To create our new user, run::
- sudo -u postgres createuser mediagoblin
-
-then answer NO to *all* the questions::
-
- Shall the new role be a superuser? (y/n) n
- Shall the new role be allowed to create databases? (y/n) n
- Shall the new role be allowed to create more new roles? (y/n) n
+ sudo -u postgres createuser -A -D mediagoblin
then create the database all our MediaGoblin data should be stored in::
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
MediaGoblin does not require special permissions or elevated
-access to run. As such, the prefered way to run MediaGoblin is to
-create a dedicated, unpriviledged system user for sole the purpose of running
+access to run. As such, the preferred way to run MediaGoblin is to
+create a dedicated, unprivileged system user for the sole purpose of running
MediaGoblin. Running MediaGoblin processes under an unpriviledged system user
helps to keep it more secure.
No password will be assigned to this account, and you will not be able
to log in as this user. To switch to this account, enter either::
- sudo su - mediagoblin (if you have sudo permissions)
+ sudo -u mediagoblin /bin/bash # (if you have sudo permissions)
or::
- su - mediagoblin (if you have to use root permissions)
+ su mediagoblin -s /bin/bash # (if you have to use root permissions)
You may get a warning similar to this when entering these commands::
To do this, enter either of the following commands, changing the defaults
to suit your particular requirements::
- sudo mkdir -p /srv/mediagoblin.example.org && sudo chown -hR mediagoblin:mediagoblin /srv/mediagobin.example.org
+ sudo mkdir -p /srv/mediagoblin.example.org && sudo chown -hR mediagoblin: /srv/mediagoblin.example.org
or (as the root user)::
- mkdir -p /srv/mediagoblin.example.org && chown -hR mediagoblin:mediagoblin /srv/mediagobin.example.org
+ mkdir -p /srv/mediagoblin.example.org && chown -hR mediagoblin: /srv/mediagoblin.example.org
Install MediaGoblin and Virtualenv
Clone the MediaGoblin repository and set up the git submodules::
- git clone git://gitorious.org/mediagoblin/mediagoblin.git
+ git clone git://gitorious.org/mediagoblin/mediagoblin.git -b stable
cd mediagoblin
git submodule init && git submodule update
And set up the in-package virtualenv::
- (virtualenv --system-site-packages . || virtualenv .) && ./bin/python setup.py develop
+ (virtualenv --python=python2 --system-site-packages . || virtualenv --python=python2 .) && ./bin/python setup.py develop
.. note::
- We presently have an experimental make-style deployment system. if
+ We presently have an **experimental** make-style deployment system. if
you'd like to try it, instead of the above command, you can run::
./bootstrap.sh && ./configure && make
This also includes a number of nice features, such as keeping your
viratualenv up to date by simply running `make update`.
-.. ::
+ Note: this is liable to break. Use this method with caution.
- (NOTE: Is this still relevant?)
+You then need to make a local copy of mediagoblin.ini, if you don't have one::
- If you have problems here, consider trying to install virtualenv
- with the ``--distribute`` or ``--no-site-packages`` options. If
- your system's default Python is in the 3.x series you may need to
- run ``virtualenv`` with the ``--python=python2.7`` or
- ``--python=python2.6`` options.
+ cp --no-clobber mediagoblin.example.ini mediagoblin.ini
The above provides an in-package install of ``virtualenv``. While this
is counter to the conventional ``virtualenv`` configuration, it is
environment. In the future, when you update your
codebase, you should also run::
- ./bin/python setup.py develop --upgrade && ./bin/gmg dbupdate && git submodule fetch
+ git submodule update && ./bin/python setup.py develop --upgrade && ./bin/gmg dbupdate
Note: If you are running an active site, depending on your server
configuration, you may need to stop it first or the dbupdate command
}
}
+The first four ``location`` directives instruct Nginx to serve the
+static and uploaded files directly rather than through the MediaGoblin
+process. This approach is faster and requires less memory.
+
+.. note::
+
+ The user who owns the Nginx process, normally ``www-data``,
+ requires execute permission on the directories ``static``,
+ ``public``, ``theme_static`` and ``plugin_static`` plus all their
+ parent directories. This user also requires read permission on all
+ the files within these directories. This is normally the default.
+
Now, nginx instance is configured to serve the MediaGoblin
application. Perform a quick test to ensure that this configuration
works. Restart nginx so it picks up your changes, with a command that
and restart the server, so that it creates a new secret key.
All previous sessions will be invalidated.
+..
+ Local variables:
+ fill-column: 70
+ End: