Bearbeiten von „Diskussion:Server/Plone

Zur Navigation springen Zur Suche springen
Warnung: Du bist nicht angemeldet. Deine IP-Adresse wird bei Bearbeitungen öffentlich sichtbar. Melde dich an oder erstelle ein Benutzerkonto, damit Bearbeitungen deinem Benutzernamen zugeordnet werden. Ein eigenes Benutzerkonto hat eine ganze Reihe von Vorteilen.

Die Bearbeitung kann rückgängig gemacht werden. Bitte prüfe den Vergleich unten, um sicherzustellen, dass du dies tun möchtest, und veröffentliche dann unten deine Änderungen, um die Bearbeitung rückgängig zu machen.

Aktuelle Version Dein Text
Zeile 8: Zeile 8:


--[[Benutzer:PaulRiegel|Paul]] 06:14, 13. Dez. 2014 (CET)
--[[Benutzer:PaulRiegel|Paul]] 06:14, 13. Dez. 2014 (CET)
----
Plone 5 ist veröffentlicht!
--[[Benutzer:PaulRiegel|Paul]] 04:43, 22. Okt. 2015 (CEST)
----
Wer spielen mag kann, wenn auch nicht bequem aus den Ports (für [[FreeBSD]]), eine [[#Installation Plone 5]] vornehmen und sich ausleben.
Wenn ich die Zeit finde, dann baue ich noch die Tage eine (derartige) Instanz für das Projekt [[Plone/Theming]] ([[website:stura/ref/verwaltung/web/plone-theming]]) als Jail auf [[srs1337]].
--[[Benutzer:PaulRiegel|Paul]] 04:43, 22. Okt. 2015 (CEST)


== Installation einer bestimmten (veralteten) Version von [[Plone]] mit ''UnifiedInstaller'' ==
== Installation einer bestimmten (veralteten) Version von [[Plone]] mit ''UnifiedInstaller'' ==
Zeile 469: Zeile 455:
</pre>
</pre>
<pre>
<pre>
chown -R www:www /usr/local/www/Zope213/var/
chown www:www /usr/local/www/Zope213/var
chown -R www:www /usr/local/www/Zope213/log/
chown www:www /usr/local/www/Zope213/log
echo 'zope213_enable="YES"' >> /etc/rc.conf  
echo 'zope213_enable="YES"' >> /etc/rc.conf  
echo '#zope213_instances="<INSTANCEDIR>"' >> /etc/rc.conf
echo '#zope213_instances="<INSTANCEDIR>"' >> /etc/rc.conf
Zeile 481: Zeile 467:
</pre>
</pre>
<pre>
<pre>
pkg install -y wv xpdf py27-textile py27-lxml freetype py27-graphviz
pkg install -y wv xpdf py27-textile  
ln -s /usr/local/libexec/xpdf/pdftotext /usr/local/bin/pdftotext  
ln -s /usr/local/libexec/xpdf/pdftotext /usr/local/bin/pdftotext  
ln -s /usr/local/include/freetype2 /usr/local/include/freetype
</pre>
: muss aber direkt zum starten
<pre>
echo 'export PATH=/usr/local/bin:$PATH' >> /usr/local/etc/rc.d/zope213
</pre>
(wegen i18n) pauschal
<pre>
chown -R www:www /…/python
</pre>
===== Schmerzen und Linderung =====
====== blobstorage einbinden ======
; Problem:
; Lösung:
<pre>
$EDITOR /usr/local/www/Zope213/etc/zope.conf
</pre>
<pre>
<zodb_db main>
    # Main FileStorage database
###vb
    <blobstorage>
      blob-dir $INSTANCE/var/blobstorage
###ve
    <filestorage>
      # See .../ZODB/component.xml for directives (sectiontype
      # "filestorage").
      path $INSTANCE/var/Data.fs
    </filestorage>
###vb
    </blobstorage>
###ve
    mount-point /
</zodb_db>
</pre>
====== TTWViewlet macht Faxen ======
; Problem:
<pre>
TypeError('object.__new__(TTWViewlet) is not safe, use Persistence.Persistent.__new__()',) (Also, the following error occurred while attempting to render the standard error message, please see the event log for full details: object.__new__(TTWViewlet) is not safe, use Persistence.Persistent.__new__())
</pre>
; Lösung:
<pre>
ERROR Zope.SiteErrorLog […]:8080/Plone/welcome/document_view
Traceback (innermost last):
  Module ZPublisher.Publish, line 138, in publish
  Module ZPublisher.mapply, line 77, in mapply
  Module ZPublisher.Publish, line 48, in call_object
  Module Shared.DC.Scripts.Bindings, line 322, in __call__
  Module Shared.DC.Scripts.Bindings, line 359, in _bindAndExec
  Module Products.CMFCore.FSPageTemplate, line 237, in _exec
  Module Products.CMFCore.FSPageTemplate, line 177, in pt_render
  Module Products.PageTemplates.PageTemplate, line 87, in pt_render
  Module zope.pagetemplate.pagetemplate, line 132, in pt_render
  Module zope.pagetemplate.pagetemplate, line 240, in __call__
  Module zope.tal.talinterpreter, line 266, in __call__
  Module zope.tal.talinterpreter, line 338, in interpret
  Module zope.tal.talinterpreter, line 883, in do_useMacro
  Module zope.tal.talinterpreter, line 338, in interpret
  Module zope.tal.talinterpreter, line 528, in do_optTag_tal
  Module zope.tal.talinterpreter, line 513, in do_optTag
  Module zope.tal.talinterpreter, line 508, in no_tag
  Module zope.tal.talinterpreter, line 338, in interpret
  Module zope.tal.talinterpreter, line 847, in do_condition
  Module zope.tal.talinterpreter, line 338, in interpret
  Module zope.tal.talinterpreter, line 528, in do_optTag_tal
