= arkroyal =

 * debian stretch (9.0) x64
 * Sort of puppet managed
 * Vultr VPS Cloud Compute: 1x CPU, 1gb RAM, 25gb disk, $5/mon


== local work ==

 * need to do skel stuff
 * Need to do bashrc stuff
 * screenrc, toprc, vimrc
 * setup SSH keys


== IPv6 ==

Autoconfigured


== Puppet ==

Using local repo of serverless puppet stuff


== Lets Encrypt for certs ==

After everything being broken all the time, I finally cleaned up and move the cert renewal stuff to something newer. After they stopped supporting the old ACME v1 client I'd been using since the beginning. -_-

Certbot kinda seems like a pain in the arse so I'm using Dehydrated: https://github.com/dehydrated-io/dehydrated

Way simpler, easier to configure and use, more intuitive. Win-win.

Config goes in `/etc/dehydrated/domains.txt`, gets run regularly from root's crontab. Weekly run of `dehydrated -c` and that's it.

I created `/etc/dehydrated/manual_dns_challenge_hook.sh` based on notes from https://github.com/lukas2511/dehydrated/wiki/example-dns-01-nsupdate-script

=== nginx config ===

nginx catches ACME requests in the default vhost, and protected domains read their cert and key from `/var/lib/dehydrated/certs/DOMAIN/`


== Wordpress ==

Running a vanilla Wordpress 5.8.3 for https://blog.meidokon.net/

Wordpress has come a long way, I'm genuinely impressed. The editor is fantastic now, the new Content Blocks scheme makes it a contender to Squarespace in my eyes, but you can self-host instead of using their cloud. Full control over the potential for speed and caching is very, very nice.

 * New dir in `~furinkan/public_html/blog.meidokon.net`
 * Unpack it there, do the standard config
 * Setup mysql DB, this is all muscle memory now :) {{{
CREATE USER 'furinkan'@'localhost' IDENTIFIED BY 'ASecurePassword';
CREATE DATABASE furinkanblog;
GRANT ALL PRIVILEGES ON furinkanblog.* TO 'furinkan'@'localhost' WITH GRANT OPTION;
}}}
 * Fix up the wp-config accordingly and generate nonce strings as directed
 * Add an entry to dehydrated cert config and run it to get a cert issued {{{
echo blog.meidokon.net >> /etc/dehydrated/domains.txt
dehydrated -c
}}}
 * Setup a new vhost in `/etc/nginx/sites-enabled/blog.meidokon.net`
  * Copy an existing one like despair, fix paths and hostnames everywhere
 * Setup php-fpm for the site in `/etc/php/7.0/fpm/pool.d/`
  * Copy an existing one and update the poolname, username, path to socket
 * Install PHP dependencies for Wordpress {{{
apt update
apt install php7.0-{gd,curl,mbstring,zip} php-imagick
}}}
 * Restart necessary services {{{
systemctl restart php7.0-fpm.service 
systemctl restart nginx
}}}

Now go tweak it up however you like it.


== Decommissioning a site on arkroyal ==

=== Admin bits ===
 * Nuke the vhost
  * Note down the SSL cert paths
  * Note down access/error log paths
  * Delete the vhost file
  * Restart nginx
  * Delete the SSL files
  * Remove it from the autorenew script (which is probably broken anyway)
   * root's crontab
   * Remove from puppet in /etc/puppet/code/site.pp (it's not active now either)
  * Nuke web logs as well
  * Remove DNS entries for the site, if needed

=== User content bits ===

 * Clean out the public_html/SITENAME



== Moin customisation ==

I've tweaked the ''memodump'' theme to take advantage of really big screens (ie. my normal-sized one).

== Upgrade to moin 1.9.11 ==

Download and unpack new version to moin user account. I'm going to "install" moin locally (in the homedir), and keep the instance data separate from the code that it's executing.

{{{
cd moin-1.9.11/
python setup.py install --user --force --record=2021-06-28_moin_install.log --install-data=~/moin_instance
Writing /home/moin/.local/lib/python2.7/site-packages/moin-1.9.11.egg-info
writing list of installed files to '2021-06-28_moin_install.log'
}}}

Update `~/.profile` to include the moin binary

{{{
# set PATH so it includes user's private local bin if it exists
if [ -d "$HOME/.local/bin" ] ; then
    PATH="$HOME/.local/bin:$PATH"
fi
}}}

Move the instance contents to dir where I wanted it, the intermediate dirs are completely empty and make no sense for a user-local install.

{{{
moin@arkroyal:~/moin_instance$ mv share/moin/* ./
}}}

In `instance/server/`, copy `moin.wsgi` to `app.py` and fix up the config path. Can leave the app path because it's "installed" now.

{{{
# Set 1b) to instance/config/
sys.path.insert(0, '/home/moin/moin_instance/config')
}}}

Move the old instance data to the new empty instance dir:
{{{
moin@arkroyal:~/moin_instance/data$ rm -rf cache dict edit-log event-log meta pages user plugin

moin@arkroyal:~/apps/moin-1.9.3/wiki/data$ cp -a cache dict edit-log event-log* meta pages plugin user ~/moin_instance/data/             
}}}

Run the upgrade now:
{{{
moin@arkroyal:~/moin_instance$ moin --config-dir /home/moin/moin_instance --wiki-url=https://moin.meidokon.net/ migration data
}}}

Following the rest of the guide: stop moin, delete cache with `moin ... maint cleancache`, start moin again

{{{
moin@arkroyal:~/moin_instance$ moin --config-dir=/home/moin/moin_instance maint cleancache
}}}