installation_de_standardnotes
Différences
Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentesRévision précédenteProchaine révision | Révision précédente | ||
installation_de_standardnotes [2021/09/10 10:58] – tomamplius | installation_de_standardnotes [2021/11/04 22:06] (Version actuelle) – tomamplius | ||
---|---|---|---|
Ligne 1: | Ligne 1: | ||
- | <code bash install.sh> | + | ====== Installation de standardnotes ====== |
+ | [[https:// | ||
- | apt update && apt install wget -y && wget -O - https://deb.lgy.fr | + | Bonjour, |
+ | Je suis ouvert à toutes améliorations. Contactez moi sur Matrix @thomas:lgy.fr | ||
+ | Pré-requis : | ||
+ | * Debian 11 | ||
+ | * une base de données Mysql/ | ||
+ | Préparation de la bdd | ||
+ | < | ||
+ | create user stdnotesauth@standardnotes.net.lgy.fr identified by ' | ||
+ | create database IF NOT EXISTS stdnotesauth ; | ||
+ | grant all privileges on stdnotesauth.* to stdnotesauth@standardnotes.net.lgy.fr; | ||
+ | |||
+ | create user stdnotes@standardnotes.net.lgy.fr identified by ' | ||
+ | create database IF NOT EXISTS stdnotes ; | ||
+ | grant all privileges on stdnotes.* to stdnotes@standardnotes.net.lgy.fr; | ||
+ | </ | ||
+ | |||
+ | Le déploiement de standardnotes nécessite 3 nom de domaine : | ||
+ | * Une pour le service api-gateway qui se trouve devant auth et syncing-server-js) | ||
+ | * Une pour l' | ||
+ | * Une autre pour les extentions | ||
+ | |||
+ | Exemple : | ||
+ | * notes.mondomaine.fr | ||
+ | * api.notes.mondomaine.fr | ||
+ | * ext.notes.mondomaine.fr | ||
+ | |||
+ | |||
+ | <code bash install.sh> | ||
+ | #Commande Perso facultative | ||
+ | apt update && apt install wget -y && wget -O - https:// | ||
+ | |||
+ | #Début de l' | ||
apt install redis git build-essential python2 -y | apt install redis git build-essential python2 -y | ||
- | wget -qO - https:// | + | wget -qO - https:// |
apt-get install -y nodejs | apt-get install -y nodejs | ||
mkdir / | mkdir / | ||
- | npm install -g yarn | + | npm install -g yarn http-server |
useradd standardnotes -r -s /bin/false -m -d / | useradd standardnotes -r -s /bin/false -m -d / | ||
- | |||
- | cd / | ||
su - -s $(which bash) standardnotes << ' | su - -s $(which bash) standardnotes << ' | ||
Ligne 33: | Ligne 63: | ||
npm run setup | npm run setup | ||
npm run bundle | npm run bundle | ||
+ | |||
+ | mkdir / | ||
+ | mkdir / | ||
+ | cd / | ||
+ | git clone https:// | ||
+ | cp -r markdown-pro/ | ||
+ | |||
+ | cat << ' | ||
+ | { | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | } | ||
+ | EOI | ||
+ | git clone https:// | ||
+ | cp -r secure-spreadsheets/ | ||
+ | cat << ' | ||
+ | { | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | } | ||
+ | EOI | ||
+ | |||
+ | git clone https:// | ||
+ | cp -r simple-task-editor/ | ||
