ALT Project Management: Issues
https://project.altservice.com/
https://project.altservice.com/favicon.ico?1616316025
2023-04-10T22:39:14Z
ALT Project Management
Redmine
GNU/Linux Administration - Support #977 (Resolved): Install WireGuard Peer on Debian
https://project.altservice.com/issues/977
2023-04-10T22:39:14Z
Daniel Curtis
techsupport@altservice.com
<p>This is a guide on installing a WireGuard IPv4 only peer on Debian 11.</p>
<a name="Prepare-the-Environment"></a>
<h2 >Prepare the Environment<a href="#Prepare-the-Environment" class="wiki-anchor">¶</a></h2>
<ul>
<li>Make sure the system is up to date:<br /><pre>
sudo apt update && sudo apt upgrade
</pre></li>
</ul>
<a name="Install-WireGuard"></a>
<h2 >Install WireGuard<a href="#Install-WireGuard" class="wiki-anchor">¶</a></h2>
<ul>
<li>Install WireGuard:<br /><pre>
sudo apt install wireguard iptables
</pre></li>
</ul>
<a name="Setup-Key-Pair"></a>
<h3 >Setup Key Pair<a href="#Setup-Key-Pair" class="wiki-anchor">¶</a></h3>
<ul>
<li>Create the private key and restrict permission to it:<br /><pre>
wg genkey | sudo tee /etc/wireguard/private.key
sudo chmod go= /etc/wireguard/private.key
</pre></li>
</ul>
<ul>
<li>Create a public key:<br /><pre>
sudo cat /etc/wireguard/private.key | wg pubkey | sudo tee /etc/wireguard/public.key
</pre></li>
</ul>
<a name="Create-Configuration"></a>
<h3 >Create Configuration<a href="#Create-Configuration" class="wiki-anchor">¶</a></h3>
<ul>
<li>Create a new config:<br /><pre>
sudo nano /etc/wireguard/wg0.conf
</pre>
<ul>
<li>And add the following<br /><pre>
[Interface]
PrivateKey = base64_encoded_peer_private_key_goes_here
Address = 172.16.0.2/24
[Peer]
PublicKey = U9uE2kb/nrrzsEU58GD3pKFU3TLYDMCbetIsnV8eeFE=
AllowedIPs = 0.0.0.0/0
Endpoint = 203.0.113.1:51820
</pre></li>
</ul></li>
</ul>
<a name="Configure-Peer-to-Route-All-Traffic-Over-the-Tunnel"></a>
<h3 >Configure Peer to Route All Traffic Over the Tunnel<a href="#Configure-Peer-to-Route-All-Traffic-Over-the-Tunnel" class="wiki-anchor">¶</a></h3>
<ul>
<li>Edit the wireguard config:<br /><pre>
sudo nano /etc/wireguard/wg0.conf
</pre><br />#*Before the <code>[Peer]</code> line, add the following 4 lines:<br /><pre>
PostUp = ip rule add table 200 from 203.0.113.5
PostUp = ip route add table 200 default via 203.0.113.1
PreDown = ip rule delete table 200 from 203.0.113.5
PreDown = ip route delete table 200 default via 203.0.113.1
</pre><br /><strong>NOTE</strong>: in this example 203.0.113.1 is the server and 203.0.113.5 is the peer (client).</li>
</ul>
<a name="Configure-Peer-DNS-Resolver"></a>
<h3 >Configure Peer DNS Resolver<a href="#Configure-Peer-DNS-Resolver" class="wiki-anchor">¶</a></h3>
<ul>
<li>Install resolvconf:<br /><pre>
sudo apt install resolvconf
</pre></li>
</ul>
<ul>
<li>Edit the wireguard config:<br /><pre>
sudo nano /etc/wireguard/wg0.conf
</pre></li>
</ul>
<a name="Add-Peer-Public-Key-to-the-WireGuard-Server"></a>
<h3 >Add Peer Public Key to the WireGuard Server<a href="#Add-Peer-Public-Key-to-the-WireGuard-Server" class="wiki-anchor">¶</a></h3>
<ul>
<li>Get the public key from the peer:<br /><pre>
sudo cat /etc/wireguard/public.key
</pre></li>
</ul>
<ul>
<li>Next, from the wireguard server, add the peer's public key:<br /><pre>
sudo wg set wg0 peer PeURxj4Q75RaVhBKkRTpNsBPiPSGb5oQijgJsTa29hg= allowed-ips 172.16.0.2
</pre></li>
</ul>
<ul>
<li>Start and enable wireguard:<br /><pre>
sudo systemctl enable wg-quick@wg0
sudo systemctl start wg-quick@wg0
</pre></li>
</ul>
<a name="Resources"></a>
<h2 >Resources<a href="#Resources" class="wiki-anchor">¶</a></h2>
<ul>
<li><a class="external" href="https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-debian-11">https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-debian-11</a></li>
<li><a class="external" href="https://www.howtoforge.com/how-to-install-wireguard-vpn-on-debian-11/">https://www.howtoforge.com/how-to-install-wireguard-vpn-on-debian-11/</a></li>
</ul>
GNU/Linux Administration - Support #976 (Resolved): Install WireGuard Server on Debian
https://project.altservice.com/issues/976
2023-04-10T21:27:42Z
Daniel Curtis
techsupport@altservice.com
<p>This is a guide on installing a WireGuard server with IPv4 only on Debian 11. This guide will be using nftables, since that is the default firewall on Debian.</p>
<a name="Prepare-the-Environment"></a>
<h2 >Prepare the Environment<a href="#Prepare-the-Environment" class="wiki-anchor">¶</a></h2>
<ul>
<li>Make sure the system is up to date:<br /><pre>
sudo apt update && sudo apt upgrade
</pre></li>
</ul>
<a name="Install-WireGuard"></a>
<h2 >Install WireGuard<a href="#Install-WireGuard" class="wiki-anchor">¶</a></h2>
<ul>
<li>Install WireGuard:<br /><pre>
sudo apt install wireguard
</pre></li>
</ul>
<a name="Setup-Key-Pair"></a>
<h3 >Setup Key Pair<a href="#Setup-Key-Pair" class="wiki-anchor">¶</a></h3>
<ul>
<li>Create the private key and restrict permission to it:<br /><pre>
wg genkey | sudo tee /etc/wireguard/private.key
sudo chmod go= /etc/wireguard/private.key
</pre></li>
</ul>
<ul>
<li>Create a public key:<br /><pre>
sudo cat /etc/wireguard/private.key | wg pubkey | sudo tee /etc/wireguard/public.key
</pre></li>
</ul>
<a name="Create-Configuration"></a>
<h3 >Create Configuration<a href="#Create-Configuration" class="wiki-anchor">¶</a></h3>
<ul>
<li>Create a new config:<br /><pre>
sudo nano /etc/wireguard/wg0.conf
</pre>
<ul>
<li>And add the following<br /><pre>
[Interface]
PrivateKey = base64_encoded_private_key_goes_here
Address = 172.16.0.1/24
ListenPort = 51820
SaveConfig = true
</pre></li>
</ul></li>
</ul>
<a name="Enable-IPv4-Forwarding"></a>
<h3 >Enable IPv4 Forwarding<a href="#Enable-IPv4-Forwarding" class="wiki-anchor">¶</a></h3>
<ul>
<li>Enable forwading:<br /><pre>
sudo nano /etc/sysctl.d/99-sysctl.conf
</pre>
<ul>
<li>And uncomment the following line:<br /><pre>
net.ipv4.ip_forward=1
</pre></li>
</ul></li>
</ul>
<ul>
<li>Reload the sysctl values:<br /><pre>
sudo sysctl -p
</pre></li>
</ul>
<a name="Configure-Firewall"></a>
<h3 >Configure Firewall<a href="#Configure-Firewall" class="wiki-anchor">¶</a></h3>
<ul>
<li>Find the public network interface:<br /><pre>
ip route list default
</pre><br /><strong>NOTE</strong>: The public interface is the string found within this command’s output that follows the word “dev”, in this case <ins>enp0s3</ins></li>