  Module zope.tal.talinterpreter, line 513, in do_optTag
  Module zope.tal.talinterpreter, line 508, in no_tag
  Module zope.tal.talinterpreter, line 338, in interpret
  Module zope.tal.talinterpreter, line 526, in do_optTag_tal
  Module zope.tal.talinterpreter, line 508, in no_tag
  Module zope.tal.talinterpreter, line 338, in interpret
  Module zope.tal.talinterpreter, line 737, in do_insertStructure_tal
  Module Products.PageTemplates.Expressions, line 218, in evaluateStructure
  Module zope.tales.tales, line 696, in evaluate
  - URL: file:/usr/local/lib/python2.7/site-packages/plonetheme/sunburst/skins/sunburst_templates/main_template.pt
  - Line 32, Column 8
  - Expression: <StringExpr u'plone.htmlhead.links'>
  - Names:
      {'container': <PloneSite at /Plone>,
      'context': <ATDocument at /Plone/welcome>,
      'default': <object object at 0x80069e540>,
      'here': <ATDocument at /Plone/welcome>,
      'loop': {},
      'nothing': None,
      'options': {'args': ()},
      'repeat': <Products.PageTemplates.Expressions.SafeMapping object at 0x814ccd470>,
      'request': <HTTPRequest, URL=http://141.56.50.71:8080/Plone/welcome/document_view>,
      'root': <Application at >,
      'template': <FSPageTemplate at /Plone/document_view used for /Plone/welcome>,
      'traverse_subpath': [],
      'user': <User 'administration'>}
  Module zope.contentprovider.tales, line 77, in __call__
  Module zope.viewlet.manager, line 112, in update
  Module zope.viewlet.manager, line 118, in _updateViewlets
  Module five.customerize.zpt, line 135, in update
  Module five.customerize.zpt, line 167, in _getViewlet
  Module ZODB.broken, line 106, in __new__
TypeError: object.__new__(TTWViewlet) is not safe, use Persistence.Persistent.__new__()
</pre>
<pre>
ERROR root Exception while rendering an error message
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/site-packages/OFS/SimpleItem.py", line 242, in raise_standardErrorMessage
    v = s(**kwargs)
  File "/usr/local/lib/python2.7/site-packages/Products/CMFCore/FSPythonScript.py", line 127, in __call__
    return Script.__call__(self, *args, **kw)
  File "/usr/local/lib/python2.7/site-packages/Shared/DC/Scripts/Bindings.py", line 322, in __call__
    return self._bindAndExec(args, kw, None)
  File "/usr/local/lib/python2.7/site-packages/Shared/DC/Scripts/Bindings.py", line 359, in _bindAndExec
    return self._exec(bound_data, args, kw)
  File "/usr/local/lib/python2.7/site-packages/Products/PythonScripts/PythonScript.py", line 344, in _exec
    result = f(*args, **kw)
  File "Script (Python)", line 35, in standard_error_message
  File "/usr/local/lib/python2.7/site-packages/Shared/DC/Scripts/Bindings.py", line 322, in __call__
    return self._bindAndExec(args, kw, None)
  File "/usr/local/lib/python2.7/site-packages/Shared/DC/Scripts/Bindings.py", line 359, in _bindAndExec
    return self._exec(bound_data, args, kw)
  File "/usr/local/lib/python2.7/site-packages/Products/CMFCore/FSPageTemplate.py", line 237, in _exec
    result = self.pt_render(extra_context=bound_names)
  File "/usr/local/lib/python2.7/site-packages/Products/CMFCore/FSPageTemplate.py", line 177, in pt_render
    self, source, extra_context
  File "/usr/local/lib/python2.7/site-packages/Products/PageTemplates/PageTemplate.py", line 87, in pt_render
    showtal=showtal)
  File "/usr/local/lib/python2.7/site-packages/zope/pagetemplate/pagetemplate.py", line 132, in pt_render
    strictinsert=0, sourceAnnotations=sourceAnnotations
  File "/usr/local/lib/python2.7/site-packages/zope/pagetemplate/pagetemplate.py", line 240, in __call__
    interpreter()
  File "/usr/local/lib/python2.7/site-packages/zope/tal/talinterpreter.py", line 266, in __call__
    self.interpret(self.program)
  File "/usr/local/lib/python2.7/site-packages/zope/tal/talinterpreter.py", line 338, in interpret
    handlers[opcode](self, args)
  File "/usr/local/lib/python2.7/site-packages/zope/tal/talinterpreter.py", line 883, in do_useMacro
    self.interpret(macro)
  File "/usr/local/lib/python2.7/site-packages/zope/tal/talinterpreter.py", line 338, in interpret
    handlers[opcode](self, args)
  File "/usr/local/lib/python2.7/site-packages/zope/tal/talinterpreter.py", line 528, in do_optTag_tal
    self.do_optTag(stuff)
  File "/usr/local/lib/python2.7/site-packages/zope/tal/talinterpreter.py", line 513, in do_optTag
    return self.no_tag(start, program)
  File "/usr/local/lib/python2.7/site-packages/zope/tal/talinterpreter.py", line 508, in no_tag
    self.interpret(program)
