diary/README.md

# OKTET Labs. Diary Management Application

## Installation

### Packages
```shell
# Apache
apt install -y apache2 apache2-dev libapache2-mod-passenger
# For kerberos + ldap auth
apt install -y krb5-user libapache2-mod-auth-gssapi
# ruby
apt install -y ruby ruby-ldap ruby-dev ruby-mysql2 default-libmysqlclient-dev libdbd-mysql-perl memcached
# For ubuntu install
apt install -y libmysqlclient-dev
# For debian install
apt install -y libmariadb-dev-compat libmariadb-dev

# Enable mods (ssl if need)
a2enmod auth_gssapi
a2enmod authnz_ldap
a2enmod passenger
a2enmod cgid
a2enmod ssl
```

### Passenger check
```shell
/usr/bin/passenger-config validate-install
/usr/sbin/passenger-memory-stats
```

### Diary directory
```shell
mkdir -p /var/www/cgi-bin/diary
# Clone this repository to /var/www/cgi-bin/diary
cd /var/www/cgi-bin/diary
gem install dbi
```

### Amrita ruby package
Manually extract `*.rb` files from
http://archive.debian.org/debian/pool/main/r/ruby-amrita/ruby-amrita_1.0.2-10_all.deb
package to `/usr/lib/ruby/vendor_ruby/amrita/*.rb`

### Copy config file from example
```shell
cd /var/www/cgi-bin/diary
cp diary_env.example.rb diary_env.rb
# edit config
vim diary_env.rb
```

### Change owner
```shell
chown www-data:www-data -Rvc /var/www/cgi-bin/diary
```

### Part of config apache
Edit apache config in `apache_diary.conf`
- edit `AuthLDAPURL` option
- edit `ldap-filter` options, if need. Default access to all ldap users
- edit `GssapiSSLonly` option for HTTP or HTTPS

Add line to `/etc/apache2/sites-enabled/*.conf` file
```
include /var/www/cgi-bin/diary/apache_diary.conf
```

### For kerberos auth

- Copy *.keytab file to diary web server
- ```shell
    # test keytab
    klist -ke /etc/apache2/web.keytab
- ```shell
    # change rights
    chown www-data:www-data -v /etc/apache2/*.keytab
    chmod 0600 -v /etc/apache2/*.keytab
    ```

### Install mysql server
```shell
apt install -y software-properties-common mariadb-server mariadb-client
systemctl stop mariadb
```

Fix sql cnf files
```shell
#	to mysql conf files:
#	to /etc/mysql/mariadb.conf.d/50-client.cnf
vim /etc/mysql/mariadb.conf.d/50-client.cnf
#	[client]
#	default-character-set=utf8

#	to /etc/mysql/mariadb.conf.d/50-server.cnf
vim /etc/mysql/mariadb.conf.d/50-server.cnf
#	[mysqld]
#	character-set-server=utf8
#	collation-server=utf8_general_ci
#	bind-address = 0.0.0.0
```

Start and check mariadb service
```shell
systemctl enable mariadb
systemctl start mariadb
systemctl status mariadb
```
### Create database and user

```shell
mysql -u root
```
```sql
/* Create database and prepare tables */
create database diary;
use diary;
source /var/www/cgi-bin/diary/create.mysql;

/* Create diary-user */
CREATE USER 'diary'@'localhost' IDENTIFIED BY 'diary_pass';
GRANT ALL PRIVILEGES ON * . * TO 'diary'@'localhost';
FLUSH PRIVILEGES;
SHOW GRANTS FOR 'diary'@'localhost';

/* Delete default director login name */
SELECT * FROM director;
DELETE FROM director WHERE `nick`='director';

/* Create director login name */
INSERT INTO director SET `nick`='director-user';
```

## Customization

- Copy company logo `logo-small.gif` to `/var/www/cgi-bin/diary/logo-small.gif`
Update README Signed-off-by: Sergey Bogdanov <sergey.bogdanov@oktetlabs.ru> 2024-01-10 12:33:46 +00:00			`# OKTET Labs. Diary Management Application`
Import the first public release Signed-off-by: OKTET Labs Ltd. <diary-maint@oktetlabs.ru> 2021-12-20 12:32:51 +00:00
Update README Signed-off-by: Sergey Bogdanov <sergey.bogdanov@oktetlabs.ru> 2024-01-10 12:33:46 +00:00			`## Installation`

