The text below is selected, press Ctrl+C to copy to your clipboard. (⌘+C on Mac) No line numbers will be copied.
Guest
Cozy
By Guest on 20th May 2019 02:25:17 PM | Syntax: TEXT | Views: 6



New paste | Download | Show/Hide line no. | Copy text to clipboard
  1. export COZY_ADMIN_PASSPHRASE=H0m31n
  2. export COZY_ADMIN_PASSWORD=H0m31n
  3.  
  4. sudo apt install nginx
  5.  
  6. sudo apt install curl -y
  7. curl -L https://couchdb.apache.org/repo/bintray-pubkey.asc | sudo apt-key add -
  8. echo "deb https://apache.bintray.com/couchdb-deb bionic main" | sudo tee -a /etc/apt/sources.list.d/apache_couchdb_bionic.list
  9.  
  10. sudo apt install couchdb -y
  11.  
  12. sudo apt  install golang-go
  13.  
  14. # Récupérer le paquet en "go"
  15. go get -v -u github.com/cozy/cozy-stack
  16.  
  17. # Installer le paquet sur le système
  18. # install -m0755 -o root -g root /go/bin/cozy-stack /usr/bin/cozy-stack
  19. install -m0755 -o root -g root /home/homein/go/bin/cozy-stack /usr/bin/cozy-stack
  20.  
  21.  
  22. git clone https://github.com/cozy/cozy-coclyco.git
  23. cd cozy-coclyco
  24. sudo pip3 install -r requirements.txt
  25. sudo python3 setup.py install
  26.  
  27. # Ajouter un utilisateur et un groupe
  28. # addgroup -g 991 cozy
  29. addgroup --gid 991 cozy
  30. # adduser -h /cozy-datas -G cozy -D -u 991 cozy
  31. sudo adduser --home /cozy-datas --ingroup cozy --disabled-login --uid 991 cozy
  32. chown cozy:cozy /cozy-datas
  33.  
  34. # Installer le paquet en tant que "cozy"
  35. install -d -o cozy -g cozy /cozy /cozy-datas
  36.  
  37. # Appliquer les droits sur les dossiers
  38. find /cozy \! -user cozy -exec chown cozy:cozy {} \;
  39. find /cozy-datas \! -user cozy -exec chown cozy:cozy {} \;
  40. sudo chmod 777 /cozy
  41.  
  42. Une base de données couchdb est lancée, puis je l’initialise :
  43.  
  44. # curl -X PUT ${COZY_COUCHDB_URL}/{_users,_replicator,_global_changes,secrets,_metadata}
  45. curl -X PUT http://admin:H0m31n@127.0.0.1:5984/{_users,_replicator,_global_changes,secrets,_metadata}
  46.  
  47.  
  48. sudo cozy-stack instances add cozy.example.org
  49. sudo cozy-stack instances add --apps home,drive,settings,store --passphrase H0m31n "cozy.example.org:8080"
  50.  
  51. ------------------------------------------------------
  52. Enfin, je lance le cozy-stack avec des droits restreint (j’utilise s6) :
  53.  
  54. s6-setuidgid cozy /usr/bin/cozy-stack serve --config /cozy-datas/cozy.yml
  55.  
  56. Et je créé une instance cozy :
  57.  
  58. s6-setuidgid cozy /usr/bin/cozy-stack instances add --host 0.0.0.0 --apps drive,onboarding,photos,settings --passphrase MDP cozy.domain.com
  59.  
  60. -------------------------------------------------------------------
  61.  
  62.  
  63. sudo apt install ca-certificates apt-transport-https wget
  64.  
  65. wget https://apt.cozy.io/cozy-keyring.deb
  66. sudo dpkg -i cozy-keyring.deb
  67.  
  68. echo "deb https://apt.cozy.io/debian/ stretch testing" > /etc/apt/sources.list.d/cozy.list
  69. apt update
  70.  
  71. apt install cozy-couchdb
  72.  
  73. curl http://localhost:5984/
  74. {"couchdb":"Welcome","version":"2.1.0","features":["scheduler"],"vendor":{"name":"The Apache Software Foundation"}}
  75.  
  76. apt install cozy-stack
  77.  
  78. curl http://localhost:8080/version
  79. {"build_mode":"production","build_time":"2017-09-28T10:26:03Z","runtime_version":"go1.8.1","version":"0.1.0"}#
  80.  
  81. ------------------------------------------------------------------
  82.  
  83. /usr/share/cozy/konnector-create-chroot.sh
  84.  
  85. sysctl -w kernel.unprivileged_userns_clone=1
  86.  
