Start by using ssh root@[ip] and providing access token to connect to Scaleway.
aptdependencies:sudo apt-get update sudo apt-get install curl tmux ca-certificates gnupg snapd git-all
- NVM (node version manager):
curl https://raw.githubusercontent.com/creationix/nvm/master/install.sh | bash source ~/.bashrc
- Node:
nvm install 18 nvm use 18
- MySQL
sudo apt-get install mysql-client=8.0* mysql-server=8.0*
- Nginx
sudo apt-get install nginx
- Certbot
sudo snap install --classic certbot sudo ln -s /snap/bin/certbot /usr/bin/certbot
You will need to set up SSH keys
since durhack-live is a private repository.
sudo mkdir -p /var/www/live.durhack.com
sudo chmod -R 766 /var/www/live.durhack.com
cd /var/www/live.durhack.com
git init
git remote add origin [email protected]:ducompsoc/durhack-live.git
git pull origin masterAlternatively, you can use a Personal Access Token by providing your GitHub username and a PAT as your password when prompted.
mkdir -p /var/www/live.durhack.com
sudo chmod -R 766 /var/www/live.durhack.com
cd /var/www/live.durhack.com
git init
git remote add origin https://github.com/ducompsoc/durhack-live
git pull origin master
Username: YOUR_USERNAME
Password: YOUR_PERSONAL_ACCESS_TOKENcd clientnpm installnpm run build
First, set a password for root so that mysql_secure_installation will succeed.
sudo systemctl start mysql.service
sudo mysql
mysql> ALTER USER 'root'@'localhost' IDENTIFIED WITH 'caching_sha2_password' BY 'new-root-password';
mysql> exitUse the secure installation script.
sudo mysql_secure_installationReset root's authentication plugin so that sudo mysql will log in as root.
mysql -u root -p
Enter password for 'root'@'localhost': *
mysql> ALTER USER 'root'@'localhost' IDENTIFIED WITH auth_socket;Create databases, and a user for those databases.
mysql> CREATE DATABASE `durhack-live`;
mysql> CREATE DATABASE `durhack-live-session`;
mysql> CREATE USER 'durhack'@'localhost' IDENTIFIED WITH 'caching_sha2_password' BY 'the-best-durhack-password';
mysql> GRANT ALL PRIVILEGES ON `durhack-live`.* TO 'durhack'@'localhost';
mysql> GRANT ALL PRIVILEGES ON `durhack-live-session`.* TO 'durhack'@'localhost';
mysql> FLUSH PRIVILEGES;
mysql> exitUse DataGrip to connect via durhack user, or by CLI:
sudo mysql
mysql> USE durhack-live;
mysql> show tables;Use DataGrip to connect via durhack user.
- Timestamps
/->- - Convert to
YYYY-MM-DD HH:MM:SSdatetime (use ' at start of field to prevent auto conversion) - "I accept" -> 1
- "I don't accept" -> 0
- Reorder columns to:
- blank
- full name
- preferred name
- blank * 5
- age
- phone
- uni
- grad year
- ethnicity
- gender
- Hackathons UK - Data Sharing Consent,
- Hackathons UK - Event Logistics Information Consent
- timestamp
- Delete first header row
- add additional updatedAt default -
2022-11-19 09:00:00
cd servernpm install- Setup config. Add a file
config/local.jsonthat overwrites keys fromconfig/default.json- Use
openssl rand -base64 48to generate cryptographically strong secrets, place them into appropriate config keys, specificallycsrf.secretcookie-parser.secret- (do not overwrite
jsonwebtokensecret - production uses RSA by default) session.secrethackathonStateSocket.secret
- Configure databases. Add suitable login information and database names to
mysql.dataandmysql.session - Add API keys and secrets from other applications
- MailGun ->
mailgun.key - Discord ->
discord.clientIdanddiscord.clientSecret
- MailGun ->
- Use
npm run build
Create a file in /etc/nginx/sites-available called live.durhack.com.
server {
server_name live.durhack.com www.live.durhack.com;
location /api {
proxy_pass http://127.0.0.1:3001$request_uri;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location /socket.io {
proxy_pass http://127.0.0.1:3001$request_uri;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location / {
proxy_pass http://127.0.0.1:3000$request_uri;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
listen [::]:80;
listen 80;
}
Enable the site by symlinking it to /etc/nginx/sites-enabled:
ln -s /etc/nginx/sites-available/live.durhack.com /etc/nginx/sites-enabled/Reload nginx:
sudo systemctl reload nginxConfigure the firewall and check its status:
sudo ufw allow 'Nginx Full'
sudo ufw delete 'Nginx HTTP'
sudo ufw statusUse Certbot to set up SSL on our nginx configuration:
sudo certbot --nginx -d live.durhack.com -d www.live.durhack.comFollow Certbot's instructions to verify we own the durhack.com domain through Let's Encrypt.
Make sure to choose 2: Redirect when prompted to specify how to handle insecure HTTP traffic.
Certbot will then auto-reload nginx.
Verify auto-renewal works correctly (check command completes with no errors):
sudo certbot renew --dry-run- Start Docker:
docker start durhack-mysql-container -i - Start server in
tmuxwindow:cd server,npm start - Start client in
tmuxwindow:cd client,npm start