From 2abf8e30cf26a07ee841d3d438f65716bb07b5e4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julie=C3=B1?= Date: Thu, 24 Apr 2025 15:55:10 +0200 Subject: [PATCH] Hosts specific configs --- On host/Apache.md | 304 +++++++++++++++++++++++++++++ On host/Baïkal.md | 200 ++++++++++++++++++++ On host/Caddy.md | 262 +++++++++++++++++++++++++ On host/Docker.md | 88 +++++++++ On host/Joomla.md | 108 +++++++++++ On host/LAMP Stack.md | 430 ++++++++++++++++++++++++++++++++++++++++++ On host/Prestashop.md | 118 ++++++++++++ On host/RKNN.md | 114 +++++++++++ On host/SSG (Hugo).md | 73 +++++++ On host/WebDAV.md | 13 ++ On host/Webmin.md | 21 +++ On host/Wireguard.md | 40 ++++ On host/Wordpress.md | 132 +++++++++++++ 13 files changed, 1903 insertions(+) create mode 100644 On host/Apache.md create mode 100644 On host/Baïkal.md create mode 100644 On host/Caddy.md create mode 100644 On host/Docker.md create mode 100644 On host/Joomla.md create mode 100644 On host/LAMP Stack.md create mode 100644 On host/Prestashop.md create mode 100644 On host/RKNN.md create mode 100644 On host/SSG (Hugo).md create mode 100644 On host/WebDAV.md create mode 100644 On host/Webmin.md create mode 100644 On host/Wireguard.md create mode 100644 On host/Wordpress.md diff --git a/On host/Apache.md b/On host/Apache.md new file mode 100644 index 0000000..856a182 --- /dev/null +++ b/On host/Apache.md @@ -0,0 +1,304 @@ +# Web + +## Structure + +``` +. +├── apache + ├── www.delmar.bzh (80) > hugo + ├── nsns.delmar.bzh (81) > hugo + ├── ugo.delmar.bzh (82) > wordpress + ├── dav.delmar.bzh (83) > baïkal + ├── julien.delmar.bzh (84) > hugo + ├── nds.delmar.bzh (85) > hugo + ├── shop.delmar.bzh (86) > prestashop + ├── kontadenn.delmar.bzh (87) > joomla + ├── _____.delmar.bzh (88) > + └── _____.delmar.bzh (89) > +``` + +```bash +sudo vim /etc/apache2/ports.conf +``` + +```conf +# If you just change the port or add more ports here, you will likely also +# have to change the VirtualHost statement in +# /etc/apache2/sites-enabled/000-default.conf + +Listen 80 +Listen 81 +Listen 82 +Listen 83 +Listen 84 +Listen 85 +Listen 86 +Listen 87 +Listen 88 +Listen 89 + + +        Listen 443 + + + +        Listen 443 + +``` + +```bash +sudo vim /etc/apache2/sites-available/delmar.bzh.conf +``` + +```conf + + ServerName www.delmar.bzh + + ServerAdmin admin@delmar.bzh + DocumentRoot /var/www/hugo + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + + + ServerName nsns.delmar.bzh + + ServerAdmin admin@delmar.bzh + DocumentRoot /var/www/nsns + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + + + ServerName ugo.delmar.bzh + + ServerAdmin ugo@delmar.bzh + DocumentRoot /var/www/wpugo + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + RewriteEngine On + RewriteBase / + RewriteRule ^index\.php$ - [L] + RewriteCond %{REQUEST_FILENAME} !-f + RewriteCond %{REQUEST_FILENAME} !-d + RewriteRule . /index.php [L] + + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + +DavLockDB /usr/local/apache/var/DavLock + + + ServerAdmin admin@delmar.bzh + DocumentRoot /var/www/baikal/html + ServerName dav.delmar.bzh + + RewriteEngine on + RewriteRule /.well-known/carddav /dav.php [R=308,L] + RewriteRule /.well-known/caldav /dav.php [R=308,L] + + + Options None + # If you install cloning git repository, you may need the following + # Options +FollowSymlinks + AllowOverride None + # Configuration for apache-2.4: + Require all granted + # Configuration for apache-2.2: + # Order allow,deny + # Allow from all + + + Alias /webdav /var/www/webdav + + + DAV On + AuthType Basic + AuthName "webdav" + AuthUserFile /usr/local/apache/var/users.password + Require user admin + + + + Options Indexes + AllowOverride none + Order allow,deny + allow from all + DAV On + AuthType Basic + AuthName "webdav" + AuthUserFile /usr/local/apache/var/users.password + + Require valid-user + + + + + Options Indexes + AllowOverride none + Order allow,deny + allow from all + DAV on + AuthType Basic + AuthName "webdav" + AuthUserFile /usr/local/apache/var/users.password + + Require user julien + + + + + Options Indexes + AllowOverride none + Order allow,deny + allow from all + DAV on + AuthType Basic + AuthName "webdav" + AuthUserFile /usr/local/apache/var/users.password + + Require user eliot + + + + + ExpiresActive Off + + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + + + ServerName julien.delmar.bzh + + ServerAdmin admin@delmar.bzh + DocumentRoot /var/www/resumes/julien + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + + + ServerName nds.delmar.bzh + + ServerAdmin admin@delmar.bzh + DocumentRoot /var/www/nds + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + + + ServerName shop.delmar.bzh + + ServerAdmin admin@delmar.bzh + DocumentRoot /var/www/shop + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + RewriteEngine on + #Domain: shop.delmar.bzh + RewriteRule . - [E=REWRITEBASE:/] + RewriteRule ^api(?:/(.*))?$ %{ENV:REWRITEBASE}webservice/dispatcher.php?url=$1 [QSA,L] + RewriteRule ^upload/.+$ %{ENV:REWRITEBASE}index.php [QSA,L] + # Images + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$1$3 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$1$4 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$1$5 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$1$6 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$1$7 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$7/$1$8 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$7/$8/$1$9 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^c/([\d]+)(\-[\.*\w-]*)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/c/$1$2$3 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^c/([a-zA-Z_-]+)(-[\d]+)?/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/c/$1$2$3 [L] + # AlphaImageLoader for IE and fancybox + RewriteRule ^images_ie/?