aports/DEPLOYMENT-NOTES
2020-12-13 01:33:40 +00:00

51 lines
1.6 KiB
Plaintext

Some services need some preparation or configuration to work. Not all can work out of the box.
General:
- Every database-backed service needs manual user creation and db creation
- Every service needs to be started and enabled manually via openrc (custom services end in .redxen)
ifupdown-ng:
- Public networks should be configured manually since RAs aren't usually configured
``` HETZNER EXAMPLE
auto eth0
iface eth0 inet static
address
netmask 255.255.255.255
gateway 172.31.1.1
pointopoint 172.31.1.1
iface eth0 inet6 static
address
netmask 64
gateway fe80::1
```
- Private networks need this workaround for routing to work properly
```
auto eth1
iface eth1 inet dhcp
up ip route add 10.0.0.0/16 via 10.0.0.1 dev eth1
post-up ip route del via 10.0.0.1 dev eth1
```
Yggdrasil:
- Yggdrasil needs manual configuration for peers and whitelisting
Unbound:
- Set `RESOLV_CONF=no` in /etc/udhcpc/udhcpc.conf to prevent automatic DNS configuration
Transmission:
- If the data is stored on a mounted fs, it needs to be mounted at /seedbox.
- If the contents of seedbox are owned by some other user than what's defined
in /etc/conf.d/transmission then the permissions need to be changed to
match accordingly
OpenSSH SFTP Chroot (part of seedbox):
- Bind mounts from location of chroot to /sftp-chroot
NOTE: Usually `mount -o bind /seedbox /sftp-chroot`
- seedbox user needs to be manually appended to /etc/ssh/sshd_config
Pleroma:
- Migration might be needed between upgrades (/pleroma/bin/pleroma_ctl migrate)
NGINX:
- It has to be added to the groups for the /http contents