deployment-dcdn/README.md

76 lines
1.7 KiB
Markdown
Raw Normal View History

2024-02-23 13:32:08 +01:00
# Deployment DCDN
2024-04-16 16:03:33 +02:00
Deployment [**D**ebian](https://www.debian.org/) (os) + [**C**addy](https://caddyserver.com/) (webserver) + [**D**irectus](https://directus.io/) (cms) + [**N**uxt](https://nuxt.com/) (static front).
2024-02-23 13:32:08 +01:00
2024-02-23 14:28:42 +01:00
## Installation
2024-04-17 16:48:16 +02:00
On a fresh install as root user using
`sudo passwd root`
2024-04-17 17:08:53 +02:00
2024-04-17 16:48:16 +02:00
`su - root`
2024-02-23 14:28:42 +01:00
1. Upgrade
2024-02-23 14:35:26 +01:00
`apt update && apt upgrade -y`
2024-02-23 14:28:42 +01:00
2. Install git
`apt install -y git`
2024-02-23 14:28:42 +01:00
3. Download and make the instal script executable
`git clone https://figureslibres.io/gitea/valentin_le_moign/deployment-dcdn.git`
`cd deployment-dcdn`
`chmod u+x install.sh`
4. Launch the script
`bash install.sh`
2024-04-16 16:03:33 +02:00
## Installation steps
1. Install php for the webhook
2. Create a user
3. Setup ssh, firewall and fail2ban
4. Install Caddy webserver
5. Install MariaDB
6. Setup the Directus Database
7. Install Node
8. Prompt for the url
9. Install and run Directus
10. Install and run the front-end
11. Setup a webhook
## Post-install
1. Configure DNS Zone
```
Domain : <domain_name> | Type : A | Target : <ip>
Domain : cms.<domain_name> | Type : A | Target : <ip>
Domain : www.<domain_name> | Type : A | Target : <ip>
```
2. Set Directus roles
```
Website role Read content collections and directus_files
User role All permissions on content collections, directus_files and directus_folders
```
3. Create a webhook
`<repo_url>/settings/hooks/gitea/new`
```
Target URL https://<domain_name>/webhook.php
Branch filter prod
Authorization Header generate a safe string using : openssl rand -base64 32
```
2024-02-23 14:28:42 +01:00
## Ref
2024-04-16 16:03:33 +02:00
[Debian Web Server](https://figureslibres.io/gogs/bachir/debian-web-server)
[Securing a dedicated server](https://help.ovhcloud.com/csm/en-gb-dedicated-servers-securing-server?id=kb_article_view&sysparm_article=KB0043969)