= arkroyal = {{{#!wiki warning '''Decommissioned on 2022-06-09''' }}} * debian stretch (9.0) x64 * Sort of puppet managed * Vultr VPS Cloud Compute: 1x CPU, 1gb RAM, 25gb disk, $5/mon == local work == * need to do skel stuff * Need to do bashrc stuff * screenrc, toprc, vimrc * setup SSH keys == IPv6 == Autoconfigured == Puppet == Using local repo of serverless puppet stuff == Lets Encrypt for certs == After everything being broken all the time, I finally cleaned up and move the cert renewal stuff to something newer. After they stopped supporting the old ACME v1 client I'd been using since the beginning. -_- Certbot kinda seems like a pain in the arse so I'm using Dehydrated: https://github.com/dehydrated-io/dehydrated Way simpler, easier to configure and use, more intuitive. Win-win. Config goes in `/etc/dehydrated/domains.txt`, gets run regularly from root's crontab. Weekly run of `dehydrated -c` and that's it. I created `/etc/dehydrated/manual_dns_challenge_hook.sh` based on notes from https://github.com/lukas2511/dehydrated/wiki/example-dns-01-nsupdate-script === nginx config === nginx catches ACME requests in the default vhost, and protected domains read their cert and key from `/var/lib/dehydrated/certs/DOMAIN/` == Wordpress == Running a vanilla Wordpress 5.8.3 for https://blog.meidokon.net/ Wordpress has come a long way, I'm genuinely impressed. The editor is fantastic now, the new Content Blocks scheme makes it a contender to Squarespace in my eyes, but you can self-host instead of using their cloud. Full control over the potential for speed and caching is very, very nice. * New dir in `~furinkan/public_html/blog.meidokon.net` * Unpack it there, do the standard config * Setup mysql DB, this is all muscle memory now :) {{{ CREATE USER 'furinkan'@'localhost' IDENTIFIED BY 'ASecurePassword'; CREATE DATABASE furinkanblog; GRANT ALL PRIVILEGES ON furinkanblog.* TO 'furinkan'@'localhost' WITH GRANT OPTION; }}} * Fix up the wp-config accordingly and generate nonce strings as directed * Add an entry to dehydrated cert config and run it to get a cert issued {{{ echo blog.meidokon.net >> /etc/dehydrated/domains.txt dehydrated -c }}} * Setup a new vhost in `/etc/nginx/sites-enabled/blog.meidokon.net` * Copy an existing one like despair, fix paths and hostnames everywhere * Setup php-fpm for the site in `/etc/php/7.0/fpm/pool.d/` * Copy an existing one and update the poolname, username, path to socket * Install PHP dependencies for Wordpress {{{ apt update apt install php7.0-{gd,curl,mbstring,zip} php-imagick }}} * Restart necessary services {{{ systemctl restart php7.0-fpm.service systemctl restart nginx }}} Now go tweak it up however you like it. == Decommissioning a site on arkroyal == === Admin bits === * Nuke the vhost * Note down the SSL cert paths * Note down access/error log paths * Delete the vhost file * Restart nginx * Delete the SSL files * Remove it from the autorenew script (which is probably broken anyway) * root's crontab * Remove from puppet in /etc/puppet/code/site.pp (it's not active now either) * Nuke web logs as well * Remove DNS entries for the site, if needed === User content bits === * Clean out the public_html/SITENAME == Moin customisation == I've tweaked the ''memodump'' theme to take advantage of really big screens (ie. my normal-sized one). == Upgrade to moin 1.9.11 == Download and unpack new version to moin user account. I'm going to "install" moin locally (in the homedir), and keep the instance data separate from the code that it's executing. {{{ cd moin-1.9.11/ python setup.py install --user --force --record=2021-06-28_moin_install.log --install-data=~/moin_instance Writing /home/moin/.local/lib/python2.7/site-packages/moin-1.9.11.egg-info writing list of installed files to '2021-06-28_moin_install.log' }}} Update `~/.profile` to include the moin binary {{{ # set PATH so it includes user's private local bin if it exists if [ -d "$HOME/.local/bin" ] ; then PATH="$HOME/.local/bin:$PATH" fi }}} Move the instance contents to dir where I wanted it, the intermediate dirs are completely empty and make no sense for a user-local install. {{{ moin@arkroyal:~/moin_instance$ mv share/moin/* ./ }}} In `instance/server/`, copy `moin.wsgi` to `app.py` and fix up the config path. Can leave the app path because it's "installed" now. {{{ # Set 1b) to instance/config/ sys.path.insert(0, '/home/moin/moin_instance/config') }}} Move the old instance data to the new empty instance dir: {{{ moin@arkroyal:~/moin_instance/data$ rm -rf cache dict edit-log event-log meta pages user plugin moin@arkroyal:~/apps/moin-1.9.3/wiki/data$ cp -a cache dict edit-log event-log* meta pages plugin user ~/moin_instance/data/ }}} Run the upgrade now: {{{ moin@arkroyal:~/moin_instance$ moin --config-dir /home/moin/moin_instance --wiki-url=https://moin.meidokon.net/ migration data }}} Following the rest of the guide: stop moin, delete cache with `moin ... maint cleancache`, start moin again {{{ moin@arkroyal:~/moin_instance$ moin --config-dir=/home/moin/moin_instance maint cleancache }}}