mirror of
https://git.mills.io/saltyim/saltyim.git
synced 2024-06-30 18:51:03 +00:00
61 lines
1.5 KiB
Markdown
61 lines
1.5 KiB
Markdown
![]() |
# Deployment in OpenBSD
|
||
|
This document explains how to spin up saltyd in OpenBSD with a delegated zone to [nsd(8)](https://man.openbsd.org/nsd.8).
|
||
|
The following method assumes a subdomain is used as both the base URL and the assigned subdomain.
|
||
|
|
||
|
## DNS
|
||
|
Taken from [Aoi K.](https://kyoko-project.wer.ee/~akoizumi/)'s zone file.
|
||
|
|
||
|
```dns
|
||
|
saltr IN A 38.87.162.177
|
||
|
IN AAAA 2602:fccf:1:1177::
|
||
|
_salty._tcp IN SRV 0 0 443 saltr.kyoko-project.wer.ee.
|
||
|
_avatars._tcp IN SRV 0 0 443 saltr.kyoko-project.wer.ee.
|
||
|
```
|
||
|
|
||
|
## Nginx
|
||
|
```nginx
|
||
|
server {
|
||
|
listen 80;
|
||
|
listen [::]:80;
|
||
|
server_name saltr.kyoko-project.wer.ee;
|
||
|
|
||
|
location / { return 301 https://$host$request_uri; }
|
||
|
}
|
||
|
server {
|
||
|
listen 443 ssl http2;
|
||
|
listen [::]:443 ssl http2;
|
||
|
server_name saltr.kyoko-project.wer.ee;
|
||
|
|
||
|
ssl_certificate /etc/dehydrated/certs/kyoko-project.wer.ee/fullchain.pem;
|
||
|
ssl_certificate_key /etc/dehydrated/certs/kyoko-project.wer.ee/privkey.pem;
|
||
|
|
||
|
location / {
|
||
|
proxy_pass http://127.0.0.1:8200;
|
||
|
}
|
||
|
}
|
||
|
```
|
||
|
|
||
|
## rc.d
|
||
|
```shell
|
||
|
#!/bin/ksh
|
||
|
daemon="/usr/local/salty/saltyd"
|
||
|
daemon_user="_saltyd"
|
||
|
|
||
|
. /etc/rc.d/rc.subr
|
||
|
|
||
|
rc_bg=YES
|
||
|
rc_reload=NO
|
||
|
|
||
|
rc_cmd "$1"
|
||
|
```
|
||
|
|
||
|
```shell
|
||
|
# chmod 0755 /etc/rc.d/saltyd
|
||
|
# rcctl enable saltyd
|
||
|
# rcctl set saltyd flags "-b 0.0.0.0:8200 -d /usr/local/salty/data -u https://saltr.kyoko-project.wer.ee -p saltr.kyoko-project.wer.ee -s bitcask://usr/local/salty/salty.db"
|
||
|
# rcctl start saltyd
|
||
|
```
|
||
|
|
||
|
## Conclusion
|
||
|
* I used port 8200 for my setup because I was already using 8000
|