voicegardens/README.md
2021-05-18 10:48:01 +02:00

3.5 KiB

voicegardens

An online landscape, built as a tool to explore the many aspects of the human voice.

Interwebz

Hackity Hack Hack

$ sudo apt install -y make git
$ git clone ssh://gitea@vvvvvvaria.org:12345/varia/voicegardens.git
$ cd voicegardens
$ python3 -m venv .venv
$ source .venv/bin/activate
$ pip install -r requirements.txt
$ make dev-serve

Deploying

You can add the following to your SSH configuration:

Host voicegardens.org
  Hostname voicegardens.org
  User <username>
  Port 12345
  IdentityFile ~/.ssh/<ssh-private-key-part>

Make sure you can SSH into the server.

$ ssh voicegardens.org
$ sudo -i  # you have root access too

Then it's possible to release the site with the following targets.

$ make offline       # https://offline.voicegardens.org
$ make voicegardens  # https://voicegardens.org

Here is an example Supervisor configuration:

[group:voicegardens]
programs=online,offline

[program:online]
directory=/var/www/voicegardens.org
user=www-data
autostart=true
autorestart=true
environment=PATH="/var/www/voicegardens.org/.venv/lib/python3.7/site-packages:%(ENV_PATH)s"
command=/var/www/voicegardens.org/.venv/bin/gunicorn --workers 1 --bind 127.0.0.1:9090 voicegardens.server:app

[program:offline]
directory=/var/www/offline.voicegardens.org
user=www-data
autostart=true
autorestart=true
environment=PATH="/var/www/offline.voicegardens.org/.venv/lib/python3.7/site-packages:%(ENV_PATH)s"
command=/var/www/offline.voicegardens.org/.venv/bin/gunicorn --workers 1 --bind 127.0.0.1:9091 voicegardens.server:app

And an Nginx configuration (after running cerbot --nginx -d voicegardens.org):

upstream voicegardens {
    server 127.0.0.1:9090;
}

server {
    root /var/www/voicegardens.org;

    server_name voicegardens.org; # managed by Certbot

    location / {
       try_files $uri @proxy_to_app;
    }

    location @proxy_to_app {
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header Host $http_host;
      proxy_redirect off;
      proxy_pass http://voicegardens;
    }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/voicegardens.org/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/voicegardens.org/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

server {
    if ($host = voicegardens.org) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    listen 80 ;
    listen [::]:80 ;
    server_name voicegardens.org;
    return 404; # managed by Certbot
}

Layers of the Onion

License