Pritunl-Fake-API: docs/nginx/install.md annotate

annotate docs/nginx/install.md @ 0:b51518614818 default tip

New Files

author	Pluto <meokcin@gmail.com>
date	Tue, 03 Sep 2024 15:57:25 +0800
parents
children

rev	line source
0 b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	1 # HowTo install the selfhost api variant on Nginx
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	2
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	3 ## Easy way:
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	4 Use docker and docker-compose files provided in `docker/api-only` folder.
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	5
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	6 See documentation [Docker Install](docs/docker/api-only-install.md).
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	7
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	8 The docker compose file has a detailed help in its top too. Read and Roll :)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	9
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	10
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	11 ## Hard way:
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	12 First, you need to install Nginx.
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	13 ```bash
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	14 sudo apt-get install nginx
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	15 ```
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	16
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	17 After that, install all of the relevant PHP modules:
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	18
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	19 ```bash
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	20 sudo apt-get -y install php7.4-fpm php7.4-mysql php7.4-curl php7.4-gd php7.4-intl php-pear php-imagick php7.4-imap php-memcache
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	21 ```
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	22
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	23 Then install certbot for free SSL certs:
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	24 ```bash
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	25 sudo apt-get install -y certbot python3-certbot-nginx
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	26 ```
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	27
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	28 After this, create a basic site config for the fake api server. Do this by creating a file under /etc/nginx/sites-available/ and create a symbolic link to /etc/nginx/sites-enabled.
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	29 You can refer to the provided Nginx server block available in:
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	30 `<repo_root>/docker/api-only/conf.d/pritunl-fake-api.conf`
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	31
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	32 Then generate an SSL certificate for the website with certbot.
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	33 ```bash
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	34 sudo certbot --nginx -d [PUBLIC_ACCESSIBLE_API_DOMAIN]
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	35 ```
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	36
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	37 Once this is done, you should check if you have all the required loaded PHP modules for this server. You can check this by running php -m, and the output should list your PHP modules.
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	38
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	39 the output should look be something like:
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	40 ```bash
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	41 #...
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	42 core_module (static)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	43 so_module (static)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	44 watchdog_module (static)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	45 http_module (static)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	46 log_config_module (static)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	47 logio_module (static)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	48 version_module (static)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	49 unixd_module (static)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	50 access_compat_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	51 alias_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	52 auth_basic_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	53 authn_core_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	54 authn_file_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	55 authz_core_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	56 authz_host_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	57 authz_user_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	58 autoindex_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	59 deflate_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	60 dir_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	61 env_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	62 filter_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	63 http2_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	64 mime_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	65 mpm_prefork_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	66 negotiation_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	67 php7_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	68 proxy_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	69 proxy_fcgi_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	70 reqtimeout_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	71 rewrite_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	72 setenvif_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	73 socache_shmcb_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	74 ssl_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	75 status_module (shared)
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	76 #...
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	77 ```
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	78
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	79 Then clone this repository if you haven't done this already and cd into the root of the project:
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	80 ```bash
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	81 git clone https://gitlab.simonmicro.de/simonmicro/pritunl-fake-api.git
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	82 cd ./pritunl-fake-api
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	83 ```
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	84
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	85 After this is done, copy over the API server files to the server and set permissions.
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	86 ```bash
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	87 sudo cp -R ./www/* /var/www/html/
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	88 sudo chown www-data:www-data -R /var/www/html
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	89 sudo chmod -R 774 /var/www/html/
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	90 ```
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	91
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	92 For your convenience, a hardened Nginx configuration is provided to help you secure and improve your server,
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	93 Read it carefully before use and make sure you understand what it does.
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	94
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	95 See: `<repo_root>/docs/nginx/hard_nginx.conf`
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	96
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	97
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	98 Then restart Nginx to make sure all of the configuration is loaded.
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	99 ```bash
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	100 sudo systemctl restart nginx
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	101 ```
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	102
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	103 Once this is done, you should get a response when you visit
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	104
b51518614818 New Files Pluto <meokcin@gmail.com> parents: diff changeset	105 `https://[PUBLIC_ACCESSIBLE_API_DOMAIN]/notification`!

Mercurial > Pritunl-Fake-API

annotate docs/nginx/install.md @ 0:b51518614818 default tip