obsidian/Main
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

vault backup: 2025-02-03 07:04:13

Browse Source
This commit is contained in:
Claudio Fritsche
2025-02-03 07:04:14 +01:00
parent e158386068
commit 7909836706
2019 changed files with 59 additions and 26816 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
99 Work/0 OneSec/OneSecNotes/10 Projects/OneSecServer/.syncthing.OneSec - FlightReview.md.tmp Normal file
View File

Binary file not shown.

BIN
99 Work/0 OneSec/OneSecNotes/10 Projects/OneSecServer/.syncthing.OneSec Server.md.tmp Normal file
View File

Binary file not shown.

5
99 Work/0 OneSec/OneSecNotes/10 Projects/OneSecServer/OneSec - FlightReview.md
View File

@@ -1,5 +0,0 @@
The Webapp is hosted on our [[OneSec Server#PX4 - Flight Review|VPS server]]. The credentials are:
- user: claudio
- pw: CesOne8143_
# Add a New Log
![[Pasted image 20240320120530.png]]

64
99 Work/0 OneSec/OneSecNotes/10 Projects/OneSecServer/OneSec Server.md
View File

@@ -1,64 +0,0 @@
We host the server at [netcup - Germany](https://www.netcup.eu/), a company that offers VPS. The IP address of our server is 37.120.177.0.
# Organisation
## Access
The following is the access data to access the server through ssh (part of my `~/.ssh/config` file):
```bash
Host netcup
HostName v2202204173997187481.hotsrv.de
User root
IdentityFile ~/.ssh/netcup_osd_claudio
```
## Setup
Vinnie, Dannick's Friend, helped me with the setup. I leave the bash history and the zsh history files here as a reference.
![[bash_history_netcup]]
![[zsh_history_netcup]]
I have installed `zsh` and `oh-my-zsh` to make the interaction easier
in the cli-history files above you can see how the project got updated, but basically update the project files on a local machine, test everything, push it to gitlab. Then access the server, pull the changes, checkout to the correct version and restart the docker container:
```zsh
docker compose -f docker-compose.dev.yml down docker compose -f docker-compose.dev.yml up -d --build --force-recreate
```
## Structure
The main folder is called osd_apps, which hosts the web-apps that we're running.
We use [[nginx]] as a reverse proxy to serve the different web-apps and [[Docker]] to run the apps in an appropriate container.
We also use certbot (installed through snap) to keep the certifiates up to date.
The [[OneSec - FlightReview|flight review app]] is hosted at the website [testlogs.onesec.com](testlogs.onesec.com). The authentication is done through a nginx configuration. The credentials can be found on the specified article.
### 6tunnel
[6Tunnel](https://github.com/wojtekka/6tunnel) is used to create a translation service for Dannicks NAS. Basically the server (which has a static IPV4 address) forwards requests to a IPV6-address (Dannicks NAS). See history files above for the commands. And make sure that the firewall (`ufw`) allows the correct ports (32400 in Dannicks case).
### Nginx
Nginx is used as a reverse proxy server, that checks incoming traffic and routes it to the correct interface on the server. We can configure it, such that any traffic coming from a certain URI (e.g. testlogs.onesec.com) is rerouted to the localhost:5006. And on this interface we are running a docker container, which hosts the web-app. This means that any traffic coming from testlogs.onesec.com is directed towards the web-app and any other traffic (from the IP for instance) is routed to `/var/www/http` and a static content is served (default nginx stuff). If another app is added we can have an additional port for that as explained in [this article](https://www.digitalocean.com/community/questions/how-to-host-multiple-docker-containers-on-a-single-droplet-with-nginx-reverse-proxy).
### Certbot
Certbot is a tool that manages certificates for our webserver. It has a really good integration with nginx. Some more info can be found [here](https://sirfitz.medium.com/setting-up-an-nginx-instance-with-certbot-and-configuring-it-for-wildcard-subdomains-on-ubuntu-96e413281a99). Especially the cron-job for the autorenewal is handy. But cerbot also has a automated way of handling this, as can be seen in the [instruction set by digital ocean](https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-20-04). Compared to the instructions on the blog article, on our server we've used the following command:
```bash
sudo certbot --nginx -d testlogs.onesec.com
```
### Docker
[[Docker]] is used to isolate multiple web-apps that are running. A few important things are listed here:
- use the `-d` or `--detach` option to let it run in the background even if the terminal is disconnected. This ensures that the webapp is running when the setup process is finished.
# WebApps
## PX4 - Flight Review
A [customized version](https://gitlab.com/onesecdelivery/flight_review_osd) of the official PX4 [flight review](https://github.com/PX4/flight_review) app is hosted there.
# How to add a new WebApp?
1. Go to namecheap.com, login and [add a new A-record.](https://www.namecheap.com/support/knowledgebase/article.aspx/319/2237/how-can-i-set-up-an-a-address-record-for-my-domain/)![[Pasted image 20240123183014.png]]Here you can see that for the subdomain foxglove and testlogs we have an A-Record [^1] to forward to our VPS server (37.120.177.0). Once this is done all traffic gets forwarded to our VPS server where we need to handle it.
2. Access the servers command line through SSH (see instructions above).
3.
# Footnotes
[^1]: An A record **maps a domain name to the IP address (Version 4) of the computer hosting the domain**. An A record uses a domain name to find the IP address of a computer connected to the internet. The A in A record stands for Address.