mirror of
https://github.com/ergochat/ergo.git
synced 2024-11-25 13:29:27 +01:00
make systemd and letsencrypt two separate manual sections
This commit is contained in:
parent
96f575c739
commit
72f41f6b3f
@ -26,7 +26,8 @@ _Copyright © Daniel Oaks <daniel@danieloaks.net>, Shivaram Lingamneni <slingamn
|
||||
- [Becoming an operator](#becoming-an-operator)
|
||||
- [Rehashing](#rehashing)
|
||||
- [Environment variables](#environment-variables)
|
||||
- [Productionizing](#productionizing)
|
||||
- [Productionizing with systemd](#productionizing-with-systemd)
|
||||
- [Using valid TLS certificates](#using-valid-tls-certificates)
|
||||
- [Upgrading to a new version of Oragono](#upgrading-to-a-new-version-of-oragono)
|
||||
- [Features](#features)
|
||||
- [User Accounts](#user-accounts)
|
||||
@ -174,7 +175,7 @@ Oragono can also be configured using environment variables, using the following
|
||||
However, settings that were overridden using this technique cannot be rehashed --- changing them will require restarting the server.
|
||||
|
||||
|
||||
## Productionizing
|
||||
## Productionizing with systemd
|
||||
|
||||
The recommended way to operate oragono as a service on Linux is via systemd. This provides a standard interface for starting, stopping, and rehashing (via `systemctl reload`) the service. It also captures oragono's loglines (sent to stderr in the default configuration) and writes them to the system journal.
|
||||
|
||||
@ -189,6 +190,12 @@ The only major distribution that currently packages Oragono is Arch Linux; the a
|
||||
1. `systemctl start oragono.service`
|
||||
1. Confirm that the service started correctly with `systemctl status oragono.service`
|
||||
|
||||
|
||||
On a non-systemd system, oragono can be configured to log to a file and used [logrotate(8)](https://linux.die.net/man/8/logrotate), since it will reopen its log files (as well as rehashing the config file) upon receiving a SIGHUP. To rehash manually outside the context of log rotation, you can use `killall -HUP oragono` or `pkill -HUP oragono`.
|
||||
|
||||
|
||||
## Using valid TLS certificates
|
||||
|
||||
The other major hurdle for productionizing (but one well worth the effort) is obtaining valid TLS certificates for your domain, if you haven't already done so:
|
||||
|
||||
1. The simplest way to get valid TLS certificates is from [Let's Encrypt](https://letsencrypt.org/) with [Certbot](https://certbot.eff.org/). The correct procedure will depend on whether you are already running a web server on port 80. If you are, follow the guides on the Certbot website; if you aren't, you can use `certbot certonly --standalone --preferred-challenges http -d example.com` (replace `example.com` with your domain).
|
||||
@ -211,8 +218,6 @@ Executing this script manually will install the certificates for the first time
|
||||
|
||||
If you are using Certbot 0.29.0 or higher, you can also change the ownership of the files under `/etc/letsencrypt` so that the oragono user can read them, as described in the [UnrealIRCd documentation](https://www.unrealircd.org/docs/Setting_up_certbot_for_use_with_UnrealIRCd#Tweaking_permissions_on_the_key_file).
|
||||
|
||||
On a non-systemd system, oragono can be configured to log to a file and used [logrotate(8)](https://linux.die.net/man/8/logrotate), since it will reopen its log files (as well as rehashing the config file) upon receiving a SIGHUP. To rehash manually outside the context of log rotation, you can use `killall -HUP oragono` or `pkill -HUP oragono`.
|
||||
|
||||
|
||||
## Upgrading to a new version of Oragono
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user