4.0 KiB
4.0 KiB
voicegardens
An online landscape, built as a tool to explore the many aspects of the human voice.
Interwebz
- live site voicegardens.org
- "offline" installation version of voicegardens.org
- barbican.org.uk: This is Public Space
- upprojects.com: This is Public Space
Hackity Hack Hack
$ sudo apt install -y make git
$ git clone ssh://gitea@vvvvvvaria.org:12345/varia/voicegardens.git
$ cd voicegardens
$ python3 -m venv .venv
$ source .venv/bin/activate
$ pip install -r requirements.txt
$ make dev-serve
Deploying
You can add the following to your SSH configuration:
Host voicegardens.org
Hostname voicegardens.org
User <username>
Port 12345
IdentityFile ~/.ssh/<ssh-private-key-part>
Make sure you can SSH into the server.
$ ssh voicegardens.org
$ sudo -i # you have root access too
Then it's possible to release the site with the following targets.
$ make offline # https://offline.voicegardens.org
$ make voicegardens # https://voicegardens.org
Here is an example Supervisor configuration:
[group:voicegardens]
programs=online,offline
[program:online]
directory=/var/www/voicegardens.org
user=www-data
autostart=true
autorestart=true
environment=PATH="/var/www/voicegardens.org/.venv/lib/python3.7/site-packages:%(ENV_PATH)s"
command=/var/www/voicegardens.org/.venv/bin/gunicorn --workers 1 --bind 127.0.0.1:9090 voicegardens.server:app
[program:offline]
directory=/var/www/offline.voicegardens.org
user=www-data
autostart=true
autorestart=true
environment=PATH="/var/www/offline.voicegardens.org/.venv/lib/python3.7/site-packages:%(ENV_PATH)s"
command=/var/www/offline.voicegardens.org/.venv/bin/gunicorn --workers 1 --bind 127.0.0.1:9091 voicegardens.server:app
And an Nginx configuration (after running cerbot --nginx -d voicegardens.org
):
upstream voicegardens {
server 127.0.0.1:9090;
}
server {
root /var/www/voicegardens.org;
server_name voicegardens.org; # managed by Certbot
location / {
try_files $uri @proxy_to_app;
}
location @proxy_to_app {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://voicegardens;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/voicegardens.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/voicegardens.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = voicegardens.org) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 ;
listen [::]:80 ;
server_name voicegardens.org;
return 404; # managed by Certbot
}
You will also need to include the following in the /etc/nginx/nginx.conf
:
client_max_body_size 100M;
And you'll need to create user accounts and hand out the right permissions too:
$ useradd -m voicegardens -s /bin/bash
$ usermod -a -G sudo voicegardens
$ usermod -a -G www-data voicegardens
$ chgrp www-data /var/www/voicegardens.org/voicegardens/archive/
$ chmod g+rwxs /var/www/offline.voicegardens.org/voicegardens/archive/
And the following in the /etc/sudoers
file also:
voicegardens ALL=(ALL) NOPASSWD: ALL