+ | cat << ' | ||
+ | { | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | } | ||
+ | EOI | ||
EOF | EOF | ||
cat << ' | cat << ' | ||
- | const { merge } = require(' | + | onst { merge } = require(' |
const config = require(' | const config = require(' | ||
const HtmlWebpackPlugin = require(' | const HtmlWebpackPlugin = require(' | ||
+ | const mergeWithEnvDefaults = require(' | ||
module.exports = (env, argv) => { | module.exports = (env, argv) => { | ||
const port = argv.port || 3004; | const port = argv.port || 3004; | ||
+ | mergeWithEnvDefaults(env); | ||
return merge(config(env, | return merge(config(env, | ||
mode: ' | mode: ' | ||
- | | + | |
- | plugins: | + | minimize: false, |
+ | }, | ||
+ | plugins: [ | ||
new HtmlWebpackPlugin({ | new HtmlWebpackPlugin({ | ||
template: ' | template: ' | ||
+ | inject: true, | ||
templateParameters: | templateParameters: | ||
- | env: process.env | + | env: process.env, |
}, | }, | ||
}), | }), | ||
- | | + | ], |
devServer: { | devServer: { | ||
- | | + | allowedHosts: [' |
- | | + | host: ' |
- | | + | |
- | | + | |
- | target: `http:// | + | port, |
- | | + | |
- | }, | + | |
- | '/ | + | |
- | target: `http:// | + | |
- | | + | |
- | | + | |
}, | }, | ||
- | port, | + | }, |
- | writeToDisk: | + | |
- | } | + | |
}); | }); | ||
}; | }; | ||
EOF | EOF | ||
- | |||
- | create user stdnotesauth@standardnotes.net.lgy.fr identified by ' | ||
- | create database IF NOT EXISTS stdnotesauth ; | ||
- | grant all privileges on stdnotesauth.* to stdnotesauth@standardnotes.net.lgy.fr; | ||
- | |||
- | create user stdnotes@standardnotes.net.lgy.fr identified by ' | ||
- | create database IF NOT EXISTS stdnotes ; | ||
- | grant all privileges on stdnotes.* to stdnotes@standardnotes.net.lgy.fr; | ||
- | |||
- | |||
cat << ' | cat << ' | ||
Ligne 96: | Ligne 157: | ||
HTTP_CALL_TIMEOUT=10000 | HTTP_CALL_TIMEOUT=10000 | ||
- | AUTH_JWT_SECRET=BubohadtatyuhevGotsitvaijDikonoalyeldEerrEeHinyabEgyodridOudcecs | + | AUTH_JWT_SECRET=# |
# (Optional) New Relic Setup | # (Optional) New Relic Setup | ||
Ligne 113: | Ligne 174: | ||
VERSION=prod | VERSION=prod | ||
- | JWT_SECRET=BubohadtatyuhevGotsitvaijDikonoalyeldEerrEeHinyabEgyodridOudcecs | + | JWT_SECRET=# |
- | LEGACY_JWT_SECRET=BubohadtatyuhevGotsitvaijDikonoalyeldEerrEeHinyabEgyodridOudcecs | + | LEGACY_JWT_SECRET=# |
- | AUTH_JWT_SECRET=BubohadtatyuhevGotsitvaijDikonoalyeldEerrEeHinyabEgyodridOudcecs | + | AUTH_JWT_SECRET=# |
- | AUTH_JWT_TTL=60000 | + | AUTH_JWT_TTL=3600 |
# Must be a hex string exactly 32 bytes long | # Must be a hex string exactly 32 bytes long | ||
# e.g. feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 | # e.g. feffe9928665731c6d6a8f9467308308feffe9928665731c6d6a8f9467308308 | ||
- | ENCRYPTION_SERVER_KEY=6D447858586552317569573679393757696B4D3841736D686437774B4D6C5847 | + | ENCRYPTION_SERVER_KEY=# |
