Aktuelle Version |
Dein Text |
Zeile 299: |
Zeile 299: |
| ==== Erstellung Datenbank ==== | | ==== Erstellung Datenbank ==== |
|
| |
|
| | ---- |
| ; Erstellung der Datenbank für den Dienst ''mattermost: | | ; Erstellung der Datenbank für den Dienst ''mattermost: |
| | | : … |
| ----
| |
| | |
| : <code>su postgres</code> | |
| | |
| : <code>cat ~/data10/postgresql.conf</code>
| |
| | |
| ----
| |
| | |
| : <code>psql</code>
| |
| | |
| ----
| |
| : <code>CREATE DATABASE mattermostuserdatabase;</code>
| |
| <pre>
| |
| CREATE DATABASE
| |
| </pre>
| |
| : <code>CREATE USER mattermostuser WITH PASSWORD 'mattermostuserdatabasepassword';</code>
| |
| <pre>
| |
| CREATE ROLE
| |
| </pre>
| |
| : <code>GRANT ALL PRIVILEGES ON DATABASE mattermostuserdatabase to mattermostuser;</code>
| |
| <pre>
| |
| GRANT
| |
| </pre>
| |
| : <code>\q</code>
| |
| | |
| ----
| |
| | |
| : <code>$EDITOR /usr/local/etc/mattermost/config.json</code> | | : <code>$EDITOR /usr/local/etc/mattermost/config.json</code> |
| <pre></pre>
| |
| <pre>
| |
| "SqlSettings": {
| |
|
| |
| </pre>
| |
| <pre></pre>
| |
| <pre>
| |
| "DriverName": "postgres",
| |
| "DataSource": "postgres://mattermostuser:mattermostuserdatabasepassword@127.0.0.1:5432/mattermostuserdatabase?sslmode=disable&connect_timeout=10",
| |
| </pre>
| |
| <pre></pre>
| |
|
| |
| : <code>service mattermostd restart</code>
| |
|
| |
| : <code>fetch http://localhost:8065 && cat localhost:8065 && rm localhost:8065</code>
| |
| <pre>
| |
| localhost:8065 100% of 3242 B 49 MBps 00m00s
| |
| <!DOCTYPE html> <html lang=en> <head>
| |
| </pre>
| |
| <pre></pre>
| |
| <pre>
| |
| </body> </html>
| |
| </pre>
| |
|
| |
|
| ==== Installation Webserver ==== | | ==== Installation Webserver ==== |
Zeile 392: |
Zeile 343: |
| : <code>sysrc nginx_enable=YES</code> | | : <code>sysrc nginx_enable=YES</code> |
| : <code>service nginx start</code> | | : <code>service nginx start</code> |
|
| |
| : <code>fetch http://localhost:80 && cat localhost:80 && rm localhost:80</code>
| |
|
| |
| ==== Installation Certbot ====
| |
|
| |
| in Anlehnung an https://certbot.eff.org/lets-encrypt/freebsd-nginx
| |
|
| |
| ----
| |
| : <code>pkg ins -y py27-certbot</code>
| |
| <pre></pre>
| |
| <!--
| |
| <pre>
| |
| Message from python27-2.7.15:
| |
|
| |
| ===========================================================================
| |
|
| |
| Note that some standard Python modules are provided as separate ports
| |
| as they require additional dependencies. They are available as:
| |
|
| |
| bsddb databases/py-bsddb
| |
| gdbm databases/py-gdbm
| |
| sqlite3 databases/py-sqlite3
| |
| tkinter x11-toolkits/py-tkinter
| |
|
| |
| ===========================================================================
| |
| Message from py27-urllib3-1.22,1:
| |
|
| |
| Be careful, support of IPv6 is broken with PySocks 1.5.7.
| |
| </pre>
| |
| !-->
| |
| <pre>
| |
| Message from py27-certbot-0.27.1_1,1:
| |
|
| |
| ===========================================================================
| |
|
| |
| This port installs the "standalone" client only, which does not use and
| |
| is not the certbot-auto bootstrap/wrapper script.
| |
|
| |
| The simplest form of usage to obtain certificates is:
| |
|
| |
| # sudo certbot certonly --standalone -d <domain>, [domain2, ... domainN]>
| |
|
| |
| NOTE:
| |
|
| |
| The client requires the ability to bind on TCP port 80 or 443 (depending
| |
| on the --preferred-challenges option used). If a server is running on that
| |
| port, it will need to be temporarily stopped so that the standalone server
| |
| can listen on that port to complete the challenge authentication process.
| |
|
| |
| For more information on the 'standalone' mode, see:
| |
|
| |
| https://certbot.eff.org/docs/using.html#standalone
| |
|
| |
| The certbot plugins to support apache and nginx certificate installation
| |
| will be made available in the following ports:
| |
|
| |
| * Apache plugin: security/py-certbot-apache
| |
| * Nginx plugin: security/py-certbot-nginx
| |
|
| |
| ===========================================================================
| |
| </pre>
| |
|
| |
| : <code>pkg ins -y py27-certbot-nginx</code>
| |
| <pre></pre>
| |
| <!--
| |
| <pre>
| |
| Message from py27-pip-9.0.3:
| |
|
| |
| ============================== !!!! WARNING !!!! ==========================
| |
|
| |
| pip MUST ONLY be used:
| |
|
| |
| * With the --user flag, OR
| |
| * To install or manage Python packages in virtual environments
| |
|
| |
| Failure to follow this warning can and will result in an inconsistent
| |
| system-wide Python environment (LOCALBASE/lib/pythonX.Y/site-packages) and
| |
| cause errors.
| |
|
| |
| Avoid using pip as root unless you know what you're doing.
| |
|
| |
| ============================== !!!! WARNING !!!! ==========================
| |
| </pre>
| |
| !-->
| |
|
| |
| ==== Erstellung Zertifikat ====
| |
|
| |
| : <s><code>certbot certonly --standalone --test-cert --agree-tos -m cert@stura.htw-dresden.de -n -d domain.stura.htw-dresden.de</code></s>
| |
|
| |
| : <code>certbot certonly --standalone --agree-tos -m cert@stura.htw-dresden.de -n -d domain.stura.htw-dresden.de</code>
| |
| <pre>
| |
| Saving debug log to /var/log/letsencrypt/letsencrypt.log
| |
| Plugins selected: Authenticator standalone, Installer None
| |
| Obtaining a new certificate
| |
| Performing the following challenges:
| |
| http-01 challenge for domain.stura.htw-dresden.de
| |
| Waiting for verification...
| |
| Cleaning up challenges
| |
|
| |
| IMPORTANT NOTES:
| |
| - Congratulations! Your certificate and chain have been saved at:
| |
| /usr/local/etc/letsencrypt/live/domain.stura.htw-dresden.de/fullchain.pem
| |
| Your key file has been saved at:
| |
| /usr/local/etc/letsencrypt/live/domain.stura.htw-dresden.de/privkey.pem
| |
| Your cert will expire on 2019-03-17. To obtain a new or tweaked
| |
| version of this certificate in the future, simply run certbot
| |
| again. To non-interactively renew *all* of your certificates, run
| |
| "certbot renew"
| |
| - If you like Certbot, please consider supporting our work by:
| |
|
| |
| Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
| |
| Donating to EFF: https://eff.org/donate-le
| |
| </pre>
| |
|
| |
| ==== Anpassung Webserver ====
| |
|
| |
| : <code>$EDITOR /usr/local/etc/nginx/nginx.conf</code>
| |
| <pre></pre>
| |
| <pre>
| |
| </pre>
| |
| <pre></pre>
| |
|
| |
| : <code>$EDITOR /usr/local/etc/nginx/nginx.conf</code>
| |
|
| |
| ==== Anpassungen Mattermost ====
| |
|
| |
| * Mail-Adresse (die als absendende Adresse für Mails zur Einladung & Co verwendet wird)
| |
| * Domain (die als Adresse für Verweise bei Mails zur Einladung & Co verwendet wird)
| |
|
| |
|
| == Sonstiges == | | == Sonstiges == |