A spec-compliant Solid server for use on the Solid Community server, based on a remix of building blocks from the Community Solid Server project.
That is to say, this server implements a certain community flavour of Solid, namely:
- using the Solid protocol
- using WAC and not ACP
- but using an older version of Solid OIDC, where storage access control is done with DPoP instead of with UMA
- (under development) using the PoP token issuer as an indication for app origin
Feel free to open a feature request if you think
solidcommunity.net should implement some
additional feature - because it's a missing spec feature, or because it's a new optional or experimental
spec feature, or just because you want
to show a novel way for your Solid project to interact with a Solid pod server.
You can also join the Matrix chat for solidcommunity.net or for Pivot as piece of config+software.
These are the bash commands to run on for example https://pivot.pondersource.com/.
- create an Ubuntu server
- set the DNS record for pivot.pondersource.com
- ssh into the server,
apt update,apt upgrade - get a wilcard cert
apt install certbotcertbot certonly --manual --preferred-challenges dns --debug-challenges -v -d \*.pivot.pondersource.com -d pivot.pondersource.com- add the
_acme-challenge.pivotTXT record in DNS - check
dig txt _acme-challenge.pivot.pondersource.com - continue certbot dialog
ls /etc/letsencrypt/live/pivot.pondersource.com/
- install node
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.1/install.sh | bashsource ~/.bashrcnvm install 20
- copy
config/customise-me.jsonto./custom-config.jsonand edit it:- email server settings (will need to at least fill in the auth pass here)
- quota settings (defaults to 70 MB per pod)
- pod template (defaults to
node_modules/css-mashlib) - mashlib version (both data browser and static files; defaults to
node_modules/mashlib)
root:~# git clone https://github.com/solid-contrib/pivot
root:~# cd pivot
root:~/pivot# npm ci --skip=dev
root:~/pivot# npm run build
root:~/pivot# mkdir -p data
root:~/pivot# cp -r www data/
root:~/pivot# npx community-solid-server -c ./config/prod.json ./custom-config.json -f ./data --httpsKey /etc/letsencrypt/live/pivot.pondersource.com/privkey.pem --httpsCert /etc/letsencrypt/live/pivot.pondersource.com/fullchain.pem -p 443 -b https://pivot.pondersource.com -m .
2024-11-13T11:28:02.426Z [Components.js] info: Initiating component discovery from /root/pivot
2024-11-13T11:28:02.919Z [Components.js] info: Discovered 169 component packages within 1345 packages
2024-11-13T11:28:02.921Z [Components.js] info: Initiating component loading
2024-11-13T11:28:10.017Z [Components.js] info: Registered 901 components
2024-11-13T11:28:10.018Z [Components.js] info: Loaded configs
2024-11-13T11:28:12.002Z [ServerInitializer] {Primary} info: Listening to server at https://localhost/Or on localhost:
git clone https://github.com/solid-contrib/pivot
cd pivot
npm install
npm run build
npm test
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 3650 -nodes -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=CommonNameOrHostname"
npm startShort answer: we needed a name. ;)
Long answer: it comes from the role a Solid pod can play in a data portability scenario. In traditional data portability, the user consents to organisation A transferring their data to organisation B. A Solid pod, however, can act as a "pivot" for data sharing: data is first transferred from organisation A to the pod, and then from the pod to organisation B, without the two organisations ever interacting directly. The organisations only interact through the "pivot" that is owned by the user. This greatly simplifies consent management and makes data access control user-centric. Hence the name "pivot" for this open source Solid server implementation. :)
Photo 138720473 © Leo Lintang | Dreamstime.com