Update the installation instructions with something a little more hardened.
This commit is contained in:
parent
146aa3aaad
commit
90114fae9e
10
README.md
10
README.md
|
@ -73,7 +73,9 @@ First, you will need to jump to the place where you want to put the code, we wil
|
||||||
|
|
||||||
If you place it in `/www/`, `/public_html/` or any similar folder, then there's a chance that your server might be compromised.
|
If you place it in `/www/`, `/public_html/` or any similar folder, then there's a chance that your server might be compromised.
|
||||||
|
|
||||||
You can navigate to your installation of Gosora by typing the following commands into the console and hitting enter:
|
The following commands will pull the latest copy of Gosora off the Git repository, will create a user account to run Gosora as, will set it as the owner of the files and will start the installation process.
|
||||||
|
|
||||||
|
Please type these into the console and hit enter:
|
||||||
|
|
||||||
cd /home/
|
cd /home/
|
||||||
|
|
||||||
|
@ -85,6 +87,12 @@ git clone https://github.com/Azareal/Gosora
|
||||||
|
|
||||||
mv Gosora src
|
mv Gosora src
|
||||||
|
|
||||||
|
useradd gosora
|
||||||
|
|
||||||
|
chown -R gosora src
|
||||||
|
|
||||||
|
chgrp -R www-data src
|
||||||
|
|
||||||
cd src
|
cd src
|
||||||
|
|
||||||
chmod 755 ./install-linux
|
chmod 755 ./install-linux
|
||||||
|
|
|
@ -3,22 +3,19 @@
|
||||||
Description=Gosora
|
Description=Gosora
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=simple
|
User=gosora
|
||||||
# You might want to create a user / group for Gosora and set these to further harden your system, although this this might not work right now, if we're listening directly on port 80 / 443
|
Group=www-data
|
||||||
#User=gosoraservice
|
|
||||||
#Group=gosoraservice
|
|
||||||
|
|
||||||
Restart=on-failure
|
Restart=on-failure
|
||||||
RestartSec=10
|
RestartSec=10
|
||||||
# Set these to the location of Gosora
|
# Set these to the location of Gosora
|
||||||
WorkingDirectory=/home/gosora/src
|
WorkingDirectory=/home/gosora/src
|
||||||
|
AmbientCapabilities=CAP_NET_BIND_SERVICE
|
||||||
# Make sure you manually run pre-run-linux before you start the service
|
# Make sure you manually run pre-run-linux before you start the service
|
||||||
ExecStart=/home/gosora/src/Gosora
|
ExecStart=/home/gosora/src/Gosora
|
||||||
|
|
||||||
# If things don't work for some reason, try putting # in-front of the following three lines until it does and open an issue on the bug tracker
|
|
||||||
ProtectSystem=full
|
ProtectSystem=full
|
||||||
PrivateDevices=true
|
PrivateDevices=true
|
||||||
PrivateUsers=true
|
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
Loading…
Reference in New Issue