Add instructions to other distro's guides
This commit is contained in:
parent
408ea697aa
commit
e92eb5f482
|
@ -183,6 +183,9 @@ server {
|
||||||
...
|
...
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
* (Strongly recommended) serve media on another domain
|
||||||
|
|
||||||
|
Refer to the [Hardening your instance](../configuration/hardening.md) document on how to serve media on another domain. We STRONGLY RECOMMEND you to do this to minimize attack vectors.
|
||||||
|
|
||||||
* Enable and start nginx:
|
* Enable and start nginx:
|
||||||
|
|
||||||
|
|
|
@ -173,6 +173,11 @@ sudo ln -s /etc/nginx/sites-available/pleroma.nginx /etc/nginx/sites-enabled/ple
|
||||||
```
|
```
|
||||||
|
|
||||||
* Before starting nginx edit the configuration and change it to your needs (e.g. change servername, change cert paths)
|
* Before starting nginx edit the configuration and change it to your needs (e.g. change servername, change cert paths)
|
||||||
|
|
||||||
|
* (Strongly recommended) serve media on another domain
|
||||||
|
|
||||||
|
Refer to the [Hardening your instance](../configuration/hardening.md) document on how to serve media on another domain. We STRONGLY RECOMMEND you to do this to minimize attack vectors.
|
||||||
|
|
||||||
* Enable and start nginx:
|
* Enable and start nginx:
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
|
|
|
@ -136,6 +136,11 @@ sudo ln -s /etc/nginx/sites-available/pleroma.nginx /etc/nginx/sites-enabled/ple
|
||||||
```
|
```
|
||||||
|
|
||||||
* Before starting nginx edit the configuration and change it to your needs (e.g. change servername, change cert paths)
|
* Before starting nginx edit the configuration and change it to your needs (e.g. change servername, change cert paths)
|
||||||
|
|
||||||
|
* (Strongly recommended) serve media on another domain
|
||||||
|
|
||||||
|
Refer to the [Hardening your instance](../configuration/hardening.md) document on how to serve media on another domain. We STRONGLY RECOMMEND you to do this to minimize attack vectors.
|
||||||
|
|
||||||
* Enable and start nginx:
|
* Enable and start nginx:
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
|
|
|
@ -173,6 +173,10 @@ Edit the defaults of `/usr/local/etc/nginx/sites-available/pleroma.nginx`:
|
||||||
* Change `ssl_certificate_key` to `/var/db/acme/certs/example.tld/example.tld.key`.
|
* Change `ssl_certificate_key` to `/var/db/acme/certs/example.tld/example.tld.key`.
|
||||||
* Change all references of `example.tld` to your instance's domain name.
|
* Change all references of `example.tld` to your instance's domain name.
|
||||||
|
|
||||||
|
#### (Strongly recommended) serve media on another domain
|
||||||
|
|
||||||
|
Refer to the [Hardening your instance](../configuration/hardening.md) document on how to serve media on another domain. We STRONGLY RECOMMEND you to do this to minimize attack vectors.
|
||||||
|
|
||||||
## Creating a startup script for Pleroma
|
## Creating a startup script for Pleroma
|
||||||
|
|
||||||
Pleroma will need to compile when it initially starts, which typically takes a longer
|
Pleroma will need to compile when it initially starts, which typically takes a longer
|
||||||
|
|
|
@ -227,6 +227,10 @@ Replace all instances of `example.tld` with your instance's public URL. If for w
|
||||||
|
|
||||||
Pay special attention to the line that begins with `ssl_ecdh_curve`. It is stongly advised to comment that line out so that OpenSSL will use its full capabilities, and it is also possible you are running OpenSSL 1.0.2 necessitating that you do this.
|
Pay special attention to the line that begins with `ssl_ecdh_curve`. It is stongly advised to comment that line out so that OpenSSL will use its full capabilities, and it is also possible you are running OpenSSL 1.0.2 necessitating that you do this.
|
||||||
|
|
||||||
|
* (Strongly recommended) serve media on another domain
|
||||||
|
|
||||||
|
Refer to the [Hardening your instance](../configuration/hardening.md) document on how to serve media on another domain. We STRONGLY RECOMMEND you to do this to minimize attack vectors.
|
||||||
|
|
||||||
* Enable and start nginx:
|
* Enable and start nginx:
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
|
|
|
@ -123,6 +123,10 @@ Edit the defaults:
|
||||||
* Change `ssl_certificate_key` to `/etc/nginx/tls/key`.
|
* Change `ssl_certificate_key` to `/etc/nginx/tls/key`.
|
||||||
* Change `example.tld` to your instance's domain name.
|
* Change `example.tld` to your instance's domain name.
|
||||||
|
|
||||||
|
### (Strongly recommended) serve media on another domain
|
||||||
|
|
||||||
|
Refer to the [Hardening your instance](../configuration/hardening.md) document on how to serve media on another domain. We STRONGLY RECOMMEND you to do this to minimize attack vectors.
|
||||||
|
|
||||||
## Configuring acme.sh
|
## Configuring acme.sh
|
||||||
|
|
||||||
We'll be using acme.sh in Stateless Mode for TLS certificate renewal.
|
We'll be using acme.sh in Stateless Mode for TLS certificate renewal.
|
||||||
|
|
|
@ -195,6 +195,10 @@ rcctl enable relayd
|
||||||
rcctl start relayd
|
rcctl start relayd
|
||||||
```
|
```
|
||||||
|
|
||||||
|
##### (Strongly recommended) serve media on another domain
|
||||||
|
|
||||||
|
Refer to the [Hardening your instance](../configuration/hardening.md) document on how to serve media on another domain. We STRONGLY RECOMMEND you to do this to minimize attack vectors.
|
||||||
|
|
||||||
#### pf
|
#### pf
|
||||||
Enabling and configuring pf is highly recommended.
|
Enabling and configuring pf is highly recommended.
|
||||||
In /etc/pf.conf, insert the following configuration:
|
In /etc/pf.conf, insert the following configuration:
|
||||||
|
|
Loading…
Reference in New Issue