forksand
4 years ago
parent
248c3f4450
commit
730505c450
@ -0,0 +1,118 @@
|
||||
# radicle notes
|
||||
radicle.xyz
|
||||
|
||||
# Install build deps
|
||||
apt install \
|
||||
-t buster-backports \
|
||||
apache2 \
|
||||
build-essential \
|
||||
npm \
|
||||
python3-certbot-apache \
|
||||
yarnpkg
|
||||
|
||||
# Add firewall rules:
|
||||
# UDP
|
||||
-A INPUT -p udp --dport 12345 -j ACCEPT
|
||||
# Web Admin
|
||||
-A INPUT -p tcp --dport 8080 -j ACCEPT
|
||||
# Web proxy
|
||||
-A INPUT -p tcp --dport 80 -j ACCEPT
|
||||
-A INPUT -p tcp --dport 443 -j ACCEPT
|
||||
# Dev server
|
||||
-A INPUT -p tcp --dport 5000 -j ACCEPT
|
||||
|
||||
# Enable apache modules
|
||||
a2enmod ssl rewrite proxy proxy_http
|
||||
a2ensite default-ssl.conf
|
||||
systemctl restart apache2
|
||||
|
||||
# Set up certbot:
|
||||
certbot
|
||||
|
||||
# Configure apache2 https proxy
|
||||
|
||||
$ cat /etc/apache2/sites-enabled/000-default-le-ssl.conf
|
||||
<IfModule mod_ssl.c>
|
||||
<VirtualHost *:443>
|
||||
ServerAdmin webmaster@localhost
|
||||
DocumentRoot /var/www/html
|
||||
ErrorLog ${APACHE_LOG_DIR}/error.log
|
||||
CustomLog ${APACHE_LOG_DIR}/access.log combined
|
||||
ServerName rad.forksand.com
|
||||
SSLCertificateFile /etc/letsencrypt/live/rad.forksand.com/fullchain.pem
|
||||
SSLCertificateKeyFile /etc/letsencrypt/live/rad.forksand.com/privkey.pem
|
||||
Include /etc/letsencrypt/options-ssl-apache.conf
|
||||
|
||||
RewriteEngine on
|
||||
RewriteCond %{SERVER_NAME} =rad.spacecruft.net [OR]
|
||||
RewriteCond %{SERVER_NAME} =rad.spacecruft.com
|
||||
RewriteRule ^ https://rad.forksand.com%{REQUEST_URI} [END,NE,R=permanent]
|
||||
|
||||
ProxyPreserveHost On
|
||||
ProxyRequests off
|
||||
AllowEncodedSlashes NoDecode
|
||||
ProxyPass / http://localhost:8080/ nocanon
|
||||
ProxyPassReverse / http://localhost:8080/
|
||||
|
||||
</VirtualHost>
|
||||
</IfModule>
|
||||
|
||||
EOF
|
||||
# Install rustup
|
||||
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
|
||||
|
||||
# Install yarn
|
||||
mkdir -p ~/bin/
|
||||
cd ~/bin/
|
||||
ln -s /usr/bin/yarnpkg yarn
|
||||
|
||||
# Clone radicle
|
||||
cd ~/devel/
|
||||
git clone https://github.com/radicle-dev/radicle-bins.git
|
||||
cd radicle-bins
|
||||
|
||||
# Build with yarn
|
||||
cd seed/ui
|
||||
yarn
|
||||
yarn build
|
||||
|
||||
mkdir -p ~/.radicle-seed
|
||||
chmod og-rwx ~/.radicle-seed
|
||||
|
||||
# Create key
|
||||
cargo run -p radicle-keyutil -- --filename ~/.radicle-seed/secret.key
|
||||
|
||||
|
||||
# Run the thing:
|
||||
cd /home/jebba/devel/radicle-bins/seed/ui
|
||||
|
||||
# example:
|
||||
# hyy5s7ysg96fqa91gbe7h38yddh4mkokft7y4htt8szt9e17sxoe3h@seed.my.org:12345
|
||||
# rad.forksand.com:
|
||||
|
||||
cat >>
|
||||
#!/bin/bash
|
||||
|
||||
set -x
|
||||
|
||||
cd ~/devel/radicle-bins/
|
||||
|
||||
cargo run -p radicle-seed-node --release -- \
|
||||
--root ~/.radicle-seed \
|
||||
--peer-listen 0.0.0.0:12345 \
|
||||
--http-listen 0.0.0.0:8080 \
|
||||
--name "Fork Sand seedling" \
|
||||
--public-addr "rad.forksand.com:12345" \
|
||||
--assets-path seed/ui/public \
|
||||
< ~/.radicle-seed/secret.key
|
||||
EOF
|
||||
|
||||
|
||||
###################################################
|
||||
# To start a local dev server for preview, run: `yarn run dev`, then point your
|
||||
# browser at: http://localhost:5000.
|
||||
yarn run dev
|
||||
|
||||
# Tunnel
|
||||
ssh -N -C -L 5000:localhost:5000 rad.forksand.com
|
||||
|
||||
Binary file not shown.
Loading…
Reference in new issue