# https://github.com/nodesource/distributions
sudo apt-get update
sudo apt-get install -y ca-certificates curl gnupg
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | sudo gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg
NODE_MAJOR=20
echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_$NODE_MAJOR.x nodistro main" | sudo tee /etc/apt/sources.list.d/nodesource.list
sudo apt-get update
sudo apt-get install nodejs -y
sudo npm -g install yarn
# https://www.postgresql.org/download/linux/debian/
# Create the file repository configuration:
sudo sh -c 'echo "deb https://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
# Import the repository signing key:
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
# Update the package lists:
sudo apt-get update
# Install the latest version of PostgreSQL.
# If you want a specific version, use 'postgresql-12' or similar instead of 'postgresql':
sudo apt-get -y install postgresql
sudo apt-get install -y nginx libnginx-mod-http-fancyindex
See the ready to use build script or the official instructions. Make sure to also install libass (available in apt repository) and add the --enable-libass
parameter when buiding ffmpeg.
sudo apt-get install -y git
sudo apt-get install -y uuid-runtime
sudo apt install -y vsftpd
# Restrict users to chroot and set permissions (https://askubuntu.com/questions/674737/restrict-user-to-a-directory-vsftpd)
sed -i '/write_enable/s/^#//g' /etc/vsftpd.conf
sed -i '/local_umask/s/^#//g' /etc/vsftpd.conf
sed -i '/chroot_local_user/s/^#//g' /etc/vsftpd.conf
sed -zi '/allow_writeable_chroot=YES/!s/$/\nallow_writeable_chroot=YES/' /etc/vsftpd.conf
sed -zi '/local_umask=000/!s/$/\nlocal_umask=000/' /etc/vsftpd.conf # Allow read / write to everything newly created
sudo service vsftpd restart
sudo adduser kmuser --shell /usr/sbin/nologin
echo "kmuser:PASSWORD_CHANGEME" | sudo chpasswd # Set password
# Only necessary when home folder is different than storage folder
# Add media folder to home
sudo mkdir /home/kmuser/storage
mount --bind /storage /home/kmuser/storage
# Mount it permanently
echo "/storage /home/kmuser/storage none rw,bind 0 0" >> /etc/fstab
cd /srv
git clone https://gitlab.com/karaokemugen/code/karaokemugen-server.git kmserver
cd kmserver/
yarn
yarn pull
cp config.sample.yml app/config.yml
Edit app/config.yml
and set InstanceID to an UUID and JwtSecret to a random text. Without these the server won't start.
yarn build:all
sudo -i -u postgres bash << EOF
psql -c "CREATE DATABASE karaokemugen_server ENCODING 'UTF8';"
psql -c "CREATE USER karaokemugen_server WITH ENCRYPTED PASSWORD 'musubi';" # Add own password here
psql -c "GRANT ALL PRIVILEGES ON DATABASE karaokemugen_server TO karaokemugen_server;"
psql -c "ALTER DATABASE karaokemugen_server OWNER TO karaokemugen_server;"
psql -c "GRANT CREATE ON SCHEMA public TO public;"
psql -d "karaokemugen_server" -c "CREATE EXTENSION unaccent;"
psql -d "karaokemugen_server" -c "CREATE EXTENSION pgcrypto;"
EOF
yarn migrate
Insert your server hostname into the server_name
fields of the file docs/nginx.example.conf
and setup the ssl parameters for https, if available. You can also set it up with certbot later.
Then copy the config into the nginx folder:
cp /srv/kmserver/docs/nginx.example.conf /etc/nginx/sites-enabled/kmserver.conf
sudo service nginx reload
Server must be run as non-root
yarn start --generate
yarn start
sudo adduser kmserver --disabled-password --gecos ""
# Add access rights to /opt
sudo chown -R kmserver:kmserver /src/kmserver
# Change into user for the next steps
sudo su kmserver
Since we're not attached to the gitlab pipeline for updates, this is an approach using a simple systemd timer. Requires kmserver user defined above.
echo "%kmserver ALL= NOPASSWD: /bin/systemctl restart kmserver" > /etc/sudoers.d/kmserver
Create service /etc/systemd/system/kmserver-update.service
from the file kmserver-update.service
Create timer /etc/systemd/system/kmserver-update.timer
from the file kmserver-update.timer
Enable with systemctl enable kmserver-update.timer && systemctl start kmserver-update.timer
Check if timer is enabled systemctl list-timers
Your system is probably not running on UTF-8. Run sql to change database template:
UPDATE pg_database SET datistemplate = FALSE WHERE datname = 'template1';
DROP DATABASE template1;
CREATE DATABASE template1 WITH TEMPLATE = template0 ENCODING = 'UNICODE';
UPDATE pg_database SET datistemplate = TRUE WHERE datname = 'template1';
\c template1
VACUUM FREEZE;
Check the file permissions and if SELinux is enabled on the system. SELinux might cause access problems but it's configuration won't be covered here.
If you're using an ngnix reverse proxy on the git server, set a larger payload size in the nginx.conf
(or .conf
in sites-enabled/
):
http {
...
client_max_body_size 500M;
}