Recipe for GLPA Mediagoblin Container

LXC Container - Debian 9

  • Create CT: debian 9.4 lxc template, 4 cpu limit, 20 gb hdd, 1024 mb ram, 512 mb swap
  • enable fuse container (see http://myatus.com/p/quick-note-fuse-inside-proxmox-lxc-container/):<code> echo $'lxc.autodev: 1\nlxc.hook.autodev: sh -c “mknod -m 0666 ${LXC_ROOTFS_MOUNT}/dev/fuse c 10 229”' » /etc/pve/lxc/###.conf </code>
  • add mounts of other container to mediagoblin container e.g. pct set 154 --mp0 hdd6tb:vm-204-disk-1,mp=/mnt/glpavideo
  • pct start 154 && pct enter 154
  • …in the container…
  • reset the root password (since proxmox sets it using an older, less-secure hashing algorithm): passwd
  • create users:
    adduser tdobes
    adduser tdobes adm
    adduser tdobes systemd-journal

    …now you can ssh in

  • sed -i -e 's/"syntax on/syntax on/g' -e 's/"set background=dark/set background=dark/g' -e 's/"set showcmd/set showcmd/g' -e 's/"set showmatch/set showmatch/g' -e 's/"set ignorecase/set ignorecase/g' -e 's/"set smartcase/set smartcase/g' -e 's/"set incsearch/set incsearch/g' -e 's/"set autowrite/set autowrite/g' -e 's/"set hidden/set hidden/g' -e 's/"set mouse=a/set mouse=nic/g' /etc/vim/vimrc
  • vi /etc/vim/vimrc # – and uncomment autocmd block for jumping to last position
  • aptitude update && aptitude forget-new && aptitude full-upgrade
  • aptitude install git python python-dev python-lxml python-imaging python-virtualenv automake build-essential
    aptitude install postgresql postgresql-client python-psycopg2
    
    aptitude install ca-certificates apt-transport-https
    echo 'deb https://deb.nodesource.com/node_8.x stretch main' > /etc/apt/sources.list.d/nodesource.list
    echo 'deb-src https://deb.nodesource.com/node_8.x stretch main' >> /etc/apt/sources.list.d/nodesource.list
    wget -qO- https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add -
    aptitude update && aptitude forget-new && aptitude install nodejs
    
    su - postgres
    createuser -A -D mediagoblin
    createdb -E UNICODE -O mediagoblin mediagoblin
    exit
    
    adduser --system --home /var/lib/mediagoblin --group --gecos "GNU MediaGoblin system account" mediagoblin
    adduser mediagoblin www-data
    
    mkdir -p /mnt/glpavideo/digital_repository && chown mediagoblin:www-data /mnt/glpavideo/digital_repository
    
    mkdir -p /srv/mediagoblin && chown -hR mediagoblin:www-data /srv/mediagoblin
    su mediagoblin -s /bin/bash
    cd /srv/mediagoblin
    git clone git://git.savannah.gnu.org/mediagoblin.git -b stable
    cd mediagoblin
    git submodule init && git submodule update
    ./bootstrap.sh && ./configure && make
    ln -s /mnt/glpavideo/digital_repository user_dev
    bin/pip install flup==1.0.3.dev-20110405 # need older version because latest is not compatible with python 2 (which is what mediagoblin wants)
    
    cp -a mediagoblin.ini mediagoblin_local.ini && cp -a paste.ini paste_local.ini
    sed -i -e 's/^email_sender_address = ".*$/email_sender_address = "repository@glpa.org"/g' -e 's|# sql_engine = postgresql:///mediagoblin|sql_engine = postgresql:///mediagoblin|g' mediagoblin_local.ini
    ./bin/gmg dbupdate
    
    # to test server:
    ./lazyserver.sh --server-name=broadcast # "broadcast" here refers to a section in paste_local.ini which listens on 0.0.0.0 instead of 127.0.0.1
    # HTTP server runs on port 6543 (access via. VPN since this has a private IP)
    
    exit
    
    mkdir -p /var/log/mediagoblin && chown mediagoblin:adm /var/log/mediagoblin && chmod 0750 /var/log/mediagoblin
    
