Aktuelle Version |
Dein Text |
Zeile 469: |
Zeile 469: |
| </pre> | | </pre> |
| <pre> | | <pre> |
| chown -R www:www /usr/local/www/Zope213/var/ | | chown www:www /usr/local/www/Zope213/var |
| chown -R www:www /usr/local/www/Zope213/log/ | | chown www:www /usr/local/www/Zope213/log |
| echo 'zope213_enable="YES"' >> /etc/rc.conf | | echo 'zope213_enable="YES"' >> /etc/rc.conf |
| echo '#zope213_instances="<INSTANCEDIR>"' >> /etc/rc.conf | | echo '#zope213_instances="<INSTANCEDIR>"' >> /etc/rc.conf |
Zeile 963: |
Zeile 963: |
|
| |
|
| Theoretisch könnte/sollte auch [https://www.freebsd.org/doc/handbook/outgoing-only.html nur das Versendung (von Mails)] eingerichtet werden. | | Theoretisch könnte/sollte auch [https://www.freebsd.org/doc/handbook/outgoing-only.html nur das Versendung (von Mails)] eingerichtet werden. |
|
| |
| ----
| |
|
| |
| ; rc.d scripting
| |
|
| |
| : <code>$EDITOR /usr/local/etc/rc.d/plone</code>
| |
| <pre>
| |
| #!/bin/sh
| |
| # PROVIDE: plone
| |
| # REQUIRE: LOGIN
| |
| # KEYWORD: shutdown
| |
|
| |
| . /etc/rc.subr
| |
|
| |
| name="plone"
| |
| rcvar=plone_enable
| |
|
| |
| start_cmd="${name}_start"
| |
| stop_cmd="${name}_stop"
| |
| restart_cmd="${name}_restart"
| |
| status_cmd="${name}_status"
| |
|
| |
| extra_commands="status"
| |
|
| |
| load_rc_config ${name}
| |
| #: ${plone_enable:="NO"}
| |
|
| |
| plone_stop()
| |
| {
| |
| /usr/local/www/plone/zinstance/bin/plonectl stop
| |
| }
| |
|
| |
| plone_status()
| |
| {
| |
| /usr/local/www/plone/zinstance/bin/plonectl status
| |
| }
| |
|
| |
| plone_start()
| |
| {
| |
| /usr/local/www/plone/zinstance/bin/plonectl start
| |
| }
| |
|
| |
| plone_restart()
| |
| {
| |
| /usr/local/www/plone/zinstance/bin/plonectl restart
| |
| }
| |
|
| |
| run_rc_command "$1"
| |
| </pre>
| |
|
| |
| : <code>chmod 540 /usr/local/etc/rc.d/plone</code>
| |
|
| |
| : <code>service plone onestart</code>
| |
| : <code>service plone status</code>
| |
| : <code>service plone onestop</code>
| |
|
| |
| :: <code>sysrc plone_enable="YES"</code>
| |
| : oder
| |
| :: <code>echo 'plone_enable="YES"' >> /etc/rc.conf</code>
| |
| : oder
| |
| :: <code>$EDITOR /etc/rc.conf</code>
| |
| <pre></pre>
| |
| <pre>
| |
| plone_enable="YES"
| |
| </pre>
| |
| <pre></pre>
| |
|
| |
| : <code>service plone start</code>
| |
| : <code>service plone restart</code>
| |
| : <code>service plone status</code>
| |
| : <code>service plone stop</code>
| |
|
| |
|
| == Installation Plone 3 == | | == Installation Plone 3 == |
Zeile 1.292: |
Zeile 1.221: |
| Theoretisch könnte/sollte auch [https://www.freebsd.org/doc/handbook/outgoing-only.html nur das Versendung (von Mails)] eingerichtet werden. | | Theoretisch könnte/sollte auch [https://www.freebsd.org/doc/handbook/outgoing-only.html nur das Versendung (von Mails)] eingerichtet werden. |
| --> | | --> |
|
| |
| == Customizing vom Layout ==
| |
|
| |
| * https://stackoverflow.com/questions/31781909/why-is-the-plonecustom-css-stylesheet-not-loaded#31787068
| |
|
| |
| == Plone 5 TurnKey Linux ==
| |
|
| |
| === Plone 5 TurnKey Linux Buildout ===
| |
|
| |
| Um Buildout in Turnkey-Linux auszuführen, muss man einen eigenen Nutzer verwenden:
| |
|
| |
| sudo -u plone_buildout bin/buildout
| |
|
| |
| ----
| |
|
| |
| Mutmaßlich gilt das für Plone 5.
| |
|
| |
| --[[Benutzer:PaulRiegel|Paul]] 11:48, 9. Nov. 2021 (CET)
| |
|
| |
| == Test von Plone 6 (als LXC Debian 11 auf PVE 7) ==
| |
|
| |
| 136
| |
|
| |
| ----
| |
|
| |
| Was soll die Zahl sagen?
| |
|
| |
| [https://pro.stura.htw-dresden.de/issues/136 Aufgabe 136] ist es nicht.