  87. wget -q https://letsencrypt.org/certs/fakelerootx1.pem \
  88.     -O /usr/share/cozy/chroot/etc/ssl/certs/custom.crt
  89.  
  90. sudo certbot certonly --standalone -d cozy.example.org --register-unsafely-without-email
  91.  
  92. apt install cozy
  93.  
  94. openssl genrsa -out server.key 2048
  95. openssl rsa -in server.key -out server.key
  96. openssl req -sha256 -new -key server.key -out server.csr -subj '/CN=cozy.example.org'
  97. openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out /etc/ssl/private/cozy.example.org.crt
  98.  
  99. cat /etc/ssl/private/cozy.example.org.crt server.key > /etc/ssl/private/cozy.pem
  100.  
  101. cp /etc/ssl/private/cozy.example.org.crt /etc/ssl/private/driver.cozy.example.org.crt
  102. cp /etc/ssl/private/cozy.example.org.crt /etc/ssl/private/home.cozy.example.org.crt
  103. cp /etc/ssl/private/cozy.example.org.crt /etc/ssl/private/photos.cozy.example.org.crt
  104. cp /etc/ssl/private/cozy.example.org.crt /etc/ssl/private/store.cozy.example.org.crt
  105.  
  106. vi /etc/nginx/nginx.conf
  107. # Configurer les chemins vers les certificats
  108. vi /etc/nginx/sites-available/cozy.example.org
  109. # si necessaire
  110.  
  111. cozy-stack instances show home.cozy.example.org
  112. # recupération du token base 64
  113. cozy-stack instances show cozy.example.org
  114.  
  115. #decodage du token
  116. echo -n "p1kgpD4rk0uzP7G2qkcQyA==" | base64 -d | xxd -p
  117.  
  118. #ou
  119. https://<my-domain>/?registerToken=THE-TOKEN
  120.  
  121. cozy-stack instances install cozy.example.org
  122. cozy-stack instances set-passphrase cozy.example.org H0m31n
  123.  
  124. cozy-stack instances install home.cozy.example.org
  125. # cozy-stack install home.cozy.example.org
  126. cozy-stack instances set-passphrase cozy.example.org H0m31n
  127. cozy-stack instances add --apps home,drive,settings,store --passphrase H0m31n "cozy.example.org:8080"
  128.  
  129. vi /etc/hosts
  130. 172.24.1.53     settings.cozy.example.org cozy.example.org drive.cozy.example.org home.cozy.example.org store.cozy.example.org photos.cozy.example.org collect.cozy.example.org
  131.  
  132. sudo cozy-coclyco vhost cozy.example.org
  133. sudo cozy-coclyco vhost home.cozy.example.org
  134.  
  135. ajouter dans /etc/nginx/conf.d/websocket.conf
  136.  
  137. map $http_upgrade $connection_upgrade {
  138.     default upgrade;
  139.     ''      close;
  140. }
  141.  
  142. # à mettre dans le fichier /etc/nginx/sites-available/default
  143. location / {
  144.         return 301 https://$host$request_uri;
  145. }
  146.  
  147.  
  148.  
  149. Instance created with success for domain cozy.example.org
  150. Registration token: "baddf230091eab799eb71421c1385845"
  151. echo -n "p1kgpD4rk0uzP7G2qkcQyA==" | base64 -d | xxd -p
  152. https://cozy.example.org/?registerToken=baddf230091eab799eb71421c1385845
  153.  
  154. Renseigner un mot de passe de 8 caractères avec lettre, digit et symbols
  155. H0m31n_Cozy
  156.  
  157.  
  158. cozy-stack instances show home.cozy.example.org
  159.  
  160. https://home.cozy.example.org/?registerToken=9f1a4011119ceb957425648b040f8e36
  161.  
  162.  
  163. cozy-stack apps install home --domain cozy.example.org
  164. cozy-stack apps install drive --domain cozy.example.org
  165. cozy-stack apps install settings --domain cozy.example.org
  166. cozy-stack apps install store --domain cozy.example.org
  167. cozy-stack apps install photos --domain cozy.example.org
  168. cozy-stack apps install collect --domain cozy.example.org
  169.  
  170.  
  171. curl -X PUT http://admin:H0m31n@127.0.0.1:5984/_node/couchdb@localhost/_config/admins/cozy -d "\"H0m31n\""
  172. curl -X PUT $HOST/_node/$NODENAME/_config/admins/anna -d '"secret"'
  173. ""
  174.  
  175. apt install cozy-nsjail
  176.  
  177. mkdir /usr/share/cozy/
  178.  
  179. cp -R /home/homein/go/src/github.com/cozy/cozy-stack/scripts/* /usr/share/cozy/



  • Recent Pastes