noosfero | Update pound setup instructions

Antonio Terceiro gitlab at gitlab.com
Tue Jan 27 12:34:56 BRST 2015 

Antonio Terceiro pushed to refs/heads/master at <a href="https://gitlab.com/noosfero/noosfero">Noosfero / noosfero</a>

Commits:
<a href="https://gitlab.com/noosfero/noosfero/commit/3a38934e6417baca9c1b35698645fbb7b98ff91e">3a38934e</a> by Antonio Terceiro
Update pound setup instructions

- - - - -


Changes:

=====================================
INSTALL.https.md
=====================================
--- a/INSTALL.https.md
+++ b/INSTALL.https.md
@@ -1,11 +1,9 @@
-Setup Noosfero to use HTTPS
-===========================
+# Setup Noosfero to use HTTPS
 
 This document assumes that you have a fully and clean Noosfero
 installation as explained at the `INSTALL.md` file.
 
-SSL certificate
-+++++++++++++++
+## Creating a self-signed SSL certificate
 
 You should get a valid SSL certificate, but if you want to test
 your setup before, you could generate a self-signed certificate
@@ -17,99 +15,106 @@ as below:
     # openssl req -new -x509 -nodes -sha1 -days $[10*365] -key noosfero.key > noosfero.cert
     # cat noosfero.key noosfero.cert > noosfero.pem
 
+## Web server configuration
+
 There are two ways of using SSL with Noosfero: 1) If you are not using
 Varnish; and 2) If you are using Varnish.
 
-1) If you are are not using Varnish
-+++++++++++++++++++++++++++++++++++
+### 1) If you are are not using Varnish
 
 Simply do a redirect in apache to force all connections with SSL:
 
-  <VirtualHost *:8080>
-    ServerName test.stoa.usp.br
-   
-    Redirect / https://example.com/
-  </VirtualHost>
+```
+<VirtualHost *:8080>
+  ServerName test.stoa.usp.br
+  Redirect / https://example.com/
+</VirtualHost>
+```
 
 And set a vhost to receive then:
 
-  <VirtualHost *:443>
-    ServerName example.com
-   
-    SSLEngine On
-    SSLCertificateFile    /etc/ssl/certs/cert.pem
-    SSLCertificateKeyFile /etc/ssl/private/cert.key
-   
-    Include /etc/noosfero/apache/virtualhost.conf
-  </VirtualHost>
+```
+<VirtualHost *:443>
+  ServerName example.com
+  SSLEngine On
+  SSLCertificateFile    /etc/ssl/certs/cert.pem
+  SSLCertificateKeyFile /etc/ssl/private/cert.key
+  Include /etc/noosfero/apache/virtualhost.conf
+</VirtualHost>
+```
 
 Be aware that if you had configured varnish, the requests won't reach
 it with this configuration.
 
-2) If you are using Varnish
-+++++++++++++++++++++++++++
-
-Varnish isn't able to communicate with the SSL protocol, so we will
-need some one who do this and Pound[1] can do the job. In order to
-install it in Debian based systems:
+### 2) If you are using Varnish
 
-  $ sudo apt-get install pound
+Varnish isn't able to communicate with the SSL protocol, so we will need some
+one else who do this and [Pound](http://www.apsis.ch/pound) can do the job. In
+order to install it in Debian based systems:
 
-Set Varnish to listen in other port than 80:
+```
+$ sudo apt-get install pound
+```
 
-/etc/defaults/varnish
----------------------
+Set Varnish to listen in other port than 80 in `/etc/defaults/varnish`:
 
-  DAEMON_OPTS="-a localhost:6081 \
-               -T localhost:6082 \ 
-               -f /etc/varnish/default.vcl \ 
-               -S /etc/varnish/secret \ 
-               -s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G"
+```
+DAEMON_OPTS="-a localhost:6081 \
+             -T localhost:6082 \
+             -f /etc/varnish/default.vcl \
+             -S /etc/varnish/secret \
+             -s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G"
+```
 
 Configure Pound:
 
-    # cp /usr/share/noosfero/etc/pound.cfg /etc/pound/
-
-Edit /etc/pound.cfg and set the IP and domain of your server.
+```
+# cp /usr/share/noosfero/etc/pound.cfg /etc/pound/
+```
 
-Configure Pound to start at system initialization:
+Edit `/etc/pound.cfg` and set the IP and domain of your server.
 
-/etc/default/pound
+Configure Pound to start at system initialization. At `/etc/default/pound`:
 ------------------
 
-  startup=1
+```
+startup=1
+```
 
-Set Apache to only listen to localhost:
+Set Apache to only listen to localhost, at `/etc/apache2/ports.conf`:
 
-/etc/apache2/ports.conf
------------------------
-
-  Listen 127.0.0.1:8080
+```
+Listen 127.0.0.1:8080
+```
 
 Restart the services:
 
-  $ sudo service apache2 restart
-  $ sudo service varnish restart
+```
+$ sudo service apache2 restart
+$ sudo service varnish restart
+```
 
 Start pound:
 
-  $ sudo service pound start
-
-[1] http://www.apsis.ch/pound
+```
+$ sudo service pound start
+```
 
-Noosfero XMPP chat
-++++++++++++++++++
+## Noosfero XMPP chat
 
 If you want to use chat over HTTPS, then you should add the domain
-and IP of your server in the /etc/hosts file, example:
+and IP of your server in the /etc/hosts file, example
 
-/etc/hosts
-----------
+`/etc/hosts:`
 
-  192.168.1.86	mydomain.example.com
+```
+192.168.1.86	mydomain.example.com
+```
 
-Also, it's recomended that you remove lines above from the file
+Also, it's recomended that you remove the lines below from the file
 `/etc/apache2/sites-enabled/noosfero`:
 
-    RewriteEngine On
-    Include /usr/share/noosfero/util/chat/apache/xmpp.conf
+```
+RewriteEngine On
+Include /usr/share/noosfero/util/chat/apache/xmpp.conf
+```

=====================================
etc/pound.cfg
=====================================
--- a/etc/pound.cfg
+++ b/etc/pound.cfg
@@ -5,7 +5,7 @@ TimeOut  300
 Control  "/var/run/pound/poundctl.socket"
 
 ListenHTTP
-  Address  192.168.1.86
+  Address  0.0.0.0
   Port     80
   xHTTP    1
   # uncomment code above if you are using chat
@@ -22,7 +22,7 @@ ListenHTTP
 End
 
 ListenHTTPS
-  Address    192.168.1.86
+  Address    0.0.0.0
   Port       443
   Cert       "/etc/noosfero/ssl/noosfero.pem"
   Ciphers    "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20150127/33fea97e/attachment.html>

More information about the Noosfero-dev mailing list