doc:appunti:linux:sa:liquidfeedback
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
doc:appunti:linux:sa:liquidfeedback [2012/11/06 23:14] – [Installing a second instance of LiquidFeedback] niccolo | doc:appunti:linux:sa:liquidfeedback [2012/11/11 13:51] – [LiquidFeedback administration] niccolo | ||
---|---|---|---|
Line 105: | Line 105: | ||
< | < | ||
cd / | cd / | ||
- | cp example.lua | + | cp example.lua |
+ | chgrp www-data campibisenzio5stelle.lua | ||
+ | chmod 640 campibisenzio5stelle.lua | ||
</ | </ | ||
+ | |||
+ | The configuration file must be readable by the web server process, but not readable by others, because it can contains database credentials and other sensitive data. | ||
The configuration name (**'' | The configuration name (**'' | ||
+ | |||
+ | Then you must adjust the configuration of the Frontend, this is an example of values changed from defaults: | ||
+ | |||
+ | < | ||
+ | config.instance_name = " | ||
+ | config.app_service_provider = " | ||
+ | config.absolute_base_url = " | ||
+ | config.database = { host=' | ||
+ | rocketwiki= "/ | ||
+ | compat = "/ | ||
+ | config.default_lang = " | ||
+ | config.mail_envelope_from = " | ||
+ | config.mail_from = { name = " | ||
+ | </ | ||
==== Database (the Core) ==== | ==== Database (the Core) ==== | ||
Line 156: | Line 174: | ||
INSERT INTO member (login, name, admin, invite_code) VALUES (' | INSERT INTO member (login, name, admin, invite_code) VALUES (' | ||
</ | </ | ||
- | ===== Cronjob | + | ===== lf_update daemon |
+ | |||
+ | The **'' | ||
< | < | ||
Line 163: | Line 183: | ||
</ | </ | ||
+ | We must prepare a script that runs in an endless loop, **''/ | ||
+ | |||
+ | <code bash> | ||
+ | #!/bin/sh | ||
+ | |||
+ | PIDFILE="/ | ||
+ | PID=$$ | ||
+ | |||
+ | if [ -f " | ||
+ | echo " | ||
+ | exit 1 | ||
+ | fi | ||
+ | |||
+ | echo " | ||
+ | |||
+ | while true; do | ||
+ | nice / | ||
+ | " | ||
+ | | logger -t " | ||
+ | sleep 5 | ||
+ | done | ||
+ | </ | ||
+ | |||
+ | The script contains database credentials, | ||
+ | |||
+ | < | ||
+ | chown root:root / | ||
+ | chmod 750 / | ||
+ | </ | ||
+ | |||
+ | Then preare a script that start/stop the daemon, **''/ | ||
+ | |||
+ | <code bash> | ||
+ | #! /bin/sh | ||
+ | ### BEGIN INIT INFO | ||
+ | # Provides: | ||
+ | # Required-Start: | ||
+ | # Required-Stop: | ||
+ | # Default-Start: | ||
+ | # Default-Stop: | ||
+ | # Short-Description: | ||
+ | # Description: | ||
+ | ### END INIT INFO | ||
+ | |||
+ | # PATH should only include /usr/* if it runs after the mountnfs.sh script | ||
+ | PATH=/ | ||
+ | DESC=" | ||
+ | NAME=lf_updated | ||
+ | DAEMON=/ | ||
+ | DAEMON_ARGS="" | ||
+ | PIDFILE=/ | ||
+ | SCRIPTNAME=/ | ||
+ | |||
+ | . / | ||
+ | |||
+ | do_start() | ||
+ | { | ||
+ | start-stop-daemon -b --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null || return 1 | ||
+ | start-stop-daemon -b --start --quiet --pidfile $PIDFILE --exec $DAEMON -- $DAEMON_ARGS || return 2 | ||
+ | } | ||
+ | |||
+ | do_stop() | ||
+ | { | ||
+ | start-stop-daemon --stop --quiet --retry=TERM/ | ||
+ | RETVAL=" | ||
+ | [ " | ||
+ | start-stop-daemon --stop --quiet --oknodo --retry=0/ | ||
+ | [ " | ||
+ | rm -f $PIDFILE | ||
+ | return " | ||
+ | } | ||
+ | |||
+ | case " | ||
+ | start) | ||
+ | [ " | ||
+ | do_start | ||
+ | case " | ||
+ | 0|1) [ " | ||
+ | 2) [ " | ||
+ | esac | ||
+ | ;; | ||
+ | stop) | ||
+ | [ " | ||
+ | do_stop | ||
+ | case " | ||
+ | 0|1) [ " | ||
+ | 2) [ " | ||
+ | esac | ||
+ | ;; | ||
+ | status) | ||
+ | | ||
+ | ;; | ||
+ | restart|force-reload) | ||
+ | log_daemon_msg " | ||
+ | do_stop | ||
+ | case " | ||
+ | 0|1) | ||
+ | do_start | ||
+ | case " | ||
+ | 0) log_end_msg 0 ;; | ||
+ | 1) log_end_msg 1 ;; # Old process is still running | ||
+ | *) log_end_msg 1 ;; # Failed to start | ||
+ | esac | ||
+ | ;; | ||
+ | *) | ||
+ | # Failed to stop | ||
+ | log_end_msg 1 | ||
+ | ;; | ||
+ | esac | ||
+ | ;; | ||
+ | *) | ||
+ | echo " | ||
+ | exit 3 | ||
+ | ;; | ||
+ | esac | ||
+ | |||
