-
Notifications
You must be signed in to change notification settings - Fork 4
Install Votix for production on debian buster64
Philippe Lewin edited this page Jan 19, 2021
·
2 revisions
If you are installing Votix for the first time and have vagrant installed, you can train using the provided Vagrantfile.
vagrant up # start the debian box
vagrant ssh # ssh login to the box, you can use sudo
vagrant destroy # if you need to start oversudo apt update
sudo apt upgradeapt list --upgradable
# Listing... Done // OK if nothing is listedtimedatectl status # verify that date and time are correct
# if you time is not correct you can fix it using `sudo ntpdate pool.ntp.org`
sudo iptables -L # verify that the firewall will allow apache to listen to port 80
ping 1.1.1.1 # verify that we have outside connectivity, pinging cloudflaresudo apt-get install gnupg curl
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list
sudo apt update
sudo apt install yarn nodejsyarn --version
# 1.22.5 // OK if no errorssudo apt install php-cli php-xml php-sqlite3 php-intl php-mbstring php-zip php-curlphp --version
# PHP 7.3.19-1~deb10u1 (cli) (built: Jul 5 2020 06:46:45) ( NTS ) // OK if no errors
# Copyright (c) 1997-2018 The PHP Group
# Zend Engine v3.3.19, Copyright (c) 1998-2018 Zend Technologies
# with Zend OPcache v7.3.19-1~deb10u1, Copyright (c) 1999-2018, by Zend Technologiesphp -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php -r "if (hash_file('sha384', 'composer-setup.php') === '756890a4488ce9024fc62c56153228907f1545c228516cbf63f885e036d37e9a59d27d63f46af1d4d07ee0f76181c7d3') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
php composer-setup.php
sudo mv composer.phar /usr/local/bin/composer
php -r "unlink('composer-setup.php');"composer --version
# Composer version 2.0.8 2020-12-03 17:20:38 // OK if no errors
sudo apt install apache2 libapache2-mod-phpsudo a2enmod rewrite
sudo systemctl restart apache2sudo systemctl status apache2|head -n 3
# ● apache2.service - The Apache HTTP Server
# Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
# Active: active (running) since Mon 2021-01-18 01:27:33 UTC; 3min 16s ago // OK if service activecurl --silent localhost|grep title
# <title>Apache2 Debian Default Page: It works</title> // OK if page is served# from a computer connected to internet but not your server
curl --silent yourvotix.example.com|grep title
# <title>Apache2 Debian Default Page: It works</title>
# // OK if page is served, otherwise firewall is probably blockingSkip this if you are training on a local server.
# while snap is recommended, debian packages are well supported
sudo apt install certbot python-certbot-apachesudo certbot certonly --apache
# answer your email
# answer (A)gree
# answer (N)o
# answer your domain e.g. yourvotix.example.comsudo ls -l1 /etc/letsencrypt/live/yourvotix.example.com/
# total 4 // OK if files are present
# -rw-r--r-- 1 root root 682 Jan 18 02:28 README
# lrwxrwxrwx 1 root root 39 Jan 18 02:28 cert.pem -> ../../archive/yourvotix.example.com/cert1.pem
# lrwxrwxrwx 1 root root 40 Jan 18 02:28 chain.pem -> ../../archive/yourvotix.example.com/chain1.pem
# lrwxrwxrwx 1 root root 44 Jan 18 02:28 fullchain.pem -> ../../archive/yourvotix.example.com/fullchain1.pem
# lrwxrwxrwx 1 root root 42 Jan 18 02:28 privkey.pem -> ../../archive/yourvotix.example.com/privkey1.pem- https://certbot.eff.org/lets-encrypt/debianbuster-apache.html
- https://certbot.eff.org/docs/install.html
sudo apt install git make unzipsudo mkdir -p /opt/votix
git clone https://github.com/ClubNix/Votix.git
sudo mv Votix /opt/votix/Votix
sudo useradd --no-create-home --home-dir /opt/votix --comment "Votix" --shell /bin/bash votix
sudo chown -R votix:votix /opt/votixcd /opt/votix/Votix
sudo -u votix make install_prod
# Important note :
# If you need to update Votix you need to sudo su --login votix or use sudo -u votix
# ex. sudo -u votix git fetchWrite this file into /etc/apache2/sites-available/100-votix.conf
Be sure to uncomment your appropriate part and replace by your domain.
<VirtualHost *:80>
Redirect permanent / https://yourvotix.example.com/
</VirtualHost>
<VirtualHost *:443>
DocumentRoot /opt/votix/Votix/public
DirectoryIndex index.php
<Directory /opt/votix/Votix/public>
AllowOverride All
Require all granted
</Directory>
SSLEngine on
# /!\ uncomment this if you use default self-signed certificate
# SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
# SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
# /!\ uncomment this if you use letsencrypt certificate
# SSLCertificateFile /etc/letsencrypt/live/yourvotix.example.com/cert1.pem
# SSLCertificateKeyFile /etc/letsencrypt/live/yourvotix.example.com/privkey1.pem
# SSLCertificateChainFile /etc/letsencrypt/live/yourvotix.example.com/chain1.pem
# export SSL_* env variables for PHP
<FilesMatch "\.php$">
SSLOptions +StdEnvVars
</FilesMatch>
ErrorLog ${APACHE_LOG_DIR}/votix-error.log
CustomLog ${APACHE_LOG_DIR}/votix-access.log combined
</VirtualHost>sudo usermod --append --groups votix www-data # add apache to group votix
sudo chmod ug+rw /opt/votix/Votix/var # make var read/write for user and group votix
sudo a2dissite 000-default # disable default site
sudo a2ensite 100-votix # enable votix site
sudo a2enmod ssl # enable ssl
sudo systemctl restart apache2 # restart needed to activate new modules and permissionsReferences
- https://httpd.apache.org/docs/2.4/vhosts/examples.html
- /etc/apache2/sites-available/default-ssl.conf
- /usr/share/doc/apache2/README.Debian.gz
Verify that you can access Votix using the http and https URLs.