Plum (Photo): Difference between revisions

From Sea of Fate
Jump to navigationJump to search
Created page with "==Introduction== The host plum.seaoffate.net will be at an IP address of production.20. The purpose will be to show photos using Piwigo. The main premise is that plum will have a hard drive for it's OS as normal but read only access to the photo archive. ==Strawberry== To separate the photo archive from the webserver and avoid any data loss of the original photos we will store the files on a different VM and share the files by a read only NFS. All pictures will be upl..."
 
 
(43 intermediate revisions by 4 users not shown)
Line 1: Line 1:
==Introduction==
==Introduction==


The host plum.seaoffate.net will be at an IP address of production.20. The purpose will be to show photos using Piwigo. The main premise is that plum will have a hard drive for it's OS as normal but read only access to the photo archive.
The host plum.seaoffate.net will be at an IP address of production.20. The purpose will be to show photos using Piwigo. The main premise is that plum will have a SSD hard drive for it's OS as normal but it will have a large hard drive from the ZFS Proxmox storage to store the photos and video. We can add the hd as soon as the VM is created but leave it to be formatted and mounted later.


==Strawberry==
==Updates==


To separate the photo archive from the webserver and avoid any data loss of the original photos we will store the files on a different VM and share the files by a read only NFS. All pictures will be uploaded to this other VM that has read and write access. This other host is named strawberry and has an IP address of prod.21.  
Both Logan and '''[[Lime]]''' have been retired with all of their website setup file and database moved to Plum as vhosts. '''[[Postfix Installation| Postfix ]]'''is also running from Plum as well.


===Hard Drive===
==Initial Setup==


Strawberry has a normal HD for it's OS but it has a large additional drive from the pearpool/PoolForPear/Pdata/shared, this is listed as AllSharedFiles on datacenter->storage and has an initial size of 4TB. It is mounted at /mnt/shared. To give a plum access to photos there is a directory called photo, this is the limit of plum's sight of the files on /mnt/shared and if some other VM needs to have access to a different share we could create another share off of mnt/shared or share /mnt/shared completely.
The first things we need to do is to install Apache and configure the webserver, as soon as that is done we should setup the reverse proxy on Raisin. The good news is that we have some scripts to do that as it is just boiler plate stuff all we need to say here is that the website will be called photo or more precisely photo.seaoffate.net. To use the wonderful scripts we must first copy them from Lemon so open a terminal on lemon and cd to ~/templates once that is done enter the command
scp create_apache_config.sh lamp_client_install.sh nigel@plum:~/
This will copy the files to the home dir of nigel (if SSH is not ready yet on plum look here). When the two are copied they will need to be made executable and make sure they are owned by the set user so login to plum and
sudo chown nigel:nigel create_apache_config.sh
sudo chown nigel:nigel lamp_client_install.sh
sudo chmod 755 lamp_client_install.sh
sudo chmod 755 create_apache_config.sh
Now that we have the first scripts we can execute them
./lamp_client_install.sh
and then setup the websites with the other script
./create_apache_config.sh photo
This script will create the configs for the hostname(plum) and the parameter in this case photo. We will get 6 configs both the http and https for plum.seaofffate.local and photo.seaoffate.local and photo.seaoffate.net. We will should check that the seaoffate.crt is in the /etc/ssl/certs dir
ls -l /etc/ssl/certs/
If it is missing then we should get the cert and key and mv it to the /etc/ssl/ dirs it should be called "seaoffate" (.crt & .key) to match the Apache configs that we just created. The next thing we need to do is get the piwigo zip file. Probably the best thing is to get it downloaded on to one of the desktop Linux VMs and scp it to this at the home dir. We will need to copy the zip to the public_html (best to cp rather than mv in case we need to redo the install and we would just delete everything in public_html). First we install zip, then cp the zip file then cd to where we want to extract to
sudo apt install zip
sudo cp piwigo-15.4.0.zip /var/www/plum.seaoffate.local
cd /var/www/plum.seaoffate.local
Then delete the existing public_html
sudo rm -rf /var/www/plum.seaoffate.local/public_html
and then unzip the file with
sudo unzip piwigo-15.4.0.zip -d .
This will create a dir called piwigo and so we rename it to public_html
sudo mv piwigo /var/www/plum.seaoffate.local/public_html
so we now should have all of the files extracted in to the docroot of our website we now need to change the permissions & ownership to the apache user
sudo chown -R www-data:www-data /var/www/plum.seaoffate.local/public_html/
sudo chmod 755 -R /var/www/plum.seaoffate.local/public_html/


