Vervis/INSTALL.md

6.3 KiB

Vervis is still in early development and the build process gets updates once in a while, but this file tries to keep up and list the latest instructions for running a Vervis instance.

At the time of writing, you can get a running Vervis instance if you follow the steps below.

UPDATE: There is a binary build you can use instead of building from source. It can be found here. If you use it, verify the download using sha256sum and gpg, make sure the settings in your settings.yml (see below) match the downloaded file paths, and run the web app using ./bin/vervis and not stack run. This may be confusing; hopefully I'll make a nicer binary release soon :)

2022 UPDATE: The binary release is unavailable right now. But a docker image is being prepared. More news soon.

(1) System libraries

Install dependency library development packages. It's very likely you already have them all installed, and if you're missing some, the build process will inform you. But it's still nice to have a list here. The list below isn't a complete list, it's just libraries that people have found missing while building, and let me know.

  • PostgreSQL client library
  • ZLib
  • libssl
  • libpcre

On Debian based distros, installation can be done like this:

$ sudo apt install libpq-dev zlib1g-dev libssl-dev libpcre3-dev

(2) Haskell development tools

Go to the GHCup website and follow the instructions.

$ curl --proto '=https' --tlsv1.2 -sSf https://get-ghcup.haskell.org | sh

(3) Version control systems Darcs and Git

Install Darcs and Git. You can grab them from your distro, e.g.:

$ sudo apt install darcs git

(4) The Vervis source code

Clone the Vervis repo:

$ git clone https://vervis.peers.community/repos/rjQ3E vervis
$ cd vervis

Clone dependency libraries:

$ ./update-deps.sh

(5) Database

Install PostgreSQL. You'll need the server and the client library development files. Note that PostgreSQL needs to be at least version 9.5.

$ sudo apt install postgresql libpq-dev

Switch to postgres system user:

$ sudo su - postgres

Create a PostgreSQL user.

With password:

$ createuser --no-createdb --no-createrole --no-superuser --encrypted --pwprompt vervis

No password (if you run Vervis as a user by the same name as the DB user):

$ createuser --no-createdb --no-createrole --no-superuser vervis

Create a PostgreSQL database:

$ createdb --encoding=UTF8 --owner=vervis vervis

(6) Build Vervis

If you're building for a production deployment, set the dev flag to false in stack.yaml:

flags:
  vervis:
    dev: false

Build. This will also automatically install the GHC Haskell compiler.

$ stack build

(7) Configuration

Generate a new SSH key with a blank password:

$ ssh-keygen -t rsa -m PEM -f config/ssh-host-key

Update the settings to specify correct database connection details and other settings.

$ cp config/settings-default.yaml config/settings.yml
$ vim config/settings.yml

Create a directory that will keep all the VCS repositories hosted by Vervis. Its name should match the repo-dir setting in config/settings.yml. For example, if you're keeping the default name:

$ mkdir repos

Create a directory that will keep remote delivery state. Its name should match the delivery-state-dir setting in config/settings.yml. For example, if you're keeping the default name:

$ mkdir delivery-states

(8) Development and deployment

To update your local clone of Vervis, run:

$ git pull
$ ./update-deps.sh
$ stack build

For convenience, at least on actual deployments, you may wish to run the Vervis SSH server on port 22, so that people don't have to specify a custom port. For that to work, the user that runs the Vervis server needs to get permission to bind to ports below 1024. There are several ways to do that. One of them is to use file capabilities to give the Vervis executable the permission to bind to such ports (if you prefer not to trust the code, try one of the other methods, such as sudo):

$ sudo setcap CAP_NET_BIND_SERVICE=+ep `stack exec which vervis`

Vervis uses various key files for cryptography and other data generation, and once these key files are created, they shouldn't change. For some of them, it's critical they don't change, because some usage or interpretation of data in the PostgreSQL database depends on them. For this reason, by default, key file loading happens as follows: When Vervis runs for the first time (this is checked by detecting that the database is empty, no tables), it generates and writes key files, and it's an error if any of them already exist. Otherwise, on the next time(s) Vervis runs, it requires all key files to exist, and an error is raised if any are missing.

If you're running Vervis for the first time, i.e. the database is still empty, and for some reason you'd like Vervis to load some existing key files, while generating the rest, run this:

$ touch _keyfile_import_existing

Run.

$ stack run

By default, Vervis is configured with User Registration disabled. This is to prevent any automatic spambot registration for bots that may be monitoring the Federated Network. In order to enable user registration on your instance, change "registration: false" to "registration: "true" in the config/ settings.yml file. Also, the maximum # of accounts is limited to 3. You can increase/decrease this setting to change the maximum. If you do not wish to have a limit, you can comment out this line entirely.

When you update Vervis to a newer version, it's possible the software now uses some new key files, and Vervis will raise an error about those key files missing in the filesystem. You can ask Vervis to generate missing files, and load the rest as usual:

$ touch _keyfile_write_missing
$ stack run

Browse to http://localhost:3000 and have fun!

yesod devel is another way to run the application, useful for rapid development, but I haven't been using it and I'm not sure it works, possibly I broke something along the way. But feel free to try!

I have a little script for deploying Vervis on my server. I just haven't published it yet and haven't explained how it works. If you're interested, ask me about it, and it will motivate me to write about it sooner :)