Merge a few deployment notes

This commit is contained in:
Alex D. 2020-12-22 23:20:15 +00:00
parent d2687996e2
commit 5b4d76a975
Signed by: caskd
GPG Key ID: F92BA85F61F4C173
1 changed files with 1 additions and 9 deletions

View File

@ -4,6 +4,7 @@ General:
- Every database-backed service needs manual user creation and db creation
- Every service needs to be started and enabled manually via openrc (custom services end in .redxen)
- Every service that needs ports needs entries in /etc/iptables/rx-rules{4,6}
- Every service that needs data storage needs a volume to back it
ifupdown-ng:
- Public networks should be configured manually since RAs aren't usually configured
@ -33,12 +34,6 @@ Yggdrasil:
Unbound:
- Set `RESOLV_CONF=no` in /etc/udhcpc/udhcpc.conf to prevent automatic DNS configuration
Transmission:
- If the data is stored on a mounted fs, it needs to be mounted at /seedbox.
- If the contents of seedbox are owned by some other user than what's defined
in /etc/conf.d/transmission then the permissions need to be changed to
match accordingly
OpenSSH SFTP Chroot (part of seedbox):
- Bind mounts from location of chroot to /sftp-chroot
NOTE: Usually `mount -o bind /seedbox /sftp-chroot`
@ -47,9 +42,6 @@ OpenSSH SFTP Chroot (part of seedbox):
Pleroma:
- Migration might be needed between upgrades (/pleroma/bin/pleroma_ctl migrate)
NGINX:
- It has to be added to the groups for the /http contents
Wireguard:
- Requires the following iptables rules other than the port opening
```