</ul>
<ul>
<li>Edit the nftables config:<br /><pre>
sudo nano /etc/nftables.conf
</pre>
<ul>
<li>And add/edit the following:<br /><pre>
#!/usr/sbin/nft -f
flush ruleset
# `inet` applies to both IPv4 and IPv6.
table inet filter {
chain input {
type filter hook input priority 0;
# accept any localhost traffic
iif lo accept
# accept traffic originated from us
ct state established,related accept
# ssh
tcp dport 22 accept
# wireguard
udp dport 51820 accept
# (Optional) Allow VPN clients to communicate with each other
# iifname wg0 oifname wg0 ct state new accept
# count and drop any other traffic
counter drop
}
chain output {
type filter hook output priority 0;
policy accept;
}
chain forward {
type filter hook forward priority 0;
# Drop invalid packets.
ct state invalid drop
# Forward all established and related traffic.
ct state established,related accept
# Forward wireguard traffic from enp0s3
iifname wg0 oifname enp0s3 ct state new accept
# (Optional) Forward wireguard traffic from wg0
#iifname wg0 oifname wg0 ct state new accept
policy drop;
}
}
table ip router {
chain prerouting {
type nat hook prerouting priority 0;
}
chain postrouting {
type nat hook postrouting priority 100;
# masquerade wireguard traffic as server IP address
oifname enp0s3 ip saddr 172.16.0.0/24 masquerade
}
}
</pre></li>
</ul></li>
</ul>
<ul>
<li>Start and enable wireguard, as well as restart nftables:<br /><pre>
sudo systemctl restart nftables
sudo systemctl enable wg-quick@wg0
sudo systemctl start wg-quick@wg0
</pre></li>
</ul>
<a name="Resources"></a>
<h2 >Resources<a href="#Resources" class="wiki-anchor">¶</a></h2>
<ul>
<li><a class="external" href="https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-debian-11">https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-debian-11</a></li>
<li><a class="external" href="https://jwcxz.com/notes/200702-simple-wireguard-vpn/">https://jwcxz.com/notes/200702-simple-wireguard-vpn/</a></li>
<li><a class="external" href="https://xdeb.org/post/2019/setting-up-a-server-firewall-with-nftables-that-support-wireguard-vpn/">https://xdeb.org/post/2019/setting-up-a-server-firewall-with-nftables-that-support-wireguard-vpn/</a></li>
<li><a class="external" href="https://www.howtoforge.com/how-to-install-wireguard-vpn-on-debian-11/">https://www.howtoforge.com/how-to-install-wireguard-vpn-on-debian-11/</a></li>
</ul>
GNU/Linux Administration - Support #975 (Resolved): Install Mac OS 9.2 With QEMU on Arch Linux
https://project.altservice.com/issues/975
2022-12-24T04:33:45Z
Daniel Curtis
techsupport@altservice.com
<p>This is a guide on installing Mac OS 9.2 on Arch Linux.</p>
<a name="Prepare-the-Environment"></a>
<h2 >Prepare the Environment<a href="#Prepare-the-Environment" class="wiki-anchor">¶</a></h2>
<ul>
<li>Make sure the system is up to date:<br /><pre>
sudo pacman -Syu
</pre></li>
</ul>
<a name="Install-QEMU"></a>
<h2 >Install QEMU<a href="#Install-QEMU" class="wiki-anchor">¶</a></h2>
<ul>
<li>Install QEMU and extra architectures:<br /><pre>
sudo pacman -S qemu-desktop qemu-emulators-full
</pre></li>
</ul>
<a name="Setup-the-VM"></a>
<h3 >Setup the VM<a href="#Setup-the-VM" class="wiki-anchor">¶</a></h3>
<ul>
<li>Create the hard drive image:<br /><pre>
qemu-img create -f qcow2 macos9.img 5G
</pre></li>
</ul>
<ul>
<li>Download <a href="http://macos9lives.com/smforum/index.php?topic=2109.0" class="external">Mac OS 9.2.2 Universal Installer</a></li>
</ul>
<ul>
<li>Launch the installer<br /><pre>
