rad.forksand.com notes

master
forksand 3 years ago
parent 248c3f4450
commit 730505c450

@ -0,0 +1,118 @@
# radicle notes
radicle.xyz
# Install build deps
apt install \
-t buster-backports \
apache2 \
build-essential \
npm \
python3-certbot-apache \
yarnpkg
# Add firewall rules:
# UDP
-A INPUT -p udp --dport 12345 -j ACCEPT
# Web Admin
-A INPUT -p tcp --dport 8080 -j ACCEPT
# Web proxy
-A INPUT -p tcp --dport 80 -j ACCEPT
-A INPUT -p tcp --dport 443 -j ACCEPT
# Dev server
-A INPUT -p tcp --dport 5000 -j ACCEPT
# Enable apache modules
a2enmod ssl rewrite proxy proxy_http
a2ensite default-ssl.conf
systemctl restart apache2
# Set up certbot:
certbot
# Configure apache2 https proxy
$ cat /etc/apache2/sites-enabled/000-default-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerName rad.forksand.com
SSLCertificateFile /etc/letsencrypt/live/rad.forksand.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/rad.forksand.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
RewriteEngine on
RewriteCond %{SERVER_NAME} =rad.spacecruft.net [OR]
RewriteCond %{SERVER_NAME} =rad.spacecruft.com
RewriteRule ^ https://rad.forksand.com%{REQUEST_URI} [END,NE,R=permanent]
ProxyPreserveHost On
ProxyRequests off
AllowEncodedSlashes NoDecode
ProxyPass / http://localhost:8080/ nocanon
ProxyPassReverse / http://localhost:8080/
</VirtualHost>
</IfModule>
EOF
# Install rustup
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
# Install yarn
mkdir -p ~/bin/
cd ~/bin/
ln -s /usr/bin/yarnpkg yarn
# Clone radicle
cd ~/devel/
git clone https://github.com/radicle-dev/radicle-bins.git
cd radicle-bins
# Build with yarn
cd seed/ui
yarn
yarn build
mkdir -p ~/.radicle-seed
chmod og-rwx ~/.radicle-seed
# Create key
cargo run -p radicle-keyutil -- --filename ~/.radicle-seed/secret.key
# Run the thing:
cd /home/jebba/devel/radicle-bins/seed/ui
# example:
# hyy5s7ysg96fqa91gbe7h38yddh4mkokft7y4htt8szt9e17sxoe3h@seed.my.org:12345
# rad.forksand.com:
cat >>
#!/bin/bash
set -x
cd ~/devel/radicle-bins/
cargo run -p radicle-seed-node --release -- \
--root ~/.radicle-seed \
--peer-listen 0.0.0.0:12345 \
--http-listen 0.0.0.0:8080 \
--name "Fork Sand seedling" \
--public-addr "rad.forksand.com:12345" \
--assets-path seed/ui/public \
< ~/.radicle-seed/secret.key
EOF
###################################################
# To start a local dev server for preview, run: `yarn run dev`, then point your
# browser at: http://localhost:5000.
yarn run dev
# Tunnel
ssh -N -C -L 5000:localhost:5000 rad.forksand.com
Loading…
Cancel
Save