  File "/usr/local/lib/python2.7/site-packages/zope/tal/talinterpreter.py", line 338, in interpret
    handlers[opcode](self, args)
  File "/usr/local/lib/python2.7/site-packages/zope/tal/talinterpreter.py", line 847, in do_condition
    self.interpret(block)
  File "/usr/local/lib/python2.7/site-packages/zope/tal/talinterpreter.py", line 338, in interpret
    handlers[opcode](self, args)
  File "/usr/local/lib/python2.7/site-packages/zope/tal/talinterpreter.py", line 528, in do_optTag_tal
    self.do_optTag(stuff)
  File "/usr/local/lib/python2.7/site-packages/zope/tal/talinterpreter.py", line 513, in do_optTag
    return self.no_tag(start, program)
  File "/usr/local/lib/python2.7/site-packages/zope/tal/talinterpreter.py", line 508, in no_tag
    self.interpret(program)
  File "/usr/local/lib/python2.7/site-packages/zope/tal/talinterpreter.py", line 338, in interpret
    handlers[opcode](self, args)
  File "/usr/local/lib/python2.7/site-packages/zope/tal/talinterpreter.py", line 526, in do_optTag_tal
    self.no_tag(stuff[-2], stuff[-1])
  File "/usr/local/lib/python2.7/site-packages/zope/tal/talinterpreter.py", line 508, in no_tag
    self.interpret(program)
  File "/usr/local/lib/python2.7/site-packages/zope/tal/talinterpreter.py", line 338, in interpret
    handlers[opcode](self, args)
  File "/usr/local/lib/python2.7/site-packages/zope/tal/talinterpreter.py", line 737, in do_insertStructure_tal
    structure = self.engine.evaluateStructure(expr)
  File "/usr/local/lib/python2.7/site-packages/Products/PageTemplates/Expressions.py", line 218, in evaluateStructure
    text = super(ZopeContext, self).evaluateStructure(expr)
  File "/usr/local/lib/python2.7/site-packages/zope/tales/tales.py", line 696, in evaluate
    return expression(self)
  File "/usr/local/lib/python2.7/site-packages/zope/contentprovider/tales.py", line 77, in __call__
    provider.update()
  File "/usr/local/lib/python2.7/site-packages/zope/viewlet/manager.py", line 112, in update
    self._updateViewlets()
  File "/usr/local/lib/python2.7/site-packages/zope/viewlet/manager.py", line 118, in _updateViewlets
    viewlet.update()
  File "/usr/local/lib/python2.7/site-packages/five/customerize/zpt.py", line 135, in update
    self._getViewlet().update()
  File "/usr/local/lib/python2.7/site-packages/five/customerize/zpt.py", line 167, in _getViewlet
    self.viewlet = TTWViewlet(self.context, self.request, self.view, self.manager)
  File "/usr/local/lib/python2.7/site-packages/ZODB/broken.py", line 106, in __new__
    result = object.__new__(class_)
TypeError: object.__new__(TTWViewlet) is not safe, use Persistence.Persistent.__new__()
</pre>
; Lösung (quick and dirty):
<pre>
$EDITOR /usr/local/lib/python2.7/site-packages/plonetheme/sunburst/skins/sunburst_templates/main_template.pt
</pre>
<pre>
      <!-- <link tal:replace="structure provider:plone.htmlhead.links" />
-->
</pre>
</pre>


Zeile 702: Zeile 486:
: oder notfalls
: oder notfalls
:: <code>service jail onestart srs1</code>
:: <code>service jail onestart srs1</code>
==== noch zu Renovieren ====
<pre>
WARNING OFS.Uninstalled Could not import class 'NavigationViewlet' from module 'plone.app.layout.links.viewlets'
</pre>
== Installation Plone 5 ==
* FreeNAS&nbsp;9.3 (Jail)
: <code>pkg update</code>
: <code>pkg upgrade -y</code>
: <code>mkdir -p /usr/local/install/plone; cd /usr/local/install/plone</code>
:: oder anderswo (statt /usr/local/install/plone)
: <code>pkg install -y wget</code>
: <code>wget http://launchpad.net/plone/5.0/5.0/+download/Plone-5.0-UnifiedInstaller.tgz</code>
: <code>tar -xvf Plone-5.0-UnifiedInstaller.tgz</code>
: <code>cd Plone-5.0-UnifiedInstaller</code>
----
[http://docs.plone.org/manage/installing/requirements.html#libraries Plone benennt Anforderungen an Pakete (Bibliotheken).]
* libz (dev)
*: ls /usr/lib/libz.so
* libjpeg (dev)*
*: pkg install jpeg
*: ls /usr/local/lib/libjpeg.so
*:* vielleicht wäre libjpeg-turbo eine Alternative
*:*: pkg install -y libjpeg-turbo
* readline (dev)*
*: pkg install -y readline
*: ls /usr/local/lib/python2.7/lib-dynload/readline.so
*: ls /usr/local/lib/libreadline.so
* libexpat (dev)
*: ls /usr/local/lib/libexpat.so
* libssl or openssl (dev)
*: ls /usr/lib/libssl.so
*: ls /usr/local/lib/apr-util-1/apr_crypto_openssl.so
* libxml2 >= 2.7.8 (dev)*
*: pkg install -y libxml2
*: ls /usr/local/lib/libxml2.so
* libxslt >= 1.1.26 (dev)*
*: pkg install -y libxslt
*: ls /usr/local/lib/libxslt.so
[http://docs.plone.org/manage/installing/requirements.html#optional-libraries Plone benennt darüber hinaus weiter Anforderungen an Pakete (Bibliotheken).]
