| [12:23:55] | <monkeyflowerfarm> | Can I access drupal features with the new farm os? The previous version allowed for access to content types etc. |
| [12:24:56] | <monkeyflowerfarm> | I did not mean "features" rather the usual drupal system admin menus. |
| [12:26:30] | <monkeyflowerfarm> | for example what if I want to create a new content type? or even a page? I'm not seeing a menu Item for that. |
| [12:28:24] | <mstenta[m]> | monkeyflowerfarm: farmOS does not enable the `node` module by default |
| [12:28:39] | <mstenta[m]> | If you decide to do that, you're a bit on your own... I personally wouldn't recommend trying to mix farmOS with a website |
| [12:29:02] | <mstenta[m]> | it �can� be done... but I don't think it �should� be... ;-) |
| [12:29:13] | <monkeyflowerfarm> | Found one problem is I have to enable permissions for user 1 not used to that |
| [12:29:35] | <monkeyflowerfarm> | How do you recommend using it then? |
| [12:29:46] | <mstenta[m]> | if you want to build a website using Drupal i would probably recommend setting up two separate Drupal installations |
| [12:30:13] | <mstenta[m]> | the risk is that you end up creating conflicts with future versions of farmOS, which leave you in a position unable to upgrade without breaking things |
| [12:30:49] | <mstenta[m]> | that's just my opinion - you can do whatever you want - but we definitely can't support this use-case |
| [12:30:53] | <monkeyflowerfarm> | Ok but I have some confusion about whether it will work if its not in the web root |
| [12:31:10] | <mstenta[m]> | Oh? That sounds like a separate question? |
| [12:31:28] | <mstenta[m]> | (trying to recall... was it you who asked about this last week?) |
| [12:31:46] | <monkeyflowerfarm> | You said 2 drupal installations one of which would be webroot right? |
| [12:32:17] | <mstenta[m]> | are you on a shared hosting platform? |
| [12:33:38] | <monkeyflowerfarm> | Yes I asked if I could run it behind another site and some said yes and others said it was not tested. I tried it and found that the menu links did not work. |
| [12:33:38] | <mstenta[m]> | if it were me doing this, i would probably try to set up two separate domains, each with their own webroot w/ a Drupal codebase... eg: `mysite.com` and `farmos.mysite.com` |
| [12:33:55] | <monkeyflowerfarm> | not on shared hosting anymore |
| [12:34:08] | <mstenta[m]> | > I tried it and found that the menu links did not work. |
| [12:34:08] | <mstenta[m]> | I'd love to get a bug report for this and dig into it, because ideally it should be supported... but perhaps that's a separate conversation |
| [12:34:29] | <monkeyflowerfarm> | That would be two ssl's |
| [12:34:42] | <mstenta[m]> | true |
| [12:35:08] | <mstenta[m]> | I use Let's Encrypt so that's not really an issue |
| [12:35:43] | <monkeyflowerfarm> | Gotcha but for a production environment its not recommended? |
| [12:35:53] | <mstenta[m]> | What's not? |
| [12:36:04] | <monkeyflowerfarm> | Lets Encrypt |
| [12:36:23] | <mstenta[m]> | Sure it is! |
| [12:36:24] | <mstenta[m]> | :-) |
| [12:36:40] | <monkeyflowerfarm> | Interesting |
| [12:36:43] | <mstenta[m]> | > A nonprofit Certificate Authority providing TLS certificates to 260 million websites. |
| [12:36:43] | <mstenta[m]> | https://letsencrypt.org/ |
| [12:36:59] | <mstenta[m]> | Maybe you're confusing that with a "self-signed certificate"? |
| [12:37:45] | <mstenta[m]> | I ❤️ Let's Encrypt 😊 |
| [12:37:53] | <mstenta[m]> | I use it for everything |
| [12:39:05] | <monkeyflowerfarm> | No I looked into it because I would way rather use it but several articles said that it was not the same as a paid CA. and it was not recommended for production environment. But if you have experience otherwise thats great news. |
| [12:39:38] | <mstenta[m]> | Oh maybe they were just trying to sell you a paid CA 😂 |
| [12:39:49] | <monkeyflowerfarm> | lol well yeah ouch |
| [12:40:04] | <monkeyflowerfarm> | I paid this years fee ug |
| [12:40:27] | <monkeyflowerfarm> | Ok cool thanks for the heads up |
| [12:40:34] | <mstenta[m]> | sure! |
| [12:41:42] | <monkeyflowerfarm> | do you do multiple ssl's on one ip by chance? |
| [12:42:12] | <mstenta[m]> | yes |
| [12:42:23] | <monkeyflowerfarm> | using sni? |
| [12:42:31] | <mstenta[m]> | i also do the same SSL domain on multiple IPs :-) |
| [12:43:18] | <mstenta[m]> | yes I use Nginx as a reverse proxy to handle the SSL termination and then route traffic to the farmOS (or other) backend containers |
| [12:43:31] | <monkeyflowerfarm> | I gotta figure that out :) |
| [12:43:58] | <mstenta[m]> | I think symbioquine and Farmer Ed have both written some how-tos on this for farmOS |
| [12:44:04] | <monkeyflowerfarm> | nice I was trying to get that going but have not got it yet |
| [12:44:13] | <mstenta[m]> | and we have a rough example in the dev environment docs... |
| [12:44:15] | <monkeyflowerfarm> | oh cool |
| [12:44:33] | <mstenta[m]> | https://farmos.org/development/environment/https/ |
| [12:44:50] | <mstenta[m]> | that doesn't use lets encrypt, just a self-signed cert |
| [12:45:04] | <mstenta[m]> | but you basically just need to overwrite the self-signed cert with the lets encrypt one and it should work the same |
| [12:45:42] | <mstenta[m]> | (that's if you're using docker...) |
| [12:47:27] | <monkeyflowerfarm> | Ok thank you, I'm getting closer to getting it dialed in. Sometimes the last little bit is the hardest. I'm not using docker yet. I have an ubuntu server w apache |
| [12:47:57] | <mstenta[m]> | Sure thing! Yea there are a lot of ways to set it up :-) |
| [12:48:11] | <mstenta[m]> | You can do everything with Apache alone... just requires more Apache virtual host config |
| [12:48:46] | <mstenta[m]> | I like Docker because it basically wraps Apache+PHP+farmOS in one container, listening on port 80. Then I set up another Nginx container listening on port 443, with a bit of config to send traffic to the farmOS container |
| [12:48:56] | <mstenta[m]> | That way you don't need to mess with the farmOS/Apache config at all |
| [12:49:12] | <mstenta[m]> | encapsulation 🥰 |
| [12:49:32] | <mstenta[m]> | but learning docker is definitely a whole thing |
| [12:49:49] | <mstenta[m]> | and certainly not required for farmOS |
| [12:52:44] | <monkeyflowerfarm> | Yes thats what I need to learn. I have not done servers since about ten years ago so Im trying come up to speed. Some internet resources have been helpful but I have not found any that get me through all the steps needed to set that up. |
| [12:54:54] | <mstenta[m]> | You might learn a lot just by following our guide on setting up a dev environment |
| [12:54:59] | <mstenta[m]> | With SSL |
| [12:55:10] | <mstenta[m]> | Then you can experiment with that too understand the pieces |
| [12:55:53] | <mstenta[m]> | The process will be pretty similar on a server |
| [12:57:32] | <monkeyflowerfarm> | I did before but I will revisit that 👍️ |
| [14:39:04] | <monkeyflowerfarm> | would it be better to install nginx for a reverse proxy on same server as apache or use a different server box on dmz? |
| [14:39:32] | <mstenta[m]> | you can do it all on the same server |
