Differenze tra le versioni di "CiviCRM 2022/Technical documentation"
Jump to navigation
Jump to search
(more info) |
(more info) |
||
| Riga 32: | Riga 32: | ||
<pre> | <pre> | ||
/etc/apache2/sites-available/it-wikimedia-crmdev-ssl.conf | /etc/apache2/sites-available/it-wikimedia-crmdev-ssl.conf | ||
| + | </pre> | ||
| + | |||
| + | == Unix users == | ||
| + | |||
| + | Current enabled users: | ||
| + | |||
| + | * valerio-bozzolan (volunteer) | ||
| + | * emerald-stefano ({{Fornitore link|eme}}) | ||
| + | |||
| + | Password authentication is not allowed. | ||
| + | |||
| + | === Add Unix user === | ||
| + | |||
| + | <pre> | ||
| + | sudo adduser foo-bar --disabled-password | ||
| + | sudo adduser foo-bar sudo | ||
</pre> | </pre> | ||
Versione delle 22:14, 1 feb 2022
_(4).jpg)
Pagina legata al server
⚙️ lessemaThis is the technical documentation of the server containing CiviCRM development serving these domains:
Production
- URL
- Document root
/var/www/crm/production
- Config
/etc/apache2/sites-available/it-wikimedia-crm-ssl.conf
Testing
- URL
- Document root
/var/www/crm/testing
- Config
/etc/apache2/sites-available/it-wikimedia-crmdev-ssl.conf
Unix users
Current enabled users:
- valerio-bozzolan (volunteer)
- emerald-stefano (
💼 eme)
Password authentication is not allowed.
Add Unix user
sudo adduser foo-bar --disabled-password sudo adduser foo-bar sudo
Provision
From a Debian GNU/Linux bullseye (stable) 11:
WMI_SERVER=lessema
# update and install stuff
apt update
apt upgrade --yes
apt install --yes mariadb-server apache2 libapache2-mod-php certbot git pwgen
git clone http://phabricator.wikimedia.org/diffusion/WIIN/wikimedia-it-wmit-infrastructure.git /etc/wmit-infrastructure
# remove default empty stuff
mv /etc/apache2/sites-available /etc/apache2/sites-available.legacy
mv /etc/apache2/sites-enabled /etc/apache2/sites-enabled.legacy
# if the above fail, Apache is not empty.
# manually move your stuff in a versioned directory
# attach the versioned configuration
ln --symbolic /etc/wmit-infrastructure/servers/"$WMI_SERVER"/conf/apache2/sites-available /etc/apache2/sites-available
ln --symbolic /etc/wmit-infrastructure/servers/"$WMI_SERVER"/conf/apache2/sites-enabled /etc/apache2/sites-enabled
ln --symbolic /etc/wmit-infrastructure/servers/"$WMI_SERVER"/conf/apache2/include /etc/apache2/include
# enable useful mods
a2enmod ssl
a2enmod rewrite
a2enmod headers
# enable some upstream configurations
a2ensite 000-servername
a2ensite it-wikimedia-crmdev-txt
a2ensite it-wikimedia-crm-txt
# reload configuration
apachectl graceful
# eventually deploy Let's Encrypt certificates
certbot certonly --webroot --webroot-path /var/www/html --domain crmdev.wikimedia.it
certbot certonly --webroot --webroot-path /var/www/html --domain crm.wikimedia.it
# enable upstream SSL configurations
a2ensite it-wikimedia-crmdev-ssl
a2ensite it-wikimedia-crm-ssl
# reload configuration
apachectl graceful
# create the pathname
mkdir --parents /var/www/crm/{production,testing}
# generate some DB password
CIVI_DB_PROD_PWD=$(pwgen 20 --secure --symbols --remove-chars='$\#`\|"'"'")
CIVI_DB_TEST_PWD=$(pwgen 20 --secure --symbols --remove-chars='$\#`\|"'"'")
# create dedicated users
mysql <<< "CREATE DATABASE civicrm_testing"
mysql <<< "CREATE DATABASE civicrm_production"
mysql <<< "CREATE USER civicrm_testing@localhost IDENTIFIED BY '$CIVI_DB_TEST_PWD'"
mysql <<< "CREATE USER civicrm_production@localhost IDENTIFIED BY '$CIVI_DB_PROD_PWD'"
mysql <<< "GRANT ALL PRIVILEGES ON civicrm_testing.* TO civicrm_testing@localhost"
mysql <<< "GRANT ALL PRIVILEGES ON civicrm_production.* TO civicrm_production@localhost"
# save credentials somewhere
echo "civicrm_testing@localhost $CIVI_DB_TEST_PWD" >> /root/db-credentials.txt
echo "civicrm_production@localhost $CIVI_DB_PROD_PWD" >> /root/db-credentials.txt
Configuration
Configuration on Phabricator: