Members

From SoMakeIt

Revision as of 23:04, 30 November 2022 by Bracken (talk | contribs) (Created page with "Members is the Digital Ocean droplet hosting members.somakeit.org.uk. == Setup == These are the steps taken to set it up when Scorpia @ I replaced the much more expensive...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Members is the Digital Ocean droplet hosting members.somakeit.org.uk.

Setup

These are the steps taken to set it up when Scorpia @ I replaced the much more expensive droplet.

Made new droplet: 46.101.29.241 ubuntu 22.04

Created user accounts

tyler
bracken
other ssh keys left in root auth keys for now (unusable because PermitRootLogin is off)
dpslwk so Matt (HMS author) can help
chris18890 as existing admin

Server hardening

Disable PermitRootLogin for ssh
Enabled UFW with allow for port 22 globaly
UFW allow 80 and 443 globaly
UFW allow 1194/udp globally for OpenVPN
UFW allow 3306 from 10.8.0.0/24 for doors to access database over encrypted tunnel
Copied letsencrypt files from the old server, installed certbot with apt, dry-ran a renew sucessfully

Mysql

installed mariadb-server
Copied the live database to the new server, needs to be re-done clean before golive.
Copied clean database over at approx 17:00.

Redis

Apt-get install redis
set requirepass

Nginx

Installed nginx

HMS

created hms user
checked out hms git repo
installed php php-redis php-curl php-xml
installed composer
curl -sS https://getcomposer.org/installer | php
sudo mv composer.phar /usr/local/bin/composer
composer install
composer update

attempt 2 with old php

sudo apt install software-properties-common
sudo add-apt-repository ppa:ondrej/php -y
sudo apt install php7.4 php7.4-redis php7.4-curl php7.4-xml php7.4-zip php7.4-sql php7.4-mysql php7.4 php7.4-fpm php7.4-mbstring
sudo update-alternatives --config php
recheckout hms
add .env file
composer update
run artisan commands from vagrant script (some may have caused issues)
add crontab as set by vagrant script
add hms-7.4.conf in /etc/php/7.4/fpm/pool.d/

run php artisan config:cache then php artisan hor:ter

NPM

install node 14 https://github.com/nodesource/distributions/blob/master/README.md
https://unix.stackexchange.com/questions/627635/upgrading-nodejs-on-ubuntu-how-to-fix-broken-pipe-error
copy npm rc
add font awsome token
npm install
add resources/sass/_variables_somakeit.scss
npm run

Other

install laravel-echo-server
add systemd for echo server and horizon
copy over oauth keys
Add new box IP to mailgun approved IPs

OpenVPN (for the doors)

Installed using https://github.com/angristan/openvpn-install and (https://github.com/angristan/openvpn-install/issues/1030).
Created a client for kong and added route-nopull to make it a split tunnel config.
Created a client for extDoorPi added route-nopull
Installed openvpn configs on both pis, tested and door access working.

Log

Retrieved from ‘https://wiki.somakeit.org.uk/index.php?title=Members&oldid=107’