# HG changeset patch # User Chris Cannam # Date 1503586610 -3600 # Node ID 18643ab360089b3b5004049fcf7c05dfd0ccec72 # Parent 2162f6ff85803d0fa76f174253a92592b4082d62 Fixes, doc updates diff -r 2162f6ff8580 -r 18643ab36008 deploy/README --- a/deploy/README Thu Aug 24 14:47:04 2017 +0100 +++ b/deploy/README Thu Aug 24 15:56:50 2017 +0100 @@ -16,9 +16,10 @@ * A database dump to load. This should be left in a file called postgres-dumpall in the soundsoftware-site root - * The database password and /sys API key for the target site. (The - API key can be changed in the admin UI - "grep API config/*.in" to - see the files you'll need to update if you change it) + * The database password and /sys API key for the target site. (This + can be queried from the db: settings table, name "sys_api_key". You + can change it in the admin UI; grep API config/*.in to see the + files you'll need to update if you change it) * The (copyrighted) web font files used in our deployment. Leave these in /public/themes/soundsoftware/stylesheets/fonts/ diff -r 2162f6ff8580 -r 18643ab36008 deploy/any/prepare.sh --- a/deploy/any/prepare.sh Thu Aug 24 14:47:04 2017 +0100 +++ b/deploy/any/prepare.sh Thu Aug 24 15:56:50 2017 +0100 @@ -46,7 +46,7 @@ fi if [ ! -f "$rootdir/postgres-dumpall" ]; then - echo "ERROR: I expect to find a Postgres SQL multi-db dump file in $rootdir/postgres-dumpall" + echo "ERROR: I expect to find a Postgres SQL multi-db dump file in $rootdir/postgres-dumpall. Create an empty file there if you don't want to load a database." exit 2 fi diff -r 2162f6ff8580 -r 18643ab36008 deploy/any/run-provisioning.sh --- a/deploy/any/run-provisioning.sh Thu Aug 24 14:47:04 2017 +0100 +++ b/deploy/any/run-provisioning.sh Thu Aug 24 15:56:50 2017 +0100 @@ -20,7 +20,7 @@ case "$f" in *~) ;; *) echo "Running provisioning script: $f" - /bin/bash "$f";; + /bin/bash "$f" - + ServerName code.soundsoftware.ac.uk ServerAdmin chris.cannam@soundsoftware.ac.uk + SSLEngine on + SSLCertificateFile /etc/apache2/certs/code.soundsoftware.ac.uk.crt + SSLCertificateKeyFile /etc/apache2/certs/code.soundsoftware.ac.uk.key + SSLCertificateChainFile /etc/apache2/certs/code.soundsoftware.ac.uk.ca-bundle + SSLVerifyClient none + SSLProtocol all -SSLv2 -SSLv3 + SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW + DocumentRoot /var/www/code/public PassengerRestartDir restart_files PassengerHighPerformance on diff -r 2162f6ff8580 -r 18643ab36008 deploy/provision.d/030-webapp-dir.sh --- a/deploy/provision.d/030-webapp-dir.sh Thu Aug 24 14:47:04 2017 +0100 +++ b/deploy/provision.d/030-webapp-dir.sh Thu Aug 24 15:56:50 2017 +0100 @@ -24,6 +24,6 @@ fi chown -R code.www-data /var/www/code +chmod 755 /var/www/code find /var/www/code -type d -exec chmod g+s \{\} \; - diff -r 2162f6ff8580 -r 18643ab36008 deploy/provision.d/100-apache-config.sh --- a/deploy/provision.d/100-apache-config.sh Thu Aug 24 14:47:04 2017 +0100 +++ b/deploy/provision.d/100-apache-config.sh Thu Aug 24 15:56:50 2017 +0100 @@ -28,6 +28,7 @@ ln -s ../mods-available/expires.load /etc/apache2/mods-enabled/ ln -s ../mods-available/rewrite.load /etc/apache2/mods-enabled/ ln -s ../mods-available/cgi.load /etc/apache2/mods-enabled/ + ln -s ../mods-available/ssl.load /etc/apache2/mods-enabled/ cp "$codeconf" /etc/apache2/sites-available/code.conf cp "$codeconfssl" /etc/apache2/sites-available/code-ssl.conf