    echo '[Unit]' > /etc/systemd/system/mediagoblin-celeryd.service
    echo 'Description=Mediagoblin Celeryd' >> /etc/systemd/system/mediagoblin-celeryd.service
    echo >> /etc/systemd/system/mediagoblin-celeryd.service
    echo '[Service]' >> /etc/systemd/system/mediagoblin-celeryd.service
    echo 'User=mediagoblin' >> /etc/systemd/system/mediagoblin-celeryd.service
    echo 'Group=mediagoblin' >> /etc/systemd/system/mediagoblin-celeryd.service
    echo 'Type=simple' >> /etc/systemd/system/mediagoblin-celeryd.service
    echo 'WorkingDirectory=/srv/mediagoblin/mediagoblin' >> /etc/systemd/system/mediagoblin-celeryd.service
    echo 'PermissionsStartOnly=true' >> /etc/systemd/system/mediagoblin-celeryd.service
    echo 'ExecStartPre=/bin/mkdir -p /run/mediagoblin' >> /etc/systemd/system/mediagoblin-celeryd.service
    echo 'ExecStartPre=/bin/chown -hR mediagoblin:mediagoblin /run/mediagoblin' >> /etc/systemd/system/mediagoblin-celeryd.service
    echo 'Environment=MEDIAGOBLIN_CONFIG=/srv/mediagoblin/mediagoblin/mediagoblin_local.ini CELERY_CONFIG_MODULE=mediagoblin.init.celery.from_celery' >> /etc/systemd/system/mediagoblin-celeryd.service
    echo 'ExecStart=/srv/mediagoblin/mediagoblin/bin/celery worker --logfile=/var/log/mediagoblin/celery.log --loglevel=INFO' >> /etc/systemd/system/mediagoblin-celeryd.service
    echo 'PIDFile=/run/mediagoblin/mediagoblin-celeryd.pid' >> /etc/systemd/system/mediagoblin-celeryd.service
    echo >> /etc/systemd/system/mediagoblin-celeryd.service
    echo '[Install]' >> /etc/systemd/system/mediagoblin-celeryd.service
    echo 'WantedBy=multi-user.target' >> /etc/systemd/system/mediagoblin-celeryd.service
    systemctl enable mediagoblin-celeryd && systemctl start mediagoblin-celeryd
    
    echo '[Unit]' > /etc/systemd/system/mediagoblin-paster.service
    echo 'Description=Mediagoblin' >> /etc/systemd/system/mediagoblin-paster.service
    echo >> /etc/systemd/system/mediagoblin-paster.service
    echo '[Service]' >> /etc/systemd/system/mediagoblin-paster.service
    echo 'Type=forking' >> /etc/systemd/system/mediagoblin-paster.service
    echo 'User=mediagoblin' >> /etc/systemd/system/mediagoblin-paster.service
    echo 'Group=mediagoblin' >> /etc/systemd/system/mediagoblin-paster.service
    echo 'Environment=CELERY_ALWAYS_EAGER=false' >> /etc/systemd/system/mediagoblin-paster.service
    echo 'WorkingDirectory=/srv/mediagoblin/mediagoblin' >> /etc/systemd/system/mediagoblin-paster.service
    echo 'PermissionsStartOnly=true' >> /etc/systemd/system/mediagoblin-paster.service
    echo 'ExecStartPre=-/bin/mkdir -p /run/mediagoblin' >> /etc/systemd/system/mediagoblin-paster.service
    echo 'ExecStartPre=/bin/chown -hR mediagoblin:mediagoblin /run/mediagoblin' >> /etc/systemd/system/mediagoblin-paster.service
    echo 'ExecStart=/srv/mediagoblin/mediagoblin/bin/paster serve /srv/mediagoblin/mediagoblin/paste_local.ini --pid-file=/var/run/mediagoblin/mediagoblin.pid --log-file=/var/log/mediagoblin/mediagoblin.log --daemon --server-name=fcgi fcgi_host=0.0.0.0 fcgi_port=26543' >> /etc/systemd/system/mediagoblin-paster.service
    echo 'ExecStop=/srv/mediagoblin/mediagoblin/bin/paster serve --pid-file=/var/run/mediagoblin/mediagoblin.pid /srv/mediagoblin/mediagoblin/paste_local.ini stop' >> /etc/systemd/system/mediagoblin-paster.service
    echo 'PIDFile=/var/run/mediagoblin/mediagoblin.pid' >> /etc/systemd/system/mediagoblin-paster.service
    echo >> /etc/systemd/system/mediagoblin-paster.service
    echo '[Install]' >> /etc/systemd/system/mediagoblin-paster.service
    echo 'WantedBy=multi-user.target' >> /etc/systemd/system/mediagoblin-paster.service
    systemctl enable mediagoblin-paster && systemctl start mediagoblin-paster

process for future upgrades:

su mediagoblin -s /bin/bash
cd /srv/mediagoblin/mediagoblin
git submodule update && ./bin/python setup.py develop --upgrade && ./bin/gmg dbupdate
exit

See http://mediagoblin.readthedocs.io/en/stable/siteadmin/deploying.html and http://mediagoblin.readthedocs.io/en/stable/siteadmin/production-deployments.html

computer/glpa_mediagoblin_container_recipe.txt · Last modified: 2018/06/25 18:24 by tdobes
Recent changes RSS feed Driven by DokuWiki Valid XHTML 1.0 Valid CSS