An online landscape, built as a tool to explore the many aspects of the human voice. https://voicegardens.org
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 
decentral1se d2bf28166f
More sysadmin docs
3 years ago
bin Disable copying of non-existant archive for now 3 years ago
media Make a stab at kick starting the repository 5 years ago
voicegardens Run the formatter 3 years ago
.gitignore Ignore zip files 5 years ago
LICENSE Take a pass on preparing for new deployment 3 years ago
README.md More sysadmin docs 3 years ago
fabfile.py Fix supervisorctl groups 3 years ago
makefile Take a pass on preparing for new deployment 3 years ago
requirements.txt Make a few moves towards getting this to deploy 5 years ago

README.md

voicegardens

An online landscape, built as a tool to explore the many aspects of the human voice.

Interwebz

Hackity Hack Hack

$ sudo apt install -y make git
$ git clone ssh://gitea@vvvvvvaria.org:12345/varia/voicegardens.git
$ cd voicegardens
$ python3 -m venv .venv
$ source .venv/bin/activate
$ pip install -r requirements.txt
$ make dev-serve

Deploying

You can add the following to your SSH configuration:

Host voicegardens.org
  Hostname voicegardens.org
  User <username>
  Port 12345
  IdentityFile ~/.ssh/<ssh-private-key-part>

Make sure you can SSH into the server.

$ ssh voicegardens.org
$ sudo -i  # you have root access too

Then it's possible to release the site with the following targets.

$ make offline       # https://offline.voicegardens.org
$ make voicegardens  # https://voicegardens.org

Here is an example Supervisor configuration:

[group:voicegardens]
programs=online,offline

[program:online]
directory=/var/www/voicegardens.org
user=www-data
autostart=true
autorestart=true
environment=PATH="/var/www/voicegardens.org/.venv/lib/python3.7/site-packages:%(ENV_PATH)s"
command=/var/www/voicegardens.org/.venv/bin/gunicorn --workers 1 --bind 127.0.0.1:9090 voicegardens.server:app

[program:offline]
directory=/var/www/offline.voicegardens.org
user=www-data
autostart=true
autorestart=true
environment=PATH="/var/www/offline.voicegardens.org/.venv/lib/python3.7/site-packages:%(ENV_PATH)s"
command=/var/www/offline.voicegardens.org/.venv/bin/gunicorn --workers 1 --bind 127.0.0.1:9091 voicegardens.server:app

And an Nginx configuration (after running cerbot --nginx -d voicegardens.org):

upstream voicegardens {
    server 127.0.0.1:9090;
}

server {
    root /var/www/voicegardens.org;

    server_name voicegardens.org; # managed by Certbot

    location / {
       try_files $uri @proxy_to_app;
    }

    location @proxy_to_app {
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header Host $http_host;
      proxy_redirect off;
      proxy_pass http://voicegardens;
    }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/voicegardens.org/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/voicegardens.org/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

server {
    if ($host = voicegardens.org) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    listen 80 ;
    listen [::]:80 ;
    server_name voicegardens.org;
    return 404; # managed by Certbot
}

You will also need to include the following in the /etc/nginx/nginx.conf:

client_max_body_size 100M;

And you'll need to create user accounts and hand out the right permissions too:

$ useradd -m voicegardens -s /bin/bash
$ usermod -a -G sudo voicegardens
$ usermod -a -G www-data voicegardens
$ chgrp www-data /var/www/voicegardens.org/voicegardens/archive/
$ chmod g+rwxs /var/www/offline.voicegardens.org/voicegardens/archive/

And the following in the /etc/sudoers file also:

voicegardens ALL=(ALL) NOPASSWD: ALL

Layers of the Onion

License