Differenze tra le versioni di "CiviCRM 2022/Technical documentation"

Da Wikimedia Italia.
Jump to navigation Jump to search
m (ASD_TO_BE_DEFINED)
 
(14 versioni intermedie di un altro utente non mostrate)
Riga 1: Riga 1:
{{Server|ASD TO BE DEFINED}}
+
{{Server|lessema}}
  
This is the technical documentation of the server containing CiviCRM development serving these domains:
+
This is the public technical documentation of the server containing CiviCRM development serving these domains:
  
 +
== Production ==
 +
 +
;URL
 
* https://crm.wikimedia.it
 
* https://crm.wikimedia.it
 +
 +
;Document root
 +
<pre>
 +
/var/www/crm/production
 +
</pre>
 +
 +
;Config
 +
 +
<pre>
 +
/etc/apache2/sites-available/it-wikimedia-crm-ssl.conf
 +
</pre>
 +
 +
== Testing ==
 +
 +
;URL
 
* https://crmdev.wikimedia.it
 
* https://crmdev.wikimedia.it
 +
 +
;Document root
 +
<pre>
 +
/var/www/crm/testing
 +
</pre>
 +
 +
;Config
 +
<pre>
 +
/etc/apache2/sites-available/it-wikimedia-crmdev-ssl.conf
 +
</pre>
 +
 +
== Database ==
 +
Plaintext credentials are stored here:
 +
 +
<pre>
 +
sudo cat /root/db-credentials.txt
 +
</pre>
 +
 +
== Unix users ==
 +
{{Vedi anche|Server/lessema/Technical documentation#Unix users with sudo}}
 +
 +
=== Add Unix user ===
 +
{{Vedi anche|Server/lessema/Technical documentation#Add Unix user}}
  
 
== Provision ==
 
== Provision ==
Riga 11: Riga 52:
  
 
<pre>
 
<pre>
WMI_SERVER=ASD_TO_BE_DEFINED
+
WMI_SERVER=lessema
  
 +
# upgrade system
 
apt update
 
apt update
 
apt upgrade --yes
 
apt upgrade --yes
apt install --yes mariadb-server apache2 libapache2-mod-php git
+
 
 +
# install basic webserver and some utilities
 +
apt install --yes mariadb-server apache2 libapache2-mod-php certbot git pwgen
 +
 
 +
# install CiviCRM dependencies
 +
# https://docs.civicrm.org/installation/en/latest/general/requirements/
 +
apt install --yes php-mysql php-bcmath php-curl php-xml php-zip php-intl php-soap
 +
 
 +
# download upstream configurations
 
git clone http://phabricator.wikimedia.org/diffusion/WIIN/wikimedia-it-wmit-infrastructure.git /etc/wmit-infrastructure
 
git clone http://phabricator.wikimedia.org/diffusion/WIIN/wikimedia-it-wmit-infrastructure.git /etc/wmit-infrastructure
  
Riga 28: Riga 78:
 
ln --symbolic /etc/wmit-infrastructure/servers/"$WMI_SERVER"/conf/apache2/sites-available /etc/apache2/sites-available
 
ln --symbolic /etc/wmit-infrastructure/servers/"$WMI_SERVER"/conf/apache2/sites-available /etc/apache2/sites-available
 
ln --symbolic /etc/wmit-infrastructure/servers/"$WMI_SERVER"/conf/apache2/sites-enabled  /etc/apache2/sites-enabled
 
ln --symbolic /etc/wmit-infrastructure/servers/"$WMI_SERVER"/conf/apache2/sites-enabled  /etc/apache2/sites-enabled
 +
ln --symbolic /etc/wmit-infrastructure/servers/"$WMI_SERVER"/conf/apache2/include        /etc/apache2/include
 +
 +
# enable useful mods
 +
a2enmod ssl
 +
a2enmod rewrite
 +
a2enmod headers
  
# enable upstream configurations
+
# enable some upstream configurations
 +
a2ensite 000-servername
 
a2ensite it-wikimedia-crmdev-txt
 
a2ensite it-wikimedia-crmdev-txt
 
a2ensite it-wikimedia-crm-txt
 
a2ensite it-wikimedia-crm-txt
Riga 46: Riga 103:
 
# reload configuration
 
# reload configuration
 
apachectl graceful
 
apachectl graceful
 +
 +
# create the pathname
 +
mkdir --parents /var/www/crm/{production,testing}
 +
 +
# generate some DB password
 +
CIVI_DB_PROD_PWD=$(pwgen 20 --secure --symbols --remove-chars='$\#`\|"'"'")
 +
CIVI_DB_TEST_PWD=$(pwgen 20 --secure --symbols --remove-chars='$\#`\|"'"'")
 +
 +
# create dedicated users
 +
mysql <<< "CREATE DATABASE civicrm_testing"
 +
mysql <<< "CREATE DATABASE civicrm_production"
 +
mysql <<< "CREATE USER civicrm_testing@localhost    IDENTIFIED BY '$CIVI_DB_TEST_PWD'"
 +
mysql <<< "CREATE USER civicrm_production@localhost IDENTIFIED BY '$CIVI_DB_PROD_PWD'"
 +
mysql <<< "GRANT ALL PRIVILEGES ON civicrm_testing.*    TO civicrm_testing@localhost"
 +
mysql <<< "GRANT ALL PRIVILEGES ON civicrm_production.* TO civicrm_production@localhost"
 +
 +
# save credentials somewhere
 +
echo "civicrm_testing@localhost    $CIVI_DB_TEST_PWD" >> /root/db-credentials.txt
 +
echo "civicrm_production@localhost $CIVI_DB_PROD_PWD" >> /root/db-credentials.txt
 
