Category Archives: GIT

Install tt-rss with nginx and Percona on Ubuntu 12.04

Starting with a base install of Ubuntu 12.04 with openssh installed

Install the Percona repo

import the Percona gpg key

sudo gpg --keyserver hkp://keys.gnupg.net --recv-keys 1C4CBDCDCD2EFD2A
sudo gpg -a --export CD2EFD2A | sudo apt-key add -

now edit /etc/apt/sources.list and add these lines

# for percona
deb http://repo.percona.com/apt precise main
deb-src http://repo.percona.com/apt precise main

now install percona

sudo apt-get update
sudo apt-get install percona-server-common-5.5 percona-server-server-5.5 libmysqlclient18 libmysqlclient16

Now install the rest of the pre-reqs

sudo apt-get install nginx php5-mysql php5-xmlrpc php5-curl php5-cli php5-fpm php5-gd php5-mcrypt php-apc git

Stop nginx

sudo service nginx stop

Create the directory for tt-rss

sudo mkdir -p /var/www/tt-rss

Create a suitable config for nginx in sites-available and link it to sites-enabled

server {
        listen [::]:80;
        server_name tt-rss;
        server_name ttrss.domain.com;
        access_log  /var/log/nginx/tt-rss.access.log;
        error_log /var/log/nginx/tt-rss.error.log;
        root   /var/www/tt-rss;
 index index.php;
 client_max_body_size 20M;
 # while setting up I set an allow for the local network and deny all others, this prevents automatic logon to setup pages etc before default passwords have been set
        location / {
               # allow the local net
               allow   192.168.100.0/24;
               # deny everything else
               deny all;
                 }
 # Lock out access to some folders that contains files that should not be world readable (not fully tested)
 location ~* (include/|lock/|utils/|locale/|classes/*) {deny all; }
 location = / { } # Needed for index.* to work
 # location ~* \.(txt|css|js|png|gif|ico|jpg|svg)$ { } # Allow these file endings
        location ~ \.php$ {
                # Filter out arbitrary code execution
 fastcgi_index index.php;
                # location ~ \..*/.*\.php$ {return 404;}
                include fastcgi_params;
                fastcgi_pass  127.0.0.1:9000;
 fastcgi_param SCRIPT_FILENAME /var/www/rss/$fastcgi_script_name;
                }
 location ~* .(?:ico|css|js|gif|inc|txt|gz|xml|png|jpe?g) {
 expires max;
 access_log        off;
 log_not_found     off;
 }
}

Now grab the source and change the owndership

sudo git clone https://github.com/gothfox/Tiny-Tiny-RSS.git /var/www/tt-rss
sudo chown -R www-data:www-data /var/www/tt-rss

Create the database and the user

mysql -u root -p 
CREATE DATABASE tt-rss;
GRANT ALL ON tt-rss.* TO ttrss-user IDENTIFIED BY "Password";
quit

Import the schema

mysql -u root -p tt-rss < /var/www/tt-rss/schema/ttrss_schema_mysql.sql

Now start nginx and browse to the URL to complete the configuration

Once the configuration has been completed, create an executable upstart .conf script in /etc/init to update the feeds

description "tt-rss upstart script"
start on (runlevel [!2345] local-filesystems and net-device-up IFACE!=lo and started mysql)
stop on stopping mysql
respawn
respawn limit 2 1
setuid www-data
setgid www-data
 
exec /var/www/tt-rss/update_daemon2.php

Building HAProxy from GIT on Ubuntu 12.04

Starting with a base install of Ubuntu 12 with openssh installed

As HAProxy will be built from source, there are some pre-reqs

sudo apt-get install build-essential libssl-dev libpopt-dev git libpcre3-dev

now get the haproxy source and build it

git clone http://git.1wt.eu/git/haproxy.git/ haproxy
cd haproxy
make TARGET=linux2628 CPU=native USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1
sudo make install

link it from /usr/local/sbin to /usr/sbin

sudo ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy

Create the directory to use

sudo mkdir /usr/share/haproxy

now configure HAProxy to start automatically, create the init file as per attached file init.d.haproxy.txt

sudo nano /etc/init.d/haproxy

make it executable

sudo chmod +x /etc/init.d/haproxy

now set the runlevels

sudo update-rc.d haproxy defaults

Now create the file that enables it

sudo nano /etc/default/haproxy
# Set ENABLED to 1 if you want the init script to start haproxy.
ENABLED=1
# Add extra flags here.
#EXTRAOPTS="-de -m 16"

add a haproxy user

sudo adduser --system haproxy

copy the rest of the files into place

sudo mkdir /etc/haproxy
sudo mkdir /etc/haproxy/errors
sudo cp ~/haproxy/examples/errorfiles/* /etc/haproxy/errors

The build can be updated with

cd ~/haproxy
git pull
make clean
make TARGET=linux2628 CPU=native USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1
sudo make install

Then restarting haproxy to use the updated version

sudo service haproxy restart