Server/Mattermost: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(Die Seite wurde neu angelegt: „--- : <code>pkg install -y apache24</code> : <code>sysrc apache24_enable="YES"</code> : <code>service apache24 start</code> --- : <code>pkg install -y mattermo…“) |
Keine Bearbeitungszusammenfassung |
||
(17 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
Zeile 1: | Zeile 1: | ||
--- | == Installation == | ||
: <code>pkg | |||
==== Installation Mattermost ==== | |||
---- | |||
; Installation vom Dienst (Server) Mattermost: | |||
Installieren vom Paket ''[[freshports:www/mattermost-server|mattermost-server]]'' | |||
: <code>pkg ins -y mattermost-server</code> | |||
<pre></pre> | |||
<pre> | |||
===> Creating groups. | |||
Creating group 'mattermost' with gid '889'. | |||
===> Creating users | |||
Creating user 'mattermost' with uid '889'. | |||
</pre> | |||
<pre> | |||
===> Creating groups. | |||
Using existing group 'mattermost'. | |||
===> Creating users | |||
Using existing user 'mattermost'. | |||
</pre> | |||
<pre></pre> | |||
<!-- | |||
<pre> | |||
Message from ca_root_nss-3.40: | |||
********************************* WARNING ********************************* | |||
FreeBSD does not, and can not warrant that the certification authorities | |||
whose certificates are included in this package have in any way been | |||
audited for trustworthiness or RFC 3647 compliance. | |||
Assessment and verification of trust is the complete responsibility of the | |||
system administrator. | |||
*********************************** NOTE ********************************** | |||
This package installs symlinks to support root certificates discovery by | |||
default for software that uses OpenSSL. | |||
This enables SSL Certificate Verification by client software without manual | |||
intervention. | |||
If you prefer to do this manually, replace the following symlinks with | |||
either an empty file or your site-local certificate bundle. | |||
* /etc/ssl/cert.pem | |||
* /usr/local/etc/ssl/cert.pem | |||
* /usr/local/openssl/cert.pem | |||
*************************************************************************** | |||
</pre> | |||
!--> | |||
(optionales) Begutachten vom Verzeichnis vom Dienst ''mattermost'' | |||
: <code>ls /usr/local/www/mattermost</code> | : <code>ls /usr/local/www/mattermost</code> | ||
: <code>sysrc mattermostd_enable= | <pre> | ||
client fonts i18n templates | |||
</pre> | |||
Aktivieren vom Dienst ''mattermost'' (für jeden Neustart) | |||
: <code>sysrc mattermostd_enable=YES</code> | |||
<pre> | |||
mattermostd_enable: -> YES | |||
</pre> | |||
Starten vom Dienst ''mattermost'' | |||
: <code>service mattermostd start</code> | : <code>service mattermostd start</code> | ||
<pre> | |||
Starting mattermostd. | |||
</pre> | |||
Anzeigen (lassen) vom Status vom Dienst ''mattermost'' | |||
: <code>service mattermostd status</code> | : <code>service mattermostd status</code> | ||
<pre> | <pre> | ||
mattermostd is not running. | mattermostd is not running. | ||
</pre> | </pre> | ||
<code>cp /usr/local/etc/mattermost/config.json.sample /usr/local/etc/mattermost/config.json</code> | ---- | ||
<code> | : <code>cp /usr/local/etc/mattermost/config.json.sample /usr/local/etc/mattermost/config.json</code> | ||
: <code>less /usr/local/etc/mattermost/config.json.sample /usr/local/etc/mattermost/config.json</code> | |||
<pre></pre> | |||
<pre> | |||
"SqlSettings": { | |||
"DriverName": "mysql", | |||
"DataSource": "mmuser:mostest@tcp(dockerhost:3306)/mattermost_test?charset=utf8mb4,utf8&readTimeout=30s&writeTimeout=30s", | |||
"DataSourceReplicas": [], | |||
"DataSourceSearchReplicas": [], | |||
"MaxIdleConns": 20, | |||
"MaxOpenConns": 300, | |||
"Trace": false, | |||
"AtRestEncryptKey": "", | |||
"QueryTimeout": 30 | |||
}, | |||
</pre> | |||
<pre></pre> | |||
==== Installation Datenbank ==== | |||
---- | |||
; Installation vom Dienst Datenbank: | |||
: Mattermost benennt (aktuell (2018-11-24)) als mögliche Programme als Dienst Datenbank (zum lokalen selbst Betreiben) | |||
:* MySQL | |||
:** 5.6 | |||
:** 5.7 | |||
:** 8 | |||
:* PostgreSQL | |||
:** 9.4+ | |||
: Wie bevorzugen PostgreSQL und die aktuellste Version ist die Version 10. | |||
Installieren vom Paket ''[[freshports:databases/postgresql10-server|postgresql10-server]]'' | |||
: <code>pkg ins -y postgresql10-server</code> | |||
<pre></pre> | |||
<pre> | |||
===> Creating groups. | |||
Creating group 'postgres' with gid '770'. | |||
===> Creating users | |||
Creating user 'postgres' with uid '770'. | |||
=========== BACKUP YOUR DATA! ============= | |||
As always, backup your data before | |||
upgrading. If the upgrade leads to a higher | |||
minor revision (e.g. 8.3.x -> 8.4), a dump | |||
and restore of all databases is | |||
required. This is *NOT* done by the port! | |||
=========================================== | |||
</pre> | |||
<!-- | |||
<pre> | |||
Message from perl5-5.26.2: | |||
The /usr/bin/perl symlink has been removed starting with Perl 5.20. | |||
For shebangs, you should either use: | |||
#!/usr/local/bin/perl | |||
or | |||
#!/usr/bin/env perl | |||
The first one will only work if you have a /usr/local/bin/perl, | |||
the second will work as long as perl is in PATH. | |||
Message from postgresql10-client-10.5: | |||
The PostgreSQL port has a collection of "side orders": | |||
postgresql-docs | |||
For all of the html documentation | |||
p5-Pg | |||
A perl5 API for client access to PostgreSQL databases. | |||
postgresql-tcltk | |||
If you want tcl/tk client support. | |||
postgresql-jdbc | |||
For Java JDBC support. | |||
postgresql-odbc | |||
For client access from unix applications using ODBC as access | |||
method. Not needed to access unix PostgreSQL servers from Win32 | |||
using ODBC. See below. | |||
ruby-postgres, py-psycopg2 | |||
For client access to PostgreSQL databases using the ruby & python | |||
languages. | |||
postgresql-plperl, postgresql-pltcl & postgresql-plruby | |||
For using perl5, tcl & ruby as procedural languages. | |||
postgresql-contrib | |||
Lots of contributed utilities, postgresql functions and | |||
datatypes. There you find pg_standby, pgcrypto and many other cool | |||
things. | |||
etc... | |||
</pre> | |||
!--> | |||
<pre> | |||
Message from postgresql10-server-10.5: | |||
For procedural languages and postgresql functions, please note that | |||
you might have to update them when updating the server. | |||
If you have many tables and many clients running, consider raising | |||
kern.maxfiles using sysctl(8), or reconfigure your kernel | |||
appropriately. | |||
The port is set up to use autovacuum for new databases, but you might | |||
also want to vacuum and perhaps backup your database regularly. There | |||
is a periodic script, /usr/local/etc/periodic/daily/502.pgsql, that | |||
you may find useful. You can use it to backup and perform vacuum on all | |||
databases nightly. Per default, it performs `vacuum analyze'. See the | |||
