#!/bin/bash # # HOWTOish set up gocd exit 0 echo "deb https://download.gocd.org /" | sudo tee /etc/apt/sources.list.d/gocd.list curl https://download.gocd.org/GOCD-GPG-KEY.asc | sudo apt-key add - sudo apt update sudo apt install go-server sudo systemctl start go-server # Run this on workstation: ssh -N -C -L 8153:localhost:8153 gocd # On workstation, go to: # http://127.0.0.1:8153/ # See: https://docs.gocd.org/current/configuration/dev_authentication.html # Configure to set up admin user (before opening to public) # http://127.0.0.1:8153/go/admin/security/auth_configs # Create a new authorization configuration # Name it "forksand" for Id. # Plugin: Password File Authentication Plugin # Password file path: /etc/go/password.properties # No: touch /etc/go/password.properties chown go:go /etc/go/password.properties # meh, use apache utils for password, but use nginx for proxy apt install apache2-utils # Create password: htpasswd -B /etc/go/password.properties jebba # Then login again with new user created above: # http://127.0.0.1:8153/ # Go here: # http://127.0.0.1:8153/go/admin/users # And enable the new user as an admin # Set up reverse proxy like: # https://docs.gocd.org/current/installation/configure-reverse-proxy.html # Set up nginx apt install nginx # Note, install barfs because it tries to set up IPv6 by default # Edit this file and remove the line after: vim /etc/nginx/sites-available/default listen [::]:80 default_server; # Then run to finish nginx install: apt -f install # Open up firewall ports on main firewall and iptables. # Set up certbot: apt install python3-certbot-nginx certbot \ --authenticator standalone \ --installer nginx \ -d gocd.forksand.com \ --email letsencrypt@forksand.com \ --pre-hook "systemctl stop nginx" \ --post-hook "systemctl start nginx" # Make sure all is good, if so, set up nginx as proxy. # Disks # Check here: # /var/lib/go-server/ # /var/lib/go-server/artifacts