Mercurial > Pritunl-Fake-API

comparison docs/nginx/install.md @ 0:b51518614818 default tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
New Files
author Pluto <meokcin@gmail.com>
date Tue, 03 Sep 2024 15:57:25 +0800
parents
children
comparison
equal deleted inserted replaced
-1:000000000000 0:b51518614818
1 # HowTo install the selfhost api variant on Nginx
2
3 ## Easy way:
4 Use docker and docker-compose files provided in `docker/api-only` folder.
5
6 See documentation [Docker Install](docs/docker/api-only-install.md).
7
8 The docker compose file has a detailed help in its top too. Read and Roll :)
9
10
11 ## Hard way:
12 First, you need to install Nginx.
13 ```bash
14 sudo apt-get install nginx
15 ```
16
17 After that, install all of the relevant PHP modules:
18
19 ```bash
20 sudo apt-get -y install php7.4-fpm php7.4-mysql php7.4-curl php7.4-gd php7.4-intl php-pear php-imagick php7.4-imap php-memcache
21 ```
22
23 Then install certbot for free SSL certs:
24 ```bash
25 sudo apt-get install -y certbot python3-certbot-nginx
26 ```
27
28 After this, create a basic site config for the fake api server. Do this by creating a file under /etc/nginx/sites-available/ and create a symbolic link to /etc/nginx/sites-enabled.
29 You can refer to the provided Nginx server block available in:
30 `<repo_root>/docker/api-only/conf.d/pritunl-fake-api.conf`
31
32 Then generate an SSL certificate for the website with certbot.
33 ```bash
34 sudo certbot --nginx -d [PUBLIC_ACCESSIBLE_API_DOMAIN]
35 ```
36
37 Once this is done, you should check if you have all the required loaded PHP modules for this server. You can check this by running php -m, and the output should list your PHP modules.
38
39 the output should look be something like:
40 ```bash
41 #...
42 core_module (static)
43 so_module (static)
44 watchdog_module (static)
45 http_module (static)
46 log_config_module (static)
47 logio_module (static)
48 version_module (static)
49 unixd_module (static)
50 access_compat_module (shared)
51 alias_module (shared)
52 auth_basic_module (shared)
53 authn_core_module (shared)
54 authn_file_module (shared)
55 authz_core_module (shared)
56 authz_host_module (shared)
57 authz_user_module (shared)
58 autoindex_module (shared)
59 deflate_module (shared)
60 dir_module (shared)
61 env_module (shared)
62 filter_module (shared)
63 http2_module (shared)
64 mime_module (shared)
65 mpm_prefork_module (shared)
66 negotiation_module (shared)
67 php7_module (shared)
68 proxy_module (shared)
69 proxy_fcgi_module (shared)
70 reqtimeout_module (shared)
71 rewrite_module (shared)
72 setenvif_module (shared)
73 socache_shmcb_module (shared)
74 ssl_module (shared)
75 status_module (shared)
76 #...
77 ```
78
79 Then clone this repository if you haven't done this already and cd into the root of the project:
80 ```bash
81 git clone https://gitlab.simonmicro.de/simonmicro/pritunl-fake-api.git
82 cd ./pritunl-fake-api
83 ```
84
85 After this is done, copy over the API server files to the server and set permissions.
86 ```bash
87 sudo cp -R ./www/* /var/www/html/
88 sudo chown www-data:www-data -R /var/www/html
89 sudo chmod -R 774 /var/www/html/
90 ```
91
92 For your convenience, a hardened Nginx configuration is provided to help you secure and improve your server,
93 Read it carefully before use and make sure you understand what it does.
94
95 See: `<repo_root>/docs/nginx/hard_nginx.conf`
96
97
98 Then restart Nginx to make sure all of the configuration is loaded.
99 ```bash
100 sudo systemctl restart nginx
101 ```
102
103 Once this is done, you should get a response when you visit
104
105 `https://[PUBLIC_ACCESSIBLE_API_DOMAIN]/notification`!