qemu-system-ppc -cpu "g4" -M mac99,via=pmu -m 512 -hda /home/user/macos92.img -cdrom "/home/user/Downloads/Mac OS 9.2.2 Universal Inst.iso" -boot d -g 1024x768x32
</pre></li>
</ul>
<ul>
<li>Run <strong>Disk Initializer</strong> to format the hard drive image.</li>
</ul>
<ul>
<li>Run <strong>Apple System Restore</strong> with the Mac OS 9 Lives disk image as the source and your disk as the destination</li>
</ul>
<ul>
<li>Once the installation is complete, run the VM using:<br /><pre>
qemu-system-ppc -cpu "g4" -M mac99,via=pmu -m 512 -hda /home/user/macos92.img -boot c -g 1024x768x32
</pre></li>
</ul>
<a name="Resources"></a>
<h2 >Resources<a href="#Resources" class="wiki-anchor">¶</a></h2>
<ul>
<li><a class="external" href="https://gist.github.com/openfirmware/a78141366efc81421228e40bd39d695d">https://gist.github.com/openfirmware/a78141366efc81421228e40bd39d695d</a></li>
<li><a class="external" href="https://wiki.archlinux.org/title/QEMU">https://wiki.archlinux.org/title/QEMU</a></li>
</ul>
GNU/Linux Administration - Support #974 (Resolved): Install Wordpress on Debian
https://project.altservice.com/issues/974
2022-07-14T05:46:57Z
Daniel Curtis
techsupport@altservice.com
<p>This is a simple guide for setting up WordPress with nginx on Debian 10.</p>
<ul>
<li>Make sure the system is up to date:<br /><pre>
sudo apt update && sudo apt upgrade
</pre></li>
</ul>
<a name="Install-Nginx"></a>
<h2 >Install Nginx<a href="#Install-Nginx" class="wiki-anchor">¶</a></h2>
<ul>
<li>Install nginx:<br /><pre>
sudo apt install nginx
</pre></li>
</ul>
<ul>
<li>Start and enable nginx at boot:<br /><pre>
sudo systemctl nginx enable
sudo systemctl nginx start
</pre></li>
</ul>
<a name="Install-PHP"></a>
<h2 >Install PHP<a href="#Install-PHP" class="wiki-anchor">¶</a></h2>
<ul>
<li>Install php-fpm and extensions:<br /><pre>
sudo apt install php-fpm php-common php-gd php-getid3 php-mysql php7.3-cli php7.3-common php7.3-gd php7.3-json php7.3-mysql php7.3-opcache php7.3-readline
</pre></li>
</ul>
<ul>
<li>Start and enable php-fpm:<br /><pre>
sudo systemctl enable php7.3-fpm
sudo systemctl start php7.3-fpm
</pre></li>
</ul>
<a name="Install-MariaDB"></a>
<h2 >Install MariaDB<a href="#Install-MariaDB" class="wiki-anchor">¶</a></h2>
<ul>
<li>Install MariaDB:<br /><pre>
sudo apt install mariadb-server mariadb-client
</pre></li>
</ul>
<ul>
<li>Secure the database server:<br /><pre>
sudo mysql_secure_installation
</pre>
<ul>
<li>NOTE: I had an issue logging in as root, to workaround this:<br /><pre>
sudo systemctl stop mariadb
sudo mysqld_safe --skip-grant-tables --skip-networking
mysql -u root
UPDATE mysql.user SET plugin = 'mysql_native_password' WHERE user = 'root' AND plugin = 'unix_socket';
FLUSH PRIVILEGES;
sudo kill -9 $(pgrep mysql)
sudo systemctl start mariadb
</pre></li>
</ul></li>
</ul>
<a name="Configure-a-new-MySQL-database"></a>
<h3 >Configure a new MySQL database<a href="#Configure-a-new-MySQL-database" class="wiki-anchor">¶</a></h3>
<ul>
<li>Log into the MySQL console:<br /><pre>
mysql -h localhost -u root -p
</pre>
<ul>
<li>Create the wordpressuser user with the SuperSecretPassword password and the wordpressdb database:<br /><pre>
CREATE USER 'wordpressuser'@'localhost' IDENTIFIED BY 'SuperSecretPassword';
CREATE DATABASE IF NOT EXISTS `wordpressdb` CHARACTER SET utf8 COLLATE utf8_general_ci;
GRANT ALL PRIVILEGES ON `wordpressdb`.* TO 'wordpressuser'@'localhost';
flush privileges;
exit
</pre></li>
</ul></li>
</ul>
<a name="Install-Wordpress"></a>
<h2 >Install Wordpress<a href="#Install-Wordpress" class="wiki-anchor">¶</a></h2>
<ul>
<li>Install git:<br /><pre>
sudo apt install git
</pre></li>
</ul>
<ul>
<li>Download wordpress:<br /><pre>
cd /var/www
sudo git clone -b 6.0-branch --depth=1 https://github.com/WordPress/WordPress.git
</pre></li>
</ul>
<ul>
<li>Create the nginx config:<br /><pre>
sudo nano /etc/nginx/sites-enabled/wordpress.conf
</pre>
<ul>
<li>And add the following:<br /><pre>
server {
listen 80;
server_name wordpress-example.com;
root /var/www/wordpress;
index index.php index.html index.htm;
client_max_body_size 122400m;
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/local/www/nginx-dist;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
include fastcgi_params;
}
}
</pre></li>
</ul></li>
</ul>
<ul>
<li>Change the wordpress ownership:<br /><pre>
sudo chown -R www-data:www-data /var/www/WordPress/
</pre></li>
</ul>
<ul>
<li>Restart nginx:<br /><pre>
sudo systemctl nginx restart
</pre></li>
</ul>
GNet Solutions - Support #973 (Resolved): Add External Library to Ant Project in NetBeans
https://project.altservice.com/issues/973
2022-05-13T00:04:20Z
Daniel Curtis
techsupport@altservice.com
<p>This is a simple guide on how to install an external .jar library using an Ant project in NetBeans.</p>
<ul>
<li>In the project root directory create a <code>lib</code> and add the library <code>.jar</code> files.</li>
<li>From NetBeans, in the Project panel open the <code>build.xml</code> file.</li>
<li>Edit the file and add the following inside the <code><project></code> tag:<br /><pre><code class="xml syntaxhl"> <span class="nt"><property</span> <span class="na">name=</span><span class="s">"lib.dir"</span> <span class="na">value=</span><span class="s">"lib"</span><span class="nt">/></span>
<span class="nt"><path</span> <span class="na">id=</span><span class="s">"classpath"</span><span class="nt">></span>
<span class="nt"><fileset</span> <span class="na">dir=</span><span class="s">"${lib.dir}"</span> <span class="na">includes=</span><span class="s">"**/*.jar"</span><span class="nt">/></span>
<span class="nt"></path></span>
<span class="nt"><target</span> <span class="na">name=</span><span class="s">"compile"</span><span class="nt">></span>
<span class="nt"><mkdir</span> <span class="na">dir=</span><span class="s">"${classes.dir}"</span><span class="nt">/></span>
<span class="nt"><javac</span> <span class="na">srcdir=</span><span class="s">"${src.dir}"</span> <span class="na">destdir=</span><span class="s">"${classes.dir}"</span> <span class="na">classpathref=</span><span class="s">"classpath"</span><span class="nt">/></span>
<span class="nt"></target></span>
<span class="nt"><target</span> <span class="na">name=</span><span class="s">"run"</span> <span class="na">depends=</span><span class="s">"jar"</span><span class="nt">></span>
<span class="nt"><java</span> <span class="na">fork=</span><span class="s">"true"</span> <span class="na">classname=</span><span class="s">"${main-class}"</span><span class="nt">></span>
<span class="nt"><classpath></span>
<span class="nt"><path</span> <span class="na">refid=</span><span class="s">"classpath"</span><span class="nt">/></span>
<span class="nt"><path</span> <span class="na">location=</span><span class="s">"${jar.dir}/${ant.project.name}.jar"</span><span class="nt">/></span>
<span class="nt"></classpath></span>
<span class="nt"></java></span>
<span class="nt"></target></span>
</code></pre></li>
</ul>
<p>Now all <code>.jar</code> files added into the <code>lib/</code> folder will be automatically included in the NetBeans project.</p>
<a name="Resources"></a>
<h2 >Resources<a href="#Resources" class="wiki-anchor">¶</a></h2>
<ul>
<li><a class="external" href="https://ant.apache.org/manual/tutorial-HelloWorldWithAnt.html">https://ant.apache.org/manual/tutorial-HelloWorldWithAnt.html</a></li>
</ul>
GNU/Linux Administration - Support #970 (In Progress): Install Grocy on Arch Linux
https://project.altservice.com/issues/970
2022-02-15T01:24:35Z
Daniel Curtis
techsupport@altservice.com
<p>This is a guide for installing Grocy with Nginx on Arch Linux.</p>
<a name="Prepare-the-Environment"></a>
<h2 >Prepare the Environment<a href="#Prepare-the-Environment" class="wiki-anchor">¶</a></h2>
<ul>
<li>Make sure the system is up to date:<br /><pre>
sudo pacman -Syu
</pre></li>
</ul>
<ul>
<li>Install a few dependencies:<br /><pre>
sudo pacman -S git nginx
</pre></li>
</ul>
<a name="Install-PHP"></a>
<h2 >Install PHP<a href="#Install-PHP" class="wiki-anchor">¶</a></h2>
<ul>
<li>Install php and additional required packages:<br /><pre>
sudo pacman -S php php-fpm php-sqlite php-gd php-intl composer yarn
</pre></li>
</ul>
<ul>
<li>Edit the php config:<br /><pre>
sudo nano /etc/php/php.ini
</pre>
<ul>
<li>And enable the following extensions:<br /><pre>
extension=gd
extension=intl
extension=sqlite3
extension=pdo_sqlite
extension=iconv
</pre></li>
</ul></li>
</ul>
<ul>
<li>Start and enable php-fpm at boot:<br /><pre>
sudo systemctl enable php-fpm
sudo systemctl start php-fpm
</pre></li>
</ul>
<a name="Install-Grocy"></a>
<h2 >Install Grocy<a href="#Install-Grocy" class="wiki-anchor">¶</a></h2>
<ul>
<li>Download grocy and switch to grocy user:<br /><pre>
sudo mkdir -p /var/www && cd /var/www
sudo git clone -b release https://github.com/grocy/grocy.git
chown -R http /var/www/grocy
sudo su - grocy
</pre></li>
</ul>
<ul>
<li>Install grocy:<br /><pre>
cd /var/www/grocy
composer install --no-interaction --no-dev --optimize-autoloader
composer clear-cache
yarn install --modules-folder public/node_modules --production
yarn cache clean
</pre></li>
</ul>
<ul>
<li>Create a new config file:<br /><pre>
cp config-dist.php data/config.php
</pre></li>
</ul>
<ul>
<li>Exit the grocy user:<br /><pre>
exit
</pre></li>
</ul>
<a name="Install-Nginx"></a>
<h2 >Install Nginx<a href="#Install-Nginx" class="wiki-anchor">¶</a></h2>
<ul>
<li>Start and enable nginx at boot:<br /><pre>
systemctl enable nginx
systemctl start nginx
</pre></li>
</ul>
<ul>
<li>Create a configuration directory to make managing individual server blocks easier<br /><pre>
mkdir /etc/nginx/conf.d
</pre></li>
</ul>
<ul>
<li>Edit the main nginx config file:<br /><pre>
sudo nano /etc/nginx/nginx.conf
</pre>
<ul>
<li>And strip down the config file and add the include statement at the end:<br /><pre>
worker_processes 1;
error_log /var/log/nginx-error.log;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
include /etc/nginx/conf.d/*.conf;
}
</pre></li>
</ul></li>
</ul>
<ul>
<li>Create the grocy config:<br /><pre>
sudo nano /etc/nginx/conf.d/grocy.conf
</pre>
<ul>
<li>And add the following:<br /><pre>
server {
listen 80;
server_name grocy.example.com;
root /var/www/grocy/public;
access_log /var/log/grocy-access.log;
error_log /var/log/grocy-error.log;
location / {
try_files $uri /index.php;
}
location ~ \.php$ {
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME /var/www/grocy/public$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_script_name;
include fastcgi_params;
}
}
</pre></li>
</ul></li>
</ul>
<ul>
<li>Restart nginx:<br /><pre>
systemctl restart nginx
</pre></li>
</ul>
<ul>
<li>Open a web browser and go to grocy.example.com
<ul>
<li>Default username/password is admin/admin.</li>
</ul></li>
</ul>
<a name="Resources"></a>
<h2 >Resources<a href="#Resources" class="wiki-anchor">¶</a></h2>
<ul>
<li><a class="external" href="https://github.com/grocy/grocy">https://github.com/grocy/grocy</a></li>
<li><a class="external" href="https://github.com/grocy/grocy/issues/201">https://github.com/grocy/grocy/issues/201</a></li>
<li><a class="external" href="https://aur.archlinux.org/packages/grocy">https://aur.archlinux.org/packages/grocy</a></li>
</ul>
GNU/Linux Administration - Support #966 (In Progress): Install Mealie on Debian
https://project.altservice.com/issues/966
2022-01-29T20:03:45Z
Daniel Curtis
techsupport@altservice.com
<p>This is a guide for installing Mealie on Debian. Using the officially supported Docker image will likely be easier, this is just fun.</p>
<a name="Prepare-the-Environment"></a>
<h2 >Prepare the Environment<a href="#Prepare-the-Environment" class="wiki-anchor">¶</a></h2>
<ul>
<li>Make sure the system is up to date:<br /><pre>
apt update && apt upgrade
</pre></li>
</ul>
<ul>
<li>Install some prerequisites:<br /><pre>
apt install nodejs npm python3 python3-dev python3-venv python3-pip python3-cryptography git curl build-essential libpq-dev libwebp-dev libsasl2-dev libldap2-dev libssl-dev gnupg gnupg2 gnupg1 debian-keyring debian-archive-keyring apt-transport-https libbluetooth-dev libbz2-dev libc6-dev libexpat1-dev libffi-dev libgdbm-dev liblzma-dev libncursesw5-dev libreadline-dev libsqlite3-dev libssl-dev libxslt1-dev libxml2-dev libjpeg-dev make tk-dev uuid-dev wget xz-utils zlib1g-dev rustc
</pre></li>
</ul>
<ul>
<li>Create a user for mealie:<br /><pre>
useradd -u 911 -U -d /app -s /bin/bash abc
mkdir /app
mkdir /opt/poetry
mkdir /opt/pysetup
chown abc:abc /app
chown abc:abc /opt/pysetup
chown abc:abc /opt/poetry
su - abc
</pre></li>
</ul>
<ul>
<li>Set a few environment variables:<br /><pre>
echo 'export PYTHONUNBUFFERED=1 ' >> ~/.bashrc
echo 'export PYTHONDONTWRITEBYTECODE=1' >> ~/.bashrc
echo 'export PIP_NO_CACHE_DIR=off' >> ~/.bashrc
echo 'export PIP_DISABLE_PIP_VERSION_CHECK=on' >> ~/.bashrc
echo 'export PIP_DEFAULT_TIMEOUT=100' >> ~/.bashrc
echo 'export POETRY_HOME="/opt/poetry"' >> ~/.bashrc
echo 'export POETRY_VIRTUALENVS_IN_PROJECT=true' >> ~/.bashrc
echo 'export POETRY_NO_INTERACTION=1' >> ~/.bashrc
echo 'export PYSETUP_PATH="/opt/pysetup"' >> ~/.bashrc
echo 'export VENV_PATH="/opt/pysetup/.venv"' >> ~/.bashrc
source ~/.bashrc
</pre></li>
</ul>
<ul>
<li>Install python poetry:<br /><pre>
cd $PYSETUP_PATH
curl -sSL https://raw.githubusercontent.com/python-poetry/poetry/master/install-poetry.py | python3 -
</pre></li>
</ul>
<ul>
<li>Add local bin execution path:<br /><pre>
echo 'export PATH="/opt/poetry/bin:/opt/pysetup/.venv/bin:$PATH"' >> ~/.bashrc
source ~/.bashrc
</pre></li>
</ul>
<a name="Install-Mealie"></a>
<h2 >Install Mealie<a href="#Install-Mealie" class="wiki-anchor">¶</a></h2>
<ul>
<li>Download mealie:<br /><pre>
mkdir -p /app/git && cd /app/git
git clone https://github.com/hay-kot/mealie.git
</pre></li>
</ul>
<a name="Frontend"></a>
<h3 >Frontend<a href="#Frontend" class="wiki-anchor">¶</a></h3>
<ul>
<li>Setup the frontend directory:<br /><pre>
/app
cp git/mealie/frontend/package*.json .