* wv
*: pkg install -y wv
*: ls /usr/local/lib/libwv.so
* poppler-utils
*: pkg install -y poppler-utils
*: ls /usr/local/lib/libpoppler.so
----
: <code>mkdir -p /usr/local/www/plone</code>
:: oder anderswo (statt /usr/local/www/plone)
:: Die install.sh besteht, obwohl das eigentlich anders dokumentiert ist, auf <code>sudo</code>.<!-- Da könnte nochmal näher nachgeschaut werden. --> Das liegt wohl daran, dass sich Plone darum kümmert, dass der Prozess nicht als Account <code>root</code> privilegiert, sondern als Account <code>plone_deamon</code><!-- oder so ähnlich bezeichnet --> betrieben wird und vielleicht mit <code>sudo </code> versorgt werden muss.
<pre>
sudo utility is required to do a server-mode install.
</pre>
: <code>pkg install -y sudo</code>
: <code>./install.sh --target=/usr/local/www/plone standalone</code>
<pre>
Testing /usr/local/bin/python2.7 for Zope/Plone requirements....
/usr/local/bin/python2.7 looks OK. We will use it.
Root install method chosen. Will install for use by users:
  ZEO & Client Daemons:      plone_daemon
  Code Resources & buildout: plone_buildout
Detailed installation log being written to /usr/local/install/plone/Plone-5.0-UnifiedInstaller/install.log
Installing Plone 5.0 at /usr/local/www/plone
Using pw to create users and groups
Creating Python virtual environment.
New python executable in /usr/local/www/plone/zinstance/bin/python2.7
Also creating executable in /usr/local/www/plone/zinstance/bin/python
Installing setuptools, pip, wheel...done.
Installing zc.buildout in virtual environment.
Unpacking buildout cache to /usr/local/www/plone/buildout-cache
Copying Plone-docs
Copying buildout skeleton
Building Zope/Plone; this takes a while...
Buildout completed
#####################################################################
######################  Installation Complete  ######################
Plone successfully installed at /usr/local/www/plone
See /usr/local/www/plone/zinstance/README.html
for startup instructions.
Use the account information below to log into the Zope Management Interface
The account has full 'Manager' privileges.
  Username: admin
  Password: pa1ss2wo3rd4
This account is created when the object database is initialized. If you change
the password later (which you should!), you'll need to use the new password.
Use this account only to create Plone sites and initial users. Do not use it
for routine login or maintenance.- If you need help, ask in IRC channel #plone on irc.freenode.net. - The live support channel also exists at http://plone.org/chat - You can also ask for help on https://community.plone.org - Submit feedback and report errors at https://github.com/plone/Products.CMFPlone/issues (For install problems, https://github.com/plone/Installers-UnifiedInstaller/issues)
</pre>
: <code>cd /usr/local/www/plone/zinstance</code>
: <code>./bin/plonectl start</code>
----
; Laden von notwendige Module für Apache prüfen oder konfigurieren
: <code>$EDITOR /usr/local/etc/apache24/httpd.conf</code>
<pre></pre>
<pre>
LoadModule headers_module libexec/apache24/mod_headers.so
</pre>
<pre></pre>
<pre>
#LoadModule proxy_module libexec/apache24/mod_proxy.so
LoadModule proxy_module libexec/apache24/mod_proxy.so
</pre>
<pre></pre>
<pre>
#LoadModule proxy_http_module libexec/apache24/mod_proxy_http.so
LoadModule proxy_http_module libexec/apache24/mod_proxy_http.so
</pre>
<pre></pre>
<pre>
#LoadModule rewrite_module libexec/apache24/mod_rewrite.so
LoadModule rewrite_module libexec/apache24/mod_rewrite.so
</pre>
<pre></pre>
: <code>service apache24 restart</code>
----
: <code>$EDITOR /usr/local/etc/apache24/httpd.conf</code>
<pre></pre>
<pre>
#ServerAdmin you@example.com
###
ServerAdmin beastie@space.bsd
###
</pre>
<pre></pre>
<pre>
#ServerName www.example.com:80
###
ServerName plone-5.space.bsd:80
###
</pre>
<pre></pre>
: <code>service apache24 restart</code>
----
* in Anlehnung an [http://docs.plone.org/manage/deploying/front-end/apache.html#installing-apache-front-end-for-plone Installing Apache front-end for Plone]
* in Verbindung mit [https://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewriterule Apache Module mod_rewrite#RewriteRule Directive]
: <code>$EDITOR /usr/local/etc/apache24/Includes/vhost-plone.conf</code>
<pre>
UseCanonicalName On
#NameVirtualHost *
<VirtualHost *>
    ServerAlias plone-5.space.bsd
    ServerSignature On
    Header set X-Frame-Options "SAMEORIGIN"
    Header set Strict-Transport-Security "max-age=15768000; includeSubDomains"
    Header set X-XSS-Protection "1; mode=block"
