Editing Moebooru
From Bibliotheca Anonoma
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
'''Moebooru''' is a well maintained Danbooru-style image tag system, used by Yande.re, Konachan, and many others. It is written in Ruby, and can be a bit of a challenge to install. Since many other installation guides are insufficient, we've noted down our entire installation and configuration process for [https://booru.eikonos.org Eikonos]. | '''Moebooru''' is a well maintained Danbooru-style image tag system, used by Yande.re, Konachan, and many others. It is written in Ruby, and can be a bit of a challenge to install. Since many other installation guides are insufficient, we've noted down our entire installation and configuration process for [https://booru.eikonos.org Eikonos]. | ||
== Create Moebooru User == | == Create Moebooru User == | ||
Create a specific non-login daemon user just for moebooru (Though it will have bash shell for setup purposes temporarily). | Create a specific non-login daemon user just for moebooru (Though it will have bash shell for setup purposes temporarily). Then create a systemd service for it. | ||
<pre>sudo git clone https://github.com/moebooru/moebooru.git /var/www/booru.eikonos.org | |||
sudo useradd -s /bin/bash -d /var/www/booru.eikonos.org -r moebooru | |||
sudo chown -R moebooru:moebooru /var/www/booru.eikonos.org</pre> | |||
== Setup Postgresql == | == Setup Postgresql == | ||
Line 62: | Line 32: | ||
{{ic|libpqxx}} is required for libpq-ruby to build. | {{ic|libpqxx}} is required for libpq-ruby to build. | ||
Now log in and create the moebooru user: | |||
<pre># su - postgres | |||
# su - postgres | |||
$ psql | $ psql | ||
postgres # | postgres # create user moebooru_user with password 'the_password' createdb;</pre> | ||
Finally, edit {{ic|pg_hba.conf}} from {{ic|ident}} to {{ic|md5}} (except for the UNIX socket line) to allow users to log in using a password (required by moebooru's config), it should look like the following: | Finally, edit {{ic|pg_hba.conf}} from {{ic|ident}} to {{ic|md5}} (except for the UNIX socket line) to allow users to log in using a password (required by moebooru's config), it should look like the following: | ||
Line 108: | Line 69: | ||
''For most small sites'', Ruby 2.3 and higher with the Unicorn server is sufficient. | ''For most small sites'', Ruby 2.3 and higher with the Unicorn server is sufficient. | ||
''A site with heavier traffic'' may find it helpful to use Rubinius with the Puma server [https://blog.engineyard.com/2014/ruby-app-server-arena-pt1to make better use of concurrent multithreading,] but this may require compilation | ''A site with heavier traffic'' may find it helpful to use Rubinius with the Puma server [https://blog.engineyard.com/2014/ruby-app-server-arena-pt1to make better use of concurrent multithreading,] but this may require compilation. | ||
=== Method 1: Set up Normal Ruby 2.3 or newer === | === Method 1: Set up Normal Ruby 2.3 or newer === | ||
Line 119: | Line 78: | ||
* RHEL/CentOS: [https://www.softwarecollections.org/en/scls/rhscl/rh-ruby23/ RHSCL - Ruby 2.3] | * RHEL/CentOS: [https://www.softwarecollections.org/en/scls/rhscl/rh-ruby23/ RHSCL - Ruby 2.3] | ||
=== Method 2: | === Method 2: Install Rubinius with RVM === | ||
For RVM, just install any ol' ruby 2.x, we won't be using it after the compilation stage. Also install all the build dependencies. | |||
==== Dependencies (Debian/Ubuntu) ==== | |||
{{bc| | {{bc| | ||
sudo apt-get install ruby | |||
sudo apt-get install build-essential openssl libreadline6 libreadline6-dev \ | |||
curl git-core zlib1g zlib1g-dev libssl-dev libyaml-dev libsqlite3-dev sqlite3 \ | |||
libxml2-dev libxslt-dev autoconf libc6-dev ncurses-dev automake libtool bison \ | |||
subversion pkgconfig | |||
}} | }} | ||
An LLVM version greater than 3.6+ is also required. You can get this in [https://backports.debian.org/Instructions/ Debian Jessie from backports], or in Ubuntu from normal repositories. | |||
{{bc| | {{bc| | ||
