[Seaside] Re: Setting Up Pharo and Seaside on the Digital Ocean ISP
Stephan Eggermont
stephan at stack.nl
Fri Dec 11 11:18:58 UTC 2015
On 10-12-15 20:21, Bruce Prior wrote:
> I am looking for a procedure that would load Pharo and Seaside into
> Digital Ocean. I have worked through Sven Van Caekenberghe's tutorial in
> setting up a simple website on Digital Ocean and that worked great. But
> I would like to run Seaside there, too.
Here are some notes from a non-https server
created droplet
with my ssh keys
remember droplet ip
login
ssh root@[ip address of droplet]
apt-get update
apt-get upgrade
Y
K(eep locally modified version of menu)
Intrusion detection system
apt-get installl fail2ban
Y
apt-get install vim
Y
useradd deploy
mkdir /home/deploy
mkdir /home/deploy/.ssh
chmod 700 /home/deploy/.ssh
vim /home/deploy/.ssh/authorized_keys
add id_rsa.pub contents
chmod 400 /home/deploy/.ssh/authorized_keys
chown deploy:deploy /home/deploy -R
In a new shell, try to login as deploy@[ip address of droplet]
passwd deploy
[enter your password for deploy user]
passwd
[enter your password for root]
visudo
root ALL=(ALL) ALL
deploy ALL=(ALL) ALL
vim /etc/ssh/sshd_config
PermitRootLogin no
PasswordAuthentication no
AllowUsers deploy
service ssh restart
ufw allow 22
ufw allow 80
ufw allow 443
ufw enable
temporary ufw allow 8080
to make sure the seaside app works without the nginx in front of it
afterwards deny
apt-get install unattended-upgrades
vim /etc/apt/apt.conf.d/10periodic
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";
vim /etc/apt/apt.conf.d/50unattended-upgrades
// Automatically upgrade packages from these (origin:archive) pairs
Unattended-Upgrade::Allowed-Origins {
"Ubuntu raring ringtail-security";
vi /etc/ufw/before.rules
(on top)
*nat
:PREROUTING ACCEPT [0:0]
-A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
ufw enable
zip Seaside.image,changes,sources to Archive.zip
scp Archive.zip deploy@[ip address of droplet]
unzip Archive.zip
apt-get install xvfb
apt-get install x11vncdu
apt-get install nginx
sudo service nginx start
chown deploy /var/log/nginx/error.log
chown deploy /var/log/nginx/access.log
sudo vim /etc/nginx/sites-available/example
worker_processes 1;
events
{
worker_connections 1024;
}
http
{
include mime.types;
default_type application/octet-stream;
server
{
server_name [ip address of droplet] yourdomain.tld
www.yourdomain.tld *.yourdomain.tld;
root /var/www/www.yourdomain.tld/;
location /
{
proxy_pass http://127.0.0.1:8080;
}
}
}
repeat the server block for each extra image you want to run
with a different domain, only have the numbers version once.
port number increases for each following image.
sudo ln -s /etc/nginx/sites-available/example
/etc/nginx/sites-enabled/example
sudo rm /etc/nginx/sites-enabled/default
Cleanup seaside
WADispatcher default unregister: (WADispatcher default handlers at:
'status')
More information about the seaside
mailing list