Update example-configs to etebase.

This commit is contained in:
Tom Hacohen 2020-09-10 19:20:52 +03:00
parent b9f20d251a
commit 9efb8d4c40
5 changed files with 51 additions and 43 deletions

View File

@ -0,0 +1,22 @@
# Running `etebase` under `nginx` and `uwsgi`
This configuration assumes that etebase server has been installed in the home folder of a non privileged user
called `EtebaseUser` following the instructions in <https://github.com/etesync/server>. Also that static
files have been collected at `/srv/http/etebase_server` by running the following commands:
```shell
sudo mkdir -p /srv/http/etebase_server/static
sudo chown -R EtebaseUser /srv/http/etebase_server
sudo su EtebaseUser
cd /path/to/etebase
ln -s /srv/http/etebase_server/static static
./manage.py collectstatic
```
It is also assumed that `nginx` and `uwsgi` have been installed system wide by `root`, and that `nginx` is running as user/group `www-data`.
In this setup, `uwsgi` running as a `systemd` service as `root` creates a unix socket with read-write access
to both `EtebaseUser` and `nginx`. It then drops its `root` privilege and runs `etebase` as `EtebaseUser`.
`nginx` listens on the `https` port (or a non standard port `https` port if desired), delivers static pages directly
and for everything else, communicates with `etebase` over the unix socket.

View File

@ -0,0 +1,15 @@
# uwsgi configuration file
# typical location of this file would be /etc/uwsgi/sites/etebase.ini
[uwsgi]
socket = /path/to/etebase_server.sock
chown-socket = EtebaseUser:www-data
chmod-socket = 660
vacuum = true
uid = EtebaseUser
chdir = /path/to/etebase
home = %(chdir)/.venv
module = etebase_server.wsgi
master = true

View File

@ -1,15 +0,0 @@
# uwsgi configuration file
# typical location of this file would be /etc/uwsgi/sites/etesync.ini
[uwsgi]
socket = /path/to/etesync_server.sock
chown-socket = EtesyncUser:www-data
chmod-socket = 660
vacuum = true
uid = EtesyncUser
chdir = /path/to/etesync
home = %(chdir)/.venv
module = etesync_server.wsgi
master = true

View File

@ -1,20 +1,25 @@
# nginx configuration for etesync server running on https://my.server.name
# nginx configuration for etebase server running on https://my.server.name
# typical location of this file would be /etc/nginx/sites-available/my.server.name.conf
server {
server_name my.server.name;
root /srv/http/etesync_server;
root /srv/http/etebase_server;
client_max_body_size 5M;
client_max_body_size 20M;
location /static {
expires 1y;
try_files $uri $uri/ =404;
}
location /media {
expires 1y;
try_files $uri $uri/ =404;
}
location / {
uwsgi_pass unix:/path/to/etesync_server.sock;
uwsgi_pass unix:/path/to/etebase_server.sock;
include uwsgi_params;
}
@ -28,3 +33,4 @@ server {
ssl_certificate /path/to/certificate-file
ssl_certificate_key /path/to/certificate-key-file
# other ssl directives as needed
}

View File

@ -1,20 +0,0 @@
# Running `etesync` under `nginx` and `uwsgi`
This configuration assumes that etesync server has been installed in the home folder of a non privileged user
called `EtesyncUser` following the instructions in <https://github.com/etesync/server-skeleton>. Also that static
files have been collected at `/srv/http/etesync_server` by running the following commands:
sudo mkdir -p /srv/http/etesync_server/static
sudo chown -R EtesyncUser /srv/http/etesync_server
sudo su EtesyncUser
cd /path/to/etesync
ln -s /srv/http/etesync_server/static static
./manage.py collectstatic
It is also assumed that `nginx` and `uwsgi` have been installed system wide by `root`, and that `nginx` is running as user/group `www-data`.
In this setup, `uwsgi` running as a `systemd` service as `root` creates a unix socket with read-write access
to both `EtesyncUser` and `nginx`. It then drops its `root` privilege and runs `etesync` as `EtesyncUser`.
`nginx` listens on the `https` port (or a non standard port `https` port if desired), delivers static pages directly
and for everything else, communicates with `etesync` over the unix socket.