| [14:39:50] | <monkeyflowerfarm> | I'm donating all the money you saved me for the ssl's I was able to get refunded to farm os. |
| [14:39:59] | <mstenta[m]> | ha! |
| [14:40:11] | <mstenta[m]> | thanks monkeyflowerfarm ! |
| [14:40:15] | <mstenta[m]> | :-D |
| [14:40:15] | <monkeyflowerfarm> | thank you |
| [14:40:29] | <mstenta[m]> | glad you were able to get a refund! |
| [14:41:49] | <monkeyflowerfarm> | i had a few days left |
| [14:42:12] | <symbioquine[m]> | Same server and docker network is way easier since you don't need to mess with subnets/firewalls to make the farmOS container only accessible by the reverse proxy. |
| [14:42:44] | <mstenta[m]> | symbioquine: monkeyflowerfarm is not currently using Docker |
| [14:42:49] | <mstenta[m]> | (but might explore doing so) |
| [14:43:21] | <monkeyflowerfarm> | would I have to rebuild my entire server config if I want to switch over to docker? |
| [14:43:39] | <mstenta[m]> | nope - you would probably throw most of it out :-) |
| [14:43:48] | <mstenta[m]> | and port the rest into config used by the Nginx docker container |
| [14:44:13] | <mstenta[m]> | the nice thing about docker is you don't need to install anything else on your sever! no nginx, no apache, no php... |
| [14:44:28] | <mstenta[m]> | it's all in the containers, which can be created/destroyed as needed |
| [14:44:40] | <mstenta[m]> | it decouples that stuff from the server itself, which is really nice |
| [14:44:50] | <mstenta[m]> | makes upgrading your server a lot easier in the future too |
| [14:45:09] | <monkeyflowerfarm> | so pretty much start over :). And the containers can be transferred to other hardware as well if need be? |
| [14:45:27] | <mstenta[m]> | yea, any server that has docker can run the containers |
| [14:46:26] | <mstenta[m]> | it is a bit of a paradigm shift... and defintely requires some learning and understanding of the considerations/pitfalls |
| [14:46:35] | <mstenta[m]> | but you won't regret it :-) |
| [14:46:46] | <monkeyflowerfarm> | oh I wish I would have asked earlier but I'm excited to change over to docker soon |
| [14:47:05] | <mstenta[m]> | well all the config you've done already might still be useful! |
| [14:47:13] | <mstenta[m]> | all good! |
| [14:49:34] | <monkeyflowerfarm> | One last question could I start a docker alongside my existing config and be able to test as I go and then switch to docker and remove apache etc from server? |
| [14:49:49] | <mstenta[m]> | yes and no |
| [14:49:58] | <mstenta[m]> | the only "no" is you can't run on the same ports |
| [14:50:13] | <mstenta[m]> | so if you have apache already running on port 80 you'll get an error if you try to run a docker container on that |
| [14:50:18] | <mstenta[m]> | but you could test on a different port first |
| [14:50:20] | <mstenta[m]> | 8080 |
| [14:50:27] | <monkeyflowerfarm> | ok thats doable |
| [14:50:35] | <mstenta[m]> | ssl would be a bit trickier... since it needs to be 443 |
| [14:50:58] | <mstenta[m]> | but i say first step is get farmOS running in a container on port 80 |
| [14:51:04] | <mstenta[m]> | then you can ditch apache probably |
| [14:51:17] | <mstenta[m]> | and then next step would be to get nginx running on 443 with let's encrypt, proxying to the farmOS container |
| [14:51:29] | <monkeyflowerfarm> | Thanks again!!! Have a great day. I'd love to contribute any way I can from out here in Northern California. |
| [14:51:40] | <mstenta[m]> | my pleasure! |
| [14:52:04] | <monkeyflowerfarm> | I will drop the soon as my refund comes any day now |
| [14:52:12] | <monkeyflowerfarm> | *donation |