===Setup Strawberry to share /mnt/shared/photo===
Before we can proceed with the installation at a web browser we have to create a database and for piwigo to use so ssh to mandarin and start a MySQL session with
 
sudo mysql -u root -p
First we need to format the Hard disk and mount it to /mnt/shared. Run
at the mysql> prompt we need to create the database
  lsblk
CREATE DATABASE piwigo_db;
or
and then the user with privileges to the database, we will restrict this user to the plum host only
  sudo fdisk -l
CREATE USER 'piwigo_user'@'192.168.100.22' IDENTIFIED BY 'your_strong_password';
to identify the disk to mount, it will probably be "sdb" or "/dev/sdb" or some thing similar it will be the large one in any case as we are starting with 4tb. We will not be creating a new partition, just directories, so no need for that, we will format the entire drive. To format the entire drive with ext4 we use the command (obviously, use the actual drive shown by lsblk or fdisk -l)
  GRANT ALL PRIVILEGES ON piwigo_db.* TO 'piwigo_user'@'192.168.100.22';
  sudo mkfs.ext4 /dev/sdb
FLUSH PRIVILEGES;
Next we craet the mount point for /mnt/shared if it does not already exist
  exit;
  sudo mkdir /mnt/shared
Armed with our newly created database and user we can now start the web installation so we need to go get a web browser to https://photo.seaoffate.local. if that takes us to the nginix holding page we will need to setup raisin to do the reverse proxy thing or we could continue from a client inside the Pfsense but if we do that we still have to do the raisin set up at some point. so we may as well do so now so SSH to raisin
If it does exist see if there is anything stored there and possibly move it somewhere else. but if it is empty it is ok to use as is. Now there is somewhare to mount the drive we can use the mount command
cd /etc/nginx/sites-available
sudo mount /dev/sdb /mnt/shared
  sudo cp wiki.conf photo.conf
this will mount dev/sdb to the mount point /mnt/shared. To prove that it worked try
sudo cp wiki.seaoffate.local.ssl.conf photo.seaoffate.local.ssl.conf
ls /mnt/shared
  sudo cp wiki.seaoffate.net.conf photo.seaoffate.net.conf
You should see the lost+found directory, which is created by ext4. We now need to configure /etc/fstab (for Automatic Mounting). We will need the UUID to add to /etc/fstab so run
Then modify them to replace the servernames and ip addresses. While it is not pretty it does work and the scripts that we had generated forwarding loops so we can't use them. It looks like the reverse proxy was redirecting as well as the origin so it was causing a problem for browsers, we should only have the origin browser do any redirect between 80 and 443. Once this is done proceed to the web browser part of the piwigi installation. Keep a record of passwords in a password manager. The Details that need to be entered on the web install are:
sudo blkid /dev/sdb
* For the database Hostname is the IP of Mandarin 192.168.100.8
and copy the UUID number. Next we need to edit fstab
* For the username it will be as was entered in the DB setup earlier piwigo_user
sudo nano /etc/fstab
* For the password it should be on the keepass under piwigo mysql user
and add the line
* The database name will also be the name setup earlier piwigo_db
UUID=your_uuid /mnt/shared ext4 defaults 0 2
* Administration configuration username should be stored in the keepass password manager
Replace your_uuid with the value from blkid /dev/sdb.Save and exit. To verify that the fstab edits were ok use
* Get the password from the same as username
sudo mount -a
* use [email protected] as this should be redirected by Cloudflare
If there is anything wrong there should be an error message. The last thing to do is to create the photo directory
Most of the install is now done. we could use the application as is but we would run out of storage for photos before too long so we will add a big hard drive to the installation mounting it inside public_html/galleries.
sudo mkdir /mnt/shared/photo
 
===Create an Upload user===
 
to

Latest revision as of 03:05, 28 February 2026

Introduction

The host plum.seaoffate.net will be at an IP address of production.20. The purpose will be to show photos using Piwigo. The main premise is that plum will have a SSD hard drive for it's OS as normal but it will have a large hard drive from the ZFS Proxmox storage to store the photos and video. We can add the hd as soon as the VM is created but leave it to be formatted and mounted later.

Updates

Both Logan and Lime have been retired with all of their website setup file and database moved to Plum as vhosts. Postfix is also running from Plum as well.