([^/]+)\.(jpe?g|png|gif)$ %{ENV:REWRITEBASE}js/jquery/plugins/fancybox/images/$1.$2 [L] + # Dispatcher + RewriteCond %{REQUEST_FILENAME} -s [OR] + RewriteCond %{REQUEST_FILENAME} -l [OR] + RewriteCond %{REQUEST_FILENAME} -d + RewriteRule ^.*$ - [NC,L] + RewriteRule ^.*$ %{ENV:REWRITEBASE}index.php [NC,L] + + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + + + ServerName kontadenn.delmar.bzh + + ServerAdmin admin@delmar.bzh + DocumentRoot /var/www/kontadenn + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + RewriteEngine on + #Domain: kontadenn.delmar.bzh + RewriteRule . - [E=REWRITEBASE:/] + RewriteRule ^api(?:/(.*))?$ %{ENV:REWRITEBASE}webservice/dispatcher.php?url=$1 [QSA,L] + RewriteRule ^upload/.+$ %{ENV:REWRITEBASE}index.php [QSA,L] + # Images + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$1$3 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$1$4 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$1$5 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$1$6 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$1$7 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$7/$1$8 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$7/$8/$1$9 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^c/([\d]+)(\-[\.*\w-]*)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/c/$1$2$3 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^c/([a-zA-Z_-]+)(-[\d]+)?/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/c/$1$2$3 [L] + # AlphaImageLoader for IE and fancybox + RewriteRule ^images_ie/?([^/]+)\.(jpe?g|png|gif)$ %{ENV:REWRITEBASE}js/jquery/plugins/fancybox/images/$1.$2 [L] + # Dispatcher + RewriteCond %{REQUEST_FILENAME} -s [OR] + RewriteCond %{REQUEST_FILENAME} -l [OR] + RewriteCond %{REQUEST_FILENAME} -d + RewriteRule ^.*$ - [NC,L] + RewriteRule ^.*$ %{ENV:REWRITEBASE}index.php [NC,L] + + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + +``` + +```bash +sudo systemctl restart apache2 +``` \ No newline at end of file diff --git a/On host/Baïkal.md b/On host/Baïkal.md new file mode 100644 index 0000000..a1a2d8d --- /dev/null +++ b/On host/Baïkal.md @@ -0,0 +1,200 @@ +# Baïkal + +## Structure + +``` +. +├── apache +| ├── baikal (83) +| └── webdav +└── mariadb +``` + +[https://sabre.io/baikal/install/](https://sabre.io/baikal/install/ "https://sabre.io/baikal/install/") + +## mariadb + +`mysql -u root -p (transatlantique)` + +``` +CREATE DATABASE baikal; +CREATE USER "admin"@"localhost" IDENTIFIED BY "BymQt5Z9yaL5hE"; +GRANT ALL PRIVILEGES ON baikal.* TO "admin"@"localhost"; +FLUSH PRIVILEGES; +EXIT; +``` + +
databaseuserpasswordhost
baikaladminBymQt5Z9yaL5hElocalhost
+ +
## Installation + +``` +cd /var/www/baikal/ + +wget https://github.com/sabre-io/Baikal/releases/download/0.9.4/baikal-0.9.4.zip + +unzip baikal-0.9.4.zip + +cd baikal + +chown -R www-data:www-data Specific config +``` + +## apache + +> add virtualhost to /etc/apache2/sites-available/delmar.bzh.conf + +```conf +DavLockDB /usr/local/apache/var/DavLock + + +       ServerAdmin admin@delmar.bzh +       DocumentRoot /var/www/baikal/html +       ServerName dav.delmar.bzh + +       RewriteEngine on +       RewriteRule /.well-known/carddav /dav.php [R=308,L] +       RewriteRule /.well-known/caldav  /dav.php [R=308,L] + +        +               Options None +               # If you install cloning git repository, you may need the following +               # Options +FollowSymlinks +               AllowOverride None +               # Configuration for apache-2.4: +               Require all granted +               # Configuration for apache-2.2: +               # Order allow,deny +               # Allow from all +        + +        +               ExpiresActive Off +        + +       ErrorLog ${APACHE_LOG_DIR}/error.log +       CustomLog ${APACHE_LOG_DIR}/access.log combined + +``` + +#### Run installer : + +> [https://dav.delmar.bzh](https://dav.delmar.bzh "https://dav.delmar.bzh") + +## WebDAV + +``` +sudo a2enmod dav +sudo a2enmod dav_fs + +sudo systemctl restart apache2.service + +sudo mkdir /var/www/webdav +sudo chown www-data:www-data /var/www/webdav + +sudo mkdir -p /usr/local/apache/var/ +sudo chown www-data:www-data /usr/local/apache/var + + +sudo touch /usr/local/apache/var/users.password +sudo chown www-data:www-data /usr/local/apache/var/users.password +``` + +#### Users + +```bash +sudo htpasswd /usr/local/apache/var/users.password julien SnEnfQVzqs8K9A +``` + +`sudo vim /etc/apache2/sites-available/delmar.bzh.conf` + +``` + +       ServerAdmin admin@delmar.bzh +       DocumentRoot /var/www/baikal/html +       ServerName dav.delmar.bzh + +       RewriteEngine on +       RewriteRule /.well-known/carddav /dav.php [R=308,L] +       RewriteRule /.well-known/caldav  /dav.php [R=308,L] + +        +               Options None +               # If you install cloning git repository, you may need the following +               # Options +FollowSymlinks +               AllowOverride None +               # Configuration for apache-2.4: +               Require all granted +               # Configuration for apache-2.2: +               # Order allow,deny +               # Allow from all +        + +       Alias /webdav /var/www/webdav + +        +               DAV On +               AuthType Basic +               AuthName "webdav" +               AuthUserFile /usr/local/apache/var/users.password +               Require user admin +        + +        +               Options Indexes +               AllowOverride none +               Order allow,deny +               allow from all +               DAV On +               AuthType Basic +               AuthName "webdav" +               AuthUserFile /usr/local/apache/var/users.password +                +                       Require valid-user +                +        + +        +               Options Indexes +               AllowOverride none +               Order allow,deny +               allow from all +               DAV on +               AuthType Basic +               AuthName "webdav" +               AuthUserFile /usr/local/apache/var/users.password +                +                       Require user julien +                +        + +        +               Options Indexes +               AllowOverride none +               Order allow,deny +               allow from all +               DAV on +               AuthType Basic +               AuthName "webdav" +               AuthUserFile /usr/local/apache/var/users.password +                +                       Require user eliot +                +        + +        +               ExpiresActive Off +        + +       ErrorLog ${APACHE_LOG_DIR}/error.log +       CustomLog ${APACHE_LOG_DIR}/access.log combined + +``` + +``` +sudo a2enmod auth_digest +sudo systemctl restart apache2.service + +sudo vim /var/www/webdav/webdav-testfile.txt +sudo chown www-data:www-data /var/www/webdav/webdav-testfile.txt +``` \ No newline at end of file diff --git a/On host/Caddy.md b/On host/Caddy.md new file mode 100644 index 0000000..050d191 --- /dev/null +++ b/On host/Caddy.md @@ -0,0 +1,262 @@ +# Caddy + +## Structure + +``` +. +├── caddy (80 | 443) + └── Caddyfile +``` + +### Caddy / xcaddy + + +```bash +sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl + +# caddy +curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg +curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list +# xcaddy +curl -1sLf 'https://dl.cloudsmith.io/public/caddy/xcaddy/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-xcaddy-archive-keyring.gpg +curl -1sLf 'https://dl.cloudsmith.io/public/caddy/xcaddy/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-xcaddy.list + +sudo apt update && sudo apt install -y caddy xcaddy +``` + +#### Build with dns-ovh + +``` +https://go.dev/dl/ +``` + +```bash +wget https://go.dev/dl/go1.23.1.linux-arm64.tar.gz +rm -rf /usr/local/go && sudo tar -C /usr/local -xzf go1.23.1.linux-arm64.tar.gz +export PATH=$PATH:/usr/local/go/bin +``` + +```bash +mkdir ~/caddy +cd caddy + +xcaddy build --with github.com/caddy-dns/ovh +sudo mv caddy /usr/bin +sudo chown root:root /usr/bin/caddy +sudo chmod 755 /usr/bin/caddy +sudo systemctl daemon-reload +``` + +```bash +sudo vim /etc/caddy/Caddyfile +``` + +``` +{ + debug + http_port 80 + https_port 443 + email admin@delmar.bzh + default_sni delmar.bzh + + acme_dns ovh { + endpoint ovh-eu + application_key 3f8bdfed17f848d8 + application_secret 6946758d7515ecef108aeb286bf3c7d0 + consumer_key 94b2ddf482d36421a33aa6b3aa515956 + } +} + +(LAN_only) { + @local_subnets { + not remote_ip 192.168.1.0/24 + } + respond @local_subnets 403 +} + +*:80 { + root * /var/www/comics + encode gzip zstd + file_server +} + +bookstack.delmar.bzh + reverse_proxy carlo:6875 + encode gzip zstd +} + +books.delmar.bzh { + reverse_proxy sandy:8083 { + header_up X-Scheme https + } + encode gzip zstd +} + +cloud.delmar.bzh { + encode gzip zstd + reverse_proxy sandy:35771 { + header_up Host {upstream_hostport} + } + + redir /.well-known/carddav /remote.php/dav/ 301 + redir /.well-known/caldav /remote.php/dav/ 301 + + header { + Strict-Transport-Security "max-age=31536000; includeSubdomains; preload" + X-XSS-Protection "1; mode=block;" + X-Content-Type-Options "nosniff" + X-Frame-Options "SAMEORIGIN" + } +} + +webmin.delmar.bzh { + reverse_proxy bob:10000 { + transport http { + read_buffer 0 + write_buffer 0 + tls_insecure_skip_verify + versions 1.1 + } + } + encode gzip zstd +} + +dolibarr.delmar.bzh { + reverse_proxy carlo:64616 + encode gzip zstd +} + +draw.delmar.bzh { + reverse_proxy carlo:8080 + encode gzip zstd +} + +git.delmar.bzh { + reverse_proxy carlo:3001 + encode gzip zstd +} + +homepage.delmar.bzh { + reverse_proxy bob:5005 + encode gzip zstd +} + +home-assistant.delmar.bzh { + reverse_proxy carlo:8123 + encode gzip zstd +} + +it.delmar.bzh { + reverse_proxy bob:8888 + encode gzip zstd +} + +jellyfin.delmar.bzh { + reverse_proxy gary:8096 + encode gzip zstd +} + +jellyseerr.delmar.bzh { + reverse_proxy gary:5055 + encode gzip zstd +} + +wizarr.delmar.bzh { + reverse_proxy gary:5690 + encode gzip zstd +} + +julien.delmar.bzh { + root * /var/www/resumes/julien + encode gzip zstd + file_server +} + +kontadenn.delmar.bzh { + root * /var/www/kontadenn + encode gzip zstd + file_server +} + +nds.delmar.bzh { + root * /var/www/nds + encode gzip zstd + file_server +} + +nsns.delmar.bzh { + root * /var/www/nsns + encode gzip zstd + file_server +} + +paperless.delmar.bzh { + reverse_proxy sandy:8000 + encode gzip zstd +} + +penpot.delmar.bzh { + reverse_proxy sandy:43735 + encode gzip zstd +} + +portainer.delmar.bzh { + reverse_proxy bob:9000 + encode gzip zstd +} + +mobilizon.delmar.bzh { + reverse_proxy carlo:4000 + encode gzip zstd +} + +send.delmar.bzh { + reverse_proxy krabs:3000 + encode gzip zstd +} + +tools.delmar.bzh { + reverse_proxy sandy:9890 + encode gzip zstd +} + +ugo.delmar.bzh { + reverse_proxy carlo:8090 + encode gzip zstd +} + +vault.delmar.bzh { + reverse_proxy carlo:8081 + encode gzip zstd +} + +www.delmar.bzh { + root * /var/www/comics + encode gzip zstd + file_server +} + +octoprint.delmar.bzh { + handle_path /webcam/* { + reverse_proxy localhost:54964 + } + reverse_proxy bernie:54963 { + header_up X-Forwarded-Proto {scheme} + } + encode gzip zstd +} +``` + +```bash +sudo systemctl restart caddy +``` + +# Services + +
ServiceHostIP:port
books.delmar.bzhsandy192.168.1.65:8083
bookstack.delmar.bzh + +sheldon192.168.1.230:6875
cloud.delmar.bzh + +sandy192.168.1.65:9880
cockpit.delmar.bzhbob192.168.1.99:9090
dolibarr.delmar.bzhcarlo192.168.1.163:8080
git.delmar.bzhcarlo192.168.1.163:3001
