-Install paster itself:
-
- $ go get go.stargrave.org/paster
-
-Add "paster" user and "pastes" directory, also accessible by HTTP service:
-
- # pw useradd paster -s /usr/sbin/nologin -w no -d /path/to/pastes
- # mkdir /path/to/pastes
- # echo "<html><body>Paste service</body></html>" > /path/to/pastes/index.html
- # chown -R paster:lighttpd pastes
- # chmod 2750 pastes
- # chmod 640 /path/to/pastes/index.html
-
-Create daemontools+ucspi-tcp service:
-
- # mkdir -p /var/service/.paster/log/main
- # cat > /var/service/.paster/run <<EOF
- #!/bin/sh -e
- cd /path/to/pastes
- umask 027
- exec setuidgid paster tcpserver -DHR -l 0 ::0 2020 \
- timeout 1m $GOPATH/bin/paster http://paster.example.com/ 2>&1
- EOF
- # cat > /var/service/.paster/log/run <<EOF
- #!/bin/sh -e
- exec setuidgid paster multilog t ./main
- EOF
- # chmod +x /var/service/.paster/run /var/service/.paster/log/run
- # chown paster /var/service/.paster/log/main
- # mv /var/service/.paster /var/service/paster
-
-Optionally prepare X.509 certificate for TLS enabled service:
-
- # umask 077
- # certtool --generate-privkey --bits 256 --ecc --outfile \
- paster.example.com.key.pem
- # tmpl=`mktemp`
- # cat > $tmpl <<EOF
- dn = "cn=paster.example.com"
- expiration_days = 365
- signing_key
- dns_name = "paster.example.com"
- EOF
- # certtool --generate-self-signed \
- --load-privkey paster.example.com.key.pem \
- --template $tmpl --outfile paster.example.com.pem
- # rm $tmpl
- # chown paster:paster paster.example.com*.pem
- # chmod 600 paster.example.com.key.pem
-
-and choose from plenty of UCSPI-friendly TLS wrappers:
-http://www.fehcom.de/ipnet/ucspi-ssl.html, https://github.com/younix/ucspi
-or likely go.cypherpunks.ru/ucspi/cmd/tlss:
-
- exec setuidgid paster tcpserver -DHR -l 0 ::0 2021 tlss \
- -key paster.example.com.key.pem -cert paster.example.com.pem \
- timeout 1m $GOPATH/bin/paster http://paster.example.com/ 2>&1
+Look for doc/install.texi.