Initial Setup

The first things we need to do is to install Apache and configure the webserver, as soon as that is done we should setup the reverse proxy on Raisin. The good news is that we have some scripts to do that as it is just boiler plate stuff all we need to say here is that the website will be called photo or more precisely photo.seaoffate.net. To use the wonderful scripts we must first copy them from Lemon so open a terminal on lemon and cd to ~/templates once that is done enter the command 

scp create_apache_config.sh lamp_client_install.sh nigel@plum:~/

This will copy the files to the home dir of nigel (if SSH is not ready yet on plum look here). When the two are copied they will need to be made executable and make sure they are owned by the set user so login to plum and 

sudo chown nigel:nigel create_apache_config.sh
sudo chown nigel:nigel lamp_client_install.sh
sudo chmod 755 lamp_client_install.sh
sudo chmod 755 create_apache_config.sh

Now that we have the first scripts we can execute them 

./lamp_client_install.sh

and then setup the websites with the other script 

./create_apache_config.sh photo

This script will create the configs for the hostname(plum) and the parameter in this case photo. We will get 6 configs both the http and https for plum.seaofffate.local and photo.seaoffate.local and photo.seaoffate.net. We will should check that the seaoffate.crt is in the /etc/ssl/certs dir 

ls -l /etc/ssl/certs/

If it is missing then we should get the cert and key and mv it to the /etc/ssl/ dirs it should be called "seaoffate" (.crt & .key) to match the Apache configs that we just created. The next thing we need to do is get the piwigo zip file. Probably the best thing is to get it downloaded on to one of the desktop Linux VMs and scp it to this at the home dir. We will need to copy the zip to the public_html (best to cp rather than mv in case we need to redo the install and we would just delete everything in public_html). First we install zip, then cp the zip file then cd to where we want to extract to 

sudo apt install zip
sudo cp piwigo-15.4.0.zip /var/www/plum.seaoffate.local
cd /var/www/plum.seaoffate.local

Then delete the existing public_html 

sudo rm -rf /var/www/plum.seaoffate.local/public_html

and then unzip the file with 

sudo unzip piwigo-15.4.0.zip -d .

This will create a dir called piwigo and so we rename it to public_html 

sudo mv piwigo /var/www/plum.seaoffate.local/public_html

so we now should have all of the files extracted in to the docroot of our website we now need to change the permissions & ownership to the apache user 

sudo chown -R www-data:www-data /var/www/plum.seaoffate.local/public_html/
sudo chmod 755 -R /var/www/plum.seaoffate.local/public_html/

Before we can proceed with the installation at a web browser we have to create a database and for piwigo to use so ssh to mandarin and start a MySQL session with 

sudo mysql -u root -p

at the mysql> prompt we need to create the database 

CREATE DATABASE piwigo_db;

and then the user with privileges to the database, we will restrict this user to the plum host only 

CREATE USER 'piwigo_user'@'192.168.100.22' IDENTIFIED BY 'your_strong_password';
GRANT ALL PRIVILEGES ON piwigo_db.* TO 'piwigo_user'@'192.168.100.22';
FLUSH PRIVILEGES; 
exit;

Armed with our newly created database and user we can now start the web installation so we need to go get a web browser to https://photo.seaoffate.local. if that takes us to the nginix holding page we will need to setup raisin to do the reverse proxy thing or we could continue from a client inside the Pfsense but if we do that we still have to do the raisin set up at some point. so we may as well do so now so SSH to raisin 

cd /etc/nginx/sites-available
sudo cp wiki.conf photo.conf
sudo cp wiki.seaoffate.local.ssl.conf photo.seaoffate.local.ssl.conf
sudo cp wiki.seaoffate.net.conf photo.seaoffate.net.conf

Then modify them to replace the servernames and ip addresses. While it is not pretty it does work and the scripts that we had generated forwarding loops so we can't use them. It looks like the reverse proxy was redirecting as well as the origin so it was causing a problem for browsers, we should only have the origin browser do any redirect between 80 and 443. Once this is done proceed to the web browser part of the piwigi installation. Keep a record of passwords in a password manager. The Details that need to be entered on the web install are:

  • For the database Hostname is the IP of Mandarin 192.168.100.8
  • For the username it will be as was entered in the DB setup earlier piwigo_user
  • For the password it should be on the keepass under piwigo mysql user
  • The database name will also be the name setup earlier piwigo_db
  • Administration configuration username should be stored in the keepass password manager
  • Get the password from the same as username
  • use [email protected] as this should be redirected by Cloudflare

Most of the install is now done. we could use the application as is but we would run out of storage for photos before too long so we will add a big hard drive to the installation mounting it inside public_html/galleries.

Retrieved from "https://wiki.seaoffate.net/index.php?title=Plum_(Photo)&oldid=1322"