PORT=3002 | PORT=3002 | ||
- | DB_HOST=mysql.net.lgy.fr | + | DB_HOST=# |
- | DB_REPLICA_HOST=mysql.net.lgy.fr | + | DB_REPLICA_HOST=# |
DB_PORT=3306 | DB_PORT=3306 | ||
- | DB_DATABASE=stdnotesauth | + | DB_DATABASE=# |
- | DB_USERNAME=stdnotesauth | + | DB_USERNAME=# |
- | DB_PASSWORD=OilOnotodfeOsyuItFijghorwodruefKojliNemVekekVogMamWiavOsfolyiej5 | + | DB_PASSWORD=# |
DB_DEBUG_LEVEL=info # " | DB_DEBUG_LEVEL=info # " | ||
Ligne 146: | Ligne 207: | ||
FAILED_LOGIN_LOCKOUT=3600 | FAILED_LOGIN_LOCKOUT=3600 | ||
- | PSEUDO_KEY_PARAMS_KEY=gawquergabVatnumJorWeOgMyphevDaywitGhecAcyachHaykgeigJerreubNam | + | PSEUDO_KEY_PARAMS_KEY=# |
SNS_TOPIC_ARN= | SNS_TOPIC_ARN= | ||
Ligne 172: | Ligne 233: | ||
EXTENSION_SERVER_URL= | EXTENSION_SERVER_URL= | ||
EOF | EOF | ||
- | |||
cat << ' | cat << ' | ||
Ligne 179: | Ligne 239: | ||
VERSION=development | VERSION=development | ||
- | AUTH_JWT_SECRET=BubohadtatyuhevGotsitvaijDikonoalyeldEerrEeHinyabEgyodridOudcecs | + | AUTH_JWT_SECRET=# |
PORT=3001 | PORT=3001 | ||
- | DB_HOST=mysql.net.lgy.fr | + | DB_HOST=#DB_HOST# |
- | DB_REPLICA_HOST=mysql.net.lgy.fr | + | DB_REPLICA_HOST=#DB_HOST# |
DB_PORT=3306 | DB_PORT=3306 | ||
- | DB_DATABASE=stdnotes | + | DB_DATABASE=# |
- | DB_USERNAME=stdnotes | + | DB_USERNAME=# |
- | DB_PASSWORD=OilOnotodfeOsyuItFijghorwodruefKojliNemVekekVogMamWiavOsfolyiej5 | + | DB_PASSWORD=# |
DB_DEBUG_LEVEL=info # " | DB_DEBUG_LEVEL=info # " | ||
Ligne 221: | Ligne 281: | ||
NEW_RELIC_LOG_ENABLED=false | NEW_RELIC_LOG_ENABLED=false | ||
NEW_RELIC_LOG_LEVEL=debug | NEW_RELIC_LOG_LEVEL=debug | ||
- | |||
EOF | EOF | ||
- | |||
cat << ' | cat << ' | ||
Ligne 251: | Ligne 309: | ||
NEW_RELIC_APP_NAME=Web | NEW_RELIC_APP_NAME=Web | ||
NEW_RELIC_BROWSER_MONITORING_AUTO_INSTRUMENT=false | NEW_RELIC_BROWSER_MONITORING_AUTO_INSTRUMENT=false | ||
- | |||
EOF | EOF | ||
Ligne 294: | Ligne 351: | ||
cat << ' | cat << ' | ||
[Unit] | [Unit] | ||
- | Description=standardnote syncing-server-js | + | Description=standardnote syncing-server-js |
Documentation=https:// | Documentation=https:// | ||
After=network.target | After=network.target | ||
Ligne 350: | Ligne 407: | ||
cat << ' | cat << ' | ||
[Unit] | [Unit] | ||
- | Description=standardnote auth | + | Description=standardnote auth worker |
Documentation=https:// | Documentation=https:// | ||
After=network.target | After=network.target | ||
Ligne 385: | Ligne 442: | ||
WantedBy=multi-user.target | WantedBy=multi-user.target | ||
EOF | EOF | ||
+ | </ | ||
+ | Définition des parametres de bdd et de sécurité | ||
+ | <code bash> | ||
+ | TMP=$(openssl rand -hex 32 | basenc --base16 | cut -c 1-64 | head -n 1) | ||
+ | sed -i " | ||
