918
modifications
« FeministWiki:Server setup » : différence entre les versions
aucun résumé des modifications
Aucun résumé des modifications |
|||
| Ligne 79 : | Ligne 79 : | ||
The <code>openssl</code> decryption command will prompt you for a password. Enter the password stored in <code>/root/pwd/meta</code> on the old server. | The <code>openssl</code> decryption command will prompt you for a password. Enter the password stored in <code>/root/pwd/meta</code> on the old server. | ||
=== Put config files in place === | === Put config files in place === | ||
| Ligne 94 : | Ligne 88 : | ||
groupadd -g 5000 vmail | groupadd -g 5000 vmail | ||
useradd -u 5000 -g vmail -s /usr/sbin/nologin -d /home/vmail -m vmail | useradd -u 5000 -g vmail -s /usr/sbin/nologin -d /home/vmail -m vmail | ||
=== Initialize LetsEncrypt === | |||
The first run of Certbot has to be interactive, so we will do that now. Since the DNS entries still point to the old server, we can't get a cert for the real domains. For now, make '''feministwiki.dev''' point to the IP address of the new server, then proceed with the instructions below. | |||
Stop Apache (<code>systemctl stop apache2</code>), run <code>certbot certonly --cert-name feministwiki.org</code> (yes, the name should be <code>.org</code> even though the domain will be just <code>.dev</code> for now), then follow the on-screen instructions. Use the "standalone" authentication method when asked and enter feministwiki.dev as the sole domain. | |||
=== Stop services on old server === | === Stop services on old server === | ||
| Ligne 128 : | Ligne 128 : | ||
TODO | TODO | ||
=== Update the certificate === | |||
Run the <code>letsencrypt-refresh</code> script to get a new certificate which includes all our domain names, since we had started out with just feministwiki.dev. | |||