Installation | Maintenance | Beyond Lino
Set up a Lino production server¶
Here is a set of conventions we suggest to use as a site maintainer when setting up a Lino production server.
General configuration¶
If your customers want to access their Lino from outside of their intranet, then you need to setup a domain name. See How to get a public domain name.
You need to have DNS set up and working because installing a Lino site will use certbot to request a certificate.
Configure the default umask¶
All maintainers must have a umask 002 or 007 (not 022 or 077 as is the default value).
Edit the file /etc/bash.bashrc
(site-wide for all users):
# nano /etc/bash.bashrc
And add the following line at the end:
umask 002
The umask
command is used to mask (disable) certain file permissions from
any new file created by a given user. See The umask command for more detailed
information.
To activate the new umask
or for yourself, hit Ctrl+D to end this session
and start a new session
Set up a master environment¶
If you are the first site maintainer on this server, you must set up the master environment:
$ sudo su
# apt-get install pip virtualenv git
# mkdir -p /usr/local/lino/shared/env
# cd /usr/local/lino/shared/env
# chown root:www-data .
# chmod g+ws .
# virtualenv -p python3 master
# . /usr/local/lino/shared/env/master/bin/activate
Edit your /root/.bashrc
file and add the following line at the end so
that the master environment is activated also in future root sessions on this
server:
# . /usr/local/lino/shared/env/master/bin/activate
Install the wheel python package, wheel is an installation tool for the pip packages, there are many other installation tools, but most pip packages use wheel to install the package into your python environment, some pip packages might fail to install if wheel is NOT already installed:
# pip install -U pip wheel
Install getlino
into the master environment:
# pip install getlino
Run getlino configure
¶
Sign out and again in as root, and verify that your prompt shows that the master environment is activated:
(master) root@myserver:~#
Run getlino configure
as root:
# getlino configure --no-clone --appy --web-server nginx --https
The --web-server
option can be either nginx
or apache
. Your choice.
You might want to provide some extra arguments, for example, some database
related arguments are –db-engine, –db-host, –db-port, –db-user,
–db-password, to see all the available options see: getlino configure
.
The --https
option causes getlino configure
to (1) install certbot
and (2) have it request a new certificate for every getlino startsite
.
When at least one Lino site of a server uses lino_xl.lib.appypod
,
then the server must have a LibreOffice service running so that the users of
your site can print documents using the appypdf, appydoc or appyrtf methods (the
appyodt method does not require a LO service). You say this using the
getlino configure --appy
option. For background information see
Running a LibreOffice server.
For details see the documentation about getlino.
Activate the master environment¶
For every new maintainer of a production site, add the following line to your
.bashrc
in order to have the master environment activated each
time you connect to the server:
. /usr/local/lino/shared/env/master/bin/activate
- master environment¶
A virtualenv to be used as default virtualenv for all site maintainers on this production server. It mainly contains getlino. It is usually located in
/usr/local/lino/shared/env
.
Check /etc/aliases
¶
Every production server should be able to send emails to its maintainers, e.g. to notify them when a cron job fails.
# apt install sendmail
# nano /etc/aliases # add your email address
# newaliases
Install your first site¶
You will do the following for every new site on your server:
$ sudo su
# getlino startsite APP_NAME SITE_NAME
Where:
APP_NAME
is one of the Lino applications known by getlino (noi, cosi, avanti, voga…)SITE_NAME
is a unique internal name of your site on this server.
For example:
# getlino startsite cosi first
And then point your browser to http://first.localhost
If something goes wrong, consult the getlino startsite
documentation.
Some useful additions to your shell¶
We suggest that you add the following to your system-wide
/etc/bash.bashrc
:
alias ll='ls -al'
alias a='. env/bin/activate'
function pywhich() {
python -c "import $1; print($1.__file__)"
}
# find another name if your team also uses golang
function go() {
for BASE in /usr/local/lino/lino_local
do
if [ -d $BASE/$1 ] ; then
cd $BASE/$1;
return;
fi
done
echo Oops: no project $1
return -1
}
Test whether it works¶
Close and reopen your terminal to activate them.
Quickly go to a project directory and activate its Python environment:
$ go prj1
$ a
You can always try the following admin commands (they don’t modify the database, so they won’t break anything):
$ pm status
$ pm show users.AllUsers
Configure your mail system¶
A production site should be able to send emails at least to the site maintainer. The default Lino configuration sends all emails to localhost.
If you know an SMTP server, then run sudo apt install postfix
, select
“Satellite system” and give the name of that SMTP server.
If you use monit
, then edit /etc/monit/monitrc
and add the
following line:
set mailserver localhost
More options¶
If you want to log every bash command, then add the
following to your system-wide /etc/bash.bashrc
# copied from http://backdrift.org/logging-bash-history-to-syslog-using-traps
function log2syslog
{
declare COMMAND
COMMAND=$(fc -ln -0)
logger -p local1.notice -t bash -i -- "${USER}:${COMMAND}"
}
trap log2syslog DEBUG
You may want to activate a hourly health check:
$ sudo ln -s /usr/local/bin/healthcheck.sh /etc/cron.hourly/
You may want to set your server’s timezone:
$ sudo timedatectl set-timezone Europe/Tallinn
You may want to define when your daily and weekly cron jobs run. The default is
6:25am in your server’s timezone. To do this, edit your /etc/crontab
file:
# Example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed
17 * * * * root cd / && run-parts --report /etc/cron.hourly
25 3 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 3 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 3 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )