it-infra/m-labs-intl/setup.md

1.7 KiB

Setup m-labs-intl.com server

apt install git nginx-full python3 python3.12-venv python3-pip postfix opendkim opendkim-tools
snap install --classic certbot
ln -s /snap/bin/certbot /usr/bin/certbot
useradd -m rfqserver
useradd -m zolaupd

cp m-labs-intl.com /etc/nginx/sites-available/
cp nginx.conf /etc/nginx/
ln -s /etc/nginx/sites-available/m-labs-intl.com /etc/nginx/sites-enabled/

mkdir -p /var/www/m-labs-intl.com/html
chown -R zolaupd /var/www/m-labs-intl.com/

cp runrfq.sh /home/rfqserver/
cp mail.secret /home/rfqserver/
chown rfqserver /home/rfqserver/runrfq.sh
chmod +x /home/rfqserver/runrfq.sh
chown rfqserver /home/rfqserver/mail.secret


sudo -u zolaupd sh -c '
  cd /home/zolaupd;
  mkdir /home/zolaupd/.ssh;
  echo -n "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP1OJJM8g/1ffxDjN31XKEfGmrYaW03lwpyTa1UGWqVx
  ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF6R6XK0IiuAKxVKvSABm4m9bfOlvfJcMvTpjenuXUPv" > /home/zolaupd/.ssh/authorized_keys
  chmod 700 .ssh/
  chmod 600 .ssh/authorized_keys
  '

sudo -u rfqserver sh -c '
  cd /home/rfqserver;
  git clone https://git.m-labs.hk/M-Labs/web2019.git;
  cd web2019;
  python3 -m venv ./venv;
  source venv/bin/activate;
  pip install -r requirements.txt;
'

cp rfq.service /etc/systemd/system/

systemctl daemon-reload
systemctl enable rfq.service
systemctl start rfq.service

service nginx restart

certbot --nginx

service nginx restart

cp main.cf /etc/postfix/main.cf
cp virtual /etc/postfix/virtual
postmap /etc/postfix/virtual

cp opendkim /etc/default/opendkim
cp opendkim.conf /etc/opendkim.conf
opendkim-genkey -t -s mail -d m-labs-intl.com
cp mail.private /etc/postfix/dkim.key
service opendkim restart
service postfix restart