README - fixed debian installation via git

This commit is contained in:
Oscar Krause 2022-12-27 16:59:35 +01:00
parent 6ddba90cd8
commit 3d6da6fab9

View File

@ -95,6 +95,9 @@ volumes:
Tested on `Debian 11 (bullseye)`, Ubuntu may also work. Tested on `Debian 11 (bullseye)`, Ubuntu may also work.
**We are running on port `9443` because we are running service as `www-data`-user and non-root users are not allowed to
use ports below 1024!**
**Install requirements** **Install requirements**
```shell ```shell
@ -112,6 +115,7 @@ python3 -m venv venv
source venv/bin/activate source venv/bin/activate
pip install -r requirements.txt pip install -r requirements.txt
deactivate deactivate
chown -R www-data:www-data $WORKING_DIR
``` ```
**Create keypair and webserver certificate** **Create keypair and webserver certificate**
@ -125,18 +129,16 @@ openssl genrsa -out $WORKING_DIR/instance.private.pem 2048
openssl rsa -in $WORKING_DIR/instance.private.pem -outform PEM -pubout -out $WORKING_DIR/instance.public.pem openssl rsa -in $WORKING_DIR/instance.private.pem -outform PEM -pubout -out $WORKING_DIR/instance.public.pem
# create ssl certificate for integrated webserver (uvicorn) - because clients rely on ssl # create ssl certificate for integrated webserver (uvicorn) - because clients rely on ssl
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout $WORKING_DIR/webserver.key -out $WORKING_DIR/webserver.crt openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout $WORKING_DIR/webserver.key -out $WORKING_DIR/webserver.crt
chown -R www-data:www-data $WORKING_DIR
``` ```
**Test Service** **Test Service**
This is only to test whether the service starts successfully.
```shell ```shell
cd /opt/fastapi-dls/app cd /opt/fastapi-dls/app
/opt/fastapi-dls/venv/bin/uvicorn main:app \ su - www-data -c "/opt/fastapi-dls/venv/bin/uvicorn main:app --app-dir=/opt/fastapi-dls/app"
--host 127.0.0.1 --port 443 \
--app-dir /opt/fastapi-dls/app \
--ssl-keyfile /opt/fastapi-dls/app/cert/webserver.key \
--ssl-certfile /opt/fastapi-dls/app/cert/webserver.crt \
--proxy-headers
``` ```
**Create config file** **Create config file**
@ -144,7 +146,7 @@ cd /opt/fastapi-dls/app
```shell ```shell
cat <<EOF > /etc/fastapi-dls.env cat <<EOF > /etc/fastapi-dls.env
DLS_URL=127.0.0.1 DLS_URL=127.0.0.1
DLS_PORT=443 DLS_PORT=9443
LEASE_EXPIRE_DAYS=90 LEASE_EXPIRE_DAYS=90
DATABASE=sqlite:////opt/fastapi-dls/app/db.sqlite DATABASE=sqlite:////opt/fastapi-dls/app/db.sqlite
@ -163,13 +165,14 @@ After=network.target
User=www-data User=www-data
Group=www-data Group=www-data
WorkingDirectory=/opt/fastapi-dls/app WorkingDirectory=/opt/fastapi-dls/app
ExecStart=/opt/fastapi-dls/venv/bin/uvicorn \ EnvironmentFile=/etc/fastapi-dls.env
--host $DLS_URL --port $DLS_PORT \ ExecStart=/opt/fastapi-dls/venv/bin/uvicorn main:app \
--env-file /etc/fastapi-dls.env \
--host \$DLS_URL --port \$DLS_PORT \
--app-dir /opt/fastapi-dls/app \ --app-dir /opt/fastapi-dls/app \
--ssl-keyfile /opt/fastapi-dls/app/cert/webserver.key \ --ssl-keyfile /opt/fastapi-dls/app/cert/webserver.key \
--ssl-certfile /opt/fastapi-dls/app/cert/webserver.crt \ --ssl-certfile /opt/fastapi-dls/app/cert/webserver.crt \
--proxy-headers --proxy-headers
EnvironmentFile=/etc/fastapi-dls.env
Restart=always Restart=always
KillSignal=SIGQUIT KillSignal=SIGQUIT
Type=notify Type=notify