# if on debian jessie, set up jessie-backports: https://backports.debian.org/Instructions/ | |||
sudo apt-get install llvm-3.8 clang-3.8 libclang-3.8-dev llvm-3.8-runtime llvm-3.8-dev llvm-3.8-tools libedit libedit-dev | |||
}} | }} | ||
==== Dependencies (RHEL/CentOS) ==== | |||
=== | |||
{{bc| | {{bc| | ||
sudo yum install ruby | sudo yum install ruby | ||
sudo yum install -y patch autoconf patch automake libtool bison sqlite | sudo yum install -y patch autoconf patch automake libtool bison sqlite-devel | ||
}} | }} | ||
Line 204: | Line 127: | ||
}} | }} | ||
==== Using RVM ==== | |||
{{Note|Make sure to run all these steps as the moebooru user.}} | |||
http://rayhightower.com/blog/2014/02/06/installing-rubinius-using-rvm/ | |||
The right way to use it is just plain jane on the server. Installation is easy using rvm. Run these as the current user: | |||
Refresh the rvm repos: | |||
Refresh the rvm repos | |||
{{bc| | {{bc| | ||
rvm get head | rvm get head | ||
}} | }} | ||
Line 261: | Line 174: | ||
{{Note|If you change ruby editions later on after installing gems, make sure to run {{ic|gem pristine --all}} to delete the previous ones. After that, reinstall all gems from scratch.}} | {{Note|If you change ruby editions later on after installing gems, make sure to run {{ic|gem pristine --all}} to delete the previous ones. After that, reinstall all gems from scratch.}} | ||
<!-- | <!-- | ||
==== Setup Rubinius with Zonio Repo (RHEL/CentOS) ==== | ==== Setup Rubinius with Zonio Repo (RHEL/CentOS) ==== | ||
Line 340: | Line 203: | ||
</pre> | </pre> | ||
Finally, edit moebooru's <code>~/.profile</code> and add the correct PATH for your bundler (for example, <code>/ | Finally, edit moebooru's <code>~/.profile</code> and add the correct PATH for your bundler (for example, <code>/var/www/booru.eikonos.org/.gem/rbx/2.2/bin</code>, may differ with your ruby version) | ||
<pre> | <pre> | ||
PATH=$PATH:/ | PATH=$PATH:/var/www/booru.eikonos.org/.gem/rbx/2.2/bin | ||
</pre> | </pre> | ||
Line 352: | Line 215: | ||
https://zonio.net/rubinius_rpm_packages/ | https://zonio.net/rubinius_rpm_packages/ | ||
--> | --> | ||
== Mandatory Access Control == | == Mandatory Access Control == | ||
Line 360: | Line 221: | ||
anyone have apparmor profiles? | anyone have apparmor profiles? | ||
=== SELinux Permissions (RHEL/CentOS) === | === SELinux Permissions (RHEL/CentOS) === | ||
If using SELinux (which we highly recommend), you will need the following policies, assuming that everything is installed to {{ic|/ | If using SELinux (which we highly recommend), you will need the following policies, assuming that everything is installed to {{ic|/var/www/booru.eikonos.org/}}: | ||
needed for proxy pass | needed for proxy pass | ||
Line 375: | Line 234: | ||
<pre>setsebool -P httpd_enable_homedirs 1 | <pre>setsebool -P httpd_enable_homedirs 1 | ||
sudo semanage fcontext -a -t httpd_sys_content_t '/ | sudo semanage fcontext -a -t httpd_sys_content_t '/var/www/booru.eikonos.org/shared(/.*)?' | ||
sudo restorecon -R -v / | sudo restorecon -R -v /var/www/booru.eikonos.org/shared | ||
sudo semanage fcontext -a -t httpd_sys_content_t '/var/www/ | sudo semanage fcontext -a -t httpd_sys_content_t '/var/www/booru.eikonos.org/public(/.*)?' | ||
sudo restorecon -R -v /var/www/ | sudo restorecon -R -v /var/www/booru.eikonos.org/public</pre> | ||
https://www.pckr.co.uk/selinux-nginx-and-reverse-proxying-2/ | https://www.pckr.co.uk/selinux-nginx-and-reverse-proxying-2/ | ||
Line 417: | Line 276: | ||
=== Configure Moebooru === | === Configure Moebooru === | ||
First, [http://stackoverflow.com/a/9235107 do a bundle config for pg] since we're using a specific postgresql version: | |||
{{bc| | {{bc|<nowiki>bundle config build.pg --with-pg-config=/usr/pgsql-9.6/bin/pg_config</nowiki>}} | ||
Generate your secret key, which is used for salts and such. | |||
{{bc| | {{bc|bundle exec rake secret}} | ||
bundle | |||