- | systemctl enable standardnotes-api-gateway standardnotes-extention standardnotes-web standardnotes-auth standardnotes-syncing-server-js standardnotes-auth-worker | + | TMP=$(openssl rand -hex 64 | cut -c 1-64 | head -n 1) |
+ | sed -i " | ||
+ | |||
+ | TMP=$(openssl rand -hex 64 | cut -c 1-64 | head -n 1) | ||
+ | sed -i " | ||
+ | |||
+ | TMP=mysql.net.lgy.fr | ||
+ | sed -i " | ||
+ | |||
+ | TMP=stdnotes | ||
+ | sed -i " | ||
+ | |||
+ | TMP=stdnotes | ||
+ | sed -i " | ||
+ | |||
+ | TMP=setpasswordinconfigfileandhere | ||
+ | sed -i " | ||
+ | |||
+ | TMP=mysql.net.lgy.fr | ||
+ | sed -i " | ||
+ | |||
+ | TMP=stdnotesauth | ||
+ | sed -i " | ||
+ | |||
+ | TMP=stdnotesauth | ||
+ | sed -i " | ||
+ | |||
+ | TMP=setpasswordinconfigfileandhere | ||
+ | sed -i " | ||
</ | </ | ||
+ | Inscription et lancement des services | ||
+ | <code bash> | ||
+ | systemctl enable \ | ||
+ | standardnotes-api-gateway \ | ||
+ | standardnotes-extention \ | ||
+ | standardnotes-web \ | ||
+ | standardnotes-auth \ | ||
+ | standardnotes-syncing-server-js \ | ||
+ | standardnotes-auth-worker \ | ||
+ | standardnotes-syncing-server-js-worker \ | ||
+ | --now | ||
+ | </ | ||
+ | |||
+ | Configuration du proxy sous apache2 | ||
+ | |||
+ | < | ||
+ | < | ||
+ | ServerName api.notes.lgy.fr | ||
+ | |||
+ | RewriteEngine On | ||
+ | RewriteCond %{HTTPS} off | ||
+ | RewriteRule (.*) https:// | ||
+ | </ | ||
+ | |||
+ | < | ||
+ | ServerName api.notes.lgy.fr | ||
+ | |||
+ | ProxyPreserveHost on | ||
+ | ProxyPass / http:// | ||
+ | ProxyPassReverse / http:// | ||
+ | |||
+ | RequestHeader set X-Forwarded-Proto " | ||
+ | |||
+ | SSLEngine On | ||
+ | SSLCertificateFile / | ||
+ | SSLCertificateKeyFile / | ||
+ | </ | ||
+ | < | ||
+ | ServerName ext.notes.lgy.fr | ||
+ | |||
+ | RewriteEngine On | ||
+ | RewriteCond %{HTTPS} off | ||
+ | RewriteRule (.*) https:// | ||
+ | </ | ||
+ | |||
+ | < | ||
+ | ServerName ext.notes.lgy.fr | ||
+ | |||
+ | ProxyPreserveHost on | ||
+ | ProxyPass / http:// | ||
+ | ProxyPassReverse / http:// | ||
+ | RequestHeader set X-Forwarded-Proto " | ||
+ | |||
+ | SSLEngine On | ||
+ | SSLCertificateFile / | ||
+ | SSLCertificateKeyFile / | ||
+ | |||
+ | </ | ||
+ | < | ||
+ | ServerName notes.lgy.fr | ||
+ | |||
+ | RewriteEngine On | ||
+ | RewriteCond %{HTTPS} off | ||
+ | RewriteRule (.*) https:// | ||
+ | </ | ||
+ | |||
+ | < | ||
+ | ServerName notes.lgy.fr | ||
+ | |||
+ | ProxyPreserveHost on | ||
+ | ProxyPass / http:// | ||
+ | ProxyPassReverse / http:// | ||
+ | RequestHeader set X-Forwarded-Proto " | ||
+ | |||
+ | SSLEngine On | ||
+ | SSLCertificateFile / | ||
+ | SSLCertificateKeyFile / | ||
+ | </ | ||
+ | |||
+ | </ |
installation_de_standardnotes.1631264297.txt.gz · Dernière modification : 2021/09/10 10:58 de tomamplius