edshot99/eBooru
1
0
Fork 0
forked from e621ng/e621ng
Code Issues 11 Releases 1 Activity
e6baea4811
eBooru/INSTALL.md
edshot99 dbffa01c30 cleanup
2024-11-07 22:35:51 -05:00

7.3 KiB
Raw Blame History

Installation

The first step you will need to take is to install the following packages:

# pkg_add postgresql-server postgresql-contrib
# pkg_add opensearch
# pkg_add nginx nginx-securelink
# pkg_add redis memcached
# pkg_add -D unsigned iqdb autocompleted
# pkg_add ruby git libxslt libgit2
# pkg_add yarn
# pkg_add ffmpeg libvips

You can find the iqdb and autocompleted packages here: https://git.groovyexpress.com/edshot99/OpenBSD-Unofficial-Ports/releases

You will also want to install libgit2 and libvips from this page too as an older version of libgit2 is required for the Ruby rugged gem and libvips with ICC support is required for e621ng.

PostgreSQL

You can follow the guide at /usr/local/share/doc/pkg-readmes/postgresql on setting up PostgreSQL.

Once you have PostgreSQL set up you can set up the e621 account as follows:

CREATE ROLE e621 WITH CREATEDB LOGIN PASSWORD 'XXX';

OpenSearch

You can follow the guide at /usr/local/share/doc/pkg-readmes/opensearch on tuning your system for OpenSearch.

Don't follow the 'Initial Node/Cluster Configuration' section. e621ng will not be needing the OpenSearch security plugin.

Once finished tuning your system you can then edit your /etc/opensearch/opensearch.yml configuration to something like this:

cluster.name: e621ng
node.name: node-1
path.data: /var/opensearch/
path.logs: /var/log/opensearch/
network.host: 127.0.0.1
plugins.security.disabled: true

and then enable and start the OpenSearch daemon:

# rcctl enable opensearch
# rcctl start opensearch

Nginx

You can follow the guide at /usr/local/share/doc/pkg-readmes/nginx on setting up log rotation for nginx.

Afterwards you can copy the example nginx configuration file from 'docker/nginx.conf.example' in this repository to /etc/nginx/ Once copied you can set the file permissions to 600 to prevent wheel and world group users from seeing the HMAC secrets and then modify the file to your needs.

You will also want to copy the example acme-client.conf configuration file from /etc/examples/ to /etc/ and modify it to your needs.

Once configuration is complete you can then enable nginx, start nginx, and request a x509 certificate:

# rcctl enable nginx
# rcctl start nginx
# acme-client -v my-domain-name.net

Note: You will need to temporarily disable ssl_* options in your nginx file so nginx can start properly.

Redis / memcached / iqdb / autocompleted

Only autocompleted needs configuring which can be done with the /etc/autocompleted.env file.

Once configured you can then enable and start all these daemons:

# rcctl enable redis memcached iqdb autocompleted
# rcctl start redis memcached iqdb autocompleted

By default the iqdb database is stored at /var/db/iqdb/e621_v2.db and can be configured by setting daemon flags.

e621ng - Part One - System Account

You can start by creating a dedicated user for running the software:

# useradd -m -c "e621ng booru software" -d /var/e621ng -k /dev/null -L e621ng -s /sbin/nologin e621ng
# chmod 750 /var/e621ng

Increasing the user limits:

# cp -av /etc/login.conf.d/postgresql /etc/login.conf.d/e621ng
# vi /etc/login.conf.d/e621ng

and editing the file with vi (or some other editor) to something like this:

e621ng:\
        :datasize-max=8192M:\
        :datasize-cur=8192M:\
        :tc=daemon:

and lastly setting up the folder for e621ng to store the data at:

# mkdir -p /var/www/e621ng/public/data
# chown -R e621ng:e621ng /var/www/e621ng/

This is necessary because nginx runs in a chroot and won't be able to access any files outside of /var/www

e621ng - Part Two - Software

Log in to the e621ng user:

$ doas su -l -s /bin/ksh e621ng
$ whoami

(This can also be done without 'doas' if you do not have it set-up)

Clone the repository and install the necessary packages:

$ git clone https://git.groovyexpress.com/edshot99/e621ng.git
$ cd e621ng
$ bundle config set path ~/.local/share/gem
$ bundle install
$ gem install -v 1.16.4 nokogiri -- --use-system-libraries
$ gem install libgit2 -- --use-system-libraries
$ gem install foreman
$ yarn install

e621ng - Part Three - Configuring

Create the .danbooru folder which will be used to store site specific configuration:

$ cd ~/
$ mkdir .danbooru
$ cp -av e621ng/config/initializers/content_security_policy.rb .danbooru/
$ cp -av e621ng/docker/danbooru_local_config.rb .danbooru/
$ openssl rand -base64 48 >.danbooru/secret_token
$ openssl rand -base64 2048 >.danbooru/session_secret_key
$ chmod 400 .danbooru/secret_token .danbooru/session_secret_key
$ chmod 640 .danbooru/danbooru_local_config.rb

You can then edit content_security_policy.rb and danbooru_local_config.rb to your needs. The .danbooru/secret_token and .danbooru/session_secret_key don't necessarily have to be files and can be stored in the .env file, but I just prefer to do it this way.

Once you have finished configuration you can then set up the .env file which is needed for Rails production mode:

$ cp -av e621ng/.env.sample .env
$ chmod 640 .env
$ vi .env

The .env should look something like this:

RAILS_ENV=production
DB_PASSWORD="XXX"
DB_HOST=localhost
DB_PORT=5432
DB_WORKER_POOL_SIZE=10
DB_POOL_SIZE=10

Note: If you are planning to do development you do not have to set up a .env file and will have to modify config/databases.yml instead.

e621ng - Part Four - Starting

Load the configuration files into the e621ng folder:

$ cd e621ng
$ ln -s /var/e621ng/.env .
$ ln -s /var/e621ng/.danbooru/danbooru_local_config.rb config/danbooru_local_config.rb
$ ln -sf /var/e621ng/.danbooru/content_security_policy.rb config/initializers/content_security_policy.rb

Modify the db/seeds.rb file to modify the admin account name and password and the auto_moderator account password.

You can also modify what forum categories are created and disable default e621 mascot and whitelist creation.

Once this is done you can then initialize the OpenSearch indices, the e621 PostgreSQL database, the webpack and then start the software:

$ RAILS_ENV=production ./bin/rails runner '[Post, PostVersion].each { |model| model.document_store.create_index! }'
$ RAILS_ENV=production ./bin/rails db:create
$ RAILS_ENV=production ./bin/rails db:schema:load
$ RAILS_ENV=production ./bin/rails db:seed
$ mv public /var/www/e621ng/public-packs
$ ln -s /var/www/e621ng/public-packs public
$ ./node_modules/.bin/webpack -c config/webpack/production.js
$ ~/.local/share/gem/ruby/3.3/bin/foreman33 start

Note: Running webpack is not requried when running in developemnt mode.

You should now be able to access the website through nginx now. If everything is working you can also do a 'git restore db/seeds.rb' file to restore the original file.

If something is not working you should check the log/production.log file for what is wrong.

Cron

The cron process in the Procfile has been disabled since it will not work on OpenBSD.

To get it working again you will have to copy and modify the daily_maintenance.sh script:

$ cd ~/
$ cp -av e621ng/docker/cron_tasks/daily/daily_maintenance.sh .
$ vi daily_maintenance.sh

and change '/app' to '~/e621ng' when editing the file.

You can log out of the e621ng account and then as root edit the /etc/daily.local file to add something like:

next_part "Running e621ng daily maintenance:"
/usr/bin/su -l -s /bin/ksh e621ng /var/e621ng/daily_maintenance.sh >/dev/null 2>&1