+ | : | ||
+ | </ | ||
+ | |||
+ | Activate the start/stop script at bootstrap: | ||
+ | |||
+ | < | ||
+ | chmod 755 / | ||
+ | insserv lf_updated | ||
+ | </ | ||
+ | |||
+ | The daemon logs to syslog with the **'' | ||
===== Configuring Apache ===== | ===== Configuring Apache ===== | ||
Line 172: | Line 319: | ||
</ | </ | ||
+ | Create an Apache configuration snippet, e.g. in **''/ | ||
+ | |||
+ | < | ||
+ | Alias / | ||
+ | Alias / | ||
+ | ScriptAlias /lf/ / | ||
+ | |||
+ | RewriteEngine on | ||
+ | #RewriteLog / | ||
+ | # | ||
+ | |||
+ | RewriteRule ^/$ /lf/ [R] | ||
+ | RewriteRule ^/ | ||
+ | |||
+ | RewriteCond %{QUERY_STRING} (.*)? | ||
+ | RewriteRule ^/lf/$ \ | ||
+ | / | ||
+ | |||
+ | RewriteCond %{QUERY_STRING} (.*)? | ||
+ | RewriteRule ^/ | ||
+ | / | ||
+ | |||
+ | RewriteCond %{QUERY_STRING} (.*)? | ||
+ | RewriteRule ^/ | ||
+ | / | ||
+ | |||
+ | RewriteCond %{QUERY_STRING} (.*)? | ||
+ | RewriteRule ^/ | ||
+ | / | ||
+ | |||
+ | RewriteCond %{QUERY_STRING} (.*)? | ||
+ | RewriteRule ^/ | ||
+ | / | ||
+ | |||
+ | # Allow CGI execution for the webmcp CGI interface | ||
+ | < | ||
+ | AllowOverride None | ||
+ | Options ExecCGI -MultiViews | ||
+ | Order allow,deny | ||
+ | Allow from all | ||
+ | </ | ||
+ | </ | ||
+ | |||
+ | Any Apache VirtualHost can include that configuration: | ||
+ | |||
+ | < | ||
+ | < | ||
+ | SSLEngine on | ||
+ | SSLCertificateFile ssl/ | ||
+ | ServerName lqfb.campibisenzio5stelle.it | ||
+ | ServerAlias lqfb1.campibisenzio5stelle.it | ||
+ | DocumentRoot /var/www/ | ||
+ | ErrorLog ${APACHE_LOG_DIR}/ | ||
+ | CustomLog ${APACHE_LOG_DIR}/ | ||
+ | |||
+ | # Configure environment for LiquidFeedback application | ||
+ | Include / | ||
+ | < | ||
+ | SetEnv LANG ' | ||
+ | SetEnv WEBMCP_APP_BASEPATH '/ | ||
+ | SetEnv WEBMCP_CONFIG_NAME ' | ||
+ | </ | ||
+ | |||
+ | </ | ||
+ | </ | ||
===== Configure the mail subsystem ===== | ===== Configure the mail subsystem ===== | ||
Install an MTA software like Exim4 or Postfix and configure it so that the system can send mail to the internet. This is required to send the invite code to new members. | Install an MTA software like Exim4 or Postfix and configure it so that the system can send mail to the internet. This is required to send the invite code to new members. | ||
+ | Mail messages generated by LiquidFeedback will have **'' | ||
+ | |||
+ | You can change the LiquidFeedback frontend configuration **''/ | ||
+ | |||
+ | < | ||
+ | config.mail_envelope_from = " | ||
+ | config.mail_from = { name = " | ||
+ | </ | ||
+ | |||
+ | Another way to map the sender to another address is by configuring the MTA. With Postfix you can add into **''/ | ||
+ | |||
+ | < | ||
+ | # Rewrite some sender addresses. | ||
+ | sender_canonical_maps = hash:/ | ||
+ | </ | ||
+ | |||
+ | Then create the **''/ | ||
+ | |||
+ | < | ||
+ | www-data | ||
+ | </ | ||
===== Install a second instance of LiquidFeedback on the same host ===== | ===== Install a second instance of LiquidFeedback on the same host ===== | ||
FIXME Verify if this checklist is complete. | FIXME Verify if this checklist is complete. | ||
- | - Create another database. | + | - Create another |
- | - Create another Apache VirtualHost and configure | + | - Create another |
- | - Create another config in ''/ | + | - Create another config |
+ | - Add or update the **'' | ||
===== LiquidFeedback administration ===== | ===== LiquidFeedback administration ===== | ||
- | ^ unit | Administrators allow each user partecipate (or not) to the existing units. | + | ^ Eng ^ Ita ^ Note ^ |
- | ^ area | An unit can contain one or more areas. An user can partecipate to an area and he can delegate the entire area to someone else. | | + | ^ unit |
- | ^ issue | + | ^ area |
- | ^ policy | + | ^ issue | |
+ | ^ policy | ||
An user with the admin right can login and click on the **// | An user with the admin right can login and click on the **// | ||
+ |
doc/appunti/linux/sa/liquidfeedback.txt · Last modified: 2012/11/11 13:58 by niccolo