Plume
外观
安装
本文介绍更为复杂的 postgres,sqlite 操作也包括在内
$ yay -S plume-postgres $ yay -S plume-sqlite
Postgresql
前期操作见 PostgreSQL。
# sudo -u postgres createuser -d -P plume # sudo -u postgres createdb -O plume plume
配置
根据你的需要修改 /usr/share/webapps/plume/.env
openssl rand -base64 32
得到ROCKET_SECRET_KEY
的数值
cd /usr/share/webapps/plumeplm migration run plm search init plm instance new --private --domain DOMAIN --name 'Site_Name' -l 'CC-BY' plm users new --admin --name 'admin_name' --display-name 'display_name' --password 'passwd' --bio "I'm Kate." --email '[email protected]'
chown -R plume:plume *
openssl
openssl dhparam -out /etc/letsencrypt/ssl-dhparam_plume.pem 4096
为 Nginx 配置使用 ## nginx
server {listen 80; listen [::]:80; server_name DOMAIN;location /.well-known/acme-challenge {} location / { return 301 https://$host$request_uri; }}
server {
listen 443 ssl http2; listen [::]:443 ssl http2; server_name DOMAIN;access_log /var/log/nginx/access.log; root /usr/share/webapps/plume ;ssl_certificate /etc/letsencrypt/live/DOMAIN/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/DOMAIN/privkey.pem;# for ssl conf: https://cipherli.st/ ssl_protocols TLSv1.2 TLSv1.3;# Requires nginx >= 1.13.0 else use TLSv1.2 ssl_prefer_server_ciphers on; ssl_dhparam /etc/letsencrypt/ssl-dhparam_plume.pem;# openssl dhparam -out /etc/letsencrypt/ssl-dhparam.pem 4096 ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384; ssl_ecdh_curve secp384r1; # Requires nginx >= 1.1.0 ssl_session_timeout 10m; ssl_session_cache shared:SSL:10m; ssl_session_tickets off; # Requires nginx >= 1.5.9 ssl_stapling on; # Requires nginx >= 1.3.7 ssl_stapling_verify on; # Requires nginx => 1.3.7 resolver 9.9.9.9 80.67.169.12 valid=300s; resolver_timeout 5s; add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; add_header Content-Security-Policy "default-src 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src https:";location / { proxy_pass http://localhost:7878/; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; client_max_body_size 10m; }}
custom
可以修改env
设置站点信息和主题
DEFAULT_THEME=guoyi-light PLUME_LOGO=icons/logo.png
DEFAULT_THEME
必须和 /usr/share/webapps/plume/static/css
下的文件名一致,默认的路径是/usr/share/webapps/plume/static
下。 ## 启动
systemctl enable plume systemctl start plume