Staging Server

Staging server setup

These instructions more or less encompass setting up from scratch a server for staging deployments from the unstable buendia apt suite. The staging.buendia.org server is currently based on this setup.

Create an SSH key pair

Don't set a passphrase on the private key.

ssh-keygen -t ecdsa -b 256 -C "CircleCI deployment" -f buendia-deploy
tar cvf buendia_deploy_keys.tar buendia-deploy*
gpg -c buendia_deploy_keys.tar
git add buendia_deploy_keys.tar.gpg
git commit
rm buendia_deploy_keys.tar

Add the SSH private key to CircleCI

Go to the SSH permissions configuration for this project in CircleCI and add the key there. Then update the deploy-staging job in .circleci/config.yml with the key fingerprint.

Create a new droplet in Digital Ocean

First, we set up a droplet in Digital Ocean running Debian 9.7. Add a new SSH key and upload the public key in buendia-staging.

Set the hostname to staging.buendia.org or similar and then set the STAGING_HOST variable in the CircleCI environment setup to same.

Create a buendia user and give it sudo access

Then, log into the staging host as root and run the following:

adduser buendia
echo "buendia ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers.d/10-buendia-user
cp -a .ssh ~buendia
chown -R buendia:buendia ~buendia

Ensure that future apt updates run non-interactively

echo 'debconf debconf/frontend select Noninteractive' | sudo debconf-set-selections

Install buendia-server

apt-get update
# Use buendia-github.list because buendia.list is overwritten by the buendia-* packages
echo "deb [trusted=yes] http://download.buendia.org/deb stable main java" \
    >/etc/apt/sources.list.d/buendia-github.list
echo "deb [trusted=yes] http://download.buendia.org/deb unstable main java" \
    >>/etc/apt/sources.list.d/buendia-github.list
apt-get update
apt-get upgrade
apt-get install -y buendia-server buendia-site-test-integration buendia-dashboard buendia-backup buendia-pkgserver

This host should now be ready for deployment from the deploy-staging CircleCI job.

Clean up locally

Back in your own working directory, clean up the unencrypted SSH keys.

rm -f buendia-staging buendia-staging.pub

Demo server setup

The demo server hosted at demo.buendia.org uses the same setup as above, but with the following change in the final package installation step:

apt-get install -y buendia-server buendia-site-cloud-demo buendia-dashboard buendia-update

Also, on demo.buendia.org, the following was manually added to /var/www/html/index.html:

<html>
  <head>
    <meta http-equiv="refresh" content="0; url=http://demo.buendia.org:9000/openmrs/" />
  </head>
</html>

The buendia-update package is expected to keep this server running the latest packages from the unstable channel.

Download server setup

These instructions more or less encompass setting up from scratch a download server for buendia apt packages.

Initial setup

Follow the instructions above to create a new droplet in Digital Ocean and create a buendia user and give it sudo access. Set the DOWNLOAD_HOST variable in CircleCI to the hostname (e.g. download.buendia.org).

Install nginx-light

apt-get install nginx-light

Give the buendia user access to the HTTP root

sudo usermod -aG www-data buendia

Log out and log back in again.

sudo chmod g+wxs /var/www/html
sudo chgrp www-data /var/www/html

Set up the apt directory root

rm /var/www/html/index.nginx-debian.html
mkdir /var/www/html/deb

Enable generated indexes

Open /etc/nginx/sites-enabled/default and add autoindex on; under the server block.

Check out a copy of the builds repo for use by CircleCI

cd ~
git clone https://github.com/projectbuendia/builds