    Header set X-Content-Type-Options "nosniff"
    Header set Content-Security-Policy-Report-Only "default-src 'self'; img-src *; style-src 'unsafe-inline'; script-src 'unsafe-inline' 'unsafe-eval'"
    ProxyVia On
    <LocationMatch "^[^/]">
      Deny from all
    </LocationMatch>
    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>
    RewriteEngine on
    RewriteRule ^/(.*) http://localhost:8080/VirtualHostBase/http/plone-5.space.bsd:80/Plone/VirtualHostRoot/$1 [P,L]
</VirtualHost>
#<VirtualHost *>
#    ServerAlias  *
#    ServerRoot    /var/www
#    ServerRoot    /usr/local/www
#    ServerSignature On
#</VirtualHost>
</pre>
: <code>$EDITOR /usr/local/etc/apache24/httpd.conf</code>
<pre></pre>
<pre>
#Include etc/apache24/extra/httpd-vhosts.conf
Include etc/apache24/extra/httpd-vhost-plone.conf
</pre>
<pre></pre>
: <code>service apache24 restart</code>
----
Einrichtung von subdomains
: angenommen es gäbe eine bei Zope eine weitere Instanz Plone (für Puffy http://plone-5.space.bsd:8080/puffy) und soll bei der Domain puffy.plone-5.space.bsd erreichbar sein
* http://betabug.ch/zope/witch
----
Einrichtung von ssl
----
Einrichtung caching
; Varnish 4
* [http://docs.plone.org/manage/deploying/caching/varnish4.html Plone: Documentation -> Installing, Managing and Updating Plone -> Guide to deploying and installing Plone in production -> Guide to Caching -> Varnish 4.x]
: <code>pkg search -D varnish4</code>
: <code>pkg install varnish4</code>
----
Einrichtung Mail
: <code>$EDITOR /etc/rc.conf</code>
<pre></pre>
<pre>
sendmail_enable="NO"
#sendmail_submit_enable="NO"
sendmail_submit_enable="YES"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
</pre>
<pre></pre>
Theoretisch könnte/sollte auch [https://www.freebsd.org/doc/handbook/outgoing-only.html nur das Versendung (von Mails)] eingerichtet werden.
----
; rc.d scripting
: <code>$EDITOR /usr/local/etc/rc.d/plone</code>
<pre>
#!/bin/sh
# PROVIDE: plone
# REQUIRE: LOGIN
# KEYWORD: shutdown
. /etc/rc.subr
name="plone"
rcvar=plone_enable
start_cmd="${name}_start"
stop_cmd="${name}_stop"
restart_cmd="${name}_restart"
status_cmd="${name}_status"
extra_commands="status"
load_rc_config ${name}
#: ${plone_enable:="NO"}
plone_stop()
{
        /usr/local/www/plone/zinstance/bin/plonectl stop
}
plone_status()
{
        /usr/local/www/plone/zinstance/bin/plonectl status
}
plone_start()
{
        /usr/local/www/plone/zinstance/bin/plonectl start
}
plone_restart()
{
        /usr/local/www/plone/zinstance/bin/plonectl restart
}
run_rc_command "$1"
</pre>
: <code>chmod 540 /usr/local/etc/rc.d/plone</code>
: <code>service plone onestart</code>
: <code>service plone status</code>
: <code>service plone onestop</code>
:: <code>sysrc plone_enable="YES"</code>
: oder
:: <code>echo 'plone_enable="YES"' >> /etc/rc.conf</code>
: oder
:: <code>$EDITOR /etc/rc.conf</code>
<pre></pre>
<pre>
plone_enable="YES"
</pre>
<pre></pre>
: <code>service plone start</code>
: <code>service plone restart</code>
: <code>service plone status</code>
: <code>service plone stop</code>
== Installation Plone 3 ==
; Siehe auch: https://pentapad.c3d2.de/p/stura-htw-dresden_server_plone-3
* FreeNAS&nbsp;9.3 (Jail)
: <code>pkg upgrade -y</code>
<!--
: <code>mkdir -p /usr/local/install/plone; cd /usr/local/install/plone</code>
:: oder anderswo (statt /usr/local/install/plone)
: <code>pkg install -y wget</code>
: <code>wget http://launchpad.net/plone/5.0/5.0/+download/Plone-5.0-UnifiedInstaller.tgz</code>
: <code>tar -xvf Plone-5.0-UnifiedInstaller.tgz</code>
: <code>cd Plone-5.0-UnifiedInstaller</code>
----
[http://docs.plone.org/manage/installing/requirements.html#libraries Plone benennt Anforderungen an Pakete (Bibliotheken).]
* libz (dev)
*: ls /usr/lib/libz.so
* libjpeg (dev)*
*: pkg install jpeg
*: ls /usr/local/lib/libjpeg.so
*:* vielleicht wäre libjpeg-turbo eine Alternative
*:*: pkg install -y libjpeg-turbo
* readline (dev)*
*: pkg install -y readline
*: ls /usr/local/lib/python2.7/lib-dynload/readline.so
*: ls /usr/local/lib/libreadline.so
* libexpat (dev)
*: ls /usr/local/lib/libexpat.so
* libssl or openssl (dev)
*: ls /usr/lib/libssl.so
*: ls /usr/local/lib/apr-util-1/apr_crypto_openssl.so
* libxml2 >= 2.7.8 (dev)*
*: pkg install -y libxml2
*: ls /usr/local/lib/libxml2.so
* libxslt >= 1.1.26 (dev)*
*: pkg install -y libxslt
*: ls /usr/local/lib/libxslt.so
[http://docs.plone.org/manage/installing/requirements.html#optional-libraries Plone benennt darüber hinaus weiter Anforderungen an Pakete (Bibliotheken).]
