val
/
deployment_dcdn_static
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
deployment_dcdn_static/README.md

93 lines
2.1 KiB
Markdown
Raw Blame History

# Deployment DCDN Static
Deployment [**D**ebian](https://www.debian.org/) (os) + [**C**addy](https://caddyserver.com/) (webserver) + [**D**irectus](https://directus.io/) (cms) + [**N**uxt](https://nuxt.com/) (static front).
## Installation
On a fresh install as root user using
`sudo passwd root`
`su - root`
1. Upgrade
`apt update && apt upgrade -y`
2. Install git
`apt install -y git`
3. Download and make the instal script executable
`git clone https://gitea.valentin-le-moign.fr/val/deployment_dcdn_static`
`cd deployment_dcdn_static`
4. Launch the script
`bash install.sh`
## Environment
Tested and optimised for [OVH VPS Starter](https://www.ovhcloud.com/fr/vps/cheap-vps/).
## Installation steps
1. Install php for the webhook
2. Create a user
3. Setup ssh, firewall and fail2ban
4. Add swapfile
5. Install Caddy webserver
6. Install MariaDB
7. Setup the Directus Database
8. Install Node
9. Prompt for the url
10. Install and run Directus
11. Setup backup
12. Setup node exporter
13. Install and run the front-end
14. Setup a webhook
## Post-install
0. Delete unix Debian account
`userdel --remove-home debian`
1. Configure DNS Zone
```
Domain : <domain_name> | Type : A | Target : <ip>
Domain : cms.<domain_name> | Type : A | Target : <ip>
Domain : www.<domain_name> | Type : A | Target : <ip>
```
2. Set Directus roles
```
Website role Read content collections and directus_files
User role All permissions on content collections, directus_files and directus_folders
```
3. Create a webhook
`<repo_url>/settings/hooks/gitea/new`
```
Target URL https://<domain_name>/webhook.php
Branch filter prod
Authorization Header generate a safe string using : openssl rand -base64 32
```
4. Setup Matomo tracking
Add a new website to track from the Matomo interface as an admin user
All website → Add a new Website → Website
## Ref
[Debian Web Server](https://figureslibres.io/gogs/bachir/debian-web-server)
[Securing a dedicated server](https://help.ovhcloud.com/csm/en-gb-dedicated-servers-securing-server?id=kb_article_view&sysparm_article=KB0043969)
Reference in New Issue View Git Blame Copy Permalink