Skip to content

Latest commit

 

History

History
390 lines (322 loc) · 10.7 KB

INSTALL.md

File metadata and controls

390 lines (322 loc) · 10.7 KB
Raw

Step by step installation instructions

Requirements

  1. Prerequisites

    1. MongoDB.
    2. Redis.
    3. MinIO.
    4. ClamAV (Optional)
    5. Node.js v12 or later.
    6. carbon-now-cli npm package
    7. Package-Config, Pixman Dev Library, Cairo Dev Libirary, PangoCairo Dev Lbrary, Jpeg Dev Library
    8. Web Authentication Provider
    9. Web Authentication Token Service

Explanatory Notes.

  1. Pulibc URL of Web-File-Uploader in this document is www.example.com
  2. Public URL of Web Authentication Provider in this document is auth.example.com
  3. Public URL of Web Authentication Token Service in this document is token.example.com

Prepare MongoDB

  1. If you want to run MongoDB locally, you can use the official binary repository or docker.

    docker volume create --name=mongodata
docker run -p 27017:27017 --name mongo -v mongodata:/data/db -d mongo

  2. Or you can also use MongoDB Atlas

Prepare Redis

You can use your distribution package or docker.

docker volume create --name=redisdata
docker run -p 6379:6379 --name redis -v redisdata:/data -d redis redis-server --appendonly yes

Prepare MinIO

You can use the official binary or docker.

docker volume create --name=miniodata
docker run -p 9000:9000 -e MINIO_ACCESS_KEY=CHANGE_ME_ACCESS_KEY -e MINIO_SECRET_KEY=CHANGE_ME_SECRET_KEY --name minio -v miniodata:/data -d minio/minio server /data

Prepare Node.js and npm

Refer to the official page.

Prepare ClamAV (Optional)

If you want to scan any uploaded files, you can use ClamAV of your distribution package or docker.

# the port is set to 9001 because 9000 is used by minio by default
docker run -p 9001:9000 --name clamav -d niilo/clamav-rest
# this takes a while to start up, monitor progress with `docker logs clamav`

Install Authentication Provider

  1. Clone the repository of Authentication Provider.

    git clone https://github.com/femto-apps/web-authentication-provider.git provider

  2. cd provider

  3. Copy config.default.js to config.js

  4. Edit config.js. Change the Mongo URI to point to your MongoDB server, and replace all secrets with random strings.

    • Example
    module.exports = {
   port: 3001,
   mongo: {
      uri: 'mongodb://user:password@localhost:27017/',
      db: 'authenticationProvider'
  },
  redis: {
    // url: 'redis://127.0.0.1:6379/0',
    host: '127.0.0.1',
    port: 6379,
    db: 0,
    session: 'sessions'
  },
  cookie: {
    maxAge: 1000 * 60 * 60 * 24 * 7 * 4, // 28 days
    secret: 'REPLACE THIS WITH A RANDOM STRING',
    name: 'provider'
  },
  session: {
    secret: 'REPLACE THIS WITH A RANDOM STRING'
  },
  title: {
    suffix: 'Femto Authentication Provider' // You can replace this with your favorite title
  },
  favicon: 'public/images/favicon/favicon.ico',
}

  5. Run npm install

  6. Run node index.js

    When your system uses systemd, refer the following sample.

    [Unit]
Description=Web Authentication Provider
After=network.target
Before=apache2.service

[Service]
User=user
WorkingDirectory=/path/to/provider
Environment=NODE_ENV=production
ExecStart=/usr/bin/node index.js
Restart=always

[Install]
WantedBy=multi-user.target

  7. Configure your web server.

    • Example for Apache
    <IfModule mod_ssl.c>
<VirtualHost *:443>

	ServerName auth.example.com
	ServerAdmin webmaster@example.com

	SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
	SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
	Include /etc/letsencrypt/options-ssl-apache.conf

	RequestHeader set X-Forwarded-Proto "https"
	ProxyPreserveHost On

	ProxyPass / http://127.0.0.1:3001/
	ProxyPassReverse / http://127.0.0.1:3001/

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>
</IfModule>
    • Example for Caddy
    	auth.example.com {
		proxy / localhost:3001
	}

  8. Access https://auth.example.com/consumer/add via your browser.

  9. Enter Name, Description and Redirects but Redirects is as below:

    https://www.example.com/login_callback

  10. If you got ...does not appear to be a URL message, please refer femto-apps/web-authentication-provider#8

  11. When submitting above, you'll get authentication informations as JSON format. You MUST pick up uuid as ConsumerId

Install Web Authentication Token Service

  1. clone the repository of Web Authntication Token Service

    git clone https://github.com/femto-apps/web-authentication-token-service.git token

  2. cd token

  3. Copy config.default.js to config.js

  4. Edit config.js if needed

    • Example
    module.exports = {
  port: 4500,
  redis: {
    // url: 'redis://127.0.0.1:6379/0',
    host: '127.0.0.1',
    port: 6379,
    db: 0,
    session: 'sessions'
  }
}

  5. Run npm install

  6. Run node index.js When your system uses systemd, refer the following sample.

    [Unit]
Description=Authentication Token Service
After=network.target
Before=apache2.service

[Service]
User=user
WorkingDirectory=/path/to/token
Environment=NODE_ENV=production
ExecStart=/usr/bin/node index.js
Restart=always

[Install]
WantedBy=multi-user.target

  7. Configure your web server

    • Example for Apache
    <IfModule mod_ssl.c>
<VirtualHost *:443>

	ServerName token.example.com
	ServerAdmin webmaster@example.com

	SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
	SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
	Include /etc/letsencrypt/options-ssl-apache.conf

	RequestHeader set X-Forwarded-Proto "https"
	ProxyPreserveHost On

	ProxyPass / http://127.0.0.1:4500/
	ProxyPassReverse / http://127.0.0.1:4500/

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>
</IfModule>
    • Example for Caddy
    	token.example.com {
		proxy / localhost:4500
	}

Install Web-File-Uploader

  1. Install carbon-now-cli.

    e.g. yarn global add carbon-now-cli or npm install -g carbon-now-cli

  2. Install Package-Config, Pixman Dev Library, Cairo Dev Libirary, PangoCairo Dev Lbrary, Jpeg Dev Library.

    e.g. apt install pkgconf libpixman-1-dev libpixman-1-dev libcairo2-dev librust-pangocairo-dev libjpeg-dev

  3. Clone the repository

    git clone https://github.com/femto-apps/web-file-uploader.git uploader

  4. cd uploader

  5. Copy config.default.hjson to config.hjson

  6. Edit config.hjson. Specially you must change minio.accessKey, minio.secretKey, session.secret and authenticationProvider.consumerId and each endpoint.

    For example:

        {
        port: 3005
        dev: false
        trustedProxy: ['127.0.0.1/8', '::1/128']
        title: {
            name: Femto Uploader // You can replae this with your favorite name
            shortener: Femto Shortener // You can replae this with your favorite name
            suffix: Femto Uploader // You can replae this with your favorite name
        }
        url: {
            origin: https://www.example.com/
        }
        carbon: {
            // you can find this installation directory with `which carbon-now`
            path: /path/to/.yarn/bin/carbon-now
        }
        mongo: {
            uri: mongodb://user:password@localhost:27017/
            db: fileUploader
        }
        minio: {
            host: 127.0.0.1
            port: 9000
            itemBucket: items // the bucket you created on Minio
            accessKey: ACCESSKEY
            secretKey: SECRETKEY
            useSSL: false
        }
        clamav: {
            url: http://localhost:9001
        }
        session: {
            secret: REPLACE THIS WITH A RAMDOM STRING
        }
        redis: {
            host: 128.0.0.1
            port: 6379
            db: 0
            // url: redis://127.0.0.1:6379/0
        }
        cookie: {
            name: file-uploader
            maxAge: 15552000000 // 1000 * 60 * 60 * 24 * 180 (6 months)
        }
        email: {
            name: 'example.com'
            host: 'smtp.gmail.com'
            secure: false
            port: 587
            auth: {
                user: 'username'
                pass: 'password'
            }
            authMethod: 'PLAIN'
            ignoreTLS: false
        }

        tokenService: {
            endpoint: https://token.example.com
        }
        authenticationProvider: {
            endpoint: https://auth.example.com
            consumerId: REPLACE THIS WITH YOUR CONSUMER ID // You got this in the installation step 10 for Web Authentication Provider
        }
        authenticationConsumer: {
           endpoint: https://www.example.com
        }
        experimental: {
            profiling: false
            statsTimer: 86400000 // 1000 * 60 * 60 * 24 (1 day)
        }
    }

  7. Run npm install

  8. Run node index.js When your system uses systemd, refer the following sample.

    [Unit]
Description=Web-File-Uploader
After=network.target
Before=apache2.service

[Service]
User=user
WorkingDirectory=/path/to/uploader
Environment=NODE_ENV=production
ExecStart=/usr/bin/node index.js
Restart=always

[Install]
WantedBy=multi-user.target

  9. Configure your web server

    • Example for Apache
    <IfModule mod_ssl.c>
<VirtualHost *:443>

	ServerName www.example.com
	ServerAdmin webmaster@example.com

	SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
	SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
	Include /etc/letsencrypt/options-ssl-apache.conf

	RequestHeader set X-Forwarded-Proto "https"
	ProxyPreserveHost On

	ProxyPass / http://127.0.0.1:3005/
	ProxyPassReverse / http://127.0.0.1:3005/

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>
</IfModule>
    • Example for Caddy
    www.example.com {
	proxy / localhost:3005
}

  10. Access https://www.example.com and you can register as many users as you wish! :)