deployment-dcdn/README.md

80 lines
1.8 KiB
Markdown

# Deployment DCDN
Deployment [**D**ebian](https://www.debian.org/) (os) + [**C**addy](https://caddyserver.com/) (webserver) + [**D**irectus](https://directus.io/) (cms) + [**N**uxt](https://nuxt.com/) (static front).
## Installation
On a fresh install as root user using
`sudo passwd root`
`su - root`
1. Upgrade
`apt update && apt upgrade -y`
2. Install git
`apt install -y git`
3. Download and make the instal script executable
`git clone https://figureslibres.io/gitea/valentin_le_moign/deployment-dcdn.git`
`cd deployment-dcdn`
`chmod u+x install.sh`
4. Launch the script
`bash install.sh`
## Installation steps
1. Install php for the webhook
2. Create a user
3. Setup ssh, firewall and fail2ban
4. Install Caddy webserver
5. Install MariaDB
6. Setup the Directus Database
7. Install Node
8. Prompt for the url
9. Install and run Directus
10. Install and run the front-end
11. Setup a webhook
## Post-install
0. Delete unix Debian account
`userdel --remove-home debian`
1. Configure DNS Zone
```
Domain : <domain_name> | Type : A | Target : <ip>
Domain : cms.<domain_name> | Type : A | Target : <ip>
Domain : www.<domain_name> | Type : A | Target : <ip>
```
2. Set Directus roles
```
Website role Read content collections and directus_files
User role All permissions on content collections, directus_files and directus_folders
```
3. Create a webhook
`<repo_url>/settings/hooks/gitea/new`
```
Target URL https://<domain_name>/webhook.php
Branch filter prod
Authorization Header generate a safe string using : openssl rand -base64 32
```
## Ref
[Debian Web Server](https://figureslibres.io/gogs/bachir/debian-web-server)
[Securing a dedicated server](https://help.ovhcloud.com/csm/en-gb-dedicated-servers-securing-server?id=kb_article_view&sysparm_article=KB0043969)