code>sudo</code>.<!- Da könnte nochmal näher nachgeschaut werden. -> Das liegt wohl daran, dass sich Plone darum kümmert, dass der Prozess nicht als Account <code>root</code> privilegiert, sondern als Account <code>plone_deamon</code><!- oder so ähnlich bezeichnet -> betrieben wird und vielleicht mit <code>sudo </code> versorgt werden muss.
| |
| <pre>
| |
| sudo utility is required to do a server-mode install.
| |
| </pre>
| |
| : <code>pkg install -y sudo</code>
| |
|
| |
|
| : <code>./install.sh --target=/usr/local/www/plone standalone</code> | | : <code>./install.sh --target=/usr/local/www/plone standalone</code> |
|
| |
|
| <pre> | | <pre> |
|
| |
| Testing /usr/local/bin/python2.7 for Zope/Plone requirements.... | | Testing /usr/local/bin/python2.7 for Zope/Plone requirements.... |
| /usr/local/bin/python2.7 looks OK. We will use it. | | /usr/local/bin/python2.7 looks OK. We will use it. |
Zeile 1.115: |
Zeile 733: |
|
| |
|
| Using pw to create users and groups | | Using pw to create users and groups |
| | plone_group already exists; no need to create it. |
| | User plone_daemon already exists. No need to create it. |
| | Adding user plone_daemon to group plone_group. |
| | User plone_buildout already exists. No need to create it. |
| | Adding user plone_buildout to group plone_group. |
| Creating Python virtual environment. | | Creating Python virtual environment. |
| New python executable in /usr/local/www/plone/zinstance/bin/python2.7 | | New python executable in /usr/local/www/plone/zinstance/bin/python2.7 |
Zeile 1.124: |
Zeile 747: |
| Copying buildout skeleton | | Copying buildout skeleton |
| Building Zope/Plone; this takes a while... | | Building Zope/Plone; this takes a while... |
| Buildout completed
| |
|
| |
| #####################################################################
| |
|
| |
|
| ###################### Installation Complete ######################
| | Failed: JPEG support is not available. |
| | |
| Plone successfully installed at /usr/local/www/plone
| |
| See /usr/local/www/plone/zinstance/README.html
| |
| for startup instructions.
| |
| | |
| Use the account information below to log into the Zope Management Interface
| |
| The account has full 'Manager' privileges.
| |
| | |
| Username: admin
| |
| Password: pa1ss2wo3rd4
| |
| | |
| This account is created when the object database is initialized. If you change
| |
| the password later (which you should!), you'll need to use the new password.
| |
|
| |
|
| Use this account only to create Plone sites and initial users. Do not use it
| | Try preinstalling up-to-date libjpeg development libraries, then run |
| for routine login or maintenance.- If you need help, ask in IRC channel #plone on irc.freenode.net. - The live support channel also exists at http://plone.org/chat - You can also ask for help on https://community.plone.org - Submit feedback and report errors at https://github.com/plone/Products.CMFPlone/issues (For install problems, https://github.com/plone/Installers-UnifiedInstaller/issues)
| | the installer again. |
| | Buildout failed. Unable to continue |
| | Installation has failed. |
| | See the detailed installation log at /usr/local/install/plone/Plone-5.0-UnifiedInstaller/install.log |
| | to determine the cause. |
| </pre> | | </pre> |
|
| |
|
| : <code>cd /usr/local/www/plone/zinstance</code> | | : <code>cd /usr/local/www/plone/zinstance</code> |
| : <code>./bin/plonectl start</code> | | : <code>./bin/plonectl start</code> |
|
| |
| ----
| |
|
| |
| ; Laden von notwendige Module für Apache prüfen oder konfigurieren
| |
|
| |
| : <code>$EDITOR /usr/local/etc/apache24/httpd.conf</code>
| |
| <pre></pre>
| |
| <pre>
| |
| LoadModule headers_module libexec/apache24/mod_headers.so
| |
| </pre>
| |
| <pre></pre>
| |
| <pre>
| |
| #LoadModule proxy_module libexec/apache24/mod_proxy.so
| |
| LoadModule proxy_module libexec/apache24/mod_proxy.so