homepage.delmar.bzhbob192.168.1.99:5005
jellyfin.delmar.bzhsandy192.168.1.65:8096
jellyseer.delmar.bzhsandy192.168.1.65:5055
julien.delmar.bzhbob> Caddyfile
kontadenn.delmar.bzhbob> Caddyfile
nds.delmar.bzhbob> Caddyfile
nsns.delmar.bzhbob> Caddyfile
penpot.delmar.bzhcarlo192.168.1.163:8082
portainer.delmar.bzhbob192.168.1.99:9443
rallly.delmar.bzhcarlo192.168.1.163:3000
send.delmar.bzhkrabs192.168.1.229:8080
shop.delmar.bzhpatrick192.168.1.186:86
ugo.delmar.bzhpatrick192.168.1.186:82
uptime.delmar.bzhbob192.168.1.99:3001
vault.delmar.bzhcarlo192.168.1.163:8081
www.delmar.bzhbob> Caddyfile
+ +
\ No newline at end of file diff --git a/On host/Docker.md b/On host/Docker.md new file mode 100644 index 0000000..04783e3 --- /dev/null +++ b/On host/Docker.md @@ -0,0 +1,88 @@ +# Docker + +### On compute module : + +`mkdir -p /mnt/data/docker` + +``` +sudo apt update && sudo apt install apt-transport-https ca-certificates curl wget gnupg lsb-release -y + +curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker.gpg + +echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null + +sudo apt update && sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin docker-compose -y +``` + +### Version courte : + +``` +curl -fsSL https://get.docker.com -o get-docker.sh +sudo sh get-docker.sh +sudo usermod -aG docker $(whoami) +newgrp docker +docker run hello-world +``` + +##### Relocate /var/lib/docker + +```bash +#Stop docker +sudo systemctl stop docker.service +sudo systemctl stop docker.socket + +#Create new data folder and move data +sudo mkdir /mnt/data/dockerdata + +sudo rsync -aP /var/lib/docker/ /mnt/data/dockerdata/ + +# Edit docker config +sudo vim /etc/docker/daemon.json +``` + +```bash +{ + "data-root": "/mnt/data/dockerdata" +} +``` + +```bash +# Restart docker +sudo systemctl start docker.socket +sudo systemctl start docker.service + +# Verify... +sudo systemctl status docker +sudo docker info | grep "Docker Root Dir" + +# Delete old data folder +sudo rm -rf /var/lib/docker/ +``` + +#### Portainer + +```bash +docker volume create portainer_data +docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ee:latest +``` + +> **login :** admin +> **password :** thrive-dwelled-flanked + +https://portainer.delmar.bzh/ +https://sandy:9443/ +https://192.168.1.70:9443/ + +> **Licence key :** 2-6yKcInsUmIXoJ2Ep/Qhklg14PEkpMYuyqoUQS8ST4P840dqep0VQUaVsnTYgVVX3g+/gtpFnH8xYyGmCxyDVHA== + +#### Yacht + +``` +lxc config device add docker proxy8000 proxy connect="tcp:127.0.0.1:8000" listen="tcp:0.0.0.0:8000" + +docker volume create yacht + +docker run -d --name yacht -p 8000:8000 -v /var/run/docker.sock:/var/run/docker.sock -v yacht:/config selfhostedpro/yacht +``` + +\[ admin@delmar.bzh | thrive-dwelled-flanked \] \ No newline at end of file diff --git a/On host/Joomla.md b/On host/Joomla.md new file mode 100644 index 0000000..525ea55 --- /dev/null +++ b/On host/Joomla.md @@ -0,0 +1,108 @@ +# Joomla + +Apache : patrick:87 + +```bash +sudo apt install php php-common php-cli php-fpm php-opcache php-gd php-mysql php-curl php-intl php-xsl php-mbstring php-zip php-bcmath php-soap -y +sudo mkdir -p /var/www/joomla && cd /var/www/joomla +``` + +```bash +wget https://downloads.joomla.org/cms/joomla5/5-1-1/Joomla_5-1-1-Stable-Full_Package.zip?format=zip +unzip ... +``` + +```bash +mysql -u root -p (transatlantique) +``` + +```sql +CREATE DATABASE joomladb COLLATE utf8mb4_general_ci; +CREATE USER "joomlauser"@"localhost" IDENTIFIED BY "UQoiQRjB8AjmUv"; +GRANT ALL PRIVILEGES ON joomladb.* TO "joomlauser"@"localhost"; +FLUSH PRIVILEGES; +EXIT; +``` + +
databaseuserpasswordhostprefix
joomladbjoomlauserUQoiQRjB8AjmUvlocalhostpli1n\_
+ +```bash +sudo sed -i "s/;date.timezone.*/date.timezone = Europe/Paris" /etc/php/8.2/fpm/php.ini +sudo sed -i "s/memory_limit = .*/memory_limit = 512M/" /etc/php/8.2/fpm/php.ini +sudo sed -i "s/upload_max_filesize = .*/upload_max_filesize = 64M/" /etc/php/8.2/fpm/php.ini +sudo sed -i "s/post_max_size = .*/post_max_size = 64M/" /etc/php/8.2/fpm/php.ini +sudo sed -i "s/max_execution_time = .*/max_execution_time = 18000/" /etc/php/8.2/fpm/php.ini +sudo sed -i "s/zlib.output_compression = .*/zlib.output_compression = on/" /etc/php/8.2/fpm/php.ini +sudo sed -i "s/;opcache.save_comments.*/opcache.save_comments = 1/" /etc/php/8.2/fpm/php.ini +``` + +```bash +sudo systemctl restart apache2.service +``` + +--- + +##### **(!) In order to handle SEO url, include rewrite rules in [delmar.bzh.conf](https://bookstack.delmar.bzh/books/selfhosted/page/lamp "L.A.M.P")** + +## VirtualHost + +``` +. +├── apache +| └── joomla (87) +└── mariadb +``` + +`/etc/apache2/sites-available/delmar.bzh.conf` + +```nginx + + ServerName kontadenn.delmar.bzh + + ServerAdmin admin@delmar.bzh + DocumentRoot /var/www/kontadenn + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + RewriteEngine on + #Domain: kontadenn.delmar.bzh + RewriteRule . - [E=REWRITEBASE:/] + RewriteRule ^api(?:/(.*))?$ %{ENV:REWRITEBASE}webservice/dispatcher.php?url=$1 [QSA,L] + RewriteRule ^upload/.+$ %{ENV:REWRITEBASE}index.php [QSA,L] + # Images + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$1$3 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$1$4 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$1$5 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$1$6 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$1$7 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$7/$1$8 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$7/$8/$1$9 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^c/([\d]+)(\-[\.*\w-]*)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/c/$1$2$3 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^c/([a-zA-Z_-]+)(-[\d]+)?/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/c/$1$2$3 [L] + # AlphaImageLoader for IE and fancybox + RewriteRule ^images_ie/?