Hier ein einfaches Tutorial um Diaspora Version 0.7.1.x Schritt für Schritt auf einem eigenen Webserver mit Ubuntu 16.04 zu installieren.
Hinweis: bei dieser Anleitung handelt es sich um meine private Dokumentation und nicht um die offizielle Diaspora Installations- und Update Anleitung der Community! Diese findet Ihr unter https://wiki.diasporafoundation.org
Quelle: https://wiki.diasporafoundation.org/Ins ... this_guide
Pakete installieren die für Diaspora notwendig sind
Code: Select all
sudo apt update && sudo apt install software-properties-common mariadb-server ssh screen mc vim htop ufw build-essential git curl imagemagick libmagickwand-dev nodejs redis-server libssl-dev libcurl4-openssl-dev libxml2-dev libxslt1-dev libgmp-dev libmysqlclient-dev libyaml-dev libsqlite3-dev sqlite3 autoconf libgdbm-dev libncurses5-dev automake bison libffi-dev libreadline6-dev libreadline-devQuelle: https://kofler.info/lets-encrypt-zertif ... ntu-16-04/
Code: Select all
add-apt-repository ppa:certbot/certbotCode: Select all
apt update && apt install python-certbot-apacheCode: Select all
sudo certbot --apacheApache Server anpassen
Code: Select all
vim /etc/apache2/sites-available/000-default-le-ssl.confabschließend noch die TLS Zertifikate für die Pod Domain generieren.<IfModule mod_ssl.c>
<VirtualHost *:443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerName dorf-post.de
ServerAlias www.dorf-post.de
ServerAdmin diaspora@dorf-post.de
DocumentRoot /home/diaspora/diaspora/public
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
RewriteEngine On
RewriteCond %{HTTP_HOST} !^dorf-post\.de [NC]
RewriteRule ^/(.*)$ https://dorf-post\.de/$1 [L,R,QSA]
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule ^/(.*)$ balancer://upstream%{REQUEST_URI} [P,QSA,L]
<Proxy balancer://upstream>
BalancerMember http://127.0.0.1:3000
</Proxy>
ProxyRequests Off
ProxyVia On
ProxyPreserveHost On
RequestHeader set X_FORWARDED_PROTO https
<Proxy *>
# Apache < 2.4
#Order allow,deny
#Allow from all
# Apache >= 2.4
Require all granted
</Proxy>
<Directory /home/diaspora/diaspora/public>
Options -MultiViews
# Apache < 2.4
#Allow from all
#AllowOverride all
# Apache >= 2.4
Require all granted
</Directory>
SSLEngine On
Include /etc/letsencrypt/options-ssl-apache.conf
# maybe not needed, need for example for startssl to point to a local
# copy of https://www.startssl.com/certs/class1/s ... ha2.ca.pem
#SSLCertificateChainFile /path/to/chain_file
# Based on https://wiki.mozilla.org/Security/Server_Side_TLS - consider as global configuration
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128:AES256:AES:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK
SSLHonorCipherOrder on
SSLCompression off
SSLCertificateFile /etc/letsencrypt/live/dorf-post.de/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/dorf-post.de/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
Code: Select all
certbot --apache -d dorf-post.de -d www.dorf-post.deApache Module aktivieren
Code: Select all
sudo a2enmod ssl rewrite headers proxy proxy_http proxy_balancer lbmethod_byrequests slotmem_shmQuelle: https://wiki.ubuntuusers.de/MySQL/
Code: Select all
mysql -u root -pCode: Select all
root@dorf-post:~# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 43
Server version: 10.0.31-MariaDB-0ubuntu0.16.04.2 Ubuntu 16.04
Copyright (c) 2000, 2017, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]>Code: Select all
create user 'diaspora'@'localhost' identified by 'P4S5W0Rd';Code: Select all
grant usage on *.* to 'diaspora'@'localhost' identified by 'P4S5W0Rd';Code: Select all
grant all privileges on diaspora_production.* to 'diaspora'@'localhost';Code: Select all
flush privileges; Code: Select all
quit;Code: Select all
sudo service apache2 restartCode: Select all
sudo adduser --disabled-login diasporaCode: Select all
sudo -iu diasporaCode: Select all
curl -L https://s.diaspora.software/1t | bashCode: Select all
gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
\curl -sSL https://get.rvm.io | bash -s stableCode: Select all
vim ~/.bashrcCode: Select all
[[ -s "$HOME/.rvm/scripts/rvm" ]] && source "$HOME/.rvm/scripts/rvm"! Erst als Benutzer Diaspora anmelden !
Code: Select all
sudo -iu diasporaCode: Select all
rvm autolibs read-failCode: Select all
rvm install 2.4Diaspora Pod Software herunterladen
Code: Select all
cd ~
git clone -b master https://github.com/diaspora/diaspora.git
cd diasporaCode: Select all
cp config/database.yml.example config/database.yml
cp config/diaspora.yml.example config/diaspora.ymlCode: Select all
vim config/database.yml#postgresql: &postgresql
# adapter: postgresql
# host: localhost
# port: 5432
# username: postgres
# password:
# encoding: unicode
mysql: &mysql
adapter: mysql2
host: "localhost"
port: 3306
username: "diaspora"
password: "P4S5W0Rd"
# socket: /tmp/mysql.sock
encoding: utf8mb4
collation: utf8mb4_bin
# Comment the postgresql line and uncomment the mysql line
# if you want to use mysql
common: &common
# Choose one of the following
#<<: *postgresql
<<: *mysql
# Should match environment.sidekiq.concurrency
#pool: 25
##################################################
#### CONFIGURE ABOVE #############################
##################################################
# Normally you don't need to touch anything here
combined: &combined
<<: *common
development:
<<: *combined
database: diaspora_development
production:
<<: *combined
database: diaspora_production
test:
<<: *combined
database: "diaspora_test"
integration1:
<<: *combined
database: diaspora_integration1
integration2:
<<: *combined
database: diaspora_integration2
Code: Select all
vim config/diaspora.ymlBundle installierenconfiguration: ## Section
## You need to change or at least review the settings in this section
## in order for your pod to work.
environment: ## Section
## Set the hostname of the machine you're running Diaspora on, as seen
## from the internet. This should be the URL you want to use to
## access the pod. So if you plan to use a reverse proxy, it should be
## the URL the proxy listens on. DO NOT CHANGE THIS AFTER INITIAL SETUP!
## However changing http to https is okay and has no consequences.
## If you do change the URL, you will have to start again as the URL
## will be hardcoded into the database.
url: "https://dorf-post.de/"
## Set the bundle of certificate authorities (CA) certificates.
## This is specific to your operating system.
## Examples (uncomment the relevant one or add your own):
## For Debian, Ubuntu, Archlinux, Gentoo (package ca-certificates):
#certificate_authorities: '/etc/ssl/certs/ca-certificates.crt'
## For CentOS, Fedora:
#certificate_authorities: '/etc/pki/tls/certs/ca-bundle.crt'
## URL for a remote Redis (default=localhost).
## Don't forget to restrict IP access if you uncomment these!
#redis: 'redis://example_host'
#redis: 'redis://username:password@host:6379/0'
#redis: 'unix:///tmp/redis.sock'
## Require SSL (default=true).
## When set, your pod will force the use of HTTPS in production mode.
## Since OAuth2 requires SSL, Diaspora's future API might not work if
## you're not using SSL. Also there is no guarantee that posting to
## services will be possible if SSL is disabled.
## Do not change this default unless you are sure!
require_ssl: true
## General settings
settings: ## Section
## Pod name (default="diaspora*")
## The pod name displayed in various locations, including the header.
pod_name: "Dorf Post*"
## Settings affecting how ./script/server behaves.
server: ## Section
## Where the appserver should listen to (default=unix:tmp/diaspora.sock)
#listen: 'unix:tmp/diaspora.sock'
#listen: 'unix:/run/diaspora/diaspora.sock'
listen: '127.0.0.1:3000'
## Set the path for the PID file of the unicorn master process (default=tmp/pids/web.pid)
#pid: 'tmp/pids/web.pid'
## Rails environment (default='development').
## The environment in which the server should be started by default.
## Change this to 'production' if you wish to run a production environment.
#rails_environment: 'development'
rails_environment: 'production'
## Write unicorn stderr and stdout log.
stderr_log: 'log/unicorn-stderr.log'
stdout_log: 'log/unicorn-stdout.log'
## Allow your pod to send emails for notifications, password recovery
## and other purposes (disabled by default).
mail: ## Section
## First you need to enable it.
#enable: true
## Sender address used in mail sent by Diaspora.
#sender_address: 'no-reply@example.org'
## This selects which mailer should be used. Use 'smtp' for a smtp
## connection or 'sendmail' to use the sendmail binary.
#method: 'smtp'
## Ignore if method isn't 'smtp'.
smtp: ## Section
## Host and port of the smtp server handling outgoing mail.
## This should match the common name of the certificate sent by
## the SMTP server, if it sends one. (default port=587)
host: 'xxxxxx.kasserver.com'
port: 587
## Authentication required to send mail (default='plain').
## Use one of 'plain', 'login' or 'cram_md5'. Use 'none'
## if server does not support authentication.
#authentication: 'plain'
## Credentials to log in to the SMTP server.
## May be necessary if authentication is not 'none'.
username: 'US3RN4M3'
password: 'Z3N51RT'
