2022-05-08 15:29:45 +00:00
|
|
|
= Server setup
|
|
|
|
|
|
|
|
|
|
== Setup scripts
|
|
|
|
|
|
|
|
|
|
`ssh` as `root`:
|
|
|
|
|
|
|
|
|
|
[source,bash]
|
|
|
|
|
----
|
|
|
|
|
ssh root@SERVER_NAME
|
|
|
|
|
----
|
|
|
|
|
|
|
|
|
|
Run the following (as root):
|
|
|
|
|
|
|
|
|
|
[source,bash]
|
|
|
|
|
----
|
|
|
|
|
# Install needed packages
|
|
|
|
|
apt update
|
2022-05-17 09:58:19 +00:00
|
|
|
apt install sudo python3 git -y
|
2022-05-08 15:29:45 +00:00
|
|
|
|
|
|
|
|
# Add a sudo user with the name 'admin'
|
|
|
|
|
sudo useradd admin
|
|
|
|
|
sudo usermod -aG sudo admin
|
|
|
|
|
sudo mkhomedir_helper admin
|
|
|
|
|
|
|
|
|
|
# Enter a new password for 'admin'
|
|
|
|
|
sudo passwd admin
|
|
|
|
|
|
|
|
|
|
# Break the SSH connection
|
|
|
|
|
exit
|
|
|
|
|
----
|
|
|
|
|
|
|
|
|
|
`ssh` again with the new user `admin` and password:
|
|
|
|
|
|
|
|
|
|
[source,bash]
|
|
|
|
|
----
|
|
|
|
|
ssh admin@SERVER_NAME
|
|
|
|
|
----
|
|
|
|
|
|
2022-05-17 09:58:19 +00:00
|
|
|
Clone the repository with `git clone` into `/home/admin/advlabdb`. Then `cd` into the new cloned repository:
|
|
|
|
|
|
|
|
|
|
[source,bash]
|
|
|
|
|
----
|
|
|
|
|
cd ~/advlabdb
|
|
|
|
|
----
|
|
|
|
|
|
2022-05-17 10:46:38 +00:00
|
|
|
[source,bash]
|
|
|
|
|
----
|
|
|
|
|
cp advlabdb/scripts/setup/advlabdb.conf.template advlabdb/scripts/setup/advlabdb.conf
|
|
|
|
|
----
|
|
|
|
|
|
|
|
|
|
Change `server_name` in `advlabdb/scripts/setup/advlabdb.conf` to your SERVER_NAME.
|
|
|
|
|
|
|
|
|
|
[source,bash]
|
|
|
|
|
----
|
|
|
|
|
cp .env.template .env
|
|
|
|
|
----
|
|
|
|
|
|
|
|
|
|
Generate secrets for `.env`:
|
|
|
|
|
[source,bash]
|
|
|
|
|
----
|
|
|
|
|
python3 advlabdb/scripts/setup/generate_secrets.py
|
|
|
|
|
----
|
|
|
|
|
|
|
|
|
|
Fill the secrets generated using the last script into `.env`.
|
|
|
|
|
|
|
|
|
|
Enter your SERVER_NAME in `.env`.
|
2022-05-17 09:58:19 +00:00
|
|
|
|
2022-05-08 15:29:45 +00:00
|
|
|
|
2022-05-17 11:52:46 +00:00
|
|
|
List all available timezones:
|
|
|
|
|
[source,bash]
|
|
|
|
|
----
|
|
|
|
|
sudo timedatectl list-timezones
|
|
|
|
|
----
|
|
|
|
|
|
|
|
|
|
Choose your timezone and enter it as showed while listing as your timezone using this command (with Europe/Berlin as example):
|
|
|
|
|
[source,bash]
|
|
|
|
|
----
|
|
|
|
|
sudo timedatectl set-timezone Europe/Berlin
|
|
|
|
|
----
|
|
|
|
|
|
|
|
|
|
Edit the file `/etc/hostname` with `sudo` such that its content is only your SERVER_NAME.
|
|
|
|
|
|
|
|
|
|
Edit the file `/etc/hosts` with `sudo` such that the first two lines are:
|
|
|
|
|
[source,bash]
|
|
|
|
|
----
|
|
|
|
|
127.0.0.1 localhost
|
|
|
|
|
127.0.1.1 SERVER_NAME SERVER_NAME_WITHOUT_DOMAIN
|
|
|
|
|
----
|
|
|
|
|
|
2022-05-17 12:25:51 +00:00
|
|
|
Run server setup script:
|
|
|
|
|
[source,bash]
|
|
|
|
|
----
|
|
|
|
|
python3 advlabdb/scripts/setup/server_setup.py
|
|
|
|
|
----
|
|
|
|
|
|
|
|
|
|
After reboot:
|
|
|
|
|
|
|
|
|
|
[source,bash]
|
|
|
|
|
----
|
|
|
|
|
cd ~/advlabdb
|
|
|
|
|
poetry run python3 -m advlabdb.scripts.setup.init_database
|
|
|
|
|
sudo systemctl restart gunicorn
|
|
|
|
|
----
|
|
|
|
|
|
|
|
|
|
Now go to your SERVER_NAME from the browser.
|
2022-05-17 11:52:46 +00:00
|
|
|
|
2022-05-08 15:29:45 +00:00
|
|
|
== Stop ssh to root
|
|
|
|
|
// TODO: Add blocking password access
|
|
|
|
|
|
|
|
|
|
IMPORTANT: This step is important for security!
|
|
|
|
|
|
|
|
|
|
Change
|
|
|
|
|
|
|
|
|
|
----
|
|
|
|
|
PermitRootLogin yes
|
|
|
|
|
----
|
|
|
|
|
|
|
|
|
|
to
|
|
|
|
|
|
|
|
|
|
----
|
|
|
|
|
PermitRootLogin no
|
|
|
|
|
----
|
|
|
|
|
|
2022-05-17 23:06:25 +00:00
|
|
|
----
|
|
|
|
|
#PasswordAuthentication yes
|
|
|
|
|
----
|
|
|
|
|
|
|
|
|
|
to
|
|
|
|
|
|
|
|
|
|
----
|
|
|
|
|
PasswordAuthentication no
|
|
|
|
|
----
|
|
|
|
|
|
|
|
|
|
----
|
|
|
|
|
X11Forwarding yes
|
|
|
|
|
----
|
|
|
|
|
|
|
|
|
|
to
|
|
|
|
|
|
|
|
|
|
----
|
|
|
|
|
X11Forwarding no
|
|
|
|
|
----
|
|
|
|
|
|
2022-05-08 15:29:45 +00:00
|
|
|
in the config file `/etc/ssh/sshd_config`
|
