From fef48af31ed4a3fbcffef918691a7453d22e7a91 Mon Sep 17 00:00:00 2001 From: norm Date: Thu, 7 Jul 2022 18:17:31 +0000 Subject: [PATCH] Update Alpine install guide (#49) Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/49 Co-authored-by: norm Co-committed-by: norm --- docs/installation/alpine_linux_en.md | 72 ++++++++++++++-------------- 1 file changed, 37 insertions(+), 35 deletions(-) diff --git a/docs/installation/alpine_linux_en.md b/docs/installation/alpine_linux_en.md index 735b89901..158e38b19 100644 --- a/docs/installation/alpine_linux_en.md +++ b/docs/installation/alpine_linux_en.md @@ -4,15 +4,17 @@ ## Installation -This guide is a step-by-step installation guide for Alpine Linux. The instructions were verified against Alpine v3.10 standard image. You might miss additional dependencies if you use `netboot` instead. +This guide is a step-by-step installation guide for Alpine Linux. The instructions were verified against Alpine v3.16 standard image. You might miss additional dependencies if you use `netboot` instead. -It assumes that you have administrative rights, either as root or a user with [sudo permissions](https://www.linode.com/docs/tools-reference/custom-kernels-distros/install-alpine-linux-on-your-linode/#configuration). If you want to run this guide with root, ignore the `sudo` at the beginning of the lines, unless it calls a user like `sudo -Hu akkoma`; in this case, use `su -l -s $SHELL -c 'command'` instead. +As of Alpine Linux v3.16, `doas` is the preferred way of running privileged commands, which is what this guide will use. +If you are running an earlier version, replace `doas` with `sudo` (and use `sudo -Hu akkoma` instead of `doas -u akkoma`). +If you want to run this guide with root, ignore the `doas` at the beginning of the lines, unless it calls a user like `doas -u akkoma`; in this case, use `su -l -s $SHELL -c 'command'` instead. {! backend/installation/generic_dependencies.include !} ### Prepare the system -* The community repository must be enabled in `/etc/apk/repositories`. Depending on which version and mirror you use this looks like `http://alpine.42.fr/v3.10/community`. If you autogenerated the mirror during installation: +* The community repository must be enabled in `/etc/apk/repositories`. Depending on which version and mirror you use this looks like `https://dl-5.alpinelinux.org/alpine/v3.16/community`. If you autogenerated the mirror during installation: ```shell awk 'NR==2' /etc/apk/repositories | sed 's/main/community/' | tee -a /etc/apk/repositories @@ -21,14 +23,14 @@ awk 'NR==2' /etc/apk/repositories | sed 's/main/community/' | tee -a /etc/apk/re * Then update the system, if not already done: ```shell -sudo apk update -sudo apk upgrade +doas apk update +doas apk upgrade ``` * Install some tools, which are needed later: ```shell -sudo apk add git build-base cmake file-dev +doas apk add git build-base cmake file-dev ``` ### Install Elixir and Erlang @@ -36,13 +38,13 @@ sudo apk add git build-base cmake file-dev * Install Erlang and Elixir: ```shell -sudo apk add erlang erlang-runtime-tools erlang-xmerl elixir +doas apk add erlang elixir ``` * Install `erlang-eldap` if you want to enable ldap authenticator ```shell -sudo apk add erlang-eldap +doas apk add erlang-eldap ``` ### Install PostgreSQL @@ -50,25 +52,25 @@ sudo apk add erlang-eldap * Install Postgresql server: ```shell -sudo apk add postgresql postgresql-contrib +doas apk add postgresql postgresql-contrib ``` * Initialize database: ```shell -sudo /etc/init.d/postgresql start +doas rc-service postgresql start ``` * Enable and start postgresql server: ```shell -sudo rc-update add postgresql +doas rc-update add postgresql ``` ### Install media / graphics packages (optional, see [`docs/installation/optional/media_graphics_packages.md`](../installation/optional/media_graphics_packages.md)) ```shell -sudo apk add ffmpeg imagemagick exiftool +doas apk add ffmpeg imagemagick exiftool ``` ### Install AkkomaBE @@ -76,18 +78,18 @@ sudo apk add ffmpeg imagemagick exiftool * Add a new system user for the Akkoma service: ```shell -sudo addgroup akkoma -sudo adduser -S -s /bin/false -h /opt/akkoma -H -G akkoma akkoma +doas addgroup akkoma +doas adduser -S -s /bin/false -h /opt/akkoma -H -G akkoma akkoma ``` -**Note**: To execute a single command as the Akkoma system user, use `sudo -Hu akkoma command`. You can also switch to a shell by using `sudo -Hu akkoma $SHELL`. If you don’t have and want `sudo` on your system, you can use `su` as root user (UID 0) for a single command by using `su -l akkoma -s $SHELL -c 'command'` and `su -l akkoma -s $SHELL` for starting a shell. +**Note**: To execute a single command as the Akkoma