([^/]+)\.(jpe?g|png|gif)$ %{ENV:REWRITEBASE}js/jquery/plugins/fancybox/images/$1.$2 [L] + # Dispatcher + RewriteCond %{REQUEST_FILENAME} -s [OR] + RewriteCond %{REQUEST_FILENAME} -l [OR] + RewriteCond %{REQUEST_FILENAME} -d + RewriteRule ^.*$ - [NC,L] + RewriteRule ^.*$ %{ENV:REWRITEBASE}index.php [NC,L] + + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + +``` \ No newline at end of file diff --git a/On host/LAMP Stack.md b/On host/LAMP Stack.md new file mode 100644 index 0000000..2485c6d --- /dev/null +++ b/On host/LAMP Stack.md @@ -0,0 +1,430 @@ +# L.A.M.P + +## 1. Apache + +> ssh into server + +```bash +sudo apt -y install apache2 apache2-utils +``` + +```bash +sudo vim /etc/apache2/conf-enabled/security.conf + +# line 12 : change +ServerTokens Prod + +sudo vim /etc/apache2/mods-enabled/dir.conf + +# add file name that it can access only with directory's name +DirectoryIndex index.html index.htm + +sudo vim /etc/apache2/apache2.conf + +# line 70 : add to specify server name +ServerName www.srv.world + +sudo vim /etc/apache2/sites-enabled/000-default.conf + +# line 11 : change to webmaster's email +ServerAdmin webmaster@srv.world + +sudo systemctl reload apache2 +``` + +```bash +sudo vim /etc/apache2/ports.conf +``` + +``` +# If you just change the port or add more ports here, you will likely also +# have to change the VirtualHost statement in +# /etc/apache2/sites-enabled/000-default.conf + +Listen 80 +Listen 81 +Listen 82 +Listen 83 +Listen 84 +Listen 85 +Listen 86 +Listen 87 +Listen 88 +Listen 89 + + +       Listen 443 + + + +       Listen 443 + +``` + +## 2. PHP + +```bash +sudo apt update && apt full-upgrade -y +sudo apt install -y apache2 wget git zip unzip +# systemctl enable apache2 && systemctl start apache2# systemctl status apache2 + +sudo apt install -y php php-cli libapache2-mod-php php-common php-gd php-bcmath php-xml php-json php-zip php-mysql php-imap php-curl php-mbstring php-intl php-pear php-opcache php-soap php-apcu php-redis php-memcache + +php -v +``` + +> http://\[ServerIP\] + +```bash +echo "" > /var/www/html/test.php +``` + +## 3. Database + +```bash +sudo apt install mariadb-server mariadb-client -y + +# systemctl start mariadb && systemctl enable mariadb +# systemctl status mariadb + +mysql_secure_installation +mysql -u root -p (transatlantique) +``` + +```sql +CREATE DATABASE [database_name]; +# CREATE DATABASE [database_name] COLLATE utf8mb4_general_ci; +CREATE USER "admin"@"localhost" IDENTIFIED BY "camera-wand-stubborn"; +GRANT ALL PRIVILEGES ON [database_name].* TO "admin"@"localhost"; +FLUSH PRIVILEGES; +EXIT; +``` + +
databaseuserpasswordhostprefix
\[database\_name\]admincamera-wand-stubbornlocalhostdb\_
+ +
## 4. PhpMyAdmin + +```bash +DATA="$(wget https://www.phpmyadmin.net/home_page/version.txt -q -O-)" + +URL="$(echo $DATA | cut -d ' ' -f 3)" + +VERSION="$(echo $DATA | cut -d ' ' -f 1)" + +wget https://files.phpmyadmin.net/phpMyAdmin/${VERSION}/phpMyAdmin-${VERSION}-all-languages.tar.gz + +tar xvf phpMyAdmin-${VERSION}-all-languages.tar.gz + +mv phpMyAdmin-*/ /usr/share/phpmyadmin + +mkdir -p /var/lib/phpmyadmin/tmp + +chown -R www-data:www-data /var/lib/phpmyadmin + +mkdir /etc/phpmyadmin/ + +cp /usr/share/phpmyadmin/config.sample.inc.php /usr/share/phpmyadmin/config.inc.php +``` + +``` +vim /usr/share/phpmyadmin/config.inc.php +``` + +> (16gg) > 32 characters +> `$cfg['blowfish_secret'] = 'WBqsYQwj5EotFPu58WGSFNT4b7PMJoBt';` +> +> (73gg) +> `$cfg['TempDir'] = '/var/lib/phpmyadmin/tmp';` + +```bash +vim /etc/apache2/conf-enabled/phpmyadmin.conf +``` + +> Alias /phpmyadmin /usr/share/phpmyadmin + +```conf + + Options SymLinksIfOwnerMatch + DirectoryIndex index.php + + + + AddType application/x-httpd-php .php + + + SetHandler application/x-httpd-php + + + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/ + php_admin_value mbstring.func_overload 0 + + + + AddType application/x-httpd-php .php + + + SetHandler application/x-httpd-php + + +``` + +#### Authorize for setup + +```conf + + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +``` + +#### Disallow web access to directories that don't need it + +```conf + + Require all denied + + + Require all denied + + + Require all denied + +``` + +```bash +a2enmod rewrite +systemctl restart apache2 +``` + +> http://\[ServerIP\]/phpmyadmin +> First login as \[ root | transatlantique \] to save phpmyadmin config + +#### Alternative + +> [WebDB](https://gitlab.com/web-db/app) + +## 5. \[instance\_name\] + +```bash + wget https://github.com/[sourcefile].zip + unzip [sourcefile].zip -d /var/www/[instance_name] + chown -R www-data: /var/www/[instance_name] +``` + +```bash +sudo vim /etc/apache2/sites-available/delmar.bzh.conf +``` + +```nginx + + ServerName www.delmar.bzh + + ServerAdmin admin@delmar.bzh + DocumentRoot /var/www/hugo + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + + + ServerName nsns.delmar.bzh + + ServerAdmin admin@delmar.bzh + DocumentRoot /var/www/nsns + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + + + ServerName ugo.delmar.bzh + + ServerAdmin ugo@delmar.bzh + DocumentRoot /var/www/wpugo + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + RewriteEngine On + RewriteBase / + RewriteRule ^index\.php$ - [L] + RewriteCond %{REQUEST_FILENAME} !-f + RewriteCond %{REQUEST_FILENAME} !-d + RewriteRule . /index.php [L] + + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + +DavLockDB /usr/local/apache/var/DavLock + + + ServerAdmin admin@delmar.bzh + DocumentRoot /var/www/baikal/html + ServerName dav.delmar.bzh + + RewriteEngine on + RewriteRule /.well-known/carddav /dav.php [R=308,L] + RewriteRule /.well-known/caldav /dav.php [R=308,L] + + + Options None + # If you install cloning git repository, you may need the following + # Options +FollowSymlinks + AllowOverride None + # Configuration for apache-2.4: + Require all granted + # Configuration for apache-2.2: + # Order allow,deny + # Allow from all + + + Alias /webdav /var/www/webdav + + + DAV On + AuthType Basic + AuthName "webdav" + AuthUserFile /usr/local/apache/var/users.password + Require user admin + + + + Options Indexes + AllowOverride none + Order allow,deny + allow from all + DAV On + AuthType Basic + AuthName "webdav" + AuthUserFile /usr/local/apache/var/users.password + + Require valid-user + + + + + Options Indexes + AllowOverride none + Order allow,deny + allow from all + DAV on + AuthType Basic + AuthName "webdav" + AuthUserFile /usr/local/apache/var/users.password + + Require user julien + + + + + Options Indexes + AllowOverride none + Order allow,deny + allow from all + DAV on + AuthType Basic + AuthName "webdav" + AuthUserFile /usr/local/apache/var/users.password + + Require user eliot + + + + + ExpiresActive Off + + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + + + ServerName julien.delmar.bzh + + ServerAdmin admin@delmar.bzh + DocumentRoot /var/www/resumes/julien + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + + + ServerName nds.delmar.bzh + + ServerAdmin admin@delmar.bzh + DocumentRoot /var/www/nds + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + + + ServerName shop.delmar.bzh + + ServerAdmin admin@delmar.bzh + DocumentRoot /var/www/shop + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + RewriteEngine on + #Domain: shop.delmar.bzh + RewriteRule . - [E=REWRITEBASE:/] + RewriteRule ^api(?:/(.*))?$ %{ENV:REWRITEBASE}webservice/dispatcher.php?url=$1 [QSA,L] + RewriteRule ^upload/.+$ %{ENV:REWRITEBASE}index.php [QSA,L] + # Images + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$1$3 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$1$4 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$1$5 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$1$6 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$1$7 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$7/$1$8 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$7/$8/$1$9 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^c/([\d]+)(\-[\.*\w-]*)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/c/$1$2$3 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^c/([a-zA-Z_-]+)(-[\d]+)?/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/c/$1$2$3 [L] + # AlphaImageLoader for IE and fancybox + RewriteRule ^images_ie/?([^/]+)\.(jpe?g|png|gif)$ %{ENV:REWRITEBASE}js/jquery/plugins/fancybox/images/$1.$2 [L] + # Dispatcher + RewriteCond %{REQUEST_FILENAME} -s [OR] + RewriteCond %{REQUEST_FILENAME} -l [OR] + RewriteCond %{REQUEST_FILENAME} -d + RewriteRule ^.*$ - [NC,L] + RewriteRule ^.*$ %{ENV:REWRITEBASE}index.php [NC,L] + + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + +``` + +```bash +a2enmod rewrite +a2ensite [instance_name].conf +systemctl restart apache2 +# touch /var/www/[instance_name]/.htaccess +``` \ No newline at end of file diff --git a/On host/Prestashop.md b/On host/Prestashop.md new file mode 100644 index 0000000..594c40d --- /dev/null +++ b/On host/Prestashop.md @@ -0,0 +1,118 @@ +# Prestashop + +Apache : patrick:86 + +```bash +sudo apt install php php-common php-cli php-fpm php-opcache php-gd php-mysql php-curl php-intl php-xsl php-mbstring php-zip php-bcmath php-soap -y +sudo mkdir -p /var/www/shop && cd /var/www/shop +``` + +```bash +wget https://github.com/PrestaShop/PrestaShop/releases/download/8.1.6/prestashop_8.1.6.zip +unzip ... +``` + +```bash +mysql -u root -p (transatlantique) +``` + +```sql +CREATE DATABASE prestashop COLLATE utf8mb4_general_ci; +CREATE USER "prestashopuser"@"hostname" IDENTIFIED BY "somepassword"; +GRANT ALL PRIVILEGES ON prestashop.* TO "prestashopuser"@"hostname"; +FLUSH PRIVILEGES; +EXIT; +``` + +
databaseuserpasswordhostprefix
prestashoproottransatlantiquelocalhostps\_
+ +```bash +sudo sed -i "s/memory_limit = .*/memory_limit = 1024M/" /etc/php/8.2/fpm/php.ini +sudo sed -i "s/upload_max_filesize = .*/upload_max_filesize = 256M/" /etc/php/8.2/fpm/php.ini +sudo sed -i "s/zlib.output_compression = .*/zlib.output_compression = on/" /etc/php/8.2/fpm/php.ini +sudo sed -i "s/max_execution_time = .*/max_execution_time = 18000/" /etc/php/8.2/fpm/php.ini +sudo sed -i "s/;date.timezone.*/date.timezone = Europe/Paris" /etc/php/8.2/fpm/php.ini +sudo sed -i "s/;opcache.save_comments.*/opcache.save_comments = 1/" /etc/php/8.2/fpm/php.ini +``` + +```bash +sudo sed -i "s/memory_limit = .*/memory_limit = 1024M/" /etc/php/8.2/apache2/php.ini +sudo sed -i "s/upload_max_filesize = .*/upload_max_filesize = 256M/" /etc/php/8.2/apache2/php.ini +sudo sed -i "s/zlib.output_compression = .*/zlib.output_compression = on/" /etc/php/8.2/apache2/php.ini +sudo sed -i "s/max_execution_time = .*/max_execution_time = 18000/" /etc/php/8.2/apache2/php.ini +sudo sed -i "s/;date.timezone.*/date.timezone = Europe/Paris" /etc/php/8.2/apache2/php.ini +sudo sed -i "s/;opcache.save_comments.*/opcache.save_comments = 1/" /etc/php/8.2/apache2/php.ini +``` + +```bash +sudo systemctl restart apache2.service +``` + +[https://devdocs.prestashop-project.org](https://devdocs.prestashop-project.org) + +--- + +##### **(!) In order to handle SEO url, include rewrite rules in [delmar.bzh.conf](https://bookstack.delmar.bzh/books/selfhosted/page/lamp "L.A.M.P")** + +## VirtualHost + +``` +. +├── apache +| └── shop (86) +└── mariadb +``` + +`/etc/apache2/sites-available/delmar.bzh.conf` + +```nginx + + ServerName shop.delmar.bzh + + ServerAdmin admin@delmar.bzh + DocumentRoot /var/www/shop + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + RewriteEngine on + #Domain: shop.delmar.bzh + RewriteRule . - [E=REWRITEBASE:/] + RewriteRule ^api(?:/(.*))?$ %{ENV:REWRITEBASE}webservice/dispatcher.php?url=$1 [QSA,L] + RewriteRule ^upload/.