136 lines
3.1 KiB
Markdown
136 lines
3.1 KiB
Markdown
# OKTET Labs. Diary Management Application
|
|
|
|
## Installation
|
|
|
|
### Packages
|
|
```shell
|
|
# Apache
|
|
apt install -y apache2 apache2-dev libapache2-mod-passenger
|
|
# For kerberos + ldap auth
|
|
apt install -y krb5-user libapache2-mod-auth-gssapi
|
|
# ruby
|
|
apt install -y ruby ruby-ldap ruby-dev ruby-mysql2 default-libmysqlclient-dev libdbd-mysql-perl memcached
|
|
# For ubuntu install
|
|
apt install -y libmysqlclient-dev
|
|
# For debian install
|
|
apt install -y libmariadb-dev-compat libmariadb-dev
|
|
|
|
# Enable mods (ssl if need)
|
|
a2enmod auth_gssapi
|
|
a2enmod authnz_ldap
|
|
a2enmod passenger
|
|
a2enmod cgid
|
|
a2enmod ssl
|
|
```
|
|
|
|
### Passenger check
|
|
```shell
|
|
/usr/bin/passenger-config validate-install
|
|
/usr/sbin/passenger-memory-stats
|
|
```
|
|
|
|
### Diary directory
|
|
```shell
|
|
mkdir -p /var/www/cgi-bin/diary
|
|
# Clone this repository to /var/www/cgi-bin/diary
|
|
cd /var/www/cgi-bin/diary
|
|
gem install dbi
|
|
```
|
|
|
|
### Amrita ruby package
|
|
Manually extract `*.rb` files from
|
|
http://archive.debian.org/debian/pool/main/r/ruby-amrita/ruby-amrita_1.0.2-10_all.deb
|
|
package to `/usr/lib/ruby/vendor_ruby/amrita/*.rb`
|
|
|
|
### Copy config file from example
|
|
```shell
|
|
cd /var/www/cgi-bin/diary
|
|
cp diary_env.example.rb diary_env.rb
|
|
# edit config
|
|
vim diary_env.rb
|
|
```
|
|
|
|
### Change owner
|
|
```shell
|
|
chown www-data:www-data -Rvc /var/www/cgi-bin/diary
|
|
```
|
|
|
|
### Part of config apache
|
|
Edit apache config in `apache_diary.conf`
|
|
- edit `AuthLDAPURL` option
|
|
- edit `ldap-filter` options, if need. Default access to all ldap users
|
|
- edit `GssapiSSLonly` option for HTTP or HTTPS
|
|
|
|
Add line to `/etc/apache2/sites-enabled/*.conf` file
|
|
```
|
|
include /var/www/cgi-bin/diary/apache_diary.conf
|
|
```
|
|
|
|
### For kerberos auth
|
|
|
|
- Copy *.keytab file to diary web server
|
|
- ```shell
|
|
# test keytab
|
|
klist -ke /etc/apache2/web.keytab
|
|
- ```shell
|
|
# change rights
|
|
chown www-data:www-data -v /etc/apache2/*.keytab
|
|
chmod 0600 -v /etc/apache2/*.keytab
|
|
```
|
|
|
|
### Install mysql server
|
|
```shell
|
|
apt install -y software-properties-common mariadb-server mariadb-client
|
|
systemctl stop mariadb
|
|
```
|
|
|
|
Fix sql cnf files
|
|
```shell
|
|
# to mysql conf files:
|
|
# to /etc/mysql/mariadb.conf.d/50-client.cnf
|
|
vim /etc/mysql/mariadb.conf.d/50-client.cnf
|
|
# [client]
|
|
# default-character-set=utf8
|
|
|
|
# to /etc/mysql/mariadb.conf.d/50-server.cnf
|
|
vim /etc/mysql/mariadb.conf.d/50-server.cnf
|
|
# [mysqld]
|
|
# character-set-server=utf8
|
|
# collation-server=utf8_general_ci
|
|
# bind-address = 0.0.0.0
|
|
```
|
|
|
|
Start and check mariadb service
|
|
```shell
|
|
systemctl enable mariadb
|
|
systemctl start mariadb
|
|
systemctl status mariadb
|
|
```
|
|
### Create database and user
|
|
|
|
```shell
|
|
mysql -u root
|
|
```
|
|
```sql
|
|
/* Create database and prepare tables */
|
|
create database diary;
|
|
use diary;
|
|
source /var/www/cgi-bin/diary/create.mysql;
|
|
|
|
/* Create diary-user */
|
|
CREATE USER 'diary'@'localhost' IDENTIFIED BY 'diary_pass';
|
|
GRANT ALL PRIVILEGES ON * . * TO 'diary'@'localhost';
|
|
FLUSH PRIVILEGES;
|
|
SHOW GRANTS FOR 'diary'@'localhost';
|
|
|
|
/* Delete default director login name */
|
|
SELECT * FROM director;
|
|
DELETE FROM director WHERE `nick`='director';
|
|
|
|
/* Create director login name */
|
|
INSERT INTO director SET `nick`='director-user';
|
|
```
|
|
|
|
## Customization
|
|
|
|
- Copy company logo `logo-small.gif` to `/var/www/cgi-bin/diary/logo-small.gif` |