From 6a1a2f3096d1b8a0d0698038c002e7ed030cd766 Mon Sep 17 00:00:00 2001 From: Sergey Bogdanov Date: Wed, 10 Jan 2024 15:33:46 +0300 Subject: [PATCH] Update README Signed-off-by: Sergey Bogdanov --- README.md | 138 ++++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 135 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index e9049bb..5a5b31e 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,136 @@ -############################################## -## OKTET Labs. Diary Management Application ## -############################################## +# OKTET Labs. Diary Management Application +## Installation + +### Packages +```shell +# Apache +apt install -y apache2 apache2-dev libapache2-mod-passenger +# For kerberos + ldap auth +apt install -y krb5-user libapache2-mod-auth-gssapi +# ruby +apt install -y ruby ruby-ldap ruby-dev ruby-mysql2 default-libmysqlclient-dev libdbd-mysql-perl memcached +# For ubuntu install +apt install -y libmysqlclient-dev +# For debian install +apt install -y libmariadb-dev-compat libmariadb-dev + +# Enable mods (ssl if need) +a2enmod auth_gssapi +a2enmod authnz_ldap +a2enmod passenger +a2enmod cgid +a2enmod ssl +``` + +### Passenger check +```shell +/usr/bin/passenger-config validate-install +/usr/sbin/passenger-memory-stats +``` + +### Diary directory +```shell +mkdir -p /var/www/cgi-bin/diary +# Clone this repository to /var/www/cgi-bin/diary +cd /var/www/cgi-bin/diary +gem install dbi +``` + +### Amrita ruby package +Manually extract `*.rb` files from +http://archive.debian.org/debian/pool/main/r/ruby-amrita/ruby-amrita_1.0.2-10_all.deb +package to `/usr/lib/ruby/vendor_ruby/amrita/*.rb` + +### Copy config file from example +```shell +cd /var/www/cgi-bin/diary +cp diary_env.example.rb diary_env.rb +# edit config +vim diary_env.rb +``` + +### Change owner +```shell +chown www-data:www-data -Rvc /var/www/cgi-bin/diary +``` + +### Part of config apache +Edit apache config in `apache_diary.conf` +- edit `AuthLDAPURL` option +- edit `ldap-filter` options, if need. Default access to all ldap users +- edit `GssapiSSLonly` option for HTTP or HTTPS + +Add line to `/etc/apache2/sites-enabled/*.conf` file +``` +include /var/www/cgi-bin/diary/apache_diary.conf +``` + +### For kerberos auth + +- Copy *.keytab file to diary web server +- ```shell + # test keytab + klist -ke /etc/apache2/web.keytab +- ```shell + # change rights + chown www-data:www-data -v /etc/apache2/*.keytab + chmod 0600 -v /etc/apache2/*.keytab + ``` + +### Install mysql server +```shell +apt install -y software-properties-common mariadb-server mariadb-client +systemctl stop mariadb +``` + +Fix sql cnf files +```shell +# to mysql conf files: +# to /etc/mysql/mariadb.conf.d/50-client.cnf +vim /etc/mysql/mariadb.conf.d/50-client.cnf +# [client] +# default-character-set=utf8 + +# to /etc/mysql/mariadb.conf.d/50-server.cnf +vim /etc/mysql/mariadb.conf.d/50-server.cnf +# [mysqld] +# character-set-server=utf8 +# collation-server=utf8_general_ci +# bind-address = 0.0.0.0 +``` + +Start and check mariadb service +```shell +systemctl enable mariadb +systemctl start mariadb +systemctl status mariadb +``` +### Create database and user + +```shell +mysql -u root +``` +```sql +/* Create database and prepare tables */ +create database diary; +use diary; +source /var/www/cgi-bin/diary/create.mysql; + +/* Create diary-user */ +CREATE USER 'diary'@'localhost' IDENTIFIED BY 'diary_pass'; +GRANT ALL PRIVILEGES ON * . * TO 'diary'@'localhost'; +FLUSH PRIVILEGES; +SHOW GRANTS FOR 'diary'@'localhost'; + +/* Delete default director login name */ +SELECT * FROM director; +DELETE FROM director WHERE `nick`='director'; + +/* Create director login name */ +INSERT INTO director SET `nick`='director-user'; +``` + +## Customization + +- Copy company logo `logo-small.gif` to `/var/www/cgi-bin/diary/logo-small.gif` \ No newline at end of file