8 maanden geleden · 5c5c3698dc
--- a/gogs/LXC-RockyLinux.md
+++ b/gogs/LXC-RockyLinux.md
@@ -6,18 +6,131 @@ A GOGS server resource repository for running it on RockyLinux 8.x/9.x
 
				 <summary>To setup your GOGS server start out with a fresh RockyLinux 8.x/9.x server/vps/LXC -  i use a ProxMox (https://www.proxmox.com/en/proxmox-ve) LXC,
			
 
				 and will assumes that your server has:</summary>
			
 
				   
			
 
				-    - (atleast) 4Gb of memory available.
			
 
				-    - SSH acccess to the box -> by default the RockyLinux 8/9 template does not have openssh-server package installed !
			
 
				-</details>
			
 
				+* (atleast) 4Gb of memory available.<br>
			
 
				+* SSH acccess to the box -> by default the RockyLinux 8/9 template does not have openssh-server package installed !<br>
			
 
				 
			
 
				+</details>
			
 
				+</br>
			
 
				 ###### 
			
 
				 Install required packages:
			
 
				 ```
			
 
				 dnf install wget tar git mariadb-server
			
 
				 ```
			
 
				 
			
 
				-######
			
 
				-Create gogs installation directory
			
 
				+###### 
			
 
				+Download and install gogs, creating /opt/gogs (at the time of writing latest version was 0.13)
			
 
				+```
			
 
				+cd /opt
			
 
				+wget https://dl.gogs.io/0.13.0/gogs_0.13.0_linux_amd64.tar.gz
			
 
				+tar -zxvf gogs_0.13.0_linux_amd64.tar.gz
			
 
				+```
			
 
				+
			
 
				+###### 
			
 
				+Create git user and group, and assign the homedir to /opt/gogs
			
 
				 ```
			
 
				-mkdir /opt/gogs
			
 
				+useradd -r -m -U -d /opt/gogs -s /bin/bash git
			
 
				 ```
			
 
				+
			
 
				+###### 
			
 
				+Reset rights to /opt/gogs
			
 
				+```
			
 
				+chmod 700 /opt/gogs/
			
 
				+```
			
 
				+
			
 
				+###### 
			
 
				+Start Database-server and run secure installation to switch to unix_socket authentication
			
 
				+```
			
 
				+systemctl start mariadb
			
 
				+mysql_secure_installation
			
 
				+
			
 
				+### Output of mysql_secure_installation below ###
			
 
				+
			
 
				+NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
			
 
				+      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!
			
 
				+
			
 
				+In order to log into MariaDB to secure it, we'll need the current
			
 
				+password for the root user. If you've just installed MariaDB, and
			
 
				+haven't set the root password yet, you should just press enter here.
			
 
				+
			
 
				+Enter current password for root (enter for none):
			
 
				+OK, successfully used password, moving on...
			
 
				+
			
 
				+Setting the root password or using the unix_socket ensures that nobody
			
 
				+can log into the MariaDB root user without the proper authorisation.
			
 
				+
			
 
				+You already have your root account protected, so you can safely answer 'n'.
			
 
				+
			
 
				+Switch to unix_socket authentication [Y/n] y
			
 
				+Enabled successfully!
			
 
				+Reloading privilege tables..
			
 
				+ ... Success!
			
 
				+
			
 
				+
			
 
				+You already have your root account protected, so you can safely answer 'n'.
			
 
				+
			
 
				+Change the root password? [Y/n] y
			
 
				+New password: YourSuperSecretPasswordHere
			
 
				+Re-enter new password: YourSuperSecretPasswordHere
			
 
				+Password updated successfully!
			
 
				+Reloading privilege tables..
			
 
				+ ... Success!
			
 
				+
			
 
				+
			
 
				+By default, a MariaDB installation has an anonymous user, allowing anyone
			
 
				+to log into MariaDB without having to have a user account created for
			
 
				+them.  This is intended only for testing, and to make the installation
			
 
				+go a bit smoother.  You should remove them before moving into a
			
 
				+production environment.
			
 
				+
			
 
				+Remove anonymous users? [Y/n] y
			
 
				+ ... Success!
			
 
				+
			
 
				+Normally, root should only be allowed to connect from 'localhost'.  This
			
 
				+ensures that someone cannot guess at the root password from the network.
			
 
				+
			
 
				+Disallow root login remotely? [Y/n] y
			
 
				+ ... Success!
			
 
				+
			
 
				+By default, MariaDB comes with a database named 'test' that anyone can
			
 
				+access.  This is also intended only for testing, and should be removed
			
 
				+before moving into a production environment.
			
 
				+
			
 
				+Remove test database and access to it? [Y/n] y
			
 
				+ - Dropping test database...
			
 
				+ ... Success!
			
 
				+ - Removing privileges on test database...
			
 
				+ ... Success!
			
 
				+
			
 
				+Reloading the privilege tables will ensure that all changes made so far
			
 
				+will take effect immediately.
			
 
				+
			
 
				+Reload privilege tables now? [Y/n] y
			
 
				+ ... Success!
			
 
				+
			
 
				+Cleaning up...
			
 
				+
			
 
				+All done!  If you've completed all of the above steps, your MariaDB
			
 
				+installation should now be secure.
			
 
				+
			
 
				+Thanks for using MariaDB!
			
 
				+
			
 
				+```
			
 
				+
			
 
				+###### 
			
 
				+Create database and populate it for GOGS
			
 
				+```
			
 
				+mysql -u root < /opt/gogs/scripts/mysql.sql
			
 
				+```
			
 
				+
			
 
				+###### 
			
 
				+Create database user and grant rights to the database for GOGS
			
 
				+```
			
 
				+mysql -u root
			
 
				+
			
 
				+MariaDB [(none)]> CREATE USER 'gogs'@'localhost' IDENTIFIED BY 'SuperSecretPassword';
			
 
				+MariaDB [(none)]> GRANT ALL ON gogs.* TO 'gogs'@'localhost';
			
 
				+MariaDB [(none)]> FLUSH PRIVILEGES;
			
 
				+MariaDB [(none)]> \q
			
 
				+```
			
 
				+
			
 
				+######