			`### Packages`
			```shell
			`# Apache`
			`apt install -y apache2 apache2-dev libapache2-mod-passenger`
			`# For kerberos + ldap auth`
			`apt install -y krb5-user libapache2-mod-auth-gssapi`
			`# ruby`
			`apt install -y ruby ruby-ldap ruby-dev ruby-mysql2 default-libmysqlclient-dev libdbd-mysql-perl memcached`
			`# For ubuntu install`
			`apt install -y libmysqlclient-dev`
			`# For debian install`
			`apt install -y libmariadb-dev-compat libmariadb-dev`

			`# Enable mods (ssl if need)`
			`a2enmod auth_gssapi`
			`a2enmod authnz_ldap`
			`a2enmod passenger`
			`a2enmod cgid`
			`a2enmod ssl`
			```

			`### Passenger check`
			```shell
			`/usr/bin/passenger-config validate-install`
			`/usr/sbin/passenger-memory-stats`
			```

			`### Diary directory`
			```shell
			`mkdir -p /var/www/cgi-bin/diary`
			`# Clone this repository to /var/www/cgi-bin/diary`
			`cd /var/www/cgi-bin/diary`
			`gem install dbi`
			```

			`### Amrita ruby package`
			Manually extract `*.rb` files from
			`http://archive.debian.org/debian/pool/main/r/ruby-amrita/ruby-amrita_1.0.2-10_all.deb`
			package to `/usr/lib/ruby/vendor_ruby/amrita/*.rb`

			`### Copy config file from example`
			```shell
			`cd /var/www/cgi-bin/diary`
			`cp diary_env.example.rb diary_env.rb`
			`# edit config`
			`vim diary_env.rb`
			```

			`### Change owner`
			```shell
			`chown www-data:www-data -Rvc /var/www/cgi-bin/diary`
			```

			`### Part of config apache`
			Edit apache config in `apache_diary.conf`
			- edit `AuthLDAPURL` option
			- edit `ldap-filter` options, if need. Default access to all ldap users
			- edit `GssapiSSLonly` option for HTTP or HTTPS

			Add line to `/etc/apache2/sites-enabled/*.conf` file
			```
			`include /var/www/cgi-bin/diary/apache_diary.conf`
			```

			`### For kerberos auth`

			`- Copy *.keytab file to diary web server`
			- ```shell
			`# test keytab`
			`klist -ke /etc/apache2/web.keytab`
			- ```shell
			`# change rights`
			`chown www-data:www-data -v /etc/apache2/*.keytab`
			`chmod 0600 -v /etc/apache2/*.keytab`
			```

			`### Install mysql server`
			```shell
			`apt install -y software-properties-common mariadb-server mariadb-client`
			`systemctl stop mariadb`
			```

			`Fix sql cnf files`
			```shell
			`# to mysql conf files:`
			`# to /etc/mysql/mariadb.conf.d/50-client.cnf`
			`vim /etc/mysql/mariadb.conf.d/50-client.cnf`
			`# [client]`
			`# default-character-set=utf8`

			`# to /etc/mysql/mariadb.conf.d/50-server.cnf`
			`vim /etc/mysql/mariadb.conf.d/50-server.cnf`
			`# [mysqld]`
			`# character-set-server=utf8`
			`# collation-server=utf8_general_ci`
			`# bind-address = 0.0.0.0`
			```

			`Start and check mariadb service`
			```shell
			`systemctl enable mariadb`
			`systemctl start mariadb`
			`systemctl status mariadb`
			```
			`### Create database and user`

			```shell
			`mysql -u root`
			```
			```sql
			`/* Create database and prepare tables */`
			`create database diary;`
			`use diary;`
			`source /var/www/cgi-bin/diary/create.mysql;`

			`/* Create diary-user */`
			`CREATE USER 'diary'@'localhost' IDENTIFIED BY 'diary_pass';`
			`GRANT ALL PRIVILEGES ON * . * TO 'diary'@'localhost';`
			`FLUSH PRIVILEGES;`
			`SHOW GRANTS FOR 'diary'@'localhost';`

			`/* Delete default director login name */`
			`SELECT * FROM director;`
			DELETE FROM director WHERE `nick`='director';

			`/* Create director login name */`
			INSERT INTO director SET `nick`='director-user';
			```

			`## Customization`

			- Copy company logo `logo-small.gif` to `/var/www/cgi-bin/diary/logo-small.gif`