## Automatically enable TLS (default=true).
## Leave this commented out if authentication is set to 'none'.
starttls_auto: true
## The domain for the HELO command, if needed.
domain: 'xxxxxx.kasserver.com'
## OpenSSL verify mode used when connecting to a SMTP server with TLS.
## Set this to 'none' if you have a self-signed certificate. Possible
## values: 'none', 'peer'.
#openssl_verify_mode: 'none'
## Administrator settings
admins: ## Section
## Set the admin account.
## This doesn't make the user an admin but is used when a generic
## admin contact is needed, much like the postmaster role in mail
## systems. Set only the username, NOT the full ID.
#account: "podmaster"
## E-mail address to contact the administrator.
podmin_email: 'diaspora@dorf-post.de'
## Here you can override settings defined above if you need
## to have them different in different environments.
production: ## Section
environment: ## Section
#redis: 'redis://dorf-post.de:6379'[/color]
development: ## Section
environment: ## Section
#redis: 'redis://production.example.org:6379'
Code: Select all
gem install bundlerCode: Select all
bin/bundle config --local build.sigar "--with-cppflags='-fgnu89-inline'"Code: Select all
RAILS_ENV=production bin/bundle install --jobs $(nproc) --deployment --without test development --with mysqlCode: Select all
gem install bundleCode: Select all
RAILS_ENV=production bin/rake db:create db:migrateCode: Select all
RAILS_ENV=production bin/rake assets:precompileCode: Select all
./script/serverDen Benutzer Diaspora abmelden und als root anmelden
Code: Select all
screen bashCode: Select all
sudo -iu diasporaCode: Select all
cd ~/diasporaCode: Select all
./script/serverOptional
Twitter API generieren und einbinden
Quelle: https://wiki.diasporafoundation.org/Int ... l_networks
Zuerst die Pod spezifischen Zugangsdaten mit dem eigenen Twitter Account erstellen unter https://apps.twitter.com/
Die API Daten anschließend in der ~/diaspora/config/diaspora.yml hinterlegen
## Posting from Diaspora to external services (all are disabled by default).
services: ## Section
## OAuth credentials for Facebook
facebook: ## Section
#enable: true
#app_id: 'abcdef'
#secret: 'change_me'
## This setting is required to define whether the Facebook app has permissions to post
## false == No permissions (default)
## true == Permissions for all users to post. App MUST have 'publish_actions' approved by Facebook!
## "username" == Set to local username to allow a single user to cross-post. The person who has created
## the Facebook app will always be able to cross-post, even without 'publish_actions'.
#authorized: false
## OAuth credentials for Twitter
twitter: ## Section
enable: true
key: 'dasistmeinaccountnimmdeineneigenen'
secret: 'dassindmeinedatenunddieverrateichicht'
Prosody XMPP Server installieren und einbinden
Quelle: https://thomas-leister.de/prosody-xmpp-server-ubuntu/
Prosody installieren
Code: Select all
apt update && apt install prosody lua-dbi-mysql lua-sql-mysql lua-secCode: Select all
sudo mysql -u root -pCode: Select all
create user 'prosody'@'localhost' identified by 'nimmeinvernünftigespasswortohneumlaute';Code: Select all
create database prosody;Code: Select all
grant all on prosody.* to 'prosody'@'localhost';Code: Select all
quit;Code: Select all
sudo vim /etc/prosody/prosody.cfg.luaCode: Select all
pidfile = "/var/run/prosody/prosody.pid"
--
-- Datenbankanbindung
---------------------------------
storage = "sql"
sql = {
driver = "MySQL";
database = "prosody";
host = "localhost";
username = "prosody";
password = "nimmeinvernünftigespasswortohneumlaute";
}Bestehenden Diaspora-Pod updaten
Quelle: https://wiki.diasporafoundation.org/Updating
Login als Diaspora Benutzer in der Shell
Diaspora-pod stoppen
Backup der Datenbank und der Dateien anlegen
Code: Select all
mysqldump -u diaspora -p diaspora_production > db_diaspora_$(date +%Y%m%d).sqlCode: Select all
tar czf diaspora_$(date +%Y%m%d).tar.gz db_diaspora_$(date +%Y%m%d).sql diaspora/Code: Select all
cd ~/diasporaCode: Select all
rvm get latest
git checkout Gemfile.lock
git pull
cd .. && cd -
gem install bundler
bin/bundle
RAILS_ENV=production bin/rake db:migrate
RAILS_ENV=production bin/rake assets:precompile
Code: Select all
./script/server*** Tutorial noch in Arbeit, ab hier ignorieren!!! ***
https://wiki.diasporafoundation.org/Ins ... production
Hastags von anderen PODs synchronisieren:
Datei diaspora im Verzeichnis /etc/logrotate.d/anlegen und folgenden Inhalt einfügen
Code: Select all
/home/diaspora/diaspora/log/*.log {
notifempty
copytruncate
missingok
compress
monthly
delaycompress
rotate 5
}