Commit 37801598 authored by Michael Murtaugh's avatar Michael Murtaugh

initial snapshot of pi

parents
<VirtualHost *:80>
ServerAdmin webmaster@localhost
# DocumentRoot /var/www
DocumentRoot /media/usb
<Directory /media/usb>
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /media/usb>
Options Indexes FollowSymLinks MultiViews Includes
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
HeaderName /include/HEADER.shtml
ReadmeName /include/README.shtml
Alias /include /var/www/include
<Directory "/var/www">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
# ETHERPAD PROXY
Redirect /pad /pad/
LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so
LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so
LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so
LoadModule deflate_module /usr/lib/apache2/modules/mod_deflate.so
ProxyVia On
ProxyRequests Off
ProxyPass /pad/ http://localhost:9001/
ProxyPassReverse /pad/ http://localhost:9001/
ProxyPreserveHost on
<Proxy *>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Proxy>
</VirtualHost>
# Configuration file for the usbmount package, which mounts removable
# storage devices when they are plugged in and unmounts them when they
# are removed.
# Change to zero to disable usbmount
ENABLED=1
# Mountpoints: These directories are eligible as mointpoints for
# removable storage devices. A newly plugged in device is mounted on
# the first directory in this list that exists and on which nothing is
# mounted yet.
MOUNTPOINTS="/media/usb0 /media/usb1 /media/usb2 /media/usb3
/media/usb4 /media/usb5 /media/usb6 /media/usb7"
# Filesystem types: removable storage devices are only mounted if they
# contain a filesystem type which is in this list.
FILESYSTEMS="vfat ext2 ext3 ext4 hfsplus"
#############################################################################
# WARNING! #
# #
# The "sync" option may not be a good choice to use with flash drives, as #
# it forces a greater amount of writing operating on the drive. This makes #
# the writing speed considerably lower and also leads to a faster wear out #
# of the disk. #
# #
# If you omit it, don't forget to use the command "sync" to synchronize the #
# data on your disk before removing the drive or you may experience data #
# loss. #
# #
# It is highly recommended that you use the pumount command (as a regular #
# user) before unplugging the device. It makes calling the "sync" command #
# and mounting with the sync option unnecessary---this is similar to other #
# operating system's "safely disconnect the device" option. #
#############################################################################
# Mount options: Options passed to the mount command with the -o flag.
# See the warning above regarding removing "sync" from the options.
#MOUNTOPTIONS="sync,noexec,nodev,noatime,nodiratime"
MOUNTOPTIONS="noexec,nodev,noatime,nodiratime"
# Filesystem type specific mount options: This variable contains a space
# separated list of strings, each which the form "-fstype=TYPE,OPTIONS".
#
# If a filesystem with a type listed here is mounted, the corresponding
# options are appended to those specificed in the MOUNTOPTIONS variable.
#
# For example, "-fstype=vfat,gid=floppy,dmask=0007,fmask=0117" would add
# the options "gid=floppy,dmask=0007,fmask=0117" when a vfat filesystem
# is mounted.
FS_MOUNTOPTIONS="-fstype=vfat,uid=www-data,gid=www-data"
# If set to "yes", more information will be logged via the syslog
# facility.
VERBOSE=no
This diff is collapsed.
Goal: create an image for a stable etherpad/dump rpi setup for Constant/Events.
Installation (building from scratch)
=============================
Starting point
----------------------
Working with pi image debian_version=7.8 (wheezy)
Did the usual:
apt-get update
apt-get upgrade
For my particular LCD Rotation for Raspberry Pi Touch screen
# /boot/config.txt
lcd_rotate=2
Set hostname
----------------------------------
# /etc/hostname
etherbox
#/etc/hosts
...
