# OKTET Labs. Diary Management Application

## Installation

### Packages
```shell
# Apache
apt install -y apache2 apache2-dev libapache2-mod-passenger
# For kerberos + ldap auth
apt install -y krb5-user libapache2-mod-auth-gssapi
# ruby
apt install -y ruby ruby-ldap ruby-dev ruby-mysql2 default-libmysqlclient-dev libdbd-mysql-perl memcached
# For ubuntu install
apt install -y libmysqlclient-dev
# For debian install
apt install -y libmariadb-dev-compat libmariadb-dev

# Enable mods (ssl if need)
a2enmod auth_gssapi
a2enmod authnz_ldap
a2enmod passenger
a2enmod cgid
a2enmod ssl
```

### Passenger check
```shell
/usr/bin/passenger-config validate-install
/usr/sbin/passenger-memory-stats
```

### Diary directory
```shell
mkdir -p /var/www/cgi-bin/diary
# Clone this repository to /var/www/cgi-bin/diary
cd /var/www/cgi-bin/diary
gem install dbi
```

### Amrita ruby package
Manually extract `*.rb` files from
http://archive.debian.org/debian/pool/main/r/ruby-amrita/ruby-amrita_1.0.2-10_all.deb
package to `/usr/lib/ruby/vendor_ruby/amrita/*.rb`

### Copy config file from example
```shell
cd /var/www/cgi-bin/diary
cp diary_env.example.rb diary_env.rb
# edit config
vim diary_env.rb
```

### Change owner
```shell
chown www-data:www-data -Rvc /var/www/cgi-bin/diary
```

### Part of config apache
Edit apache config in `apache_diary.conf`
- edit `AuthLDAPURL` option
- edit `ldap-filter` options, if need. Default access to all ldap users
- edit `GssapiSSLonly` option for HTTP or HTTPS

Add line to `/etc/apache2/sites-enabled/*.conf` file
```
include /var/www/cgi-bin/diary/apache_diary.conf
```

### For kerberos auth

- Copy *.keytab file to diary web server
- ```shell
    # test keytab
    klist -ke /etc/apache2/web.keytab
- ```shell
    # change rights
    chown www-data:www-data -v /etc/apache2/*.keytab
    chmod 0600 -v /etc/apache2/*.keytab
    ```

### Install mysql server
```shell
apt install -y software-properties-common mariadb-server mariadb-client
systemctl stop mariadb
```

Fix sql cnf files
```shell
#	to mysql conf files:
#	to /etc/mysql/mariadb.conf.d/50-client.cnf
vim /etc/mysql/mariadb.conf.d/50-client.cnf
#	[client]
#	default-character-set=utf8

#	to /etc/mysql/mariadb.conf.d/50-server.cnf
vim /etc/mysql/mariadb.conf.d/50-server.cnf
#	[mysqld]
#	character-set-server=utf8
#	collation-server=utf8_general_ci
#	bind-address = 0.0.0.0
```

Start and check mariadb service
```shell
systemctl enable mariadb
systemctl start mariadb
systemctl status mariadb
```
### Create database and user

```shell
mysql -u root
```
```sql
/* Create database and prepare tables */
create database diary;
use diary;
source /var/www/cgi-bin/diary/create.mysql;

/* Create diary-user */
CREATE USER 'diary'@'localhost' IDENTIFIED BY 'diary_pass';
GRANT ALL PRIVILEGES ON * . * TO 'diary'@'localhost';
FLUSH PRIVILEGES;
SHOW GRANTS FOR 'diary'@'localhost';

/* Delete default director login name */
SELECT * FROM director;
DELETE FROM director WHERE `nick`='director';

/* Create director login name */
INSERT INTO director SET `nick`='director-user';
```

## Customization

- Copy company logo `logo-small.gif` to `/var/www/cgi-bin/diary/logo-small.gif`