brandon/oam
1
0
Fork 0
mirror of https://gitea.com/mcereda/oam.git synced 2026-02-09 05:44:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(turris-os): baikal container example with ssl

Browse Source
This commit is contained in:
Michele Cereda
2024-12-17 22:57:36 +01:00
parent d339848d68
commit cff66059c3
3 changed files with 38 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
knowledge base/baikal.md
View File

@@ -1,6 +1,8 @@
# Baikal
# Baïkal
1. [TL;DR](#tldr)
1. [Troubleshooting](#troubleshooting)
1. [`Error: Class 'DOMDocument' not found in /mnt/are/www/dav/vendor/sabre/dav/lib/DAV/Server.php:256`](#error-class-domdocument-not-found-in-mntarewwwdavvendorsabredavlibdavserverphp256)
1. [Further readings](#further-readings)
1. [Sources](#sources)
@@ -26,6 +28,17 @@ docker run --rm -p '80:80' 'ckulka/baikal:nginx'
</details>
## Troubleshooting
### `Error: Class 'DOMDocument' not found in /mnt/are/www/dav/vendor/sabre/dav/lib/DAV/Server.php:256`
Refer [Baikal PHP Error], then [Baïkal dependencies].
Ensure the following are available:
- PHP's XML module (`php-xml` in [APT]).
- PHP's MBSTRING module (`php-mbstring` in [APT]).
## Further readings
- [Website]
@@ -35,6 +48,8 @@ docker run --rm -p '80:80' 'ckulka/baikal:nginx'
### Sources
- [ckulka/baikal-docker]
- [Baikal PHP Error]
- [Baïkal dependencies]
<!--
Reference
@@ -43,10 +58,13 @@ docker run --rm -p '80:80' 'ckulka/baikal:nginx'
<!-- In-article sections -->
<!-- Knowledge base -->
[apt]: apt.md
[self-hosting]: self-hosting.md
<!-- Files -->
<!-- Upstream -->
[baïkal dependencies]: https://github.com/sabre-io/Baikal/wiki/Ba%C3%AFkal-dependencies
[baikal php error]: https://github.com/sabre-io/Baikal/issues/701
[github]: https://github.com/sabre-io/Baikal
[website]: https://sabre.io/baikal/

22
knowledge base/turris os.md
View File

@@ -289,7 +289,7 @@ config container
> lxc-create -n 'baikal' -t 'download' -- -d 'Debian' -r 'Bookworm' -a 'armv7l'
> ```
Refer <https://sabre.io/baikal/install/>.
Refer [baikal] and <https://sabre.io/baikal/install/>.
```sh
# Set the correct hostname.
@@ -299,15 +299,18 @@ sed -i 's/LXC_NAME/baikal/' '/etc/hosts'
# Install baikal.
# Also install `unattended-upgrades` to ease updates management.
DEBIAN_FRONTEND='noninteractive' apt-get install --assume-yes --no-install-recommends \
'apache2' 'ca-certificates' 'curl' 'php' 'php-sqlite3' 'unattended-upgrades' 'unzip'
'apache2' 'ca-certificates' 'curl' 'php' 'php-sqlite3' 'php-sabre-dav' 'unattended-upgrades' 'unzip'
a2dismod 'mpm_event'
a2enmod 'rewrite' 'php*'
a2enmod 'rewrite' 'php*' 'ssl'
systemctl restart 'apache2'
openssl req -nodes \
-newkey 'rsa:4096' -keyout '/etc/ssl/private/baikal.key' -out '/etc/ssl/private/baikal.crt' -x509 -days '365' \
-subj '/C=NL/ST=North Holland/L=Amsterdam/O=Example Org/OU=Infra/CN=baikal.lan'
curl -fsL -o '/var/www/baikal.zip' 'https://github.com/sabre-io/Baikal/releases/download/0.10.1/baikal-0.10.1.zip'
unzip -ud '/var/www/' '/var/www/baikal.zip' && rm '/var/www/baikal.zip'
chown -R 'www-data:www-data' '/var/www/baikal/Specific' '/var/www/baikal/config'
cat <<EOF > '/etc/apache2/sites-enabled/010-baikal.conf'
<VirtualHost *:80>
<VirtualHost *:443>
DocumentRoot /var/www/baikal/html
ServerName baikal.lan
@@ -334,10 +337,20 @@ cat <<EOF > '/etc/apache2/sites-enabled/010-baikal.conf'
ExpiresActive Off
</IfModule>
SSLEngine on
SSLCertificateFile /etc/ssl/private/baikal.crt
SSLCertificateKeyFile /etc/ssl/private/baikal.key
</VirtualHost>
EOF
```
Testing (after installing and creating a user):
```sh
curl -svvvko - --digest --user 'mark@baikal.lan:123p' https://baikal.lan/dav.php/calendars/mark@baikal.lan/default/
```
</details>
<details>
@@ -661,6 +674,7 @@ All the references in the [further readings] section, plus the following:
[further readings]: #further-readings
<!-- Knowledge base -->
[baikal]: baikal.md
[lxc]: lxc.md
[openwrt]: openwrt.md
[opkg]: opkg.md

2
snippets/openssl.sh
View File

@@ -94,7 +94,7 @@ openssl req -in 'request.csr' -verify -text -noout # prints the data given in i
# Create self-signed certificates with their new private key from scratch
openssl req -nodes -newkey 'rsa:2048' -keyout 'private.key' -out 'certificate.crt' -x509 -days '365'
openssl req -newkey 'rsa:4096' -keyout 'private.key' -out 'certificate.pem' -x509 -days '365' -sha256 \
-subj '/C=US/ST=Oregon/L=Portland/O=Company Name/OU=Org/CN=www.company.com'
-subj '/C=US/ST=Oregon/L=Portland/O=Example Org/OU=R&D/CN=www.example.org'
# Create self-signed certificates using existing CSRs and private keys
openssl x509 -req -in 'request.csr' -signkey 'private.key' -out 'certificate.crt' -days '365'