Install the ruby packages for the moebooru user only (under the directory <code>./vendor/bundle</code>): | Install the ruby packages for the moebooru user only (under the directory <code>./vendor/bundle</code>): | ||
Line 435: | Line 291: | ||
{{bc| | {{bc| | ||
cp config/database.yml.example config/database.yml | $ cp config/database.yml.example config/database.yml | ||
cp config/local_config.rb.example config/local_config.rb | $ cp config/local_config.rb.example config/local_config.rb | ||
chmod 700 config/database.yml | $ chmod 700 config/database.yml | ||
chmod 700 config/local_config.rb | $ chmod 700 config/local_config.rb | ||
}} | }} | ||
Edit {{ic|config/database.yml}} using your favorite editor (such as nano), and replace {{ic|imouto}} with the password of your database user: | Edit {{ic|config/database.yml}} using your favorite editor (such as nano), and replace {{ic|imouto}} with the password of your database user: | ||
Line 467: | Line 319: | ||
</nowiki>}} | </nowiki>}} | ||
{{bc|chmod 600 / | {{bc|chmod 600 /var/www/booru.eikonos.org/config/database.yml}} | ||
Initialize database with this command (there will be some errors reported | Initialize database with this command (there will be some errors reported which is expected) | ||
{{bc|bundle exec rake db:reset}} | {{bc|bundle exec rake db:reset}} | ||
{{Note|Whenever you update moebooru using {{ic|git pull}}, make sure to migrate the database table schema with the command below.}} | {{Note|Whenever you update moebooru using {{ic|git pull}}, make sure to migrate the database table schema with the command below.}} | ||
Line 483: | Line 333: | ||
Now, you need to provide the correct permissions to the public folder: | Now, you need to provide the correct permissions to the public folder: | ||
{{bc|chmod 755 / | {{bc|chmod 755 /var/www/booru.eikonos.org/public}} | ||
Start the server | Start the server (<code>bundle exec unicorn</code> or <code>bundle exec puma</code> if using JRuby/Rubinius) | ||
Finally, set moebooru to a non login user: | |||
{{bc|sudo chsh -s /bin/false moebooru}} | |||
== Customize Header Image and Branding == | == Customize Header Image and Branding == | ||
Line 560: | Line 414: | ||
Then, you need to provide the correct permissions to the public folder: | Then, you need to provide the correct permissions to the public folder: | ||
<pre>chmod 755 /var/www/ | <pre>chmod 755 /var/www/booru.eikonos.org/public</pre> | ||
=== Serve static files with Nginx === | === Serve static files with Nginx === | ||
Create an Nginx config under <code>/etc/nginx/conf.d/</code>. Make sure to change the <code>server_name</code>. | Create an Nginx config under <code>/etc/nginx/conf.d/</code>. Make sure to change the <code>server_name</code>, and the <code>root /var/www/booru.eikonos.org/public</code> to <code>root /YOUR/MOEBOORU/PATH/public</code>. | ||
<blockquote>'''Note:''' If you are using a different port for puma, (by adding <code>-p 3000</code> to the serving command), also change the port accordingly below. | <blockquote>'''Note:''' If you are using a different port for puma, (by adding <code>-p 3000</code> to the serving command), also change the port accordingly below. | ||
Line 574: | Line 427: | ||
# directory of static assets, first generate with the command: | # directory of static assets, first generate with the command: | ||
# RAILS_ENV=production bundle exec rake assets:precompile | # RAILS_ENV=production bundle exec rake assets:precompile | ||
root /var/www/ | root /var/www/booru.eikonos.org/public; | ||
try_files $uri/index.html $uri @app; | try_files $uri/index.html $uri @app; | ||
Line 595: | Line 448: | ||
=== Run the Server === | === Run the Server === | ||
Finally, to run the server | Finally, to run the server (default is port 9292), run one of the following commands: | ||
Ruby: | Ruby: | ||
Line 601: | Line 454: | ||
{{bc|bundle exec unicorn -p 9292 -E production}} | {{bc|bundle exec unicorn -p 9292 -E production}} | ||
Rubinius: | Rubinius, JRuby: | ||
<pre>RAILS_ENV=production bundle exec puma -e production</pre> | |||
* [http://stackoverflow.com/a/27318704 Source: StackOverflow - Rails 4: assets not loading in production] | * [http://stackoverflow.com/a/27318704 Source: StackOverflow - Rails 4: assets not loading in production] | ||
Line 614: | Line 466: | ||
<pre>grep -c processor /proc/cpuinfo</pre> | <pre>grep -c processor /proc/cpuinfo</pre> | ||
Create the following folders in your application directory: | |||
<pre>mkdir -p shared/pids shared/sockets shared/log</pre> | |||
Place the following into <code><app_dir>/shared/puma.rb</code>: | |||
<pre | <pre># Change to match your CPU core count | ||
workers 8 | workers 8 | ||
Line 633: | Line 477: | ||
threads 1, 6 | threads 1, 6 | ||
app_dir = File.expand_path( | app_dir = File.expand_path("../..", __FILE__) | ||
shared_dir = | shared_dir = "#{app_dir}/shared" | ||
# Default to production | # Default to production | ||
rails_env = ENV['RAILS_ENV'] || | rails_env = ENV['RAILS_ENV'] || "production" | ||
environment rails_env | environment rails_env | ||
# Set up socket location | # Set up socket location | ||
bind | bind "unix://#{shared_dir}/sockets/puma.sock" | ||
# Logging | # Logging | ||
stdout_redirect | stdout_redirect "#{shared_dir}/log/puma.stdout.log", "#{shared_dir}/log/puma.stderr.log", true | ||
# Set master PID and state locations | # Set master PID and state locations | ||
pidfile | pidfile "#{shared_dir}/pids/puma.pid" | ||
state_path | state_path "#{shared_dir}/pids/puma.state" | ||
activate_control_app | activate_control_app | ||
on_worker_boot do | on_worker_boot do | ||
require | require "active_record" | ||
ActiveRecord::Base.connection.disconnect! rescue ActiveRecord::ConnectionNotEstablished | ActiveRecord::Base.connection.disconnect! rescue ActiveRecord::ConnectionNotEstablished | ||
ActiveRecord::Base.establish_connection(YAML.load_file( | ActiveRecord::Base.establish_connection(YAML.load_file("#{app_dir}/config/database.yml")[rails_env]) | ||
end | end</pre> | ||
</ | |||
Change the Nginx server config to the following: | Change the Nginx server config to the following: | ||
<pre>upstream app { | |||
# Path to Puma SOCK file, as defined previously | # Path to Puma SOCK file, as defined previously | ||
server unix:/var/ | server unix:/var/www/booru.eikonos.org/shared/sockets/puma.sock fail_timeout=0; | ||
} | } | ||
Line 672: | Line 513: | ||
# directory of static assets, first generate with the command: | # directory of static assets, first generate with the command: | ||
# RAILS_ENV=production bundle exec rake assets:precompile | # RAILS_ENV=production bundle exec rake assets:precompile | ||
root /var/www/ | root /var/www/booru.eikonos.org/public; | ||
try_files $uri/index.html $uri @app; | try_files $uri/index.html $uri @app; | ||
Line 681: | Line 522: | ||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
proxy_set_header X-Forwarded-Proto $scheme; | proxy_set_header X-Forwarded-Proto $scheme; | ||
# Fix the | # Fix the "It appears that your reverse proxy set up is broken" error. | ||
proxy_pass http://app; | proxy_pass http://app; | ||
proxy_read_timeout 90; | proxy_read_timeout 90; | ||
Line 690: | Line 531: | ||
client_max_body_size 4G; | client_max_body_size 4G; | ||
keepalive_timeout 10; | keepalive_timeout 10; | ||
} | }</pre> | ||
</ | |||
Finally, to run the server, use the following: | Finally, to run the server, use the following: | ||
<pre>bundle exec puma -C shared/puma.rb</pre> | |||
</ | |||
== Systemd Service == | == Systemd Service == | ||
Line 761: | Line 543: | ||
=== TCP === | === TCP === | ||
<pre>[Unit] | |||
Description=Moebooru's Puma HTTP Server | Description=Moebooru's Puma HTTP Server | ||
Requires=postgresql-9. | Requires=redis.service postgresql-9.5.service | ||
Wants=postgresql-9. | Wants=postgresql-9.5.service memcached.service | ||
After=network.target postgresql-9. | After=network.target postgresql-9.5.service | ||
# Uncomment for socket activation (see below) | # Uncomment for socket activation (see below) | ||
Line 775: | Line 557: | ||
