diff --git a/DEPLOY_FROM_SOURCE.md b/DEPLOY_FROM_SOURCE.md new file mode 100644 index 0000000..2d6804d --- /dev/null +++ b/DEPLOY_FROM_SOURCE.md @@ -0,0 +1,100 @@ +# Deploy from source + +## Prerequisites + +Make sure you have `libssl-dev` and `pkg-config` installed and the [rust toolchain](https://rustup.rs) is available on at least on user. + + +## Install Conduit + +```bash +$ sudo useradd -m conduit +$ sudo -u conduit cargo install --git "https://git.koesters.xyz/timo/conduit.git" +``` + + +## Setup systemd service + +In this guide, we set up a systemd service for Conduit, so it's easy to start, stop Conduit and set it to autostart when your server reboots. Paste the default systemd service below and configure it to fit your setup (in /etc/systemd/system/conduit.service). + +```systemd +[Unit] +Description=Conduit +After=network.target + +[Service] +Environment="ROCKET_SERVER_NAME=conduit.rs" # EDIT THIS + +Environment="ROCKET_PORT=14004" # Reverse proxy port + +#Environment="ROCKET_REGISTRATION_DISABLED=true" +#Environment="ROCKET_LOG=normal" # Detailed logging + +Environment="ROCKET_ENV=production" +User=conduit +Group=conduit +Type=simple +Restart=always +ExecStart=/home/conduit/.cargo/bin/conduit + +[Install] +WantedBy=multi-user.target +``` + +Finally, run +```bash +$ sudo systemctl daemon-reload +``` + + +## Setup Reverse Proxy + +This depends on whether you use Apache, Nginx or something else. For Apache it looks like this (in /etc/apache2/sites-enabled/050-conduit.conf): +``` + + +ServerName conduit.koesters.xyz # EDIT THIS + +AllowEncodedSlashes NoDecode + +ServerAlias conduit.koesters.xyz # EDIT THIS + +ProxyPreserveHost On +ProxyRequests off +AllowEncodedSlashes NoDecode +ProxyPass / http://localhost:14004/ nocanon +ProxyPassReverse / http://localhost:14004/ nocanon + +Include /etc/letsencrypt/options-ssl-apache.conf + +# EDIT THESE: +SSLCertificateFile /etc/letsencrypt/live/conduit.koesters.xyz/fullchain.pem +SSLCertificateKeyFile /etc/letsencrypt/live/conduit.koesters.xyz/privkey.pem + +``` + +Then run +```bash +$ sudo systemctl reload apache2 +``` + + +## SSL Certificate + +The easiest way to get an SSL certificate for the domain is to install `certbot` and run this: +```bash +$ sudo certbot -d conduit.koesters.xyz +``` + + +## You're done! + +Now you can start Conduit with +```bash +$ sudo systemctl start conduit +``` + +and set it to start automatically when your system boots with +```bash +$ sudo systemctl enable conduit +``` diff --git a/README.md b/README.md index 4c84040..ad13089 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ [![Liberapay](https://img.shields.io/liberapay/receives/timokoesters?logo=liberapay)](https://liberapay.com/timokoesters) [![Matrix](https://img.shields.io/matrix/conduit:koesters.xyz?server_fqdn=matrix.koesters.xyz&logo=matrix)](https://matrix.to/#/#conduit:koesters.xyz) -#### What is the goal +#### What is the goal? A fast Matrix homeserver that's easy to set up and just works. You can install it on a mini-computer like the Raspberry Pi to host Matrix for your family, friends or company. @@ -18,11 +18,14 @@ Yes! Just open a Matrix client ( or Element Android for #### How can I deploy my own? -You just have to clone the repo, build it with `cargo build --release` and call the binary (target/release/conduit) from somewhere like a systemd script. -It's explained in more detail [here](https://git.koesters.xyz/timo/conduit/wiki/Deploy). +##### From source -Or you can just build the docker image and run it with docker or docker-compose. -It's explained in more details [here](https://git.koesters.xyz/timo/conduit/wiki/Docker) or in the [README](docker/README.md) in the docker folder. +Clone the repo, build it with `cargo build --release` and call the binary +(target/release/conduit) from somewhere like a systemd script. [Read more](DEPLOY_FROM_SOURCE.md) + +##### Using Docker + +Build the docker image and run it with docker or docker-compose. [Read more](docker/README.md) #### What is it build on? diff --git a/docker/README.md b/docker/README.md index f7add18..5a6ecde 100644 --- a/docker/README.md +++ b/docker/README.md @@ -1,9 +1,12 @@ -# Docker +# Deploy using Docker + > **Note:** To run and use Conduit you should probably use it with a Domain or Subdomain behind a reverse proxy (like Nginx, Traefik, Apache, ...) with a Lets Encrypt certificate. -This text is also available at the [official wiki](https://git.koesters.xyz/timo/conduit/wiki/docker). -## Build & Dockerfile +## Docker + +### Build & Dockerfile + The Dockerfile provided by Conduit has two stages, each of which creates an image. 1. **Builder:** Builds the binary from local context or by cloning a git revision from the official repository. 2. **Runtime:** Copies the built binary from **Builder** and sets up the runtime environment, like creating a volume to persist the database and applying the correct permissions. @@ -31,7 +34,9 @@ docker build . -t conduit_homeserver:latest --build-arg CREATED=$(date -u +'%Y-% which also will tag the resulting image as `conduit_homeserver:latest`. **Note:** it ommits the two optional `build-arg`s. -## Run + +### Run + After building the image you can simply run it with ``` bash @@ -42,10 +47,13 @@ For detached mode, you also need to use the `-d` flag. You can pass in more env If you just want to test Conduit for a short time, you can use the `--rm` flag, which will clean up everything related to your container after you stop it. -# Docker-compose +## Docker-compose + If the docker command is not for you or your setup, you can also use one of the provided `docker-compose` files. Depending on your proxy setup, use the `docker-compose.traefik.yml` including `docker-compose.override.traefik.yml` or the normal `docker-compose.yml` for every other reverse proxy. -## Build + +### Build + To build the Conduit image with docker-compose, you first need to open and modify the `docker-compose.yml` file. There you need to comment the `image:` option and uncomment the `build:` option. Then call docker-compose with: ``` bash @@ -54,7 +62,9 @@ CREATED=$(date -u +'%Y-%m-%dT%H:%M:%SZ') VERSION=$(grep -m1 -o '[0-9].[0-9].[0-9 This will also start the container right afterwards, so if want it to run in detached mode, you also should use the `-d` flag. For possible `build-args`, please take a look at the above `Build & Dockerfile` section. -## Run + +### Run + If you already have built the image, you can just start the container and everything else in the compose file in detached mode with: ``` bash