| |
| </pre>
| |
| <pre></pre>
| |
| <pre>
| |
| #LoadModule proxy_http_module libexec/apache24/mod_proxy_http.so
| |
| LoadModule proxy_http_module libexec/apache24/mod_proxy_http.so
| |
| </pre>
| |
| <pre></pre>
| |
| <pre>
| |
| #LoadModule rewrite_module libexec/apache24/mod_rewrite.so
| |
| LoadModule rewrite_module libexec/apache24/mod_rewrite.so
| |
| </pre>
| |
| <pre></pre>
| |
|
| |
| : <code>service apache24 restart</code>
| |
|
| |
| ----
| |
|
| |
| : <code>$EDITOR /usr/local/etc/apache24/httpd.conf</code>
| |
| <pre></pre>
| |
| <pre>
| |
| #ServerAdmin you@example.com
| |
| ###
| |
| ServerAdmin beastie@space.bsd
| |
| ###
| |
| </pre>
| |
| <pre></pre>
| |
| <pre>
| |
| #ServerName www.example.com:80
| |
| ###
| |
| ServerName plone-5.space.bsd:80
| |
| ###
| |
| </pre>
| |
| <pre></pre>
| |
|
| |
| : <code>service apache24 restart</code>
| |
|
| |
| ----
| |
|
| |
| * in Anlehnung an [http://docs.plone.org/manage/deploying/front-end/apache.html#installing-apache-front-end-for-plone Installing Apache front-end for Plone]
| |
| * in Verbindung mit [https://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewriterule Apache Module mod_rewrite#RewriteRule Directive]
| |
|
| |
| : <code>$EDITOR /usr/local/etc/apache24/Includes/vhost-plone.conf</code>
| |
| <pre>
| |
| UseCanonicalName On
| |
|
| |
| #NameVirtualHost *
| |
| <VirtualHost *>
| |
| ServerAlias plone-5.space.bsd
| |
| ServerSignature On
| |
|
| |
| Header set X-Frame-Options "SAMEORIGIN"
| |
| Header set Strict-Transport-Security "max-age=15768000; includeSubDomains"
| |
| Header set X-XSS-Protection "1; mode=block"
| |
| Header set X-Content-Type-Options "nosniff"
| |
| Header set Content-Security-Policy-Report-Only "default-src 'self'; img-src *; style-src 'unsafe-inline'; script-src 'unsafe-inline' 'unsafe-eval'"
| |
|
| |
| ProxyVia On
| |
|
| |
| <LocationMatch "^[^/]">
| |
| Deny from all
| |
| </LocationMatch>
| |
|
| |
| <Proxy *>
| |
| Order deny,allow
| |
| Allow from all
| |
| </Proxy>
| |
|
| |
| RewriteEngine on
| |
| RewriteRule ^/(.*) http://localhost:8080/VirtualHostBase/http/plone-5.space.bsd:80/Plone/VirtualHostRoot/$1 [P,L]
| |
|
| |
| </VirtualHost>
| |
|
| |
| #<VirtualHost *>
| |
| # ServerAlias *
| |
| # ServerRoot /var/www
| |
| # ServerRoot /usr/local/www
| |
| # ServerSignature On
| |
| #</VirtualHost>
| |
| </pre>
| |
|
| |
| : <code>$EDITOR /usr/local/etc/apache24/httpd.conf</code>
| |
| <pre></pre>
| |
| <pre>
| |
| #Include etc/apache24/extra/httpd-vhosts.conf
| |
| Include etc/apache24/extra/httpd-vhost-plone.conf
| |
| </pre>
| |
| <pre></pre>
| |
|
| |
| : <code>service apache24 restart</code>
| |
|
| |
| ----
| |
|
| |
| Einrichtung von subdomains
| |
| : angenommen es gäbe eine bei Zope eine weitere Instanz Plone (für Puffy http://plone-5.space.bsd:8080/puffy) und soll bei der Domain puffy.plone-5.space.bsd erreichbar sein
| |
|
| |
| * http://betabug.ch/zope/witch
| |
|
| |
| ----
| |
|
| |
| Einrichtung von ssl
| |
|
| |
| ----
| |
|
| |
| Einrichtung caching
| |
|
| |
| ; Varnish 4
| |
|
| |
| * [http://docs.plone.org/manage/deploying/caching/varnish4.html Plone: Documentation -> Installing, Managing and Updating Plone -> Guide to deploying and installing Plone in production -> Guide to Caching -> Varnish 4.x]
| |
|
| |
| : <code>pkg search -D varnish4</code>
| |
| : <code>pkg install varnish4</code>
| |
|
| |
| ----
| |
|
| |
| Einrichtung Mail
| |
|
| |
| : <code>$EDITOR /etc/rc.conf</code>
| |
| <pre></pre>
| |
| <pre>
| |
| sendmail_enable="NO"
| |
| #sendmail_submit_enable="NO"
| |
| sendmail_submit_enable="YES"
| |
| sendmail_outbound_enable="NO"
| |
| sendmail_msp_queue_enable="NO"
| |
| </pre>
| |
| <pre></pre>
| |
|
| |
| Theoretisch könnte/sollte auch [https://www.freebsd.org/doc/handbook/outgoing-only.html nur das Versendung (von Mails)] eingerichtet werden.
| |
| -->
| |
|
| |
| == Customizing vom Layout ==
| |
|
| |
| * https://stackoverflow.com/questions/31781909/why-is-the-plonecustom-css-stylesheet-not-loaded#31787068
| |
|
| |
| == Plone 5 TurnKey Linux ==
| |
|
| |
| === Plone 5 TurnKey Linux Buildout ===
| |
|
| |
| Um Buildout in Turnkey-Linux auszuführen, muss man einen eigenen Nutzer verwenden:
| |
|
| |
| sudo -u plone_buildout bin/buildout
| |
|
| |
| ----
| |
|
| |
| Mutmaßlich gilt das für Plone 5.
| |
|
| |
| --[[Benutzer:PaulRiegel|Paul]] 11:48, 9. Nov. 2021 (CET)
| |
|
| |
| == Test von Plone 6 (als LXC Debian 11 auf PVE 7) ==
| |
|
| |
| 136
| |
|
| |
| ----
| |
|
| |
| Was soll die Zahl sagen?
| |
|
| |
| [https://pro.stura.htw-dresden.de/issues/136 Aufgabe 136] ist es nicht.
| |
|
| |
| [https://10.1.0.31:8006/#v1:0:=lxc%2F136:4:5:::::: CT (oder VM) 136] ist es nicht.
| |
|
| |
| --[[Benutzer:PaulRiegel|Paul]] 11:42, 9. Nov. 2021 (CET)
| |
|
| |
| == Installation Plone 6 ==
| |
|
| |
| === Installation Plone 6 Vorbereitung ===
| |
|
| |
| ==== Installation Plone 6 Umgebung ====
| |
|
| |
| ; Host: PCT (LXC on Proxmox) Debian stable (11)
| |
|
| |
| ==== Installation Plone 6 Aktualisierung bestehender Pakete ====
| |
|
| |
| : <code>apt update</code>
| |
| : <code>apt -y upgrade</code>
| |
|
| |
| === Installation Plone 6 backend ===
| |
|
| |
| ==== Installation Plone 6 backend Installation benötigter Pakete ====
| |
|
| |
| https://training.plone.org/5/mastering-plone/installation.html#prerequisites
| |
| : <code>apt -y install python3.9-dev python3.9-tk python3.9-venv build-essential libssl-dev libxml2-dev libxslt1-dev libbz2-dev libjpeg62-turbo-dev</code>
| |
| : <code>apt -y install libreadline-dev wv poppler-utils</code>
| |
| : <code>apt -y install git</code>
| |
|
| |
| : <s><code>apt -y install python3-pip</code></s>
| |
|
| |
| ==== Installation Plone 6 backend pip ====
| |
|
| |
| https://plone.org/download/releases/6.0.0a2
| |
|
| |
| ----
| |
|
| |
| {| class="wikitable"
| |
| |-
| |
| ! buildout style
| |
| ! pip style
| |
| |-
| |
| | colspan=2 |
| |
| : <code>mkdir plone</code>
| |
| : <code>cd plone/</code>
| |
| |-
| |
| | colspan=2 |
| |
| : <code>mkdir backend</code>
| |
| : <code>cd backend/</code>
| |
| |-
| |
| |
| |
| : <code>nano buildout.cfg</code>
| |
| <pre>
| |
| [buildout]
| |
| extends = https://dist.plone.org/release/6.0.0a2/versions.cfg
| |
| parts = instance
| |
|
| |
| [instance]
| |
| recipe = plone.recipe.zope2instance
| |
| eggs =
| |
| Plone
| |
| plone.volto
| |
| user = admin:admin
| |
| zodb-temporary-storage = off
| |
| </pre>
| |
| : <s><code>chmod +x buildout.cfg</code></s>
| |
| |
| |
|
| |
|
| |
| |-
| |
| | colspan=2 |
| |
| : <code>python3.9 -m venv .</code>
| |
| |-
| |
| |
| |
| : <code>bin/pip install -r https://dist.plone.org/release/6.0.0a2/requirements.txt</code>
| |
| : <code>bin/buildout</code>
| |
| |
| |
