2024-02-23 13:32:08 +01:00
|
|
|
# Deployment DCDN
|
|
|
|
|
2024-04-16 16:03:33 +02:00
|
|
|
Deployment [**D**ebian](https://www.debian.org/) (os) + [**C**addy](https://caddyserver.com/) (webserver) + [**D**irectus](https://directus.io/) (cms) + [**N**uxt](https://nuxt.com/) (static front).
|
2024-02-23 13:32:08 +01:00
|
|
|
|
2024-02-23 14:28:42 +01:00
|
|
|
## Installation
|
|
|
|
|
2024-04-17 16:48:16 +02:00
|
|
|
On a fresh install as root user using
|
|
|
|
|
2024-04-17 17:35:05 +02:00
|
|
|
`sudo passwd root`
|
2024-04-17 17:08:53 +02:00
|
|
|
|
2024-04-17 16:48:16 +02:00
|
|
|
`su - root`
|
2024-02-23 14:28:42 +01:00
|
|
|
|
|
|
|
1. Upgrade
|
|
|
|
|
2024-02-23 14:35:26 +01:00
|
|
|
`apt update && apt upgrade -y`
|
2024-02-23 14:28:42 +01:00
|
|
|
|
|
|
|
2. Install git
|
|
|
|
|
2024-02-23 15:01:45 +01:00
|
|
|
`apt install -y git`
|
2024-02-23 14:28:42 +01:00
|
|
|
|
|
|
|
3. Download and make the instal script executable
|
|
|
|
|
|
|
|
`git clone https://figureslibres.io/gitea/valentin_le_moign/deployment-dcdn.git`
|
|
|
|
|
|
|
|
`cd deployment-dcdn`
|
|
|
|
|
|
|
|
`chmod u+x install.sh`
|
|
|
|
|
|
|
|
4. Launch the script
|
|
|
|
|
|
|
|
`bash install.sh`
|
|
|
|
|
2024-04-16 16:03:33 +02:00
|
|
|
## Installation steps
|
|
|
|
|
|
|
|
1. Install php for the webhook
|
|
|
|
2. Create a user
|
|
|
|
3. Setup ssh, firewall and fail2ban
|
|
|
|
4. Install Caddy webserver
|
|
|
|
5. Install MariaDB
|
|
|
|
6. Setup the Directus Database
|
|
|
|
7. Install Node
|
|
|
|
8. Prompt for the url
|
|
|
|
9. Install and run Directus
|
|
|
|
10. Install and run the front-end
|
|
|
|
11. Setup a webhook
|
|
|
|
|
|
|
|
## Post-install
|
|
|
|
|
2024-04-18 12:47:12 +02:00
|
|
|
0. Delete unix Debian account
|
|
|
|
|
|
|
|
`userdel --remove-home debian`
|
|
|
|
|
2024-04-16 16:03:33 +02:00
|
|
|
1. Configure DNS Zone
|
|
|
|
```
|
|
|
|
Domain : <domain_name> | Type : A | Target : <ip>
|
|
|
|
Domain : cms.<domain_name> | Type : A | Target : <ip>
|
|
|
|
Domain : www.<domain_name> | Type : A | Target : <ip>
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
2. Set Directus roles
|
|
|
|
```
|
|
|
|
Website role Read content collections and directus_files
|
|
|
|
User role All permissions on content collections, directus_files and directus_folders
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
3. Create a webhook
|
|
|
|
`<repo_url>/settings/hooks/gitea/new`
|
|
|
|
```
|
|
|
|
Target URL https://<domain_name>/webhook.php
|
|
|
|
Branch filter prod
|
|
|
|
Authorization Header generate a safe string using : openssl rand -base64 32
|
|
|
|
```
|
|
|
|
|
2024-02-23 14:28:42 +01:00
|
|
|
## Ref
|
|
|
|
|
2024-04-16 16:03:33 +02:00
|
|
|
[Debian Web Server](https://figureslibres.io/gogs/bachir/debian-web-server)
|
|
|
|
|
|
|
|
[Securing a dedicated server](https://help.ovhcloud.com/csm/en-gb-dedicated-servers-securing-server?id=kb_article_view&sysparm_article=KB0043969)
|