-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathserverSetup.txt
86 lines (55 loc) · 2.19 KB
/
serverSetup.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
#################
# Hostname config
#################
$ sudo vi /etc/hostname
simplemessageprivacy.net
$ sudo apt-get update
$ sudo apt-get upgrade
$ reboot
Check address in "ifconfig"
$ sudo vi /etc/hosts
172.31.38.234 mailer.reportingfromtheborderland.net mailer #address from “ifconfig”
#################
# Add normal user
#################
$ adduser play
Add "play" in the list of sudoers. As root:
$ adduser play sudo
######################
# Add missing packages
######################
$ sudo apt-get install openjdk-7-jdk screen unzip
############
# Web server
############
DL and unzip Play Framework
Add Play dir to PATH:
$ sudo vi ~/.profile
Add lines:
export PATH=$PATH:~/play-2.2.1
export JAVA_HOME=/usr/lib/jvm/java-7-openjdk-amd64
Re-exec the file:
$ source ~/.profile
Because only root can bind to port 443, redirect 443 to port 9443:
$ sudo iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 9443
##############################################################
# Create server SSL certificate and create .cer from 3rd party
##############################################################
$ openssl req -new -newkey rsa:2048 -nodes -keyout simplemessageprivacy.key -out simplemessageprivacy.csr
For "Common Name (e.g. server FQDN or YOUR name)", enter "www.simplemessageprivacy.net"
Copy key received by email into file ~/ssl_cert.cer
########################################
# Import trusted certs into new keystore
########################################
$ keytool -genkey -keyalg RSA -alias SimpleMessagePrivacy -keystore simplemessageprivacy.jks
Create PKCS12 keystore from private key and public certificate.
$ openssl pkcs12 -export -name SimpleMessagePrivacy -in ssl_cert.cer -inkey simplemessageprivacy.key -certfile cabundle.crt -out keystore.p12
Convert PKCS12 keystore into a JKS keystore
$ keytool -importkeystore -destkeystore simplemessageprivacy.jks -srckeystore keystore.p12 -srcstoretype pkcs12 -alias SimpleMessagePrivacy
##################
# Start web server
##################
Inside app dir, run:
$ play
$ run -Dhttps.port=9443 -Dhttps.keyStore=/home/play/simplemessageprivacy.jks -Dhttps.keyStorePassword=
("run" for auto reload, "start" for better perf)