by nutomic
--- original
+++ modified
@@ -0,0 +1,103 @@
+How to install Ibis on your server. To get started you need a domain and a small Linux server with root access. The following instructions are written for Debian.
+
+Start by downloading the binary, installing dependencies and setting up the database:
+```bash
+mkdir /srv/ibis
+cd /srv/ibis
+wget https://github.com/Nutomic/ibis/releases/download/0.1.0-test3/ibis.gz
+gzip ibis.gz
+chmod +x ibis
+sudo apt install postgresql nginx certbot python3-certbot-nginx
+
+# create postgres user and database
+sudo -u postgres psql -c "CREATE USER ibis WITH PASSWORD 'my-password';" -U postgres
+sudo -u postgres psql -c "CREATE DATABASE ibis WITH OWNER ibis;" -U postgres
+```
+
+Create a file `config.toml` with the following content:
+```toml
+[federation]
+# The domain where your ibis instance will be available
+domain = "ibis.wiki"
+
+[database]
+# The database connection url. use the password set above
+connection_url = "postgres://ibis:my-password@127.0.0.1:5432/ibis"
+
+[setup]
+# Username and password for the automatically created admin account. Important to set a secure password here, as password change functionality is not yet implemented. This section can be removed after first start.
+admin_username = "ibis"
+admin_password = "your-password"
+```
+
+[See here](https://github.com/Nutomic/ibis/blob/master/config/defaults.toml) for all available config options.
+
+Try running `./ibis` to ensure that it starts without errors.
+
+Create a new user for ibis for better security:
+```bash
+sudo /sbin/useradd --no-create-home --system ibis
+sudo chown ibis:ibis . -R
+chmod 600 config.toml
+```
+
+Create systemd service file at `/etc/systemd/system/ibis.service` to run ibis:
+```toml
+[Unit]
+Description=Ibis Federated Wiki
+After=network.target
+
+[Service]
+Type=simple
+User=ibis
+Group=ibis
+WorkingDirectory=/srv/ibis
+ExecStart=/srv/ibis/ibis
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target
+```
+
+Start the service with `sudo journalctl -u ibis.service` and ensure it was successful by running `sudo systemctl status ibis.service`. You can also view the logs with `sudo journalctl -u ibis.service`.
+
+Next we need to request the TLS certificate via [Let's Encrypt](https://letsencrypt.org/). Replace with your actual domain and email in the command below.
+```
+sudo certbot certonly --nginx --agree-tos -d 'ibis.wiki' -m 'me@example.com'
+```
+
+You also need to setup a cronjob to refresh the TLS certificate. For this run `sudo crontab -e` and add the following line with your actual domain:
+```
+@daily certbot certonly --nginx -d ibis.wiki -n --deploy-hook 'nginx -s reload'
+```
+
+Finally create the nginx configuration file. Again replace `ibis.wiki` with your actual domain.
+```
+server {
+ listen 80;
+ listen [::]:80;
+ server_name ibis.wiki;
+ location /.well-known/acme-challenge/ {
+ root /var/www/certbot;
+ }
+ location / {
+ return 301 https://$host$request_uri;
+ }
+}
+
+server {
+ listen 443 ssl http2;
+ listen [::]:443 ssl http2;
+ server_name ibis.wiki;
+
+ ssl_certificate /etc/letsencrypt/live/ibis.wiki/fullchain.pem;
+ ssl_certificate_key /etc/letsencrypt/live/ibis.wiki/privkey.pem;
+
+ location / {
+ proxy_pass http://127.0.0.1:8081;
+ proxy_http_version 1.1;
+ }
+}
+```
+
+If everything went well you can access Ibis through your browser now. In case of problems you can join the [Lemmy community](https://lemmy.ml/c/ibis) or [Matrix chat](https://matrix.to/#/!GqiOWLkEoxlcBLTEtv:matrix.org) for help.