| : <code>bin/pip install -U pip setuptools wheel</code>
| |
| : <code>bin/pip install Plone plone.volto -c https://dist.plone.org/release/6.0.0a2/constraints.txt --use-deprecated legacy-resolver</code>
| |
| : <code>bin/mkwsgiinstance -u admin:admin -d .</code>
| |
| |-
| |
| |
| |
| : <code>bin/instance fg</code>
| |
| |
| |
| : <code>bin/runwsgi -v etc/zope.ini</code>
| |
| |-
| |
| |
| |
| |
| |
| : <code>nano etc/zope.ini</code>
| |
| <pre></pre>
| |
| <pre>
| |
| #host = 127.0.0.1
| |
| host = 0.0.0.0
| |
| </pre>
| |
| <pre></pre>
| |
| : <code>bin/runwsgi -v etc/zope.ini</code>
| |
| |-
| |
| |}
| |
|
| |
| === Installation Plone 6 backend Nachbereitung ===
| |
|
| |
| ==== Installation Plone 6 backend Änderung Dienst starten ====
| |
| <!--
| |
|
| |
| : <code>systemctl status plone</code>
| |
| : <code>systemctl start plone</code>
| |
| : <code>systemctl enable plone</code>
| |
| !-->
| |
|
| |
| ==== Installation Plone 6 backend Änderung vom Passwort bei Zope ====
| |
|
| |
| Die standardmäßigen Zugangsdaten sind
| |
| ; Konto: admin
| |
| ; Passwort: admin
| |
| .
| |
|
| |
| Bei
| |
| : http://127.0.0.1:8080/acl_users/users/manage_users
| |
| ist das (einzige) Konto ''admin'' zu finden.
| |
|
| |
| Bei
| |
| : http://127.0.0.1:8080/acl_users/users/manage_users?user_id=admin&passwd=1
| |
| kann das Passwort geändert werden.
| |
|
| |
| ==== Installation Plone 6 web server ====
| |
|
| |
| ===== Installation Plone 6 nginx =====
| |
|
| |
| http://plone-6.test.domain.tld:8080/Plone
| |
|
| |
| ----
| |
|
| |
| : <code>apt -y install nginx</code>
| |
|
| |
| : <code>less /etc/nginx/sites-available/default</code>
| |
|
| |
| https://docs.plone.org/manage/deploying/front-end/nginx.html#minimal-nginx-front-end-configuration-for-plone-on-ubuntu-debian-linux
| |
| : <code>nano /etc/nginx/sites-available/plone-6.test.domain.tld</code>
| |
| <pre>
| |
| add_header X-Frame-Options "SAMEORIGIN";
| |
| add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
| |
| add_header X-XSS-Protection "1; mode=block";
| |
| add_header X-Content-Type-Options "nosniff";
| |
| #add_header Content-Security-Policy "default-src 'self'; img-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'";
| |
| add_header Content-Security-Policy-Report-Only "default-src 'self'; img-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'";
| |
|
| |
| upstream plone {
| |
| server 127.0.0.1:8080;
| |
| }
| |
|
| |
| server {
| |
| listen 80;
| |
| server_name plone-6.test.domain.tld;
| |
| access_log /var/log/nginx/plone-6.test.domain.tld.access.log;
| |
| error_log /var/log/nginx/plone-6.test.domain.tld.error.log;
| |
| location / {
| |
| proxy_pass http://plone/VirtualHostBase/http/plone-6.test.domain.tld:80/Plone/VirtualHostRoot/;
| |
| }
| |
| }
| |
| </pre>
| |
|
| |
| : <code>ln -s /etc/nginx/sites-available/plone-6.test.domain.tld /etc/nginx/sites-enabled/plone-6.test.domain.tld</code>
| |
|
| |
| : <code>apt -y install certbot</code>
| |
| : <code>apt -y install python3-certbot-nginx</code>
| |
|
| |
| : <code>certbot --nginx</code>
| |
|
| |
| : <code>nano /etc/nginx/sites-enabled/plone-6.test.domain.tld</code>
| |
| <pre>
| |
| add_header X-Frame-Options "SAMEORIGIN";
| |
| add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
| |
| add_header X-XSS-Protection "1; mode=block";
| |
| add_header X-Content-Type-Options "nosniff";
| |
| #add_header Content-Security-Policy "default-src 'self'; img-src *; style-src 'self' 'unsafe-inline'; script-src 'sel>
| |
| add_header Content-Security-Policy-Report-Only "default-src 'self'; img-src *; style-src 'self' 'unsafe-inline'; scri>
| |
|
| |
| upstream plone {
| |
| server 127.0.0.1:8080;
| |
| }
| |
|
| |
| server {
| |
| server_name plone-6.test.domain.tld;
| |
| access_log /var/log/nginx/plone-6.test.domain.tld.access.log;
| |
| error_log /var/log/nginx/plone-6.test.domain.tld.error.log;
| |
| location / {
| |
| # proxy_pass http://plone/VirtualHostBase/http/plone-6.test.domain.tld:80/Plone/VirtualHostRoot/;
| |
| proxy_pass http://plone/VirtualHostBase/https/plone-6.test.domain.tld:443/VirtualHostRoot/;
| |
| # proxy_pass http://plone/VirtualHostBase/https/plone-6.test.domain.tld:443/Plone/VirtualHostRoot/;
| |
| }
| |
|
| |
| listen 443 ssl; # managed by Certbot
| |
| ssl_certificate /etc/letsencrypt/live/plone-6.test.domain.tld/fullchain.pem; # managed by Certbot
| |
| ssl_certificate_key /etc/letsencrypt/live/plone-6.test.domain.tld/privkey.pem; # managed by Certbot
| |
| include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
| |
| ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
| |
| }
| |
|
| |
| server {
| |
| if ($host = plone-6.test.domain.tld) {
| |
| return 301 https://$host$request_uri;
| |
| } # managed by Certbot
| |
| listen 80;
| |
| server_name plone-6.test.domain.tld;
| |
| return 404; # managed by Certbot
| |
| }
| |
| </pre>
| |
| : <code>systemctl reload nginx</code>
| |
|
| |
| ----
| |
|
| |
| https://plone-6.test.domain.tld/Plone
| |
|
| |
| ----
| |
|
| |
| : <code>nano etc/zope.ini</code>
| |
| <pre></pre>
| |
| <pre>
| |
| host = 127.0.0.1
| |
| ####host = 0.0.0.0
| |
| </pre>
| |
| <pre></pre>
| |
|
| |
| : <code>bin/runwsgi -v etc/zope.ini</code>
| |
| <pre></pre>
| |
| <pre>
| |
| 2021-13-42 01:23:45 INFO [Zope:42][MainThread] Ready to handle requests
| |
| Starting server in PID 126997.
| |
| 2021-13-42 01:23:45 INFO [waitress:485][MainThread] Serving on http://127.0.0.1:8080
| |
| </pre>
| |
|
| |
| ===== Installation Plone 6 Apache =====
| |
|
| |
| ==== Installation Plone 6 frontend ====
| |
|
| |
| https://training.plone.org/5/mastering-plone/installation.html#installing-plone-frontend
| |
|
| |
| == proxy web server ==
| |
|
| |
| https://www.starzel.de/blog/securing-plone-sites-with-https-and-nginx
| |