npm install
cp -r git/mealie/frontend/* .
npm run build
</pre></li>
</ul>
<a name="Backend"></a>
<h3 >Backend<a href="#Backend" class="wiki-anchor">¶</a></h3>
<ul>
<li>Create and prep a temporary build directory:<br /><pre>
cd $PYSETUP_PATH
cp /app/git/mealie/poetry.lock .
cp /app/git/mealie/pyproject.toml .
</pre></li>
</ul>
<ul>
<li>Build mealie venv:<br /><pre>
poetry install -E pgsql --no-dev
</pre></li>
</ul>
<ul>
<li>Build mealie backend:<br /><pre>
cd /app
cp -r git/mealie .
cp mealie/poetry.lock .
cp mealie/pyproject.toml .
sh /opt/pysetup/.venv/bin/activate
poetry install
</pre></li>
</ul>
<ul>
<li>Initialize the database:<br /><pre>
poetry run python /app/mealie/db/init_db.py
poetry run python /app/mealie/services/image/minify.py
</pre></li>
</ul>
<ul>
<li>Run the api server:<br /><pre>
cp /app/git/mealie/gunicorn_conf.py /app/
uvicorn mealie.app:app --host 0.0.0.0 --port 9000
</pre></li>
</ul>
<a name="nxing-proxy"></a>
<h3 >nxing proxy<a href="#nxing-proxy" class="wiki-anchor">¶</a></h3>
<ul>
<li>Install nginx;<br /><pre>
apt install nginx
</pre></li>
</ul>
<a name="systemd-service"></a>
<h3 >systemd service<a href="#systemd-service" class="wiki-anchor">¶</a></h3>
<ul>
<li>Create the mealie systemd unit file:<br /><pre>
sudo nano /etc/systemd/system/mealie.service
</pre>
<ul>
<li>Add the following:<br /><pre>
[Service]
PermissionsStartOnly = true
User = abc
Group = abc
WorkingDirectory = /app
ExecStart = /usr/bin/sh -c 'cd /app && sh /opt/pysetup/.venv/bin/activate && /opt/pysetup/.venv/bin/uvicorn mealie.app:app --host 0.0.0.0 --port 9000'
PrivateTmp = true
[Install]
WantedBy = multi-user.target
</pre></li>
</ul></li>
</ul>
<ul>
<li>Set the unit file permissions and reload systemd:<br /><pre>
chmod 755 /etc/systemd/system/mealie.service
systemctl daemon-reload
</pre></li>
</ul>
<ul>
<li>Start and enable mealie at boot:<br /><pre>
systemctl enable mealie
systemctl start mealie
</pre></li>
</ul>
<h2>Resources
<ul>
<li><a class="external" href="https://github.com/hay-kot/mealie">https://github.com/hay-kot/mealie</a></li>
<li><a class="external" href="https://hay-kot.github.io/mealie/contributors/developers-guide/starting-dev-server/">https://hay-kot.github.io/mealie/contributors/developers-guide/starting-dev-server/</a></li>
<li><a class="external" href="https://hay-kot.github.io/mealie/documentation/getting-started/install/">https://hay-kot.github.io/mealie/documentation/getting-started/install/</a></li>
</ul></h2>