Aller au contenu

« FeministWiki:Server setup » : différence entre les versions

aucun résumé des modifications
Aucun résumé des modifications
Ligne 79 : Ligne 79 :


The <code>openssl</code> decryption command will prompt you for a password.  Enter the password stored in <code>/root/pwd/meta</code> on the old server.
The <code>openssl</code> decryption command will prompt you for a password.  Enter the password stored in <code>/root/pwd/meta</code> on the old server.
=== Initialize LetsEncrypt ===
The first run of Certbot has to be interactive, so we will do that now.  Since the DNS entries still point to the old server, we can't get a cert for the real domains.  For now, make '''feministwiki.dev''' point to the IP address of the new server, then proceed with the instructions below.
Stop Apache (<code>systemctl stop apache2</code>), run <code>certbot certonly --cert-name feministwiki.org</code> (yes, the name should be <code>.org</code> even though the domain will be just <code>.dev</code> for now), then follow the on-screen instructions.  Use the "standalone" authentication method when asked and enter feministwiki.dev as the sole domain.


=== Put config files in place ===
=== Put config files in place ===
Ligne 94 : Ligne 88 :
   groupadd -g 5000 vmail
   groupadd -g 5000 vmail
   useradd -u 5000 -g vmail -s /usr/sbin/nologin -d /home/vmail -m vmail
   useradd -u 5000 -g vmail -s /usr/sbin/nologin -d /home/vmail -m vmail
=== Initialize LetsEncrypt ===
The first run of Certbot has to be interactive, so we will do that now.  Since the DNS entries still point to the old server, we can't get a cert for the real domains.  For now, make '''feministwiki.dev''' point to the IP address of the new server, then proceed with the instructions below.
Stop Apache (<code>systemctl stop apache2</code>), run <code>certbot certonly --cert-name feministwiki.org</code> (yes, the name should be <code>.org</code> even though the domain will be just <code>.dev</code> for now), then follow the on-screen instructions.  Use the "standalone" authentication method when asked and enter feministwiki.dev as the sole domain.


=== Stop services on old server ===
=== Stop services on old server ===
Ligne 128 : Ligne 128 :


TODO
TODO
=== Update the certificate ===
Run the <code>letsencrypt-refresh</code> script to get a new certificate which includes all our domain names, since we had started out with just feministwiki.dev.