the-tempus-project/thetempusproject
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

wip

Browse Source
This commit is contained in:
Joey Kimsey
2024-12-02 19:05:04 -05:00
parent bf7b7ba1c9
commit 6f0b75cfd0
17 changed files with 888 additions and 108 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
server/README.md Normal file
View File

@ -0,0 +1,62 @@
# fresh install
## Install required apps
```
apt install git composer php8.1-curl -y
```
## Set-Up the SSL folder to keep things together
```
mkdir /etc/nginx/ssl/
```
- Now That you have the directory created, copy the `.key` and `.pem` files into the newly made ssl folder on the server.
- You will then need to modify the filer ownership and permissions
```
chmod -R 655 /etc/nginx/ssl
chown -R www-data:www-data /etc/nginx/ssl
```
## Add configs for the site
- First, copy `ttp.conf` into the `/etc/nginx/snippets/` folder.
- Next, copy the `thetempusproject.com.conf` file into the `/etc/nginx/sites-available/` folder.
- The next block will acomplish a few things: backup the old config, enable the new config, disable the old config, and restart the server.
```
mkdir /etc/nginx/sites-available/old/
sudo mv /etc/nginx/sites-available/* /etc/nginx/sites-available/old/
sudo ln -s /etc/nginx/sites-available/thetempusproject.com.conf /etc/nginx/sites-enabled/thetempusproject.com.conf
sudo rm -rf /etc/nginx/sites-enabled/*
sudo systemctl restart nginx.service
```
## Set-Up the files
```
cd /var/www/
git config --global credential.helper store
git clone https://git.thetempusproject.com/thetempusproject/thetempusproject-com.git thetempusproject.com
cd thetempusproject.com
git fetch
git checkout production
```
_You will be prompted for git creds, use the creds shared below_
```
git config --global --add safe.directory /var/www/thetempusproject.com
git config --global --add safe.directory /var/www/thetempusproject.com/vendor/thetempusproject/hermes
git config --global user.name "Production Server"
git config --global user.email webmaster@thetempusproject.com
cd thetempusproject.com
composer install
chmod -R 777 .
chown -R www-data:www-data .
```
#### GitLab Credentials:
User: `root`\
Password: `rdFtVPhzlu6u6orxN4NAsbgAE4AyqZPTXPXQTleyA5I=`

36
server/thetempusproject.com.conf Normal file
View File

@ -0,0 +1,36 @@
# upstream to abstract backend connection(s) for php
upstream php {
server unix:/run/php/php8.1-fpm.sock;
}
server {
listen 80;
listen [::]:80;
server_name thetempusproject.com;
include snippets/well-known;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name thetempusproject.com;
include snippets/ssl-params.conf;
root /var/www/thetempusproject.com;
index index.php;
# max php upload size
client_max_body_size 100M;
# disable direcory indexing
autoindex off;
# custom TTP code
include snippets/ttp.conf;
location ~* \.php$ {
fastcgi_pass php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_intercept_errors on;
}
}

29
server/thetempusproject.com.key Normal file
View File

@ -0,0 +1,29 @@
-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCgBC55LW3hfrJv
Ouf7akrC195/aRqkcIWVTPjiL4YmfoeVnVDKDQgSi4R+UPvr//MN7vOyeB5fuN8t
YkX2JCLmZ1t+qxLK0p0Iz3jzSvTqozWBJUgEggq5qWyZz09u65kHK5pN0Pen0AXW
TccHHlAufQlASO8okLYGf1JFA0wsP//QtkkGaEt+UqoickKDXhhkk5dJSqLNCIh/
VPvC2x+HupCeG9TemnhgzRU/cjPakdlr+bClXDVs7lziCKRJRpe6QDMb6+kZTmz+
HTD2tWQ0hevDwedckFAu7VZbrpdGh5wtdai337xJmK7KbkHeT2aP5MTODB5F4ofo
HV0jxc/RAgMBAAECggEAALzYMoCQPL2C6NKckmsEZnbMjKmRQQAQS5aH4LIPpCKJ
8TmBD3dlKcG5JgRtTuKWjiJDfxeA61fMtpa5BBgZTZbdI/25p9P1+54KPJPkQmcn
dl2TwgqP7lhuutxK7VPaeB8eNlzf4WcK+diQsfKUs8wphGF5scYOAsRoPo9z9NHC
WEvY54rfqZAMPoHTd4CvNh4nWfaBrpXRt1eBDhmHmEcchAWfPFm5haioYDve6qcP
RnnmqmrLbey0/CeedDsBDgyu4DLS1CSV0y+ZTsW712js94ahoB4dHiUDXJx9SiiL
e+peP9suQwqB5C55wZ+xPHpHmhLMvxgsYu+YI4U1QQKBgQDKuDVGxU5WYZO9SmcI
H7k4vFWp+zUzy8K1AHHqJT6XVB5I1s2jOElmI7ptW7AgCqbcMtI0PA5fF8h0BEdx
DH80XamXli6oxPtlNgQ+p8EdUxAaJJHJkGTIurbv0Zij7iolDGD2ne/xsBdGYnZV
4qn8Xok++Ix+U/XciqAE7ZIUYQKBgQDKEro+03Q8jcrYdh4acRK9S8kFdgdUcrVQ
BdmEjYvYHq0VkSve2KkW/2IQTykBrkGwnYT+8tEynKHNcfMZu7PDfQJIKRr22hBU
jZcZLtOO41osU8xSHwF+IFJbay2nYj/mYAO3GePUJ/JfPj6DyG0Ud+JkmEGavSPe
N+fVTsxxcQKBgG11l7bV9N2ppHdyRD3bu0yKTQsSjICiRkkrq1bNs4VMs2mLKtA2
JVPUeOZxuqEif0So4F26C9yG4ALdCKJfKBRjep5SRnF0o3Xb++DE/f5SioBDPMEE
iZblUsAdgXkKsZD9pSGk2Bm9hmPH6LOpRzXw6dSpqlrQBRKHe64NhXIhAoGAZFUA
HImpQRe2C9w5/i7+evbSDOAZq5h45g7Bfcs6EEjK79ZwzekNq9mJu0dSuP7opuTP
UDcIH/UdcYCOj8xe6UV8iI/AT6jeSt0ylNJnQJ8p+rBw1qWGfDVYLwP8WwuxZpVt
wtAcCw76jMe/CnfNkUglJIVkrYwT7xYbChJh+EECgYB014MoYDxTXXSOL4ewL+jb
L5Edu8IEOitb3ACXiH3179067aBSV1ETROVb/ldPXJzXTJSSP19Ud7EFp03BECVM
/dmaMK24gHHhamQuS2Fn7WGeiCO35R3Hd+0XnD+9Tb68Q5+wcI7f9EHZdLuo7xBk
Exwxx3cDKRg9B+K35WNLGQ==
-----END PRIVATE KEY-----

28
server/thetempusproject.com.pem Normal file
View File

@ -0,0 +1,28 @@
-----BEGIN CERTIFICATE-----
MIIEtDCCA5ygAwIBAgIULHScUpTRNz5y8oPSPW/dOw+qK0AwDQYJKoZIhvcNAQEL
BQAwgYsxCzAJBgNVBAYTAlVTMRkwFwYDVQQKExBDbG91ZEZsYXJlLCBJbmMuMTQw
MgYDVQQLEytDbG91ZEZsYXJlIE9yaWdpbiBTU0wgQ2VydGlmaWNhdGUgQXV0aG9y
aXR5MRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlh
MB4XDTI0MDgxMjIzNTAwMFoXDTM5MDgwOTIzNTAwMFowYjEZMBcGA1UEChMQQ2xv
dWRGbGFyZSwgSW5jLjEdMBsGA1UECxMUQ2xvdWRGbGFyZSBPcmlnaW4gQ0ExJjAk
BgNVBAMTHUNsb3VkRmxhcmUgT3JpZ2luIENlcnRpZmljYXRlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAQueS1t4X6ybzrn+2pKwtfef2kapHCFlUz4
4i+GJn6HlZ1Qyg0IEouEflD76//zDe7zsngeX7jfLWJF9iQi5mdbfqsSytKdCM94
80r06qM1gSVIBIIKualsmc9PbuuZByuaTdD3p9AF1k3HBx5QLn0JQEjvKJC2Bn9S
RQNMLD//0LZJBmhLflKqInJCg14YZJOXSUqizQiIf1T7wtsfh7qQnhvU3pp4YM0V
P3Iz2pHZa/mwpVw1bO5c4gikSUaXukAzG+vpGU5s/h0w9rVkNIXrw8HnXJBQLu1W
W66XRoecLXWot9+8SZiuym5B3k9mj+TEzgweReKH6B1dI8XP0QIDAQABo4IBNjCC
ATIwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
ATAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBR+wLMvzqvwy0XS0W7kaRbDG8Dr8zAf
BgNVHSMEGDAWgBQk6FNXXXw0QIep65TbuuEWePwppDBABggrBgEFBQcBAQQ0MDIw
MAYIKwYBBQUHMAGGJGh0dHA6Ly9vY3NwLmNsb3VkZmxhcmUuY29tL29yaWdpbl9j
YTA3BgNVHREEMDAughYqLnRoZXRlbXB1c3Byb2plY3QuY29tghR0aGV0ZW1wdXNw
cm9qZWN0LmNvbTA4BgNVHR8EMTAvMC2gK6AphidodHRwOi8vY3JsLmNsb3VkZmxh
cmUuY29tL29yaWdpbl9jYS5jcmwwDQYJKoZIhvcNAQELBQADggEBAJ0XENfsLO9z
/jjsDMYNjN53Cqaz1y4UuHJptQ+Mg+H6GaOgw99XdN6SWY0lVj/D/tQ09bdRVPv/
JK99pikHGWnNgpybJHyhLM6Vj32sECfo3OUb8rSgEM4pMkQS7j97wFZxFiXoolY7
Rk+o76T1R9rHrUQZEeZ1Td/Vwhp1DScPKaMU+DpgzTHfXBWMyTUWCqX/Q+XirnWf
iCUT6HR08rslwGjRctKQ0f5jj8kCj2IUmyKyHJ+2SQe9iDRQ9g7hnmH+Tmale0at
D912ywToG1f/Q4LVXfViemp8VIBobjZIoRRpTv2l0XnDEpUlAr5UjrH0XiHNzzqT
wmRBvbWDmbc=
-----END CERTIFICATE-----

74
server/ttp.conf Normal file
View File

@ -0,0 +1,74 @@
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
index index.php;
charset utf-8;
error_page 404 /index.php;
ssl_certificate /etc/nginx/ssl/thetempusproject.com.pem;
ssl_certificate_key /etc/nginx/ssl/thetempusproject.com.key;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ /\.(?!well-known).* {
deny all;
}
location ~ /\.ht {
deny all;
}
location ~ ^/(doc|sql|setup)/ {
deny all;
}
location ~ /\. {
deny all;
}
location ~* \.(?:js|css|png|jpg|gif|ico|woff|ttf|woff2)$ {
access_log off;
log_not_found off;
}
location /js/ {
access_log off;
log_not_found off;
try_files $uri /index.php?error=js404&file=$uri;
}
location /css/ {
access_log off;
log_not_found off;
try_files $uri /index.php?error=css404&file=$uri;
}
location /images/ {
try_files $uri /index.php?error=image404&url=$uri;
}
location /uploads/ {
try_files $uri /index.php?error=upload404&url=$uri;
}
location /errors/ {
try_files $uri /index.php?error=$uri;
}
location / {
rewrite ^/(.+)$ /index.php?url=$1&$args;
}