script for instructions. For autovacuum settings, please review | |||
~pgsql/data/postgresql.conf. | |||
If you plan to access your PostgreSQL server using ODBC, please | |||
consider running the SQL script /usr/local/share/postgresql/odbc.sql | |||
to get the functions required for ODBC compliance. | |||
Please note that if you use the rc script, | |||
/usr/local/etc/rc.d/postgresql, to initialize the database, unicode | |||
(UTF-8) will be used to store character data by default. Set | |||
postgresql_initdb_flags or use login.conf settings described below to | |||
alter this behaviour. See the start rc script for more info. | |||
To set limits, environment stuff like locale and collation and other | |||
things, you can set up a class in /etc/login.conf before initializing | |||
the database. Add something similar to this to /etc/login.conf: | |||
--- | |||
postgres:\ | |||
:lang=en_US.UTF-8:\ | |||
:setenv=LC_COLLATE=C:\ | |||
:tc=default: | |||
--- | |||
and run `cap_mkdb /etc/login.conf'. | |||
Then add 'postgresql_class="postgres"' to /etc/rc.conf. | |||
====================================================================== | |||
To initialize the database, run | |||
/usr/local/etc/rc.d/postgresql initdb | |||
You can then start PostgreSQL by running: | |||
/usr/local/etc/rc.d/postgresql start | |||
For postmaster settings, see ~pgsql/data/postgresql.conf | |||
NB. FreeBSD's PostgreSQL port logs to syslog by default | |||
See ~pgsql/data/postgresql.conf for more info | |||
NB. If you're not using a checksumming filesystem like ZFS, you might | |||
wish to enable data checksumming. It can only be enabled during | |||
the initdb phase, by adding the "--data-checksums" flag to | |||
the postgres_initdb_flags rcvar. Check the initdb(1) manpage | |||
for more info and make sure you understand the performance | |||
implications. | |||
====================================================================== | |||
To run PostgreSQL at startup, add | |||
'postgresql_enable="YES"' to /etc/rc.conf | |||
</pre> | |||
Installieren vom Paket ''[[freshports:databases/postgresql10-contrib|postgresql10-contrib]]'' | |||
: <code>pkg ins -y postgresql10-contrib</code> | |||
<pre></pre> | |||
<pre> | |||
Message from postgresql10-contrib-10.5: | |||
The PostgreSQL contrib utilities have been installed. Please see | |||
/usr/local/share/doc/postgresql/contrib/README | |||
for more information. | |||
</pre> | |||
Aktivieren vom Dienst ''postgresql'' (für jeden Neustart) | |||
: <code>sysrc postgresql_enable=YES</code> | |||
<pre> | |||
postgresql_enable: -> YES | |||
</pre> | |||
Starten vom Dienst ''postgresql'' | |||
: <code>service postgresql initdb</code> | |||
<pre> | |||
The files belonging to this database system will be owned by user "postgres". | |||
This user must also own the server process. | |||
The database cluster will be initialized with locale "C". | |||
The default text search configuration will be set to "english". | |||
Data page checksums are disabled. | |||
creating directory /var/db/postgres/data10 ... ok | |||
creating subdirectories ... ok | |||
selecting default max_connections ... 100 | |||
selecting default shared_buffers ... 128MB | |||
selecting dynamic shared memory implementation ... posix | |||
creating configuration files ... ok | |||
running bootstrap script ... ok | |||
performing post-bootstrap initialization ... ok | |||
syncing data to disk ... ok | |||
WARNING: enabling "trust" authentication for local connections | |||
You can change this by editing pg_hba.conf or using the option -A, or | |||
--auth-local and --auth-host, the next time you run initdb. | |||
Success. You can now start the database server using: | |||
/usr/local/bin/pg_ctl -D /var/db/postgres/data10 -l logfile start | |||
</pre> | |||
: <code>service postgresql start</code> | |||
<pre> | |||
yyyy-mm-dd HH:MM:SS.123 UTC [12345] LOG: could not create IPv6 socket for address "::1": Protocol not supported | |||
yyyy-mm-dd HH:MM:SS.123 UTC [12345] LOG: listening on IPv4 address "127.0.0.1", port 5432 | |||
yyyy-mm-dd HH:MM:SS.123 UTC [12345] LOG: listening on Unix socket "/tmp/.s.PGSQL.5432" | |||
yyyy-mm-dd HH:MM:SS.123 UTC [12345] LOG: ending log output to stderr | |||
yyyy-mm-dd HH:MM:SS.123 UTC [12345] HINT: Future log output will go to log destination "syslog". | |||
</pre> | |||
: <code>service postgresql status</code> | |||
<pre> | |||
pg_ctl: server is running (PID: 12345) | |||
/usr/local/bin/postgres "-D" "/var/db/postgres/data10" | |||
</pre> | |||
==== Erstellung Datenbank ==== | |||
; Erstellung der Datenbank für den Dienst ''mattermost: | |||
---- | |||
: <code>su postgres</code> | |||
: <code>cat ~/data10/postgresql.conf</code> | |||
---- | |||
: <code>psql</code> | |||
---- | |||
: <code>CREATE DATABASE mattermostuserdatabase;</code> | |||
<pre> | |||
CREATE DATABASE | |||
</pre> | |||
: <code>CREATE USER mattermostuser WITH PASSWORD 'mattermostuserdatabasepassword';</code> | |||
<pre> | |||
CREATE ROLE | |||
</pre> | |||
: <code>GRANT ALL PRIVILEGES ON DATABASE mattermostuserdatabase to mattermostuser;</code> | |||
<pre> | |||
GRANT | |||
</pre> | |||
: <code>\q</code> | |||
---- | |||
: <code>$EDITOR /usr/local/etc/mattermost/config.json</code> | |||
<pre></pre> | |||
<pre> | |||
"SqlSettings": { | |||
</pre> | |||
<pre></pre> | |||
<pre> | |||
"DriverName": "postgres", | |||
"DataSource": "postgres://mattermostuser:mattermostuserdatabasepassword@127.0.0.1:5432/mattermostuserdatabase?sslmode=disable&connect_timeout=10", | |||
</pre> | |||
<pre></pre> | |||
: <code>service mattermostd restart</code> | |||
: <code>fetch http://localhost:8065 && cat localhost:8065 && rm localhost:8065</code> | |||
<pre> | |||
localhost:8065 100% of 3242 B 49 MBps 00m00s | |||
<!DOCTYPE html> <html lang=en> <head> | |||
</pre> | |||
<pre></pre> | |||
<pre> | |||
</body> </html> | |||
</pre> | |||
==== Installation Webserver ==== | |||
---- | |||
: <code>pkg ins -y nginx</code> | |||
<pre></pre> | |||
<pre> | |||
===> Creating groups. | |||
Using existing group 'www'. | |||
===> Creating users | |||
Using existing user 'www'. | |||
</pre> | |||
<pre></pre> | |||
<pre> | |||
Message from nginx-1.14.1,2: | |||
=================================================================== | |||
Recent version of the NGINX introduces dynamic modules support. In | |||
FreeBSD ports tree this feature was enabled by default with the DSO | |||
knob. Several vendor's and third-party modules have been converted | |||
to dynamic modules. Unset the DSO knob builds an NGINX without | |||
dynamic modules support. | |||
To load a module at runtime, include the new `load_module' | |||
directive in the main context, specifying the path to the shared | |||
object file for the module, enclosed in quotation marks. When you | |||
reload the configuration or restart NGINX, the module is loaded in. | |||
It is possible to specify a path relative to the source directory, | |||
or a full path, please see | |||
https://www.nginx.com/blog/dynamic-modules-nginx-1-9-11/ and | |||
http://nginx.org/en/docs/ngx_core_module.html#load_module for | |||
details. | |||
Default path for the NGINX dynamic modules is | |||
/usr/local/libexec/nginx. | |||
=================================================================== | |||
</pre> | |||
: <code>sysrc nginx_enable=YES</code> | |||
: <code>service nginx start</code> | |||
: <code>fetch http://localhost:80 && cat localhost:80 && rm localhost:80</code> | |||
==== Installation Certbot ==== | |||
in Anlehnung an https://certbot.eff.org/lets-encrypt/freebsd-nginx | |||
---- | |||
: <code>pkg ins -y py27-certbot</code> | |||
<pre></pre> | |||
<!-- | |||
<pre> | |||
Message from python27-2.7.15: | |||
=========================================================================== | |||
Note that some standard Python modules are provided as separate ports | |||
as they require additional dependencies. They are available as: | |||
bsddb databases/py-bsddb | |||
gdbm databases/py-gdbm | |||
sqlite3 databases/py-sqlite3 | |||
tkinter x11-toolkits/py-tkinter | |||
=========================================================================== | |||
Message from py27-urllib3-1.22,1: | |||
Be careful, support of IPv6 is broken with PySocks 1.5.7. | |||
</pre> | |||
!--> | |||
<pre> | |||
Message from py27-certbot-0.27.1_1,1: | |||
=========================================================================== | |||
This port installs the "standalone" client only, which does not use and | |||
is not the certbot-auto bootstrap/wrapper script. | |||
The simplest form of usage to obtain certificates is: | |||
# sudo certbot certonly --standalone -d <domain>, [domain2, ... domainN]> | |||
NOTE: | |||
The client requires the ability to bind on TCP port 80 or 443 (depending | |||
on the --preferred-challenges option used). If a server is running on that | |||
port, it will need to be temporarily stopped so that the standalone server | |||
can listen on that port to complete the challenge authentication process. | |||
For more information on the 'standalone' mode, see: | |||
https://certbot.eff.org/docs/using.html#standalone | |||
The certbot plugins to support apache and nginx certificate installation | |||
will be made available in the following ports: | |||
* Apache plugin: security/py-certbot-apache | |||
* Nginx plugin: security/py-certbot-nginx | |||
=========================================================================== | |||
</pre> | |||
: <code>pkg ins -y py27-certbot-nginx</code> | |||
<pre></pre> | |||
<!-- | |||
<pre> | |||
Message from py27-pip-9.0.3: | |||
============================== !!!! WARNING !!!! ========================== | |||
pip MUST ONLY be used: | |||
* With the --user flag, OR | |||
* To install or manage Python packages in virtual environments | |||
Failure to follow this warning can and will result in an inconsistent | |||
system-wide Python environment (LOCALBASE/lib/pythonX.Y/site-packages) and | |||
cause errors. | |||
Avoid using pip as root unless you know what you're doing. | |||
============================== !!!! WARNING !!!! ========================== | |||
</pre> | |||
!--> | |||
==== Erstellung Zertifikat ==== | |||
: <s><code>certbot certonly --standalone --test-cert --agree-tos -m cert@stura.htw-dresden.de -n -d domain.stura.htw-dresden.de</code></s> | |||
: <code>certbot certonly --standalone --agree-tos -m cert@stura.htw-dresden.de -n -d domain.stura.htw-dresden.de</code> | |||
<pre> | |||
Saving debug log to /var/log/letsencrypt/letsencrypt.log | |||
Plugins selected: Authenticator standalone, Installer None | |||
Obtaining a new certificate | |||
Performing the following challenges: | |||
http-01 challenge for domain.stura.htw-dresden.de | |||
Waiting for verification... | |||
Cleaning up challenges | |||
IMPORTANT NOTES: | |||
- Congratulations! Your certificate and chain have been saved at: | |||
/usr/local/etc/letsencrypt/live/domain.stura.htw-dresden.de/fullchain.pem | |||
Your key file has been saved at: | |||
/usr/local/etc/letsencrypt/live/domain.stura.htw-dresden.de/privkey.pem | |||
Your cert will expire on 2019-03-17. To obtain a new or tweaked | |||
version of this certificate in the future, simply run certbot | |||
again. To non-interactively renew *all* of your certificates, run | |||
"certbot renew" | |||
- If you like Certbot, please consider supporting our work by: | |||
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate | |||
Donating to EFF: https://eff.org/donate-le | |||
</pre> | |||
==== Anpassung Webserver ==== | |||
: <code>$EDITOR /usr/local/etc/nginx/nginx.conf</code> | |||
<pre></pre> | |||
<pre> | |||
</pre> | |||
<pre></pre> | |||
: <code>$EDITOR /usr/local/etc/nginx/nginx.conf</code> | |||
==== Anpassungen Mattermost ==== | |||
* Mail-Adresse (die als absendende Adresse für Mails zur Einladung & Co verwendet wird) | |||
* Domain (die als Adresse für Verweise bei Mails zur Einladung & Co verwendet wird) | |||
== Sonstiges == | |||
* [https://github.com/42wim/matterbridge matterbridge] | |||
== Weblinks == | |||
* https://mattermost.org/ | |||
* https://mattermost.com/ | |||
** https://about.mattermost.com/ | |||
*** https://about.mattermost.com/features/ | |||
** https://docs.mattermost.com/ |
Aktuelle Version vom 17. Dezember 2018, 21:08 Uhr
Installation[Bearbeiten]
Installation Mattermost[Bearbeiten]
- Installation vom Dienst (Server) Mattermost
Installieren vom Paket mattermost-server
pkg ins -y mattermost-server
===> Creating groups. Creating group 'mattermost' with gid '889'. ===> Creating users Creating user 'mattermost' with uid '889'.
===> Creating groups. Using existing group 'mattermost'. ===> Creating users Using existing user 'mattermost'.
(optionales) Begutachten vom Verzeichnis vom Dienst mattermost
ls /usr/local/www/mattermost
client fonts i18n templates
Aktivieren vom Dienst mattermost (für jeden Neustart)
sysrc mattermostd_enable=YES
mattermostd_enable: -> YES
Starten vom Dienst mattermost
service mattermostd start
Starting mattermostd.
Anzeigen (lassen) vom Status vom Dienst mattermost
service mattermostd status
mattermostd is not running.
cp /usr/local/etc/mattermost/config.json.sample /usr/local/etc/mattermost/config.json
less /usr/local/etc/mattermost/config.json.sample /usr/local/etc/mattermost/config.json
"SqlSettings": { "DriverName": "mysql", "DataSource": "mmuser:mostest@tcp(dockerhost:3306)/mattermost_test?charset=utf8mb4,utf8&readTimeout=30s&writeTimeout=30s", "DataSourceReplicas": [], "DataSourceSearchReplicas": [], "MaxIdleConns": 20, "MaxOpenConns": 300, "Trace": false, "AtRestEncryptKey": "", "QueryTimeout": 30 },
Installation Datenbank[Bearbeiten]
- Installation vom Dienst Datenbank
- Mattermost benennt (aktuell (2018-11-24)) als mögliche Programme als Dienst Datenbank (zum lokalen selbst Betreiben)
- MySQL
- 5.6
- 5.7
- 8
- PostgreSQL
- 9.4+
- MySQL
- Wie bevorzugen PostgreSQL und die aktuellste Version ist die Version 10.
Installieren vom Paket postgresql10-server
pkg ins -y postgresql10-server
===> Creating groups. Creating group 'postgres' with gid '770'. ===> Creating users Creating user 'postgres' with uid '770'. =========== BACKUP YOUR DATA! ============= As always, backup your data before upgrading. If the upgrade leads to a higher minor revision (e.g. 8.3.x -> 8.4), a dump and restore of all databases is required. This is *NOT* done by the port! ===========================================
Message from postgresql10-server-10.5: For procedural languages and postgresql functions, please note that you might have to update them when updating the server. If you have many tables and many clients running, consider raising kern.maxfiles using sysctl(8), or reconfigure your kernel appropriately. The port is set up to use autovacuum for new databases, but you might also want to vacuum and perhaps backup your database regularly. There is a periodic script, /usr/local/etc/periodic/daily/502.pgsql, that you may find useful. You can use it to backup and perform vacuum on all databases nightly. Per default, it performs `vacuum analyze'. See the script for instructions. For autovacuum settings, please review ~pgsql/data/postgresql.conf. If you plan to access your PostgreSQL server using ODBC, please consider running the SQL script /usr/local/share/postgresql/odbc.sql to get the functions required for ODBC compliance. Please note that if you use the rc script, /usr/local/etc/rc.d/postgresql, to initialize the database, unicode (UTF-8) will be used to store character data by default. Set postgresql_initdb_flags or use login.conf settings described below to alter this behaviour. See the start rc script for more info. To set limits, environment stuff like locale and collation and other things, you can set up a class in /etc/login.conf before initializing the database. Add something similar to this to /etc/login.conf: --- postgres:\ :lang=en_US.UTF-8:\ :setenv=LC_COLLATE=C:\ :tc=default: --- and run `cap_mkdb /etc/login.conf'. Then add 'postgresql_class="postgres"' to /etc/rc.conf. ====================================================================== To initialize the database, run /usr/local/etc/rc.d/postgresql initdb You can then start PostgreSQL by running: /usr/local/etc/rc.d/postgresql start For postmaster settings, see ~pgsql/data/postgresql.conf NB. FreeBSD's PostgreSQL port logs to syslog by default See ~pgsql/data/postgresql.conf for more info NB. If you're not using a checksumming filesystem like ZFS, you might wish to enable data checksumming. It can only be enabled during the initdb phase, by adding the "--data-checksums" flag to the postgres_initdb_flags rcvar. Check the initdb(1) manpage for more info and make sure you understand the performance implications. ====================================================================== To run PostgreSQL at startup, add 'postgresql_enable="YES"' to /etc/rc.conf
Installieren vom Paket postgresql10-contrib
pkg ins -y postgresql10-contrib
Message from postgresql10-contrib-10.5: The PostgreSQL contrib utilities have been installed. Please see /usr/local/share/doc/postgresql/contrib/README for more information.
Aktivieren vom Dienst postgresql (für jeden Neustart)
sysrc postgresql_enable=YES
postgresql_enable: -> YES
Starten vom Dienst postgresql
service postgresql initdb
The files belonging to this database system will be owned by user "postgres". This user must also own the server process. The database cluster will be initialized with locale "C". The default text search configuration will be set to "english". Data page checksums are disabled. creating directory /var/db/postgres/data10 ... ok creating subdirectories ... ok selecting default max_connections ... 100 selecting default shared_buffers ... 128MB selecting dynamic shared memory implementation ... posix creating configuration files ... ok running bootstrap script ... ok performing post-bootstrap initialization ... ok syncing data to disk ... ok WARNING: enabling "trust" authentication for local connections You can change this by editing pg_hba.conf or using the option -A, or --auth-local and --auth-host, the next time you run initdb. Success. You can now start the database server using: /usr/local/bin/pg_ctl -D /var/db/postgres/data10 -l logfile start
service postgresql start
yyyy-mm-dd HH:MM:SS.123 UTC [12345] LOG: could not create IPv6 socket for address "::1": Protocol not supported yyyy-mm-dd HH:MM:SS.123 UTC [12345] LOG: listening on IPv4 address "127.0.0.1", port 5432 yyyy-mm-dd HH:MM:SS.123 UTC [12345] LOG: listening on Unix socket "/tmp/.s.PGSQL.5432" yyyy-mm-dd HH:MM:SS.123 UTC [12345] LOG: ending log output to stderr yyyy-mm-dd HH:MM:SS.123 UTC [12345] HINT: Future log output will go to log destination "syslog".