127.0.1.1 etherbox
Installing node
------------------------------
Node for arm-pi, Last version built is 0.10.28?
https://nodejs.org/dist/v0.10.28/
Version of node in apt (nodejs) seems quite out of date (v 0.6.19)
SO to install, following the wonderfully compact instructions given here (https://github.com/tvl83/RaspPaycoin):
wget https://nodejs.org/dist/v0.10.28/node-v0.10.28-linux-arm-pi.tar.gz
cd /usr/local && sudo tar --strip-components 1 -xzf ~/node-v0.10.28-linux-arm-pi.tar.gz
Installing etherpad
-----------------------------
wget http://github.com/ether/etherpad-lite/zipball/master
sudo mv <result> /opt/etherpad
sudo chown -R pi:pi /opt/eterhpad
and get it working (as pi user):
cd /opt/etherpad
bin/installDeps.sh
bin/run.sh
Install etherpad as a service
----------------------------------------
Following https://github.com/ether/etherpad-lite/wiki/How-to-deploy-Etherpad-Lite-as-a-service
adduser --system --home=/opt/etherpad --group etherpad
sudo chown -R etherpad /opt/etherpad
Setup a log folder for the service
sudo mkdir /var/log/etherpad
chown -R etherpad /var/log/etherpad
Ensure app has full access to its source folder:
chown -R etherpad-lite /path/to/install/dir
Make the init script executable:
chmod +x /etc/init.d/etherpad
Enable it with:
sudo update-rc.d etherpad defaults
/etc/init.d/etherpad
==================================
#!/bin/sh
### BEGIN INIT INFO
# Provides: etherpad
# Required-Start: $local_fs $remote_fs $network $syslog
# Required-Stop: $local_fs $remote_fs $network $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: starts etherpad
# Description: starts etherpad using start-stop-daemon
### END INIT INFO
PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/opt/node/bin"
LOGFILE="/var/log/etherpad/etherpad.log"
EPLITE_DIR="/opt/etherpad"
EPLITE_BIN="bin/safeRun.sh"
USER="etherpad"
GROUP="etherpad"
DESC="Etherpad"
NAME="etherpad"
set -e
. /lib/lsb/init-functions
start() {
echo "Starting $DESC... "
start-stop-daemon --start --chuid "$USER:$GROUP" --background --make-pidfile --pidfile /var/run/$NAME.pid --exec $EPLITE_DIR/$EPLITE_BIN -- $LOGFILE || true
echo "done"
}
#We need this function to ensure the whole process tree will be killed
killtree() {
local _pid=$1
local _sig=${2-TERM}
for _child in $(ps -o pid --no-headers --ppid ${_pid}); do
killtree ${_child} ${_sig}
done
kill -${_sig} ${_pid}
}
stop() {
echo "Stopping $DESC... "
if test -f /var/run/$NAME.pid; then
while test -d /proc/$(cat /var/run/$NAME.pid); do
killtree $(cat /var/run/$NAME.pid) 15
sleep 0.5
done
rm /var/run/$NAME.pid
fi
echo "done"
}
status() {
status_of_proc -p /var/run/$NAME.pid "" "etherpad" && exit 0 || exit $?
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
status)
status
;;
*)
echo "Usage: $NAME {start|stop|restart|status}" >&2
exit 1
;;
esac
exit 0
==================================
systemd (not used)
---------------------------
sudo nano /etc/systemd/system/etherpad.service
[Unit]
Description=etherpad (real-time collaborative document editing)
After=syslog.target network.target
[Service]
Type=simple
User=etherpad
Group=etherpad
ExecStart=/opt/etherpad/bin/run.sh
[Install]
WantedBy=multi-user.target
THEN
sysctl enable etherpad
to enable the service on boot.
sysctl start etherpad
Shrinking the image to make a snapshot
----------------------------------------------------------
resize2fs?
Apache
-------------
sudo apt-get install apache2
Moving the webserver to use a USB stick
---------------------------------------------------------
It's handy that files are stored/served from removable USB sticks.
https://wiki.debian.org/usbmount
sudo apt-get install usbmount
( main script is at: /usr/share/usbmount/usbmount )
Edit the conf file to not use sync (slower), and add webserver as owner/group of mounted devices.
# /etc/usbmount/usbmount.conf
#MOUNTOPTIONS="sync,noexec,nodev,noatime,nodiratime"
MOUNTOPTIONS="noexec,nodev,noatime,nodiratime"
# ...
FS_MOUNTOPTIONS="uid=www-data,gid=www-data"
MAKE THE PI'S ROOT THE DOCUMENT ROOT!
Change /var/www to / in "default"
# /etc/apache2/sites-available/default
DocumentRoot /
<Directory /media>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
Still TO DO
* create etherbox project (to contain the various scripts) ??!!
* drag and drop file upload... tweak existing script
* editable descriptions ?!... tweak existing script...
