diff --git a/docs/installation/auth/allianceauth.md b/docs/installation/auth/allianceauth.md index cef96fce..e6fc43c1 100644 --- a/docs/installation/auth/allianceauth.md +++ b/docs/installation/auth/allianceauth.md @@ -129,7 +129,6 @@ Now we need to round up all the static files required to render templates. Make mkdir -p /var/www/myauth/static python /home/allianceserver/myauth/manage.py collectstatic - chown -R www-data:www-data /var/www/myauth/static Check to ensure your settings are valid. diff --git a/docs/installation/auth/apache.md b/docs/installation/auth/apache.md index 9a478e00..fbd315f8 100644 --- a/docs/installation/auth/apache.md +++ b/docs/installation/auth/apache.md @@ -20,6 +20,8 @@ CentOS: ## Configuration +Apache needs to be able to read the folder containing your auth project's static files. On Ubuntu: `chown -R www-data:www-data /var/www/myauth/static`, and on CentOS: `chown -R apache:apache /var/www/myauth/static` + Apache serves sites through defined virtual hosts. These are located in `/etc/apache2/sites-available/` on Ubuntu and `/etc/httpd/conf.d/httpd.conf` on CentOS. A virtual host for auth need only proxy requests to your WSGI server (gunicorn if you followed the install guide) and serve static files. Examples can be found below. Create your config in its own file eg `myauth.conf`. diff --git a/docs/installation/auth/gunicorn.md b/docs/installation/auth/gunicorn.md index 573ef0f4..623922a6 100644 --- a/docs/installation/auth/gunicorn.md +++ b/docs/installation/auth/gunicorn.md @@ -61,7 +61,7 @@ Change it by adding `--workers=2` to the command. ##### Running with a virtual environment If you're running with a virtual environment, you'll need to add the path to the `command=` config line. -e.g. `command=/path/to/venv/bin/gunicorn alliance_auth.wsgi` +e.g. `command=/path/to/venv/bin/gunicorn myauth.wsgi` ### Starting via Supervisor @@ -70,48 +70,6 @@ Once you have your configuration all sorted, you will need to reload your superv ## Configuring your webserver -### NGINX -To your server config add: - -``` -location / { - proxy_pass http://127.0.0.1:8000; - proxy_read_timeout 90; - proxy_redirect http://127.0.0.1:8000/ http://$host/; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-Proto $scheme; -} -``` - -Set `proxy_pass` and `proxy_redirect` to the address you set under `--bind=`. Set the second part of `proxy_redirect` to the URL you're hosting services on. Tell NGINX to reload your config, job done. Enjoy your lower memory usage and better performance! - -If PHP is stopping you moving to NGINX, check out php-fpm as a way to run your PHP applications. - -### Apache -If you were using mod_wsgi before, make a backup of your old config first and then strip out all of the mod_wsgi config from your Apache VirtualHost first config. - -Your config will need something along these lines: -``` -ProxyPreserveHost On - - SSLRequireSSL - ProxyPass http://127.0.0.1:8000/ - ProxyPassReverse http://127.0.0.1:8000/ - RequestHeader set X-FORWARDED-PROTOCOL ssl - RequestHeader set X-FORWARDED-SSL on - -``` - -Set `ProxyPass` and `ProxyPassReverse` addresses to your `--bind=` address set earlier. - -You will need to enable some Apache mods. `sudo a2enmod http_proxy` should take care of the dependencies. - -Restart Apache and you should be done. - -### Other web servers - Any web server capable of proxy passing should be able to sit in front of Gunicorn. Consult their documentation armed with your `--bind=` address and you should be able to find how to do it relatively easy. diff --git a/docs/installation/auth/nginx.md b/docs/installation/auth/nginx.md index d5390246..487db888 100644 --- a/docs/installation/auth/nginx.md +++ b/docs/installation/auth/nginx.md @@ -31,14 +31,25 @@ Your .htaccess files wont work. Nginx has a separate way of managing access to f Install Nginx via your preferred package manager or other method. If you need help just search, there are plenty of guides on installing Nginx out there. +Nginx needs to be able to read the folder containing your auth project's static files. On Ubuntu: `chown -R nginx:nginx /var/www/myauth/static`, and on CentOS: `chown -R nginx:nginx /var/www/myauth/static` + You will need to have [Gunicorn](gunicorn.md) or some other WSGI server setup for hosting Alliance Auth. -Create a config file in `/etc/nginx/sites-available` call it `alliance-auth.conf` or whatever your preferred name is and copy the basic config in. Make whatever changes you feel are necessary. +### Ubuntu +Create a config file in `/etc/nginx/sites-available` and call it `alliance-auth.conf` or whatever your preferred name is. + +Create a symbolic link to enable the site `ln -s /etc/nginx/sites-available/alliance-auth.conf /etc/nginx/sites-enabled/` + +### CentOS + +Create a config file in `/etc/nginx/conf.d` and call it `alliance-auth.conf` or whatever your preferred name is. -Create a symbolic link to enable the site `sudo ln -s /etc/nginx/sites-available/alliance-auth.conf /etc/nginx/sites-enabled/` and then reload Nginx for the config to take effect, `sudo service nginx reload` for Ubuntu. ### Basic config +Copy this basic config into your config file. Make whatever changes you feel are necessary. + + ``` server { listen 80; @@ -59,9 +70,11 @@ server { } ``` +Restart Nginx after making changes to the config files. On Ubuntu `service nginx restart` and on CentOS `systemctl restart nginx.service`. + #### Adding TLS/SSL -With [Let's Encrypt](https://letsencrypt.org/) offering free SSL certificates, there's no good reason to not run HTTPS anymore. +With [Let's Encrypt](https://letsencrypt.org/) offering free SSL certificates, there's no good reason to not run HTTPS anymore. The bot can automatically configure Nginx on some operating systems. If not proceed with the manual steps below. Your config will need a few additions once you've got your certificate.