Plum (Photo)
Introduction
The host plum.seaoffate.net will be at an IP address of production.20. The purpose will be to show photos using Piwigo. The main premise is that plum will have a hard drive for it's OS as normal but read only access to the photo archive.
Strawberry
To separate the photo archive from the webserver and avoid any data loss of the original photos we will store the files on a different VM and share the files by a read only NFS. All pictures will be uploaded to this other VM that has read and write access. This other host is named strawberry and has an IP address of prod.21.
Hard Drive
Strawberry has a normal HD for it's OS but it has a large additional drive from the pearpool/PoolForPear/Pdata/shared, this is listed as AllSharedFiles on datacenter->storage and has an initial size of 4TB. It is mounted at /mnt/shared. To give a plum access to photos there is a directory called photo, this is the limit of plum's sight of the files on /mnt/shared and if some other VM needs to have access to a different share we could create another share off of mnt/shared or share /mnt/shared completely.
Strawberry & Plum Drive Sharing
Setup the Hard Drive
First we need to login to strawberry and format the Hard disk and mount it to /mnt/shared. Run
lsblk
or
sudo fdisk -l
to identify the disk to mount, it will probably be "sdb" or "/dev/sdb" or some thing similar it will be the large one in any case as we are starting with 4tb. We will not be creating a new partition, just directories, so no need for that, we will format the entire drive. To format the entire drive with ext4 we use the command (obviously, use the actual drive shown by lsblk or fdisk -l)
sudo mkfs.ext4 /dev/sdb
Next we create the mount point for /mnt/shared if it does not already exist
sudo mkdir /mnt/shared
If it does exist see if there is anything stored there and possibly move it somewhere else. but if it is empty it is ok to use as is. Now there is somewhare to mount the drive we can use the mount command
sudo mount /dev/sdb /mnt/shared
this will mount dev/sdb to the mount point /mnt/shared. To prove that it worked try
ls /mnt/shared
You should see the lost+found directory, which is created by ext4. We now need to configure /etc/fstab (for Automatic Mounting). We will need the UUID to add to /etc/fstab so run
sudo blkid /dev/sdb
and copy the UUID number. Next we need to edit fstab
sudo nano /etc/fstab
and add the line
UUID=your_uuid /mnt/shared ext4 defaults 0 2
Replace your_uuid with the value from blkid /dev/sdb.Save and exit. To verify that the fstab edits were ok use
sudo mount -a
If there is anything wrong there should be an error message. The last thing to do is to create the photo directory
sudo mkdir /mnt/shared/photo
Create an Upload user
To do any SFTP uploads we will need an user to upload photos, we will call it "photoup"
sudo adduser photoup
set permissions with
sudo chown uploader:uploader /mnt/shared/photo sudo chmod 775 /mnt/shared/photo
make sure permissions are correct for /mnt/shared
sudo chown root:root /mnt/shared sudo chmod 755 /mnt/shared
Configure NFS Server
We need to install the NFS server
sudo apt update && sudo apt install nfs-kernel-server
We need to export the directory by editing the exports file
/etc/exports
and add the line
/mnt/shared/photo 192.168.100.20(ro,sync,no_subtree_check)
Save and exit. Then to apply the export we do sudo exportfs -a sudo systemctl restart nfs-kernel-server
We need to edit the sshd config
/etc/ssh/sshd_config
Towards the bottom there should be a line
Subsystem sftp /usr/lib/openssh/sftp-server
just below that line add
Match User uploader ChrootDirectory /mnt/shared ForceCommand internal-sftp AllowTcpForwarding no X11Forwarding no
Save and exit. Now apply the config and make sure it works
sudo sshd -t sudo systemctl restart ssh sudo systemctl status ssh
Testing
We should test that the SFTP server is working by using a SFTP client like filezilla to connect and upload a text file from a local VM like the mgtConsole(lemon). use the following settings
- host = strawberry.seaoffate.local
- username = photoup
- password = whatever was set when photoup was created
- port = 22
We should be able to upload a test.txt file to the directory photo if not troubleshoot before going to the next thing.
Plum Setup
Now that the photo directory is setup and exported by strawberry we can mount it as a NFS share in Plum. To that end login to Plum then install the nfs client
sudo apt update && sudo apt install nfs-common
Create Mount Point
sudo mkdir /photo
Mount NFS Share by editing the /etc/fstab file
sudo nano /etc/fstab
add a line
192.168.100.21:/mnt/shared/photo /photo nfs ro,defaults 0 0
this mounts the /mnt/shared/photo directory from strawberry to /photo on plum with ro pemissions. if we wanted to call it pictures we would have it as
192.168.100.21:/mnt/shared/photo /pictures nfs ro,defaults 0 0
save and exit. Then do
sudo systemctl daemon-reload sudo mount -a
We can check that the shared photo directory is working by doing
ls /photo
WE should se the test.txt file there we can test that it is RO by deleting it
sudo rm test.txt
It should return the error message
rm: cannot remove 'test.txt': Read-only file system
Webserver Setup
There will be a webserver on Plum to display all of the photos. We will be installing Piwigo as the CMS.
Reverse Proxy
We will have to forward browser requests from both local and remote so there will be three config files to edit one for plum.seaoffate.local, photo.seaoffate.local and another config for plum.seaoffate.net.
Plum
The same set of servers to listen to as above so seperate config for plum.seaoffate.local, photo.seaoffate.local and plum.seaoffate.net. They will all be serving the same data so we create that first.
Server Configs
sudo mkdir -p /var/www/plum.seaoffate sudo chown www-data:www-data /var/www/plum.seaoffate
Next we create Virtual Host Configuration Files
sudo nano /etc/apache2/sites-available/plum.seaoffate.local.conf
We need to put in the following config
<VirtualHost *:80> ServerName plum.seaoffate.local DocumentRoot /var/www/plum.seaoffate
ErrorLog ${APACHE_LOG_DIR}/plum.seaoffate.local-error.log
CustomLog ${APACHE_LOG_DIR}/plum.seaoffate.local-access.log combined
</VirtualHost> save and exit. Then the next with
sudo nano /etc/apache2/sites-available/photo.seaoffate.local.conf
and fill in
<VirtualHost *:80> ServerName photo.seaoffate.local DocumentRoot /var/www/plum.seaoffate
ErrorLog ${APACHE_LOG_DIR}/photo.seaoffate.local-error.log
CustomLog ${APACHE_LOG_DIR}/photo.seaoffate.local-access.log combined
</VirtualHost> The last one
sudo nano /etc/apache2/sites-available/plum.seaoffate.net.conf
should contain the .net config
<VirtualHost *:80> ServerName plum.seaoffate.net DocumentRoot /var/www/plum.seaoffate
ErrorLog ${APACHE_LOG_DIR}/plum.seaoffate.net-error.log
CustomLog ${APACHE_LOG_DIR}/plum.seaoffate.net-access.log combined
</VirtualHost> Once they are done we need to enable them all
sudo a2ensite plum.seaoffate.local.conf sudo a2ensite photo.seaoffate.local.conf sudo a2ensite plum.seaoffate.net.conf
and disable the default
sudo a2dissite 000-default.conf
We now restart apache with
sudo systemctl restart apache2
Piwigo Requirements
Get the webserver mods
sudo apt update sudo apt install php libapache2-mod-php php-mysql php-gd php-curl php-xml php-mbstring mysql-client
Download Piwigo from the official website.
Extract the Piwigo archive to /var/www/plum.seaoffate
sudo chown -R www-data:www-data /var/www/plum.seaoffate
Mount Read-Only Photo Directory
Create a symlink in Piwigo's _data/galleries directory
sudo ln -s /photo /var/www/plum.seaoffate/_data/galleries/original_photos
Piwigo Configuration
Access Piwigo through your browser (e.g., plum.seaoffate.local).
Follow the installation wizard, providing database details and administrator credentials.
For the "Photos Directory" during install, ensure that it is set to the symlink directory, like _data/galleries/original_photos