</pre>
 
</pre>
  
Riga 52: Riga 128:
 
Configuration on Phabricator:
 
Configuration on Phabricator:
  
* [[phabricator:diffusion/WIIN/browse/master/servers/ASD_TO_BE_DEFINED/conf/apache2/sites-available/]]
+
* [[phabricator:diffusion/WIIN/browse/master/servers/lessema/conf/apache2/sites-available/]] (TODO: publish)
 +
 
 +
[[Categoria:Documentazione tecnica]]
 +
[[Categoria:Fornitore prr]]
 +
[[Categoria:Fornitore eme]]

Versione attuale delle 15:17, 29 gen 2024

Pagina legata al server ⚙️ lessema

This is the public technical documentation of the server containing CiviCRM development serving these domains:

Production

URL
Document root
/var/www/crm/production
Config
/etc/apache2/sites-available/it-wikimedia-crm-ssl.conf

Testing

URL
Document root
/var/www/crm/testing
Config
/etc/apache2/sites-available/it-wikimedia-crmdev-ssl.conf

Database

Plaintext credentials are stored here:

sudo cat /root/db-credentials.txt

Unix users

Nuvola apps xmag.png Per approfondire, vedi anche Server/lessema/Technical documentation#Unix users with sudo

Add Unix user

Nuvola apps xmag.png Per approfondire, vedi anche Server/lessema/Technical documentation#Add Unix user

Provision

From a Debian GNU/Linux bullseye (stable) 11:

WMI_SERVER=lessema

# upgrade system
apt update
apt upgrade --yes

# install basic webserver and some utilities
apt install --yes mariadb-server apache2 libapache2-mod-php certbot git pwgen

# install CiviCRM dependencies
# https://docs.civicrm.org/installation/en/latest/general/requirements/
apt install --yes php-mysql php-bcmath php-curl php-xml php-zip php-intl php-soap

# download upstream configurations
git clone http://phabricator.wikimedia.org/diffusion/WIIN/wikimedia-it-wmit-infrastructure.git /etc/wmit-infrastructure

# remove default empty stuff
mv /etc/apache2/sites-available /etc/apache2/sites-available.legacy
mv /etc/apache2/sites-enabled   /etc/apache2/sites-enabled.legacy

# if the above fail, Apache is not empty.
# manually move your stuff in a versioned directory

# attach the versioned configuration
ln --symbolic /etc/wmit-infrastructure/servers/"$WMI_SERVER"/conf/apache2/sites-available /etc/apache2/sites-available
ln --symbolic /etc/wmit-infrastructure/servers/"$WMI_SERVER"/conf/apache2/sites-enabled   /etc/apache2/sites-enabled
ln --symbolic /etc/wmit-infrastructure/servers/"$WMI_SERVER"/conf/apache2/include         /etc/apache2/include

# enable useful mods
a2enmod ssl
a2enmod rewrite
a2enmod headers

# enable some upstream configurations
a2ensite 000-servername
a2ensite it-wikimedia-crmdev-txt
a2ensite it-wikimedia-crm-txt

# reload configuration
apachectl graceful

# eventually deploy Let's Encrypt certificates
certbot certonly --webroot --webroot-path /var/www/html --domain crmdev.wikimedia.it
certbot certonly --webroot --webroot-path /var/www/html --domain    crm.wikimedia.it

# enable upstream SSL configurations
a2ensite it-wikimedia-crmdev-ssl
a2ensite it-wikimedia-crm-ssl

# reload configuration
apachectl graceful

# create the pathname
mkdir --parents /var/www/crm/{production,testing}

# generate some DB password
CIVI_DB_PROD_PWD=$(pwgen 20 --secure --symbols --remove-chars='$\#`\|"'"'")
CIVI_DB_TEST_PWD=$(pwgen 20 --secure --symbols --remove-chars='$\#`\|"'"'")

# create dedicated users
mysql <<< "CREATE DATABASE civicrm_testing"
mysql <<< "CREATE DATABASE civicrm_production"
mysql <<< "CREATE USER civicrm_testing@localhost    IDENTIFIED BY '$CIVI_DB_TEST_PWD'"
mysql <<< "CREATE USER civicrm_production@localhost IDENTIFIED BY '$CIVI_DB_PROD_PWD'"
mysql <<< "GRANT ALL PRIVILEGES ON civicrm_testing.*    TO civicrm_testing@localhost"
mysql <<< "GRANT ALL PRIVILEGES ON civicrm_production.* TO civicrm_production@localhost"

# save credentials somewhere
echo "civicrm_testing@localhost    $CIVI_DB_TEST_PWD" >> /root/db-credentials.txt
echo "civicrm_production@localhost $CIVI_DB_PROD_PWD" >> /root/db-credentials.txt

Configuration

Configuration on Phabricator: