Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • update-appmonitor
2 results
Blame Permalink
10_Installation.md 2.43 KiB

Installation on server

Xsentfile module

On Apache Webserver install xsendfile module.

i.e. on CentOS

yum install mod_xsendfile

Configuration of vhost

In the Apache vhost for cipkg server set the XSendFilePath - it is an absolute path on your websever.

Redirect all requests to /packages/[whatever] to /packages/index.php

Example snippet


    XSendFile On
    XSendFilePath "/var/www/cipkg.example.com/packages/"

    <Location "/packages">

        RewriteEngine on
        RewriteCond %{REQUEST_FILENAME} !-f
        RewriteRule ^(.*)$ index.php [QSA,L]

    </Location>

Configuration of a secret on server

if [approot]/public_html/ copy inc_config.php.dist to inc_config.php.dist. set a secret behind key apikey.

It means: this is a shared secret between this server and all your application servers.

It is not realized yet to use a secret per application.

$approot=dirname(__DIR__);
return array(
    
    // define a secret aka api key
    'apikey'=>'our-package-server-secret',

    // packages to deliver where files from ci server are synched
    'packagedir'=>$approot.'/packages',
    
    // max age of request ... client and server need to be in sync
    'maxage'=>60,

    // force that a hash can be used only once
    // a side effect is that fast repeat or simultanius requests
    // will be denied.
    'onetimesecret'=>true,

    // filesize of lock file with stored hashed before starting garbage collection
    // 10.000 byte are reached after 114 req
    'maxlockfilesize'=>10000,
    
    // tmp dir to store used hashes
    'tmpdir'=>$approot.'/tmp',

    // allow directory listing when accessing a path of a package
    // true is required to fetch all packages
    'showdircontent'=>true,
);

Prepare receive of packages

  • Create an deployment account package server that can be used to be connected via SSH by the ci server
  • add the public key of www-data of the ci server into /home/deployment/.ssh/authorized keys
  • Set permissions that the deployment user can write into /var/www/cipkg.example.com/packages/ and the user of the webeservice can read it chown deployment:apache /var/www/cipkg.example.com/packages/ and chmod 750 /var/www/cipkg.example.com/packages/

Ci server: add a sync target

TODO

In the config of CI web server add a sync target. Use

  • the deployment user as ssh
  • the fqdn as hostname
  • the defined packagedir in your inc_config.php as target directory