pleroma/pleroma-support
0
0
Fork 0
Code Issues 41 Pull requests Projects Releases Packages Wiki Activity

Issue with install instructions [Fixes Inside] #29

New issue
Closed
opened 2020-03-09 19:23:48 +00:00 by QwertyKB · 4 comments
QwertyKB commented 2020-03-09 19:23:48 +00:00
Member
Copy link

On this page https://docs.pleroma.social/backend/installation/otp_en/
I found an issue with the nginx config install instructions.

cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/sites-available/pleroma.nginx
ln -s /etc/nginx/sites-available/pleroma.nginx /etc/nginx/sites-enabled/pleroma.nginx

Is incorrect. The default nginx config is set up to look for .conf files, not .nginx files.

the proper commands would be

cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/sites-available/pleroma.conf
ln -s /etc/nginx/sites-available/pleroma.conf /etc/nginx/sites-enabled/pleroma.conf

as well as the other issue I have found with LetsEncrypt

As per the letsencrypt documentation, the End User needs to agree to Letsencrypt ToS.

The install instructions need to be as follows

apt install curl unzip libncurses5 postgresql postgresql-contrib nginx certbot python-certbot-nginx

and the letsencrypt setup command needs to be as follows

certbot --nginx

Thanks!

On this page https://docs.pleroma.social/backend/installation/otp_en/ I found an issue with the nginx config install instructions. ``` cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/sites-available/pleroma.nginx ln -s /etc/nginx/sites-available/pleroma.nginx /etc/nginx/sites-enabled/pleroma.nginx ``` Is incorrect. The default nginx config is set up to look for .conf files, not .nginx files. the proper commands would be ``` cp /opt/pleroma/installation/pleroma.nginx /etc/nginx/sites-available/pleroma.conf ln -s /etc/nginx/sites-available/pleroma.conf /etc/nginx/sites-enabled/pleroma.conf ``` as well as the other issue I have found with LetsEncrypt As per the letsencrypt documentation, the End User needs to agree to Letsencrypt ToS. The install instructions need to be as follows ``` apt install curl unzip libncurses5 postgresql postgresql-contrib nginx certbot python-certbot-nginx ``` and the letsencrypt setup command needs to be as follows ``` certbot --nginx ``` Thanks!
lanodan commented 2020-03-10 10:44:13 +00:00
Owner
Copy link

As per the letsencrypt documentation, the End User needs to agree to Letsencrypt ToS.

Which is something that their protocol should enforce (it doesn't).

> As per the letsencrypt documentation, the End User needs to agree to Letsencrypt ToS. Which is something that their protocol should enforce (it doesn't).
lanodan commented 2020-03-10 10:47:38 +00:00
Owner
Copy link

python-certbot-nginx

This looks like a plugin set into nginx for managing the certificates, the documentation is using the standalone mode with a cron entry.

> ``python-certbot-nginx`` This looks like a plugin set into nginx for managing the certificates, the documentation is using the standalone mode with a cron entry.
QwertyKB commented 2020-03-11 07:50:03 +00:00
Author
Member
Copy link

This looks like a plugin set into nginx for managing the certificates, the documentation is using the standalone mode with a cron entry.

Sort of, its a certbot plugin created by the LetsEncrypt team to have a standard for creation of SSL certificates. The current revidion of the letsencrypt ACMEv2 tool has fixed the issues that the earlier versions had where it would fail to auto-renew, and the nginx plugin is "smart enough" now to correct/add what needs correction in the nginx config files.

Regardless the certbot command would still need to be modified to prompt the end user to accept ToS, so best practice would be to let the official letsencrypt acme client handle the update request, rather than a local crontab entry IMHO.

> This looks like a plugin set into nginx for managing the certificates, the documentation is using the standalone mode with a cron entry. Sort of, its a certbot plugin created by the LetsEncrypt team to have a standard for creation of SSL certificates. The current revidion of the letsencrypt ACMEv2 tool has fixed the issues that the earlier versions had where it would fail to auto-renew, and the nginx plugin is "smart enough" now to correct/add what needs correction in the nginx config files. Regardless the certbot command would still need to be modified to prompt the end user to accept ToS, so best practice would be to let the official letsencrypt acme client handle the update request, rather than a local crontab entry IMHO.
QwertyKB commented 2020-03-26 05:24:28 +00:00
Author
Member
Copy link

Alright, I'm going to be closing this issue now. Thanks for the rapid fix, guys!

Alright, I'm going to be closing this issue now. Thanks for the rapid fix, guys!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
pleroma/pleroma-support#29
No description provided.