system user, use `doas -u akkoma command`. You can also switch to a shell by using `doas -su akkoma`. If you don’t have and want `doas` on your system, you can use `su` as root user (UID 0) for a single command by using `su -l akkoma -s $SHELL -c 'command'` and `su -l akkoma -s $SHELL` for starting a shell. * Git clone the AkkomaBE repository and make the Akkoma user the owner of the directory: ```shell -sudo mkdir -p /opt/akkoma -sudo chown -R akkoma:akkoma /opt/akkoma -sudo -Hu akkoma git clone https://akkoma.dev/AkkomaGang/akkoma.git /opt/akkoma +doas mkdir -p /opt/akkoma +doas chown -R akkoma:akkoma /opt/akkoma +doas -u akkoma git clone https://akkoma.dev/AkkomaGang/akkoma.git /opt/akkoma ``` * Change to the new directory: @@ -99,10 +101,10 @@ cd /opt/akkoma * Install the dependencies for Akkoma and answer with `yes` if it asks you to install `Hex`: ```shell -sudo -Hu akkoma mix deps.get +doas -u akkoma mix deps.get ``` -* Generate the configuration: `sudo -Hu akkoma MIX_ENV=prod mix pleroma.instance gen` +* Generate the configuration: `doas -u akkoma env MIX_ENV=prod mix pleroma.instance gen` * Answer with `yes` if it asks you to install `rebar3`. * This may take some time, because parts of akkoma get compiled first. * After that it will ask you a few questions about your instance and generates a configuration file in `config/generated_config.exs`. @@ -110,25 +112,25 @@ sudo -Hu akkoma mix deps.get * Check the configuration and if all looks right, rename it, so Akkoma will load it (`prod.secret.exs` for productive instance, `dev.secret.exs` for development instances): ```shell -sudo -Hu akkoma mv config/{generated_config.exs,prod.secret.exs} +doas -u akkoma mv config/{generated_config.exs,prod.secret.exs} ``` * The previous command creates also the file `config/setup_db.psql`, with which you can create the database: ```shell -sudo -Hu postgres psql -f config/setup_db.psql +doas -u postgres psql -f config/setup_db.psql ``` * Now run the database migration: ```shell -sudo -Hu akkoma MIX_ENV=prod mix ecto.migrate +doas -u akkoma env MIX_ENV=prod mix ecto.migrate ``` * Now you can start Akkoma already ```shell -sudo -Hu akkoma MIX_ENV=prod mix phx.server +doas -u akkoma env MIX_ENV=prod mix phx.server ``` ### Finalize installation @@ -140,20 +142,20 @@ If you want to open your newly installed instance to the world, you should run n * Install nginx, if not already done: ```shell -sudo apk add nginx +doas apk add nginx ``` * Setup your SSL cert, using your method of choice or certbot. If using certbot, first install it: ```shell -sudo apk add certbot +doas apk add certbot ``` and then set it up: ```shell -sudo mkdir -p /var/lib/letsencrypt/ -sudo certbot certonly --email -d --standalone +doas mkdir -p /var/lib/letsencrypt/ +doas certbot certonly --email -d --standalone ``` If that doesn’t work, make sure, that nginx is not already running. If it still doesn’t work, try setting up nginx first (change ssl “on” to “off” and try again). @@ -161,7 +163,7 @@ If that doesn’t work, make sure, that nginx is not already running. If it stil * Copy the example nginx configuration to the nginx folder ```shell -sudo cp /opt/akkoma/installation/nginx/akkoma.nginx /etc/nginx/conf.d/akkoma.conf +doas cp /opt/akkoma/installation/nginx/akkoma.nginx /etc/nginx/conf.d/akkoma.conf ``` * Before starting nginx edit the configuration and change it to your needs. You must change change `server_name` and the paths to the certificates. You can use `nano` (install with `apk add nano` if missing). @@ -187,14 +189,14 @@ server { * Enable and start nginx: ```shell -sudo rc-update add nginx -sudo service nginx start +doas rc-update add nginx +doas rc-service nginx start ``` If you need to renew the certificate in the future, uncomment the relevant location block in the nginx config and run: ```shell -sudo certbot certonly --email -d --webroot -w /var/lib/letsencrypt/ +doas certbot certonly --email -d --webroot -w /var/lib/letsencrypt/ ``` #### OpenRC service @@ -202,13 +204,13 @@ sudo certbot certonly --email -d --webroot -w / * Copy example service file: ```shell -sudo cp /opt/akkoma/installation/init.d/akkoma /etc/init.d/akkoma +doas cp /opt/akkoma/installation/init.d/akkoma /etc/init.d/akkoma ``` * Make sure to start it during the boot ```shell -sudo rc-update add akkoma +doas rc-update add akkoma ``` #### Create your first user @@ -216,7 +218,7 @@ sudo rc-update add akkoma If your instance is up and running, you can create your first user with administrative rights with the following task: ```shell -sudo -Hu akkoma MIX_ENV=prod mix pleroma.user new --admin +doas -u akkoma env MIX_ENV=prod mix pleroma.user new --admin ``` #### Further reading