service postgresql status
pg_ctl: server is running (PID: 12345) /usr/local/bin/postgres "-D" "/var/db/postgres/data10"
Erstellung Datenbank[Bearbeiten]
- Erstellung der Datenbank für den Dienst mattermost:
su postgres
cat ~/data10/postgresql.conf
psql
CREATE DATABASE mattermostuserdatabase;
CREATE DATABASE
CREATE USER mattermostuser WITH PASSWORD 'mattermostuserdatabasepassword';
CREATE ROLE
GRANT ALL PRIVILEGES ON DATABASE mattermostuserdatabase to mattermostuser;
GRANT
\q
$EDITOR /usr/local/etc/mattermost/config.json
"SqlSettings": {
"DriverName": "postgres", "DataSource": "postgres://mattermostuser:mattermostuserdatabasepassword@127.0.0.1:5432/mattermostuserdatabase?sslmode=disable&connect_timeout=10",
service mattermostd restart
fetch http://localhost:8065 && cat localhost:8065 && rm localhost:8065
localhost:8065 100% of 3242 B 49 MBps 00m00s <!DOCTYPE html> <html lang=en> <head>
</body> </html>
Installation Webserver[Bearbeiten]
pkg ins -y nginx
===> Creating groups. Using existing group 'www'. ===> Creating users Using existing user 'www'.
Message from nginx-1.14.1,2: =================================================================== Recent version of the NGINX introduces dynamic modules support. In FreeBSD ports tree this feature was enabled by default with the DSO knob. Several vendor's and third-party modules have been converted to dynamic modules. Unset the DSO knob builds an NGINX without dynamic modules support. To load a module at runtime, include the new `load_module' directive in the main context, specifying the path to the shared object file for the module, enclosed in quotation marks. When you reload the configuration or restart NGINX, the module is loaded in. It is possible to specify a path relative to the source directory, or a full path, please see https://www.nginx.com/blog/dynamic-modules-nginx-1-9-11/ and http://nginx.org/en/docs/ngx_core_module.html#load_module for details. Default path for the NGINX dynamic modules is /usr/local/libexec/nginx. ===================================================================
sysrc nginx_enable=YES
service nginx start
fetch http://localhost:80 && cat localhost:80 && rm localhost:80
Installation Certbot[Bearbeiten]
in Anlehnung an https://certbot.eff.org/lets-encrypt/freebsd-nginx
pkg ins -y py27-certbot
Message from py27-certbot-0.27.1_1,1: =========================================================================== This port installs the "standalone" client only, which does not use and is not the certbot-auto bootstrap/wrapper script. The simplest form of usage to obtain certificates is: # sudo certbot certonly --standalone -d <domain>, [domain2, ... domainN]> NOTE: The client requires the ability to bind on TCP port 80 or 443 (depending on the --preferred-challenges option used). If a server is running on that port, it will need to be temporarily stopped so that the standalone server can listen on that port to complete the challenge authentication process. For more information on the 'standalone' mode, see: https://certbot.eff.org/docs/using.html#standalone The certbot plugins to support apache and nginx certificate installation will be made available in the following ports: * Apache plugin: security/py-certbot-apache * Nginx plugin: security/py-certbot-nginx ===========================================================================
pkg ins -y py27-certbot-nginx
Erstellung Zertifikat[Bearbeiten]
certbot certonly --standalone --test-cert --agree-tos -m cert@stura.htw-dresden.de -n -d domain.stura.htw-dresden.de
certbot certonly --standalone --agree-tos -m cert@stura.htw-dresden.de -n -d domain.stura.htw-dresden.de
Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator standalone, Installer None Obtaining a new certificate Performing the following challenges: http-01 challenge for domain.stura.htw-dresden.de Waiting for verification... Cleaning up challenges IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at: /usr/local/etc/letsencrypt/live/domain.stura.htw-dresden.de/fullchain.pem Your key file has been saved at: /usr/local/etc/letsencrypt/live/domain.stura.htw-dresden.de/privkey.pem Your cert will expire on 2019-03-17. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run "certbot renew" - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le
Anpassung Webserver[Bearbeiten]
$EDITOR /usr/local/etc/nginx/nginx.conf
$EDITOR /usr/local/etc/nginx/nginx.conf
Anpassungen Mattermost[Bearbeiten]
- Mail-Adresse (die als absendende Adresse für Mails zur Einladung & Co verwendet wird)
- Domain (die als Adresse für Verweise bei Mails zur Einladung & Co verwendet wird)