Plum (Photo): Difference between revisions
No edit summary |
No edit summary |
||
| Line 109: | Line 109: | ||
It should return the error message | It should return the error message | ||
rm: cannot remove 'test.txt': Read-only file system | rm: cannot remove 'test.txt': Read-only file system | ||
==Webserver Setup== | |||
There will be a webserver on Plum to display all of the photos. We will be installing Piwigo as the CMS. | |||
===Reverse Proxy=== | |||
We will have to forward browser requests from both local and remote so there will be three config files to edit one for plum.seaoffate.local, photo.seaoffate.local and another config for plum.seaoffate.net. | |||
===Plum=== | |||
The same set of servers to listen to as above so seperate config for plum.seaoffate.local, photo.seaoffate.local and plum.seaoffate.net. They will all be serving the same data so we create that first. | |||
sudo mkdir -p /var/www/plum.seaoffate | |||
sudo chown www-data:www-data /var/www/plum.seaoffate | |||
Next we create Virtual Host Configuration Files | |||
sudo nano /etc/apache2/sites-available/plum.seaoffate.local.conf | |||
We need to put in the following config | |||
<VirtualHost *:80> | |||
ServerName plum.seaoffate.local | |||
DocumentRoot /var/www/plum.seaoffate | |||
ErrorLog ${APACHE_LOG_DIR}/plum.seaoffate.local-error.log | |||
CustomLog ${APACHE_LOG_DIR}/plum.seaoffate.local-access.log combined | |||
</VirtualHost> | |||
save and exit. Then the next with | |||
sudo nano /etc/apache2/sites-available/photo.seaoffate.local.conf | |||
and fill in | |||
<VirtualHost *:80> | |||
ServerName photo.seaoffate.local | |||
DocumentRoot /var/www/plum.seaoffate | |||
ErrorLog ${APACHE_LOG_DIR}/photo.seaoffate.local-error.log | |||
CustomLog ${APACHE_LOG_DIR}/photo.seaoffate.local-access.log combined | |||
</VirtualHost> | |||
Revision as of 02:23, 5 March 2025
Introduction
The host plum.seaoffate.net will be at an IP address of production.20. The purpose will be to show photos using Piwigo. The main premise is that plum will have a hard drive for it's OS as normal but read only access to the photo archive.
Strawberry
To separate the photo archive from the webserver and avoid any data loss of the original photos we will store the files on a different VM and share the files by a read only NFS. All pictures will be uploaded to this other VM that has read and write access. This other host is named strawberry and has an IP address of prod.21.
Hard Drive
Strawberry has a normal HD for it's OS but it has a large additional drive from the pearpool/PoolForPear/Pdata/shared, this is listed as AllSharedFiles on datacenter->storage and has an initial size of 4TB. It is mounted at /mnt/shared. To give a plum access to photos there is a directory called photo, this is the limit of plum's sight of the files on /mnt/shared and if some other VM needs to have access to a different share we could create another share off of mnt/shared or share /mnt/shared completely.
Strawberry & Plum Drive Sharing
Setup the Hard Drive
First we need to login to strawberry and format the Hard disk and mount it to /mnt/shared. Run
lsblk
or
sudo fdisk -l
to identify the disk to mount, it will probably be "sdb" or "/dev/sdb" or some thing similar it will be the large one in any case as we are starting with 4tb. We will not be creating a new partition, just directories, so no need for that, we will format the entire drive. To format the entire drive with ext4 we use the command (obviously, use the actual drive shown by lsblk or fdisk -l)
sudo mkfs.ext4 /dev/sdb
Next we create the mount point for /mnt/shared if it does not already exist
sudo mkdir /mnt/shared
If it does exist see if there is anything stored there and possibly move it somewhere else. but if it is empty it is ok to use as is. Now there is somewhare to mount the drive we can use the mount command
sudo mount /dev/sdb /mnt/shared
this will mount dev/sdb to the mount point /mnt/shared. To prove that it worked try
ls /mnt/shared
You should see the lost+found directory, which is created by ext4. We now need to configure /etc/fstab (for Automatic Mounting). We will need the UUID to add to /etc/fstab so run
sudo blkid /dev/sdb
and copy the UUID number. Next we need to edit fstab
sudo nano /etc/fstab
and add the line
UUID=your_uuid /mnt/shared ext4 defaults 0 2
Replace your_uuid with the value from blkid /dev/sdb.Save and exit. To verify that the fstab edits were ok use
sudo mount -a
If there is anything wrong there should be an error message. The last thing to do is to create the photo directory
sudo mkdir /mnt/shared/photo
Create an Upload user
To do any SFTP uploads we will need an user to upload photos, we will call it "photoup"
sudo adduser photoup
set permissions with
sudo chown uploader:uploader /mnt/shared/photo sudo chmod 775 /mnt/shared/photo
make sure permissions are correct for /mnt/shared
sudo chown root:root /mnt/shared sudo chmod 755 /mnt/shared
Configure NFS Server
We need to install the NFS server
sudo apt update && sudo apt install nfs-kernel-server
We need to export the directory by editing the exports file
/etc/exports
and add the line
/mnt/shared/photo 192.168.100.20(ro,sync,no_subtree_check)
Save and exit. Then to apply the export we do sudo exportfs -a sudo systemctl restart nfs-kernel-server
We need to edit the sshd config
/etc/ssh/sshd_config
Towards the bottom there should be a line
Subsystem sftp /usr/lib/openssh/sftp-server
just below that line add
Match User uploader ChrootDirectory /mnt/shared ForceCommand internal-sftp AllowTcpForwarding no X11Forwarding no
Save and exit. Now apply the config and make sure it works
sudo sshd -t sudo systemctl restart ssh sudo systemctl status ssh
Testing
We should test that the SFTP server is working by using a SFTP client like filezilla to connect and upload a text file from a local VM like the mgtConsole(lemon). use the following settings
- host = strawberry.seaoffate.local
- username = photoup
- password = whatever was set when photoup was created
- port = 22
We should be able to upload a test.txt file to the directory photo if not troubleshoot before going to the next thing.
Plum Setup
Now that the photo directory is setup and exported by strawberry we can mount it as a NFS share in Plum. To that end login to Plum then install the nfs client
sudo apt update && sudo apt install nfs-common
Create Mount Point
sudo mkdir /photo
Mount NFS Share by editing the /etc/fstab file
sudo nano /etc/fstab
add a line
192.168.100.21:/mnt/shared/photo /photo nfs ro,defaults 0 0
this mounts the /mnt/shared/photo directory from strawberry to /photo on plum with ro pemissions. if we wanted to call it pictures we would have it as
192.168.100.21:/mnt/shared/photo /pictures nfs ro,defaults 0 0
save and exit. Then do
sudo systemctl daemon-reload sudo mount -a
We can check that the shared photo directory is working by doing
ls /photo
WE should se the test.txt file there we can test that it is RO by deleting it
sudo rm test.txt
It should return the error message
rm: cannot remove 'test.txt': Read-only file system
Webserver Setup
There will be a webserver on Plum to display all of the photos. We will be installing Piwigo as the CMS.
Reverse Proxy
We will have to forward browser requests from both local and remote so there will be three config files to edit one for plum.seaoffate.local, photo.seaoffate.local and another config for plum.seaoffate.net.
Plum
The same set of servers to listen to as above so seperate config for plum.seaoffate.local, photo.seaoffate.local and plum.seaoffate.net. They will all be serving the same data so we create that first.
sudo mkdir -p /var/www/plum.seaoffate sudo chown www-data:www-data /var/www/plum.seaoffate
Next we create Virtual Host Configuration Files
sudo nano /etc/apache2/sites-available/plum.seaoffate.local.conf
We need to put in the following config
<VirtualHost *:80> ServerName plum.seaoffate.local DocumentRoot /var/www/plum.seaoffate
ErrorLog ${APACHE_LOG_DIR}/plum.seaoffate.local-error.log
CustomLog ${APACHE_LOG_DIR}/plum.seaoffate.local-access.log combined
</VirtualHost> save and exit. Then the next with
sudo nano /etc/apache2/sites-available/photo.seaoffate.local.conf
and fill in
<VirtualHost *:80> ServerName photo.seaoffate.local DocumentRoot /var/www/plum.seaoffate
ErrorLog ${APACHE_LOG_DIR}/photo.seaoffate.local-error.log
CustomLog ${APACHE_LOG_DIR}/photo.seaoffate.local-access.log combined
</VirtualHost>
