forked from isaw/isaw.web
-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathHOSTING.txt
100 lines (69 loc) · 3.27 KB
/
HOSTING.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
Hosts:
staging: isaw4-dev.atlantides.org = 66.35.48.8
production: isaw.nyu.edu = isaw4.atlantides.org = 66.35.39.43
The following commands are required to install required software packages and
configure the server::
apt-get install git apache2 apache2-utils varnish haproxy bibutils wv
poppler-utils libjpeg-dev libxml2-dev libxslt-dev libtiff5-dev
libfreetype6-dev a2enmod rewrite ssl headers proxy proxy_http deflate
munin munin-node
# For Plone >= 4.3
cd /srv
git clone [email protected]:isawnyu/isaw.web
cd isaw.web
chown -R plone:jazkarta .
chmod -R g+rwX .
python2.7 ./bootstrap.py
su plone -c "bin/buildout -c production.cfg"
cp conf/supervisor.conf /etc/init
service supervisor restart
# Enable haproxy
vim /etc/default/hapxroxy
cp conf/haproxy.cfg /etc/haproxy
service haproxy restart
# Enable varnish
cp conf/varnish.vcl /etc/varnish
service varnish restart
# Munin (http://site/munin) the following command will ask for a password
# to use for protecting munin
htpasswd -c /etc/munin/munin-htpasswd Munin
cp conf/munin-apache.conf /etc/munin/apache.conf
cp conf/munin.conf /etc/munin
service munin-node restart
# Apache config Copy certs to /etc/ssl/private
cp conf/isaw-apache.conf conf/isaw-apache-ssl.conf /etc/apache2/sites-available
cd /etc/apache2/sites-enabled
rm 000-default.conf
ln -s ../isaw-apache.conf .
ln -s ../isaw-apache-ssl.conf .
service apache2 restart
To deploy new software to production or staging (do not use sudo for any of
the following commands unless specified)::
cd /srv/isaw.web
sudo -u plone git pull
sudo -u bin/buildout -c production.cfg
sudo supervisorctl restart client1 client2 client3
In production it may make sense to switch to a new tag instead of doing a `pull`::
sudo -u plone git fetch
sudo -u plone git checkout TAG_NAME
You may also wish to use `sudo service varnish restart` to clear the cache.
If changes have been made to the supervisor config you will need to restart
the system supervisor using `sudo service supervisor restart`.
The buildout command requires that your user have ssh access to the github
repos via an ssh key (i.e. using ssh agent forwarding), and that you can write
to the repos checked out in sources (members of the "jazkarta" OS group can
write, as can the "plone" user).
Occasionally the permissions on the sources may need to be updated using::
sudo chown -R plone:jazkarta src/ bin/ parts/
sudo chmod -R g+rwX src/ bin/ parts/
To sync Data from ISAW production to staging, you will need to ensure that your
production user can read all blobstorage files on the production server::
sudo chgrp -R jazkarta /srv/isaw.web/var/blobstorage/*
sudo chmod -R g+rX /srv/isaw.web/var/blobstorage/*
Then login to the staging server and copy the files into place::
cd /srv/isaw.web
sudo rsync -avz -e "ssh -p 6195" *user*@66.35.39.43:/srv/isaw.web/var/filestorage/ var/filestorage/
sudo rsync -avz --delete -e "ssh -p 6195" *user*@66.35.39.43:/srv/isaw.web/Plone/zeocluster/var/blobstorage/ var/blobstorage/
Syncing other sites from ISAW production::
cd /srv
sudo rsync -avz -e "ssh -p 6195" *user*@66.35.39.43:/srv/www-data/ www-data/