* FRAMING LINK(s) TO PAD
* etherdump
* customize usbmount to use label (this would just be very cool, PLUS give the possibility to stabilize the mount point / link)
* unmount button...
* Make a nice .htacess / descriptions for root incorporating this blog post ?!
https://peter.upfold.org.uk/blog/2006/07/18/a-guide-to-files-and-folders-on-linux/
* OR.... HOW COULD .htaccess files be synced to PAD content ?!?!?
* if in fact EVERY file could be opened in etherpad...
AHA ether BOX becomes a reality...
(BUT.... this is maybe more meta than the etherbox needs to be ?!)
Speaking of meta...
If the instructions to setup the box are on the box itself, it can also link directly to (pads) of changed files themselves... with changes SHOWN using etherpad :!!!
NEED to test limits of slashes in URLs for etherpad.
IDEALLY... this could work to reveal only as much / little of the system as a given usage requires
(more locked down -- just a specific USB stick, or even FOLDER)...
MORE OPEN... the entire system from root downward.
HOW COULD VIEW IN ETHERPAD be implemented as an etherpad plugin (ie when the page is missing... PULL from actual file contents)
https://github.com/ether/etherpad-lite/wiki/Creating-a-plugin
the hooks:
http://etherpad.org/doc/v1.5.7/#index_hooks
padCreate http://etherpad.org/doc/v1.5.7/#index_padcreate
padCreate, Load, Update
padInitToolbar
post lunch sprint...
Install etherdump
----------------------------
git clone https://gitlab.com/activearchives/etherdump.git
sudo apt-get install python-pip
sudo pip install python-dateutil html5lib jinja2
cd etherdump
sudo python setup.py install
directory listing
------------------------
http://howto.unixdev.net/dirlist.html
wed 2 mar 2016
* changed docroot to /media/usb (single stick simplicity!)
* etherpad via proxy (port 80!)
* index css + javascript (versions)
* etherdump button just for /etherdump folder
* etherdump index build
* Install / test / improve droptodownload.cgi
* Install / text editable descriptions
* file clicker to show in iframe (if not directory)
*snapshots (dump files + image)
Creating a proxy for etherpad (serving from port 80)
Add to end of /etc/apache2/sites-available/default
# ETHERPAD PROXY
Redirect /pad /pad/
LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so
LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so
LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so
LoadModule deflate_module /usr/lib/apache2/modules/mod_deflate.so
ProxyVia On
ProxyRequests Off
ProxyPass /pad/ http://localhost:9001/
ProxyPassReverse /pad/ http://localhost:9001/
ProxyPreserveHost on
<Proxy *>
Options FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Proxy>
</VirtualHost>
/*
This file must be valid JSON. But comments are allowed
Please edit settings.json, not settings.json.template
*/
{
// Name your instance!
"title": "Etherpad",
// favicon default name
// alternatively, set up a fully specified Url to your own favicon
"favicon": "favicon.ico",
//IP and port which etherpad should bind at
"ip": "0.0.0.0",
"port" : 9001,
/*
// Node native SSL support
// this is disabled by default
//
// make sure to have the minimum and correct file access permissions set
// so that the Etherpad server can access them
"ssl" : {
"key" : "/path-to-your/epl-server.key",
"cert" : "/path-to-your/epl-server.crt",
"ca": ["/path-to-your/epl-intermediate-cert1.crt", "/path-to-your/epl-intermediate-cert2.crt"]
},
*/
//The Type of the database. You can choose between dirty, postgres, sqlite and mysql
//You shouldn't use "dirty" for for anything else than testing or development
"dbType" : "dirty",
//the database specific settings
"dbSettings" : {
"filename" : "var/dirty.db"
},
/* An Example of MySQL Configuration
"dbType" : "mysql",
"dbSettings" : {
"user" : "root",
"host" : "localhost",
"password": "",
"database": "store"
},
*/
//the default text of a pad
"defaultPadText" : "Welcome to Etherpad!\n\nThis pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents!\n\nTo prevent your pad from appearing in the archive, put the word __NOPUBLISH__ (including the surrounding double underscores) anywhere in this pad. Changes will be reflected after the next archive update.\n",
/* Default Pad behavior, users can override by changing */
"padOptions": {
"noColors": false,
"showControls": true,
"showChat": true,
"showLineNumbers": true,
"useMonospaceFont": false,
"userName": false,
"userColor": false,
"rtl": false,
"alwaysShowChat": false,
"chatAndUsers": false,
"lang": "en-gb"
},
/* Shoud we suppress errors from being visible in the default Pad Text? */
"suppressErrorsInPadText" : false,
/* Users must have a session to access pads. This effectively allows only group pads to be accessed. */
"requireSession" : false,
/* Users may edit pads but not create new ones. Pad creation is only via the API. This applies both to group pads and regular pads. */
"editOnly" : false,
/* Users, who have a valid session, automatically get granted access to password protected pads */
"sessionNoPassword" : false,
/* if true, all css & js will be minified before sending to the client. This will improve the loading performance massivly,
but makes it impossible to debug the javascript/css */
"minify" : true,
/* How long may clients use served javascript code (in seconds)? Without versioning this
may cause problems during deployment. Set to 0 to disable caching */
"maxAge" : 21600, // 60 * 60 * 6 = 6 hours
/* This is the path to the Abiword executable. Setting it to null, disables abiword.