# Preferably configure a non-privileged user | # Preferably configure a non-privileged user | ||
User= | User=moebooru | ||
# Specify the path to your puma application root | # Specify the path to your puma application root | ||
WorkingDirectory=/ | WorkingDirectory=/var/www/booru.eikonos.org | ||
# Helpful for debugging socket activation, etc. | # Helpful for debugging socket activation, etc. | ||
Line 786: | Line 568: | ||
# Here we are using a binstub generated via: | # Here we are using a binstub generated via: | ||
# `bundle binstubs puma --path ./sbin` | # `bundle binstubs puma --path ./sbin` | ||
# in the WorkingDirectory (replace | # in the WorkingDirectory (replace <WD> below) | ||
# You can alternatively use `bundle exec --keep-file-descriptors puma` | # You can alternatively use `bundle exec --keep-file-descriptors puma` | ||
# ExecStart= | # ExecStart=<WD>/sbin/puma -b tcp://0.0.0.0:9292 -b ssl://0.0.0.0:9293?key=key.pem&cert=cert.pem | ||
# Alternatively with a config file (in WorkingDirectory) and | # Alternatively with a config file (in WorkingDirectory) and | ||
Line 797: | Line 579: | ||
[Install] | [Install] | ||
WantedBy=multi-user.target | WantedBy=multi-user.target</pre> | ||
</ | |||
=== UNIX Socket === | === UNIX Socket === | ||
Two Systemd services are needed: one for the socket and one for the application. | Two Systemd services are needed: one for the socket and one for the application. | ||
<code>/usr/systemd/system/moebooru.service</code> | |||
[Unit] | |||
<pre>[Unit] | |||
Description=Puma HTTP Server | Description=Puma HTTP Server | ||
Requires=postgresql-9. | Requires=redis.service postgresql-9.5.service | ||
Wants=postgresql-9. | Wants=postgresql-9.5.service memcached.service | ||
After=network.target postgresql-9. | After=network.target postgresql-9.5.service | ||
# Uncomment for socket activation (see below) | # Uncomment for socket activation (see below) | ||
Line 830: | Line 611: | ||
# Here we are using a binstub generated via: | # Here we are using a binstub generated via: | ||
# `bundle binstubs puma --path ./sbin` | # `bundle binstubs puma --path ./sbin` | ||
# in the WorkingDirectory (replace | # in the WorkingDirectory (replace <WD> below) | ||
# You can alternatively use `bundle exec --keep-file-descriptors puma` | # You can alternatively use `bundle exec --keep-file-descriptors puma` | ||
# ExecStart= | # ExecStart=<WD>/sbin/puma -b tcp://0.0.0.0:9292 -b ssl://0.0.0.0:9293?key=key.pem&cert=cert.pem | ||
# Alternatively with a config file (in WorkingDirectory) and | # Alternatively with a config file (in WorkingDirectory) and | ||
# comparable `bind` directives | # comparable `bind` directives | ||
# ExecStart= | # ExecStart=<WD>/sbin/puma -C config.rb | ||
Restart=always | Restart=always | ||
[Install] | [Install] | ||
WantedBy=multi-user.target | WantedBy=multi-user.target</pre> | ||
</ | |||
Grab some code from here? | Grab some code from here? | ||
Line 862: | Line 641: | ||
}} | }} | ||
Images | Images only: | ||
{{bc| | {{bc| | ||
tar -cvzf eikonos.org- | tar -cvzf eikonos.org-20170128_images.tar.gz /var/www/booru.eikonos.org/public/data/image/ | ||
}} | }} | ||
Code only, no binaries | Code only, no binaries: | ||
{{bc|<nowiki> | {{bc|<nowiki> | ||
tar --exclude='/ | tar --exclude='/var/www/booru.eikonos.org/tmp' --exclude='/var/www/booru.eikonos.org/vendor' --exclude='/var/www/booru.eikonos.org/public' --exclude='/var/www/booru.eikonos.org/.rvm' --exclude='/var/www/booru.eikonos.org/.rbx' --exclude='/var/www/booru.eikonos.org/.bundle' --exclude='/var/www/booru.eikonos.org/.gem' -cvjf eikonos.org-20170128_var_www_booru-eikonos-org.tar.gz /var/www/booru.eikonos.org | ||
</nowiki>}} | </nowiki>}} | ||
== Sources == | == Sources == | ||
* Get configuration tips from here: http://wiki.douglasqsantos.com.br/doku.php/deploying_a_rails_app_on_debian_jessie_with_capistrano_nginx_and_puma_en | * Get configuration tips from here: http://wiki.douglasqsantos.com.br/doku.php/deploying_a_rails_app_on_debian_jessie_with_capistrano_nginx_and_puma_en |