move postgres instructions above build instructions. added perlbrew switch command. added caveats. modified .service file a little
This commit is contained in:
jake
parent
ee5e4b34e4
commit
2b0f42992f
2 changed files with 27 additions and 13 deletions
37
README.md
37
README.md
|
|
@ -22,6 +22,14 @@ apt install libmojolicious-perl libmojo-pg-perl
|
|||
Note: the latest Perl at the time of writing on Debian stable is v5.36.x which doesn't have class support... I really wanted to use class(). Sorry!
|
||||
So, you're likely better off installing perlbrew and having the dedicated user that will run this program compile and install v5.38.x.
|
||||
|
||||
### postgres
|
||||
Probably not needed info, but postgres here is version 15.
|
||||
```
|
||||
% sudo apt install postgresql postgresql-server-dev-15
|
||||
% sudo -u postgres psql # test if 'active' so to speak.
|
||||
```
|
||||
Follow instructions from 'Create relevent details for the database.'
|
||||
|
||||
### perlbrew (with Debian 12.8)
|
||||
```
|
||||
% sudo apt install perlbrew
|
||||
|
|
@ -32,6 +40,7 @@ So, you're likely better off installing perlbrew and having the dedicated user t
|
|||
% sudo -u jjakkekeyserver perlbrew install-cpanm
|
||||
% sudo chsh jjakkekeyserver -s /bin/bash # we will set this back to /bin/nologin later
|
||||
% sudo -u jjakkekeyserver -i
|
||||
jjakkekeyserver% perlbrew switch perl-5.40.0
|
||||
jjakkekeyserver% PERL_CPANM_HOME=/tmp cpanm DBD::Pg # needs postgresql-server-dev-xx (on debian)
|
||||
jjakkekeyserver% cpanm Mojolicious Mojo::Pg # AND postgres itself must be running
|
||||
# DBD::Pg test wants to poke stuff, fails otherwise
|
||||
|
|
@ -41,14 +50,6 @@ jjakkekeyserver% exit
|
|||
% sudo chsh jjakkekeyserver -s /bin/nologin
|
||||
```
|
||||
|
||||
#### postgres
|
||||
Probably not needed info, but postgres here is version 15.
|
||||
```
|
||||
% sudo apt install postgresql postgresql-server-dev-xx
|
||||
% sudo -u postgres psql # test if 'active' so to speak.
|
||||
```
|
||||
Follow instructions from 'Create relevent details for the database.'
|
||||
|
||||
### Install via cpan (or cpan-minus, considered way better by most)
|
||||
```
|
||||
cpanm Mojolicious Mojo::Pg Mojo::File Mojo::Util
|
||||
|
|
@ -56,7 +57,12 @@ cpanm Mojolicious Mojo::Pg Mojo::File Mojo::Util
|
|||
Installing via cpan(m) will work because the Mojolicious devs are competent (to be more specific, they opt to recreate everything, that way if a dependency breaks because the author is ignoring issues or fucking DEAD there won't be permanently broken cpan repos that mojolicious depends on)
|
||||
|
||||
## To use
|
||||
### Create a dedicated user to run this program
|
||||
### Create a dedicated user to run this program (Debian)
|
||||
```
|
||||
sudo adduser --group --home /var/jjakkekeyserver --system -- jjakkekeyserver
|
||||
```
|
||||
|
||||
### Create a dedicated user to run this program (not Debian)
|
||||
```
|
||||
sudo useradd --system --create-home --home-dir /var/jjakkekeyserver --shell /bin/nologin jjakkekeyserver
|
||||
```
|
||||
|
|
@ -78,11 +84,22 @@ jjakkekeyserverdb=# grant all privileges on schema public to jjakkekeyserver;
|
|||
jjakkekeyserverdb=# exit
|
||||
```
|
||||
|
||||
### Caveats
|
||||
#### config file
|
||||
For some reason, hypnotoad (or morbo) lacks a 'config' flag and there isn't a way to set it as far as I can tell (even in program (for now)). What I do know is that it looks for keyserver.conf in the working directory.
|
||||
|
||||
#### Usage of 'lib'
|
||||
I used `use lib qw(lib)` in my program, which means the working directory has have 'lib/KeyData.pm' in it, or be manually installed somewhere (really not recommended). Basically the directory keyserver program resides in.
|
||||
|
||||
I will add a dedicated installer for this, later. KeyData.pm is useful.
|
||||
|
||||
|
||||
### Start Program
|
||||
```
|
||||
sudo -u jjakkekeyserver hypnotoad -f keyserver ./keyserver.conf; # -f = starts in foreground
|
||||
sudo -u jjakkekeyserver hypnotoad -f ./keyserver; # -f = starts in foreground
|
||||
```
|
||||
|
||||
|
||||
### Proxy
|
||||
It's a good idea to proxy this program behind another dedicated program that listens on relevant ports: no TLS, 11371 and 80; with TLS, 11372 and 443.
|
||||
|
||||
|
|
|
|||
|
|
@ -3,16 +3,13 @@ Description=jjakke's keyserver
|
|||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
User=jjakkekeyserver
|
||||
Group=jjakkekeyserver
|
||||
WorkingDirectory=/var/jjakkekeyserver/keyserver
|
||||
ExecStart=/var/jjakkekeyserver/perl5/perlbrew/perls/perl-5.40.0/bin/hypnotoad -f /var/jjakkekeyserver/keyserver/keyserver
|
||||
Environment=PERL5LIB=/var/jjakkekeyserver/perl5/lib/perl5
|
||||
Environment=PATH=/var/jjakkekeyserver/perl5/perlbrew/bin:/var/jjakkekeyserver/perl5/perlbrew/perls/perl-5.40.0/bin:$PATH
|
||||
Restart=always
|
||||
RestartSec=5
|
||||
LimitNOFILE=4096
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
|
|
|||
Loading…
Reference in a new issue