Readeck

Accessing Readeck

1. افتح متصفحك وقم بزيارة: https://<SERVER_IP>/
2. A browser SSL warning is expected — the certificate is self-signed.
3. Create the admin account in the web interface immediately.

الملفات والمجلدات المهمة

• Readeck data directory: /var/lib/readeck
• Readeck configuration directory: /etc/readeck
• Readeck binary: /usr/local/bin/readeck
• Systemd service file: /etc/systemd/system/readeck.service
• Nginx virtual host: /etc/nginx/sites-available/readeck
• TLS certificate and key: /etc/nginx/ssl

Managing the Services

Check Readeck status:

systemctl status readeck

Restart Readeck:

systemctl restart readeck

View Readeck logs:

journalctl -xeu readeck --no-pager -f

Nginx management:

systemctl status nginx
systemctl restart nginx
journalctl -u nginx -f

ملاحظات أمنية

• Readeck runs as a non-login system user.
• Strong systemd sandboxing is enabled.
• Only ports 80 و 443 are exposed.
• Internal service port 8000 is not accessible externally.
• TLS uses a self-signed certificate.

تمكين SSL باستخدام نطاق

1. قم بتوجيه نطاقك إلى عنوان IP للخادم.

2. قم بتحرير تكوين Nginx واستبدل كلاهما server_name <IP>; مع نطاقك (<your-domain>) لكل من كتل HTTP (المنفذ 80) و HTTPS (المنفذ 443):

vim /etc/nginx/sites-available/readeck

3. تثبيت Certbot:

apt install -y certbot python3-certbot-nginx

4. قم بتشغيل الأمر التالي لإنشاء شهادة Let's Encrypt صالحة:

certbot certonly --nginx --non-interactive --agree-tos --email [email protected] -d yourdomain.com

5. استبدل مسارات SSL في تكوين Nginx:

vim /etc/apache2/sites-available/readeck
# Before:
    # ssl_certificate /etc/nginx/ssl/fullchain.pem;
    # ssl_certificate_key /etc/nginx/ssl/privkey.pem;
# After:
    # ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
    # ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;

6. أعد تشغيل Nginx لتطبيق التغييرات:

systemctl restart nginx

7. افتح متصفحك وانتقل إلى: https://yourdomain.com