| |
|
| |
| [https://10.1.0.31:8006/#v1:0:=lxc%2F136:4:5:::::: CT (oder VM) 136] ist es nicht.
| |
|
| |
| --[[Benutzer:PaulRiegel|Paul]] 11:42, 9. Nov. 2021 (CET)
| |
|
| |
| == Installation Plone 6 ==
| |
|
| |
| === Installation Plone 6 Vorbereitung ===
| |
|
| |
| ==== Installation Plone 6 Umgebung ====
| |
|
| |
| ; Host: PCT (LXC on Proxmox) Debian stable (11)
| |
|
| |
| ==== Installation Plone 6 Aktualisierung bestehender Pakete ====
| |
|
| |
| : <code>apt update</code>
| |
| : <code>apt -y upgrade</code>
| |
|
| |
| === Installation Plone 6 backend ===
| |
|
| |
| ==== Installation Plone 6 backend Installation benötigter Pakete ====
| |
|
| |
| https://training.plone.org/5/mastering-plone/installation.html#prerequisites
| |
| : <code>apt -y install python3.9-dev python3.9-tk python3.9-venv build-essential libssl-dev libxml2-dev libxslt1-dev libbz2-dev libjpeg62-turbo-dev</code>
| |
| : <code>apt -y install libreadline-dev wv poppler-utils</code>
| |
| : <code>apt -y install git</code>
| |
|
| |
| : <s><code>apt -y install python3-pip</code></s>
| |
|
| |
| ==== Installation Plone 6 backend pip ====
| |
|
| |
| https://plone.org/download/releases/6.0.0a2
| |
|
| |
| ----
| |
|
| |
| {| class="wikitable"
| |
| |-
| |
| ! buildout style
| |
| ! pip style
| |
| |-
| |
| | colspan=2 |
| |
| : <code>mkdir plone</code>
| |
| : <code>cd plone/</code>
| |
| |-
| |
| | colspan=2 |
| |
| : <code>mkdir backend</code>
| |
| : <code>cd backend/</code>
| |
| |-
| |
| |
| |
| : <code>nano buildout.cfg</code>
| |
| <pre>
| |
| [buildout]
| |
| extends = https://dist.plone.org/release/6.0.0a2/versions.cfg
| |
| parts = instance
| |
|
| |
| [instance]
| |
| recipe = plone.recipe.zope2instance
| |
| eggs =
| |
| Plone
| |
| plone.volto
| |
| user = admin:admin
| |
| zodb-temporary-storage = off
| |
| </pre>
| |
| : <s><code>chmod +x buildout.cfg</code></s>
| |
| |
| |
|
| |
|
| |
| |-
| |
| | colspan=2 |
| |
| : <code>python3.9 -m venv .</code>
| |
| |-
| |
| |
| |
| : <code>bin/pip install -r https://dist.plone.org/release/6.0.0a2/requirements.txt</code>
| |
| : <code>bin/buildout</code>
| |
| |
| |
| : <code>bin/pip install -U pip setuptools wheel</code>
| |
| : <code>bin/pip install Plone plone.volto -c https://dist.plone.org/release/6.0.0a2/constraints.txt --use-deprecated legacy-resolver</code>
| |
| : <code>bin/mkwsgiinstance -u admin:admin -d .</code>
| |
| |-
| |
| |
| |
| : <code>bin/instance fg</code>
| |
| |
| |
| : <code>bin/runwsgi -v etc/zope.ini</code>
| |
| |-
| |
| |
| |
| |
| |
| : <code>nano etc/zope.ini</code>
| |
| <pre></pre>
| |
| <pre>
| |
| #host = 127.0.0.1
| |
| host = 0.0.0.0
| |
| </pre>
| |
| <pre></pre>
| |
| : <code>bin/runwsgi -v etc/zope.ini</code>
| |
| |-
| |
| |}
| |
|
| |
| === Installation Plone 6 backend Nachbereitung ===
| |
|
| |
| ==== Installation Plone 6 backend Änderung Dienst starten ====
| |
| <!--
| |
|
| |
| : <code>systemctl status plone</code>
| |
| : <code>systemctl start plone</code>
| |
| : <code>systemctl enable plone</code>
| |
| !-->
| |
|
| |
| ==== Installation Plone 6 backend Änderung vom Passwort bei Zope ====
| |
|
| |
| Die standardmäßigen Zugangsdaten sind
| |
| ; Konto: admin
| |
| ; Passwort: admin
| |
| .
| |
|
| |
| Bei
| |
| : http://127.0.0.1:8080/acl_users/users/manage_users
| |
| ist das (einzige) Konto ''admin'' zu finden.
| |
|
| |
| Bei
| |
| : http://127.0.0.1:8080/acl_users/users/manage_users?user_id=admin&passwd=1
| |
| kann das Passwort geändert werden.
| |
|
| |
| ==== Installation Plone 6 web server ====
| |
|
| |
| ===== Installation Plone 6 nginx =====
| |
|
| |
| http://plone-6.test.domain.tld:8080/Plone
| |
|
| |
| ----
| |
|
| |
| : <code>apt -y install nginx</code>
| |
|
| |
| : <code>less /etc/nginx/sites-available/default</code>
| |
|
| |
| https://docs.plone.org/manage/deploying/front-end/nginx.html#minimal-nginx-front-end-configuration-for-plone-on-ubuntu-debian-linux
| |
| : <code>nano /etc/nginx/sites-available/plone-6.test.domain.tld</code>
| |
| <pre>
| |
| add_header X-Frame-Options "SAMEORIGIN";
| |
| add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
| |
| add_header X-XSS-Protection "1; mode=block";
| |
| add_header X-Content-Type-Options "nosniff";
| |
| #add_header Content-Security-Policy "default-src 'self'; img-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'";
| |
| add_header Content-Security-Policy-Report-Only "default-src 'self'; img-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'";
| |
|
| |
| upstream plone {
| |
| server 127.0.0.1:8080;
| |
| }
| |
|
| |
| server {
| |
| listen 80;
| |
| server_name plone-6.test.domain.tld;
| |
| access_log /var/log/nginx/plone-6.test.domain.tld.access.log;
| |
| error_log /var/log/nginx/plone-6.test.domain.tld.error.log;
| |
| location / {
| |
| proxy_pass http://plone/VirtualHostBase/http/plone-6.test.domain.tld:80/Plone/VirtualHostRoot/;
| |
| }
| |
| }
| |
| </pre>
| |
|
| |
| : <code>ln -s /etc/nginx/sites-available/plone-6.test.domain.tld /etc/nginx/sites-enabled/plone-6.test.domain.tld</code>
| |
|
| |
| : <code>apt -y install certbot</code>
| |
| : <code>apt -y install python3-certbot-nginx</code>
| |
|
| |
| : <code>certbot --nginx</code>
| |
|
| |
| : <code>nano /etc/nginx/sites-enabled/plone-6.test.domain.tld</code>
| |
| <pre>
| |
| add_header X-Frame-Options "SAMEORIGIN";
| |
| add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
| |
| add_header X-XSS-Protection "1; mode=block";
| |
| add_header X-Content-Type-Options "nosniff";
| |
| #add_header Content-Security-Policy "default-src 'self'; img-src *; style-src 'self' 'unsafe-inline'; script-src 'sel>
| |
| add_header Content-Security-Policy-Report-Only "default-src 'self'; img-src *; style-src 'self' 'unsafe-inline'; scri>
| |
|
| |
| upstream plone {
| |
| server 127.0.0.1:8080;
| |
| }
| |
|
| |
| server {
| |
| server_name plone-6.test.domain.tld;
| |
| access_log /var/log/nginx/plone-6.test.domain.tld.access.log;
| |
| error_log /var/log/nginx/plone-6.test.domain.tld.error.log;
| |
| location / {
| |
| # proxy_pass http://plone/VirtualHostBase/http/plone-6.test.domain.tld:80/Plone/VirtualHostRoot/;
| |
| proxy_pass http://plone/VirtualHostBase/https/plone-6.test.domain.tld:443/VirtualHostRoot/;
| |
| # proxy_pass http://plone/VirtualHostBase/https/plone-6.test.domain.tld:443/Plone/VirtualHostRoot/;
| |
| }
| |
|
| |
| listen 443 ssl; # managed by Certbot
| |
| ssl_certificate /etc/letsencrypt/live/plone-6.test.domain.tld/fullchain.pem; # managed by Certbot
| |
| ssl_certificate_key /etc/letsencrypt/live/plone-6.test.domain.tld/privkey.pem; # managed by Certbot
| |
| include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
| |
| ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
| |
| }
| |
|
| |
| server {
| |
| if ($host = plone-6.test.domain.tld) {
| |
| return 301 https://$host$request_uri;
| |
| } # managed by Certbot
| |
| listen 80;
| |
| server_name plone-6.test.domain.tld;
| |
| return 404; # managed by Certbot
| |
| }
| |
| </pre>
| |
| : <code>systemctl reload nginx</code>
| |
|
| |
| ----
| |
|
| |
| https://plone-6.test.domain.tld/Plone
| |
|
| |
| ----
| |
|
| |
| : <code>nano etc/zope.ini</code>
| |
| <pre></pre>
| |
| <pre>
| |
| host = 127.0.0.1
| |
| ####host = 0.0.0.0
| |
| </pre>
| |
| <pre></pre>
| |
|
| |
| : <code>bin/runwsgi -v etc/zope.ini</code>
| |
| <pre></pre>
| |
| <pre>
| |
| 2021-13-42 01:23:45 INFO [Zope:42][MainThread] Ready to handle requests
| |
| Starting server in PID 126997.
| |
| 2021-13-42 01:23:45 INFO [waitress:485][MainThread] Serving on http://127.0.0.1:8080
| |
| </pre>
| |
|
| |
| ===== Installation Plone 6 Apache =====
| |
|
| |
| ==== Installation Plone 6 frontend ====
| |
|
| |
| https://training.plone.org/5/mastering-plone/installation.html#installing-plone-frontend
| |
|
| |
| == proxy web server ==
| |
|
| |
| https://www.starzel.de/blog/securing-plone-sites-with-https-and-nginx
| |