FIR is a web application designed by CERT Société Générale. It's coded in Python and uses Django.
Installation as documented uses Nginx and pip, two tools I'm not using. I already run several Apache servers, and I do prefer relying on pkg for software installation. For me, pip is more a developer tool: very convenient with virtualenv but not what I would use for production.
If you want to use pip, just go with the official documentation :)
So on a FreeBSD 11.2-RELEASE server, you need to install all required packages. Be careful,
mysql57-server, and FIR works with Python 2.7, not 3.x (as far as I can say).
$ sudo pkg install gettext mysql56-server py27-pip py27-virtualenv git apache24 uwsgi py27-MySQLdb py27-django py27-cssselect py27-django-filter py27-djangorestframework py27-flup6 py27-gunicorn py27-lxml py27-markdown py27-pymongo py27-pyquery py27-dateutil py27-pytz py27-six py27-django-treebeard py27-markdown2 py27-bleach py27-python-gettext
Add those lines to
mysql_enable="yes" uwsgi_enable="yes" apache24_enable="yes"
The requirement list includes
whitenoise, but I was not able to find them in FreeBSD's packages. I've just ignored them and everything seems to work fine.
sudo pip install… should do the trick.
Follow the documentation:
- configure MySQL
- install FIR without
/usr/local/www for example)
- create and tune
installed_apps.txt (you do want the plugins)
- create tables in the db
- create the admin user
- populate the db
- collect static files
On FreeBSD we run
uwsgi as a service, under
uwsgi UID. So
chown must reflect that:
$ sudo chown uwsgi logs/errors.log uploads $ sudo chmod 750 logs/errors.log uploads
Skip the uWSGI section of the documentation. Instead, create config file for
uwsgi with this content:
$ cat /usr/local/etc/uwsgi/uwsgi.ini [uwsgi] chdir = /usr/local/www/FIR module = fir.wsgi
You can now start the service:
$ sudo service uwsgi start
Then, skip the nginx part, and go configure Apache:
- add the following to the relevant part of Apache configuration:
# FIR ProxyPass /FIR unix:/tmp/uwsgi.sock|uwsgi://usr/local/www/FIR Alias /files/ /usr/local/www/FIR/files/ Alias /static/ /usr/local/www/FIR/static/ <Directory /usr/local/www/FIR/static> Require all granted </Directory> <Directory /usr/local/www/FIR/files> Require all granted </Directory>
Restart Apache: you're all set, point your browser to https://your-server/FIR/