* wv
*: pkg install -y wv
*: ls /usr/local/lib/libwv.so
* poppler-utils
*: pkg install -y poppler-utils
*: ls /usr/local/lib/libpoppler.so
----
: <code>mkdir -p /usr/local/www/plone</code>
:: oder anderswo (statt /usr/local/www/plone)
:: Die install.sh besteht, obwohl das eigentlich anders dokumentiert ist, auf <code>sudo</code>.<!- Da könnte nochmal näher nachgeschaut werden. -> Das liegt wohl daran, dass sich Plone darum kümmert, dass der Prozess nicht als Account <code>root</code> privilegiert, sondern als Account <code>plone_deamon</code><!- oder so ähnlich bezeichnet -> betrieben wird und vielleicht mit <code>sudo </code> versorgt werden muss.
<pre>
sudo utility is required to do a server-mode install.
</pre>
: <code>pkg install -y sudo</code>
: <code>./install.sh --target=/usr/local/www/plone standalone</code>
<pre>
Testing /usr/local/bin/python2.7 for Zope/Plone requirements....
/usr/local/bin/python2.7 looks OK. We will use it.
Root install method chosen. Will install for use by users:
  ZEO & Client Daemons:      plone_daemon
  Code Resources & buildout: plone_buildout
Detailed installation log being written to /usr/local/install/plone/Plone-5.0-UnifiedInstaller/install.log
Installing Plone 5.0 at /usr/local/www/plone
Using pw to create users and groups
Creating Python virtual environment.
New python executable in /usr/local/www/plone/zinstance/bin/python2.7
Also creating executable in /usr/local/www/plone/zinstance/bin/python
Installing setuptools, pip, wheel...done.
Installing zc.buildout in virtual environment.
Unpacking buildout cache to /usr/local/www/plone/buildout-cache
Copying Plone-docs
Copying buildout skeleton
Building Zope/Plone; this takes a while...
Buildout completed
#####################################################################
######################  Installation Complete  ######################
Plone successfully installed at /usr/local/www/plone
See /usr/local/www/plone/zinstance/README.html
for startup instructions.
Use the account information below to log into the Zope Management Interface
The account has full 'Manager' privileges.
  Username: admin
  Password: pa1ss2wo3rd4
This account is created when the object database is initialized. If you change
the password later (which you should!), you'll need to use the new password.
Use this account only to create Plone sites and initial users. Do not use it
for routine login or maintenance.- If you need help, ask in IRC channel #plone on irc.freenode.net. - The live support channel also exists at http://plone.org/chat - You can also ask for help on https://community.plone.org - Submit feedback and report errors at https://github.com/plone/Products.CMFPlone/issues (For install problems, https://github.com/plone/Installers-UnifiedInstaller/issues)
</pre>
: <code>cd /usr/local/www/plone/zinstance</code>
: <code>./bin/plonectl start</code>
----
; Laden von notwendige Module für Apache prüfen oder konfigurieren
: <code>$EDITOR /usr/local/etc/apache24/httpd.conf</code>
<pre></pre>
<pre>
LoadModule headers_module libexec/apache24/mod_headers.so
</pre>
<pre></pre>
<pre>
#LoadModule proxy_module libexec/apache24/mod_proxy.so
LoadModule proxy_module libexec/apache24/mod_proxy.so
</pre>
<pre></pre>
<pre>
#LoadModule proxy_http_module libexec/apache24/mod_proxy_http.so
LoadModule proxy_http_module libexec/apache24/mod_proxy_http.so
</pre>
<pre></pre>
<pre>
#LoadModule rewrite_module libexec/apache24/mod_rewrite.so
LoadModule rewrite_module libexec/apache24/mod_rewrite.so
</pre>
<pre></pre>
: <code>service apache24 restart</code>
----
: <code>$EDITOR /usr/local/etc/apache24/httpd.conf</code>
<pre></pre>
<pre>
#ServerAdmin you@example.com
###
ServerAdmin beastie@space.bsd
###
</pre>
<pre></pre>
<pre>
#ServerName www.example.com:80
###
ServerName plone-5.space.bsd:80
###
</pre>
<pre></pre>
: <code>service apache24 restart</code>
----
* in Anlehnung an [http://docs.plone.org/manage/deploying/front-end/apache.html#installing-apache-front-end-for-plone Installing Apache front-end for Plone]
* in Verbindung mit [https://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewriterule Apache Module mod_rewrite#RewriteRule Directive]
: <code>$EDITOR /usr/local/etc/apache24/Includes/vhost-plone.conf</code>
<pre>
UseCanonicalName On
#NameVirtualHost *
<VirtualHost *>
    ServerAlias plone-5.space.bsd
    ServerSignature On
    Header set X-Frame-Options "SAMEORIGIN"
    Header set Strict-Transport-Security "max-age=15768000; includeSubDomains"
    Header set X-XSS-Protection "1; mode=block"
    Header set X-Content-Type-Options "nosniff"
    Header set Content-Security-Policy-Report-Only "default-src 'self'; img-src *; style-src 'unsafe-inline'; script-src 'unsafe-inline' 'unsafe-eval'"
    ProxyVia On
    <LocationMatch "^[^/]">
      Deny from all
    </LocationMatch>
    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>
    RewriteEngine on
    RewriteRule ^/(.*) http://localhost:8080/VirtualHostBase/http/plone-5.space.bsd:80/Plone/VirtualHostRoot/$1 [P,L]
</VirtualHost>
#<VirtualHost *>
#    ServerAlias  *
#    ServerRoot    /var/www
#    ServerRoot    /usr/local/www
#    ServerSignature On
#</VirtualHost>
</pre>
: <code>$EDITOR /usr/local/etc/apache24/httpd.conf</code>
<pre></pre>
<pre>
#Include etc/apache24/extra/httpd-vhosts.conf
Include etc/apache24/extra/httpd-vhost-plone.conf
</pre>
<pre></pre>
: <code>service apache24 restart</code>
----
Einrichtung von subdomains
: angenommen es gäbe eine bei Zope eine weitere Instanz Plone (für Puffy http://plone-5.space.bsd:8080/puffy) und soll bei der Domain puffy.plone-5.space.bsd erreichbar sein
* http://betabug.ch/zope/witch
----
Einrichtung von ssl
----
Einrichtung caching
; Varnish 4
* [http://docs.plone.org/manage/deploying/caching/varnish4.html Plone: Documentation -> Installing, Managing and Updating Plone -> Guide to deploying and installing Plone in production -> Guide to Caching -> Varnish 4.x]
: <code>pkg search -D varnish4</code>
: <code>pkg install varnish4</code>
----
Einrichtung Mail
: <code>$EDITOR /etc/rc.conf</code>
<pre></pre>
<pre>
sendmail_enable="NO"
#sendmail_submit_enable="NO"
sendmail_submit_enable="YES"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
</pre>
<pre></pre>
Theoretisch könnte/sollte auch [https://www.freebsd.org/doc/handbook/outgoing-only.html nur das Versendung (von Mails)] eingerichtet werden.
-->
== Customizing vom Layout ==
* https://stackoverflow.com/questions/31781909/why-is-the-plonecustom-css-stylesheet-not-loaded#31787068
== Plone 5 TurnKey Linux ==
=== Plone 5 TurnKey Linux Buildout ===
Um Buildout in Turnkey-Linux auszuführen, muss man einen eigenen Nutzer verwenden:
sudo -u plone_buildout bin/buildout
----
Mutmaßlich gilt das für Plone 5.
--[[Benutzer:PaulRiegel|Paul]] 11:48, 9. Nov. 2021 (CET)
== Test von Plone 6 (als LXC Debian 11 auf PVE 7) ==
136
----
Was soll die Zahl sagen?
[https://pro.stura.htw-dresden.de/issues/136 Aufgabe 136] ist es nicht.
[https://10.1.0.31:8006/#v1:0:=lxc%2F136:4:5:::::: CT (oder VM) 136] ist es nicht.
--[[Benutzer:PaulRiegel|Paul]] 11:42, 9. Nov. 2021 (CET)
== Installation Plone 6 ==
=== Installation Plone 6 Vorbereitung ===
==== Installation Plone 6 Umgebung ====
; Host: PCT (LXC on Proxmox) Debian stable (11)
==== Installation Plone 6 Aktualisierung bestehender Pakete ====
: <code>apt update</code>
: <code>apt -y upgrade</code>
=== Installation Plone 6 backend ===
==== Installation Plone 6 backend Installation benötigter Pakete ====
https://training.plone.org/5/mastering-plone/installation.html#prerequisites
: <code>apt -y install python3.9-dev python3.9-tk python3.9-venv build-essential libssl-dev libxml2-dev libxslt1-dev libbz2-dev libjpeg62-turbo-dev</code>
: <code>apt -y install libreadline-dev wv poppler-utils</code>
: <code>apt -y install git</code>
: <s><code>apt -y install python3-pip</code></s>
==== Installation Plone 6 backend pip ====
https://plone.org/download/releases/6.0.0a2
----
{|  class="wikitable"
|-
! buildout style
! pip style
|-
| colspan=2 |
: <code>mkdir plone</code>
: <code>cd plone/</code>
|-
| colspan=2 |
: <code>mkdir backend</code>
: <code>cd backend/</code>
|-
|
: <code>nano buildout.cfg</code>
<pre>
[buildout]
extends = https://dist.plone.org/release/6.0.0a2/versions.cfg
parts = instance
[instance]
recipe = plone.recipe.zope2instance
eggs =
    Plone
    plone.volto
user = admin:admin
zodb-temporary-storage = off
</pre>
: <s><code>chmod +x buildout.cfg</code></s>
|
|-
| colspan=2 |
: <code>python3.9 -m venv .</code>
|-
|
: <code>bin/pip install -r https://dist.plone.org/release/6.0.0a2/requirements.txt</code>
: <code>bin/buildout</code>
|
: <code>bin/pip install -U pip setuptools wheel</code>
: <code>bin/pip install Plone plone.volto -c https://dist.plone.org/release/6.0.0a2/constraints.txt --use-deprecated legacy-resolver</code>
: <code>bin/mkwsgiinstance -u admin:admin -d .</code>
|-
|
: <code>bin/instance fg</code>
|
: <code>bin/runwsgi -v etc/zope.ini</code>
|-
|
|
: <code>nano etc/zope.ini</code>
<pre></pre>
<pre>
#host = 127.0.0.1
host = 0.0.0.0
</pre>
<pre></pre>
: <code>bin/runwsgi -v etc/zope.ini</code>
|-
|}
=== Installation Plone 6 backend Nachbereitung ===
==== Installation Plone 6 backend Änderung Dienst starten ====
<!--
: <code>systemctl status plone</code>
: <code>systemctl start plone</code>
: <code>systemctl enable plone</code>
!-->
==== Installation Plone 6 backend Änderung vom Passwort bei Zope ====
Die standardmäßigen Zugangsdaten sind
; Konto: admin
; Passwort: admin
.
