From 51dec7e07286a1833029f40427f1d7852e40dcde Mon Sep 17 00:00:00 2001
From: b3yond <b3yond@riseup.net>
Date: Tue, 27 Mar 2018 01:04:07 +0200
Subject: [PATCH] tested deployment and brought learnings to README. added
 nginx config.

---
 README.md                   | 24 ++++++++++++++++++++++--
 deployment/example.org.conf | 31 +++++++++++++++++++++++++++++++
 2 files changed, 53 insertions(+), 2 deletions(-)
 create mode 100644 deployment/example.org.conf

diff --git a/README.md b/README.md
index 2f1287c..1d2225d 100644
--- a/README.md
+++ b/README.md
@@ -74,7 +74,7 @@ We wrote these installation notes, so you can set up the website easily:
 To Do:
 
 ```shell
-sudo apt install python3 virtualenv uwsgi uwsgi-plugin-python nginx 
+sudo apt install python3 virtualenv uwsgi uwsgi-plugin-python3 nginx 
 ```
 
 * set up nginx
@@ -92,7 +92,7 @@ virtualenv -p python3 .
 Install the dependencies:
 
 ```shell
-pip install tweepy pytoml requests Mastodon.py bottle pyjwt 
+pip install tweepy pytoml Mastodon.py bottle pyjwt pylibscrypt
 ```
 
 Configure the bot:
@@ -105,3 +105,23 @@ vim config.toml
 This configuration is only for the admin. Users can log into
 twitter/mastodon/mail and configure their personal bot on the settings page.
 
+Deploy ticketfrei with uwsgi:
+
+```shell
+echo "Enter your domain name into the following prompt:" && read DOMAIN
+
+# configure nginx
+sudo sed -r "s/example.org/$DOMAIN/g" deployment/example.org.conf > /etc/nginx/sites-enabled/$DOMAIN.conf
+
+# create folder for socket
+sudo mkdir /var/run/ticketfrei
+sudo chown tech:www-data -R /var/run/ticketfrei
+
+# start up nginx
+sudo service nginx restart
+
+# create and start the frontend systemd service
+sudo cp deployment/ticketfrei-web.service /etc/systemd/system/
+sudo systemctl daemon-reload
+sudo systemctl start ticketfrei-web.service
+```
diff --git a/deployment/example.org.conf b/deployment/example.org.conf
new file mode 100644
index 0000000..c9ea425
--- /dev/null
+++ b/deployment/example.org.conf
@@ -0,0 +1,31 @@
+server {
+
+    listen 443 ssl;
+    server_name example.org;
+    ssl_certificate /etc/letsencrypt/live/example.org/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/example.org/privkey.pem;
+    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
+    ssl_ciphers         HIGH:!aNULL:!MD5;
+
+    access_log /var/log/nginx/example.org_access.log;
+    error_log /var/log/nginx/example.org_error.log;
+
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+
+    location / {
+        include uwsgi_params;
+
+        uwsgi_pass unix:///var/run/ticketfrei/ticketfrei.sock;
+    }
+
+    location /.well-known/acme-challenge {
+        root /var/www/acme;
+    }
+}
+server {
+    listen 80;
+    listen [::]:80;
+    server_name example.org;
+    return 301 https://$server_name$request_uri;
+}
+