IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2026-02-06 09:56:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
gradido/deployment/hetzner_cloud/README.md
einhorn_b 3c1449f9d5 move .env to bare_metal
2024-01-08 16:12:50 +01:00

2.7 KiB
Raw Blame History

Setup on Hetzner Cloud Server

Suggested minimal Plan: CX41 4x vCPU, 16 GB Ram, 160 GB Disk Space, 20.71 € per month (04.01.2024)

Suggested OS: Debian 12

For Hetzner Cloud Server a cloud config can be attached, which will be run before first start https://community.hetzner.com/tutorials/basic-cloud-config/de https://cloudinit.readthedocs.io/en/latest/reference/examples.html You can use our cloudConfig.yaml but you must insert you own ssh public key, like this:

ssh_authorized_keys:
  - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAkLGbzbG7KIGfkssKJBkc/0EVAzQ/8vjvVHzNdxhK8J yourname

After Setup Cloud Server with cloudConfig.yaml

setup your domain pointing on server ip address

login to your new server as root

ssh -i /path/to/privKey root@gddhost.tld

Change default shell

chsh -s /bin/bash
chsh -s /bin/bash gradido

Set password for user gradido

$ passwd gradido
# enter new password twice

Switch to the new user

su gradido

Test authentication via SSH

If you logout from the server you can test authentication:

$ ssh -i /path/to/privKey gradido@gddhost.tld
# This should log you in and allow you to use sudo commands, which will require the user's password

Disable password root login via ssh

sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.org
sudo sed -i -e '/^\(#\|\)PermitRootLogin/s/^.*$/PermitRootLogin no/' /etc/ssh/sshd_config
sudo sed -i '$a AllowUsers gradido' /etc/ssh/sshd_config
sudo /etc/init.d/ssh restart

Test SSH Access only, no root ssh access

$ ssh gradido@gddhost.tld
# Will result in in either a passphrase request for your key or the message 'Permission denied (publickey)'
$ ssh -i /path/to/privKey root@gddhost.tld
# Will result in 'Permission denied (publickey)'
$ ssh -i /path/to/privKey gradido@gddhost.tld
# Will succeed after entering the correct keys passphrase (if any)

Install Gradido code

cd ~
git clone https://github.com/gradido/gradido.git

Adjust the values in .env

!!! Attention !!!

Don't forget this step! All your following installations in install.sh will fail!

Notes:

  • ; cannot be part of any value!
  • The GitHub secret is created on GitHub in Settings -> Webhooks.

Create .env and set values

cd ~/gradido/deployment/bare_metal
cp .env.dist .env
nano .env

# adjust values accordingly

Run install.sh

!!! Attention !!! Don't use this script if you have custom config in /etc/nginx/conf.d, because this script will remove it and ln ../bare_metal/nginx/conf.d

cd ~/gradido/deployment/hetzner_cloud
sudo chmod +x ./install.sh
sudo ./install.sh