+$ %{ENV:REWRITEBASE}index.php [QSA,L] + # Images + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$1$3 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$1$4 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$1$5 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$1$6 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$1$7 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$7/$1$8 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^(([\d])([\d])([\d])([\d])([\d])([\d])([\d])(?:\-[\w-]*)?)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/p/$2/$3/$4/$5/$6/$7/$8/$1$9 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^c/([\d]+)(\-[\.*\w-]*)/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/c/$1$2$3 [L] + RewriteCond %{HTTP_HOST} ^shop.delmar.bzh$ + RewriteRule ^c/([a-zA-Z_-]+)(-[\d]+)?/.+(\.(?:jpe?g|webp|png|avif))$ %{ENV:REWRITEBASE}img/c/$1$2$3 [L] + # AlphaImageLoader for IE and fancybox + RewriteRule ^images_ie/?([^/]+)\.(jpe?g|png|gif)$ %{ENV:REWRITEBASE}js/jquery/plugins/fancybox/images/$1.$2 [L] + # Dispatcher + RewriteCond %{REQUEST_FILENAME} -s [OR] + RewriteCond %{REQUEST_FILENAME} -l [OR] + RewriteCond %{REQUEST_FILENAME} -d + RewriteRule ^.*$ - [NC,L] + RewriteRule ^.*$ %{ENV:REWRITEBASE}index.php [NC,L] + + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + +``` \ No newline at end of file diff --git a/On host/RKNN.md b/On host/RKNN.md new file mode 100644 index 0000000..aef4c65 --- /dev/null +++ b/On host/RKNN.md @@ -0,0 +1,114 @@ +# RKNN + +##### Installing RKNN LLM and RKNN Toolkit 2 + +Réf. : [https://github.com/Pelochus/ezrknpu](https://github.com/Pelochus/ezrknpu) + +```bash +sudo apt install cmake g++ make libgl1 libglx-mesa0 -y + +cd /mnt/data +sudo curl https://raw.githubusercontent.com/Pelochus/ezrknpu/main/install.sh | sudo bash +``` + +##### Test run + +```bash +GIT_LFS_SKIP_SMUDGE=1 git clone https://huggingface.co/Pelochus/qwen-1_8B-rk3588 # Running git lfs pull after is usually better +cd qwen-1_8B-rk3588 && git lfs pull # Pull model +rkllm qwen-chat-1_8B.rkllm # Run! +``` + +--- + +##### Installation of Miniforge3 + +```bash +wget -c https://github.com/conda-forge/miniforge/releases/download/24.9.0-0/Miniforge3-24.9.0-0-Linux-aarch64.sh + +chmod 777 Miniforge3-24.9.0-0-Linux-aarch64.sh + +bash Miniforge3-24.9.0-0-Linux-aarch64.sh +``` + +##### Create RKLLM-Toolkit Conda Environment + +```bash +source ~/miniforge3/bin/activate + +conda create -n RKLLM-Toolkit python=3.8 + +# +# To activate this environment, use +# +# $ conda activate RKLLM-Toolkit +# +# To deactivate an active environment, use +# +# $ conda deactivate + +conda activate RKLLM-Toolkit +``` + +##### Install RKLLM-Toolkit + +```bash +pip3 install rkllm_toolkit-x.x.x-cp38-cp38-linux_x86_64.whl +``` + +##### Install OpenCL + +Download the ARM Mali GPU blob from rockchip's repository and put it into /usr/lib/ as follows. And install the firmware for the GPU if not already installed. + +```bash +cd /usr/lib && sudo wget https://github.com/JeffyCN/mirrors/raw/libmali/lib/aarch64-linux-gnu/libmali-valhall-g610-g6p0-x11-wayland-gbm.so +cd /lib/firmware && sudo wget https://github.com/JeffyCN/mirrors/raw/libmali/firmware/g610/mali_csffw.bin +``` + +Add the Mali GPU blob to the OpenCL ICD config file as follows; + +``` +sudo apt install mesa-opencl-icd clinfo +``` + +On Ubuntu, you may get not found errors, especially huawei links. Ignore them. It looks OK. Proceed with the followings; + +```bash +sudo mkdir -p /etc/OpenCL/vendors +echo "/usr/lib/libmali-valhall-g610-g6p0-x11-wayland-gbm.so" | sudo tee /etc/OpenCL/vendors/mali.icd +``` + +Set the dependencies of the Mali OpenCL as follows; + +```bash +sudo apt install libxcb-dri2-0 libxcb-dri3-0 libwayland-client0 libwayland-server0 libx11-xcb1 +``` + +Now you can run "clinfo" to check whether OpenCL is working. + +```bash +clinfo... +``` + +Check whether some dependencies are missing using ldd command as follows; + +``` +ldd /usr/lib/libmali-valhall-g610-g6p0-x11-wayland-gbm.so +``` + +Create Symbolic Link for libOpenCL.so + +The directory "/usr/lib/aarch64-linux-gnu/" will have "libOpenCL.so.1.0.0". But no "libOpenCL.so" file. In this case, create a symbolic link as follows. You need to log into root account to create this, say, "su -"; + +```bash +cd /usr/lib/aarch64-linux-gnu/ && sudo ln -s libOpenCL.so.1.0.0 libOpenCL.so +``` + +Copying OpenCL "CL" Folder into "/usr/include" + +```bash +cd ~/ && wget https://www.roselladb.com/download/CLv3.zip +unzip CLv3.zip +sudo cp -r CL /usr/include +sudo reboot +``` \ No newline at end of file diff --git a/On host/SSG (Hugo).md b/On host/SSG (Hugo).md new file mode 100644 index 0000000..df568d5 --- /dev/null +++ b/On host/SSG (Hugo).md @@ -0,0 +1,73 @@ +# Hugo + +#### Git + +[https://git-scm.com/book/en/v2/Getting-Started-Installing-Git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) + +```bash +sudo apt install -y git-all install-info +``` + +#### Go + +[https://go.dev/dl/](https://go.dev/dl/) + +```bash +sudo rm -rf /usr/local/go && sudo tar -C /usr/local -xzf go1.22.3.linux-amd64.tar.gz + +export PATH=$PATH:/usr/local/go/bin + +go version +``` + +#### Homebrew / Dart Sass + +```bash +/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" + +(echo; echo 'eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"') >> /home/julien/.bashrc +eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" + +brew install sass/sass/sass +``` + +## Hugo + +[https://gohugo.io](https://gohugo.io) + +```bash +brew install hugo + +hugo version +``` + +#### Quickstart + +```bash +hugo new site quickstart +cd quickstart +git init +git submodule add https://github.com/theNewDynamic/gohugo-theme-ananke.git themes/ananke +echo "theme = 'ananke'" >> hugo.toml +hugo server +``` + +#### Development server + +```bash +hugo server --buildDrafts +``` + +or + +```bash +hugo server -D +``` + +#### Publish + +```bash +hugo && rsync... +``` + +> [Rsync](https://bookstack.delmar.bzh/books/selfhosted/page/rsync "Rsync") \ No newline at end of file diff --git a/On host/WebDAV.md b/On host/WebDAV.md new file mode 100644 index 0000000..d441d7c --- /dev/null +++ b/On host/WebDAV.md @@ -0,0 +1,13 @@ +# WebDAV + +## Structure + +``` +. +├── apache +| ├── baikal (83) +| └── webdav +└── mariadb +``` + +CF. : [Baikal](https://cloud.delmar.bzh/f/12225) \ No newline at end of file diff --git a/On host/Webmin.md b/On host/Webmin.md new file mode 100644 index 0000000..08da33e --- /dev/null +++ b/On host/Webmin.md @@ -0,0 +1,21 @@ +# Webmin + +## Structure + +``` +. +├── systemd + └── webmin (10000) +``` + +```bash +curl -o webmin-setup-repos.sh https://raw.githubusercontent.com/webmin/webmin/master/webmin-setup-repos.sh +sudo sh webmin-setup-repos.sh +sudo apt-get install --install-recommends webmin usermin -y +``` + +[https://ip-address-of-machine:10000](https://ip-address-of-machine:10000) + +##### Docker Module + +[https://github.com/dave-lang/webmin-docker](https://github.com/dave-lang/webmin-docker) \ No newline at end of file diff --git a/On host/Wireguard.md b/On host/Wireguard.md new file mode 100644 index 0000000..44b7050 --- /dev/null +++ b/On host/Wireguard.md @@ -0,0 +1,40 @@ +# Wireguard + +## Proton VPN + +```bash +sudo apt install wireguard resolvconf + +sudo vim /etc/wireguard/wg0.conf +``` + +Download [Configuration File](https://account.proton.me/u/0/vpn/WireGuard) + +```conf +[Interface] +# Key for sandy +# Bouncing = 0 +# NetShield = 1 +# Moderate NAT = off +# NAT-PMP (Port Forwarding) = off +# VPN Accelerator = on +PrivateKey = CEGA0TO7WhxIdwbTIV9p4XMG2CfdPSiNmpRwwHzaeXo= +Address = 10.2.0.2/32 +DNS = 10.2.0.1 + +[Peer] +# FR#97 +PublicKey = Z/l/+DAz1YilevRfmEMMjNbzYOVCB0sOJc3vVKhQ/gw= +AllowedIPs = 0.0.0.0/0 +Endpoint = 146.70.194.18:51820 +``` + +`sudo wg-quick up wg0.conf` + +#### enable + +`sudo systemctl enable --now wg-quick@wg0` + +#### Check... + +`sudo wgcurl https://ip.me` \ No newline at end of file diff --git a/On host/Wordpress.md b/On host/Wordpress.md new file mode 100644 index 0000000..5ec3ebb --- /dev/null +++ b/On host/Wordpress.md @@ -0,0 +1,132 @@ +# Wordpress + +```bash +sudo apt update && apt full-upgrade -y +sudo apt install apache2 wget curl git php libapache2-mod-php php-cli php-mysql php-zip php-curl php-xml php-json php-gd php-intl php-mbstring php-imagick php-fpm php-dom php-gd php-imagick -y +``` + +## apache + +### wpugo + +```bash +wget https://wordpress.org/latest.tar.gz --directory-prefix=/tmp/ +sudo tar xvfa /tmp/latest.tar.gz -C /var/www/wpugo/ --strip-components=1 +sudo chown -R www-data:www-data /var/www/wpugo/ +sudo rm /var/www/wpugo/index.nginx-debian.html +sudo cp wordpress/wp-config-sample.php wordpress/wp-config.php +``` + +> edit wordpress/wp-config.php with database infos + +
DatabaseUserPasswordHost
wpugowordpresswordpresspatrick:3306
`sudo rm /var/www/wpugo/readme.html`
+ +
> add virtualhost to /etc/apache2/sites-available/ugo.delmar.bzh.conf + +```conf + + ServerName ugo.delmar.bzh + DocumentRoot /var/www/wpugo + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + +``` + +> vim /var/www/html/wp-admin/setup-config.php +> Add before line 20 (20 gg) +> `> $_SERVER['HTTPS']='on';` + +> sudo vim /var/www/html/wp-config-sample.php +> Add before line 82 (82 gg) +> `$_SERVER['HTTPS']='on';` + +```bash +sudo chmod -v 666 /var/www/wpugo/.htaccess +sudo a2ensite ugo.delmar.bzh.conf +sudo a2dissite 000-default +apache2ctl configtest +``` + +``` +# Redirection vers HTTPS + RewriteCond %{SERVER_PORT} ^8082$ [OR] + RewriteCond %{HTTPS} =off + RewriteRule ^(.*)$ https://ugo.delmar.bzh/$1 [R=301,L] +# Redirection du non-www vers www en HTTPS + RewriteCond %{HTTP_HOST} ^delmar.bzh [NC] + RewriteRule ^(.*)$ https://ugo.delmar.bzh/$1 [R=301,L] + +# BEGIN WordPress + + RewriteEngine On + RewriteBase / + RewriteRule ^index.php$ - [L] + RewriteCond %{REQUEST_FILENAME} !-f + RewriteCond %{REQUEST_FILENAME} !-d + RewriteRule . /index.php [L] + +# END WordPress +``` + +> sudo vim /etc/apache2/mods-enabled/dir.conf +> `DirectoryIndex index.php index.html index.cgi index.pl index.xhtml index.htm` + +```bash + systemctl reload apache2 + exit +``` + +### Starting WP + +#### Database infos + +
WebsiteDatabaseNameUsernamePasswordHostPrefix
wp1wpjulwordpress28CWAm2yDy2PMVnU9ZwtxvNQdb.lxdwp\_
wp2wpugowordpress28CWAm2yDy2PMVnU9ZwtxvNQdb.lxdwp\_
+ +
\#docker #apache #mariadb #server #cms #blog + +### Fix upload\_max\_filesize directive + +1. Get container ID : `sudo docker container ls --filter name='wordpress'` +2. Update .htaccess file : `sudo docker container exec -it bash -c "echo 'php_value upload_max_filesize 256M' > '/var/www/html/.htaccess'"` + +--- + +##### **(!) In order to handle SEO url, include rewrite rules in [delmar.bzh.conf](https://bookstack.delmar.bzh/books/selfhosted/page/lamp "L.A.M.P")** + +## VirtualHost + +``` +. +├── apache +| └── wordpress (82) +└── mariadb +``` + +`/etc/apache2/sites-available/delmar.bzh.conf` + +```conf + +       ServerName ugo.delmar.bzh + +       ServerAdmin ugo@delmar.bzh +       DocumentRoot /var/www/wpugo + +          +               Options Indexes FollowSymLinks +               AllowOverride None   +               Order allow,deny   +               allow from all   + +               RewriteEngine On +               RewriteBase / +               RewriteRule ^index\.php$ - [L] +               RewriteCond %{REQUEST_FILENAME} !-f +               RewriteCond %{REQUEST_FILENAME} !-d +               RewriteRule . /index.php [L] +        + +       ErrorLog ${APACHE_LOG_DIR}/error.log +       CustomLog ${APACHE_LOG_DIR}/access.log combined + +``` \ No newline at end of file