Ok I broke something on my saidit install. Pastebin shows section of admin config I was working on when I broke the UI :(

submitted by portcity from pastebin.com

sorted by:
top
newinsightfulfun
you are viewing a single comment's thread.

view the rest of the comments →

[–]portcity[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (33 children)

Today's issues: Trying to chown my certs, as per the updated README here: Setup SSL cert permissions, start unreal, and cleanup:

$ sudo usermod -aG ssl-cert reddit $ sudo usermod -aG ssl-cert irc $ ./unrealircd start $ rm -rf ~/unrealircd-4.2.3*

I'm still getting permission denied on the cert, meaning there's something about this process that isn't working. I've done quite a bit of googling on this, and I haven't found a chown that really differs from this however.

Second, I've been investigating example.ini and I can't figure out how to create my own file and run make ini on it. Here are the instructions at the top of example.ini:

DO NOT EDIT THIS FILE

This is a base template. To apply changes to your

reddit instance, create a "myreddit.update" config

file, then run 'make ini'. 'make ini' will combine

this template with the myreddit.update file and create a

'myreddit.ini'. ('myreddit.update' is just an example;

any name will do - e.g., 'foo.update' will create

'foo.ini')

I did create a file called portcity.update. But when I run make ini, I get reddit@redditclone:~$ make ini make: *** No rule to make target `ini'. Stop.

I'm thinking maybe I created portcity.update wrong somehow (like is there a special procedure to create a config file?) Can I just use development.update? Or is that bad.

Thanks and happy weekend!

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (32 children)

Happy weekend!

Regarding the SSL cert permissions, can you show me the output of:

$ sudo ls -l /etc/letsencrypt/live/portcity.online/privkey.pem

This file is the one we need to chown and chmod (like here).

Regarding reddit configuration, yes, you only need development.update and it's all setup for you. And you can only run make ini from the right directory. See https://github.com/libertysoft3/saidit#updating-configuration

[–]portcity[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (31 children)

> sudo ls -l /etc/letsencrypt/live/portcity.online/privkey.pem

This is the output:

lrwxrwxrwx 1 root root 42 Jul 20 01:48 /etc/letsencrypt/live/portcity.online/privkey.pem -> ../../archive/portcity.online/privkey1.pem

And as for development.update ... when I nano it, I notice that it's far shorter in length than example.ini (even though I've run make ini after closing development.update). Is it ok if I just copy/paste the contents of example.ini into development.update?

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (30 children)

Try this:

$ sudo chown -h reddit:ssl-cert /etc/letsencrypt/live/portcity.online/privkey.pem
$ sudo chmod g+r /etc/letsencrypt/live/portcity.online/privkey.pem

Then test again with the ls -l.

it's far shorter in length than example.ini

This is an override system. example.ini and development.update are combined into development.ini which reddit actually looks at. so only edit development.update, and only copy in the things that you want to change. If you leave example.ini unmodified, then it is easy for new features and configurations to be introduced, it's in the git repo.

[–]portcity[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (29 children)

Ok those new chown/chmods worked. Thanks!

I just copied some stuff from example.ini into development.update, and after I saved and closed development.update, I ran make ini. This is what I got: reddit@redditclone:~$ make ini make: *** No rule to make target `ini'. Stop.

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (28 children)

What directory are you in when you run 'make ini'? You have to be in 'r2'.

[–]portcity[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

Yeah that worked :)

[–]portcity[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (26 children)

Ok, a bit of progress: after copying the chat features from example.ini into development.update and futzing with them a bit, the chat box has changed from saying "reddit.local" to this mysterious link:

https://portcity.online:2053/?tls=true&lockchannel&autologin&user=VtFOG9xkX3JrlbYFog00RJnWW5HxmM&al-password=sAUfvG5XAgKOpR1xyzNFp9Mlk8KR1G&autoconnect&nick=portcity&username=portcity&realname=portcity&join=%23%255BDEV%255D%2520saidit

Does that mean anything to you? You could just look at it at https://portcity.online if that's easier.

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (25 children)

That's good, your reddit is trying to load TheLounge chat in an iframe in the sidebar. TheLounge needs its SSL cert configured then it will load properly.

[–]portcity[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (24 children)

This is what I have in theLounge config: key: "/etc/ssl/private/ssl-cert-snakeoil.key", certificate: "/etc/ssl/certs/ssl-cert-snakeoil.pem",

And those are the same as what I have in the Unrealircd config so I'm not sure what I need to change here?

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (23 children)

Both thelounge and unreal should have your real SSL cert configured. Snakeoil is the self signed Reddit default one. Just update the paths like you already did for nginx.