Abiword is needed to advanced import/export features of pads*/
"abiword" : null,
/* This is the path to the Tidy executable. Setting it to null, disables Tidy.
Tidy is used to improve the quality of exported pads*/
"tidyHtml" : null,
/* Allow import of file types other than the supported types: txt, doc, docx, rtf, odt, html & htm */
"allowUnknownFileEnds" : true,
/* This setting is used if you require authentication of all users.
Note: /admin always requires authentication. */
"requireAuthentication" : false,
/* Require authorization by a module, or a user with is_admin set, see below. */
"requireAuthorization" : false,
/*when you use NginX or another proxy/ load-balancer set this to true*/
"trustProxy" : false,
/* Privacy: disable IP logging */
"disableIPlogging" : false,
/* Users for basic authentication. is_admin = true gives access to /admin.
If you do not uncomment this, /admin will not be available! */
/*
"users": {
"admin": {
"password": "changeme1",
"is_admin": true
},
"user": {
"password": "changeme1",
"is_admin": false
}
},
*/
// restrict socket.io transport methods
"socketTransportProtocols" : ["xhr-polling", "jsonp-polling", "htmlfile"],
// Allow Load Testing tools to hit the Etherpad Instance. Warning this will disable security on the instance.
"loadTest": false,
/* The toolbar buttons configuration.
"toolbar": {
"left": [
["bold", "italic", "underline", "strikethrough"],
["orderedlist", "unorderedlist", "indent", "outdent"],
["undo", "redo"],
["clearauthorship"]
],
"right": [
["importexport", "timeslider", "savedrevision"],
["settings", "embed"],
["showusers"]
],
"timeslider": [
["timeslider_export", "timeslider_returnToPad"]
]
},
*/
/* The log level we are using, can be: DEBUG, INFO, WARN, ERROR */
"loglevel": "INFO",
//Logging configuration. See log4js documentation for further information
// https://github.com/nomiddlename/log4js-node
// You can add as many appenders as you want here:
"logconfig" :
{ "appenders": [
{ "type": "console"
//, "category": "access"// only logs pad access
}
/*
, { "type": "file"
, "filename": "your-log-file-here.log"
, "maxLogSize": 1024
, "backups": 3 // how many log files there're gonna be at max
//, "category": "test" // only log a specific category
}*/
/*
, { "type": "logLevelFilter"
, "level": "warn" // filters out all log messages that have a lower level than "error"
, "appender":
{ Use whatever appender you want here }
}*/
/*
, { "type": "logLevelFilter"
, "level": "error" // filters out all log messages that have a lower level than "error"
, "appender":
{ "type": "smtp"
, "subject": "An error occured in your EPL instance!"
, "recipients": "bar@blurdybloop.com, baz@blurdybloop.com"
, "sendInterval": 60*5 // in secs -- will buffer log messages; set to 0 to send a mail for every message
, "transport": "SMTP", "SMTP": { // see https://github.com/andris9/Nodemailer#possible-transport-methods
"host": "smtp.example.com", "port": 465,
"secureConnection": true,
"auth": {
"user": "foo@example.com",
"pass": "bar_foo"
}
}
}
}*/
]
}
}
#!/usr/bin/env python
import os
env = os.environ
uri = env.get("REQUEST_URI")
print "Content-type: text/html"
print
if uri == "/etherdump/":