119 lines
2.8 KiB
Markdown
119 lines
2.8 KiB
Markdown
# Service stats.chalec.org
|
|
|
|
Service de statistiques/métriques du candidat chaton de Libre en communs basé sur le logiciel libre StatoolInfos : https://forge.devinsy.fr/devinsy/statoolinfos.
|
|
|
|
Responsable : Christian Momon (@cpm)
|
|
|
|
Anciens responsables : n/a.
|
|
|
|
# Site web
|
|
|
|
Actuellement, le site web est statique et généré par la moulinette `statoolinfos` toutes les heures.
|
|
|
|
## Installation basique
|
|
|
|
Installer les paquets :
|
|
```
|
|
apt-get install nginx python3-certbot-nginx
|
|
```
|
|
|
|
Ouvrir les ports http (80) et https (443) :
|
|
```
|
|
ufw allow 'Nginx HTTP'
|
|
ufw allow 'Nginx HTTPS'
|
|
```
|
|
|
|
Configurer a minima le site web dans `/etc/nginx/sites-available/stats.chalec.org` :
|
|
```
|
|
server
|
|
{
|
|
listen 80;
|
|
listen [::]:80;
|
|
|
|
server_name stats.chalec.org;
|
|
|
|
access_log /var/log/nginx/stats.chalec.org-access.log;
|
|
error_log /var/log/nginx/stats.chalec.org-error.log;
|
|
}
|
|
```
|
|
|
|
Activer la configuration :
|
|
```
|
|
cd /etc/nginx/sites-enabled/
|
|
ln -s ../sites-available/stats.chalec.org
|
|
```
|
|
|
|
Vérifier que c'est bon et recharger :
|
|
```
|
|
nginx -t && systemctl reload nginx
|
|
```
|
|
|
|
Configurer le certificat SSl :
|
|
```
|
|
certbot --nginx
|
|
```
|
|
|
|
Mettre beau le fichier `/etc/nginx/sites-enabled/stats.chalec.org` :
|
|
```
|
|
server
|
|
{
|
|
listen 80;
|
|
listen [::]:80;
|
|
|
|
server_name stats.chalec.org;
|
|
|
|
access_log /var/log/nginx/stats.chalec.org-access.log;
|
|
error_log /var/log/nginx/stats.chalec.org-error.log;
|
|
|
|
#return 302 https://$host$request_uri;
|
|
return 302 https://stats.chalec.org$request_uri;
|
|
}
|
|
|
|
server
|
|
{
|
|
set_real_ip_from 192.169.1.1;
|
|
real_ip_header proxy_protocol;
|
|
listen [::]:443 ssl ipv6only=on;
|
|
listen 443 ssl proxy_protocol;
|
|
|
|
server_name stats.chalec.org;
|
|
|
|
access_log /var/log/nginx/stats.chalec.org-access.log;
|
|
error_log /var/log/nginx/stats.chalec.org-error.log;
|
|
|
|
ssl_certificate /etc/letsencrypt/live/stats.chalec.org/fullchain.pem; # managed by Certbot
|
|
ssl_certificate_key /etc/letsencrypt/live/stats.chalec.org/privkey.pem; # managed by Certbot
|
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
|
|
root /var/www/stats.chalec.org;
|
|
location = /
|
|
{
|
|
index index.xhtml;
|
|
}
|
|
}
|
|
```
|
|
|
|
Vérifier que c'est bon et recharger :
|
|
```
|
|
nginx -t && systemctl reload nginx
|
|
```
|
|
|
|
# Service StatoolInfos
|
|
|
|
TODO
|
|
|
|
# Configuration /etc/hosts
|
|
|
|
Le programme StatoolInfos va faire des requêtes web sur la vm donc il a besoin de la voir.
|
|
Pour éviter d'avoir un court-circuit proxy ipv4, modifier le fichier `/etc/hosts` pour déclarer stats.chalec.org en ipv6 local uniquement :
|
|
```
|
|
127.0.0.1 localhost
|
|
127.0.1.1 stats
|
|
|
|
# The following lines are desirable for IPv6 capable hosts
|
|
::1 localhost ip6-localhost ip6-loopback stats.chalec.org stats
|
|
ff02::1 ip6-allnodes
|
|
ff02::2 ip6-allrouters
|
|
```
|