Bei
: http://127.0.0.1:8080/acl_users/users/manage_users
ist das (einzige) Konto ''admin'' zu finden.
Bei
: http://127.0.0.1:8080/acl_users/users/manage_users?user_id=admin&passwd=1
kann das Passwort geändert werden.
==== Installation Plone 6 web server ====
===== Installation Plone 6 nginx =====
http://plone-6.test.domain.tld:8080/Plone
----
: <code>apt -y install nginx</code>
: <code>less /etc/nginx/sites-available/default</code>
https://docs.plone.org/manage/deploying/front-end/nginx.html#minimal-nginx-front-end-configuration-for-plone-on-ubuntu-debian-linux
: <code>nano /etc/nginx/sites-available/plone-6.test.domain.tld</code>
<pre>
add_header X-Frame-Options "SAMEORIGIN";
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
#add_header Content-Security-Policy "default-src 'self'; img-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'";
add_header Content-Security-Policy-Report-Only "default-src 'self'; img-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'";
upstream plone {
    server 127.0.0.1:8080;
}
server {
    listen 80;
    server_name plone-6.test.domain.tld;
    access_log /var/log/nginx/plone-6.test.domain.tld.access.log;
    error_log /var/log/nginx/plone-6.test.domain.tld.error.log;
    location / {
          proxy_pass http://plone/VirtualHostBase/http/plone-6.test.domain.tld:80/Plone/VirtualHostRoot/;
    }
}
</pre>
: <code>ln -s /etc/nginx/sites-available/plone-6.test.domain.tld /etc/nginx/sites-enabled/plone-6.test.domain.tld</code>
: <code>apt -y install certbot</code>
: <code>apt -y install python3-certbot-nginx</code>
: <code>certbot --nginx</code>
: <code>nano /etc/nginx/sites-enabled/plone-6.test.domain.tld</code>
<pre>
add_header X-Frame-Options "SAMEORIGIN";
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
#add_header Content-Security-Policy "default-src 'self'; img-src *; style-src 'self' 'unsafe-inline'; script-src 'sel>
add_header Content-Security-Policy-Report-Only "default-src 'self'; img-src *; style-src 'self' 'unsafe-inline'; scri>
upstream plone {
    server 127.0.0.1:8080;
}
server {
    server_name plone-6.test.domain.tld;
    access_log /var/log/nginx/plone-6.test.domain.tld.access.log;
    error_log /var/log/nginx/plone-6.test.domain.tld.error.log;
    location / {
#          proxy_pass http://plone/VirtualHostBase/http/plone-6.test.domain.tld:80/Plone/VirtualHostRoot/;
          proxy_pass http://plone/VirtualHostBase/https/plone-6.test.domain.tld:443/VirtualHostRoot/;
#          proxy_pass http://plone/VirtualHostBase/https/plone-6.test.domain.tld:443/Plone/VirtualHostRoot/;
    }
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/plone-6.test.domain.tld/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/plone-6.test.domain.tld/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
    if ($host = plone-6.test.domain.tld) {
        return 301 https://$host$request_uri;
    } # managed by Certbot
    listen 80;
    server_name plone-6.test.domain.tld;
    return 404; # managed by Certbot
}
</pre>
: <code>systemctl reload nginx</code>
----
https://plone-6.test.domain.tld/Plone
----
: <code>nano etc/zope.ini</code>
<pre></pre>
<pre>
host = 127.0.0.1
####host = 0.0.0.0
</pre>
<pre></pre>
: <code>bin/runwsgi -v etc/zope.ini</code>
<pre></pre>
<pre>
2021-13-42 01:23:45 INFO [Zope:42][MainThread] Ready to handle requests
Starting server in PID 126997.
2021-13-42 01:23:45 INFO [waitress:485][MainThread] Serving on http://127.0.0.1:8080
</pre>
===== Installation Plone 6 Apache =====
==== Installation Plone 6 frontend ====
https://training.plone.org/5/mastering-plone/installation.html#installing-plone-frontend
== proxy web server ==
https://www.starzel.de/blog/securing-plone-sites-with-https-and-nginx

Bitte beachte, dass alle Beiträge zu Wiki StuRa HTW Dresden von anderen Mitwirkenden bearbeitet, geändert oder gelöscht werden können. Reiche hier keine Texte ein, falls du nicht willst, dass diese ohne Einschränkung geändert werden können.

Du bestätigst hiermit auch, dass du diese Texte selbst geschrieben hast oder diese von einer gemeinfreien Quelle kopiert hast (weitere Einzelheiten unter StuRa HTW Dresden:Urheberrechte). ÜBERTRAGE OHNE GENEHMIGUNG KEINE URHEBERRECHTLICH GESCHÜTZTEN INHALTE!

Bitte beantworte die folgende Frage, um diese Seite speichern zu können (weitere Informationen):

Abbrechen Bearbeitungshilfe (wird in einem neuen Fenster geöffnet)