rainbownapkin/canopy
1
0
Fork 0
Code Issues 2 Pull requests Actions Packages Projects Releases Wiki Activity
Page: install debian
Pages
Setting up an HLS Broadcast server with NGINX ferretdb debian home install debian legacy_dataset_dump mongodb debian
24 install debian
rainbow napkin edited this page 2025-05-21 12:22:24 +00:00
Table of Contents
title
Setting up a fresh install of Canopy over Debian 12 Bookworm

Step-by-step procedure for Setting up a fresh install of Canopy over Debian 12 Bookworm:

Before installing make sure you have already prepped your database.

Installation

  1. Install node.js and NPM sudo apt install nodejs npm
  2. Yoink a copy of canopy `git clone https://gitlab.com/rainbownapkin/canopy.git && cd canopy'
  3. Install dependencies from NPM npm install
  4. Copy a new config file off of the included reference cp config.example.json config.json
  5. Fill out the newly copied config with a text editor, don't forget to set your DB password or make up a sessionSecret!
  6. Run npm run start, or npm run start:dev if you want it to auto-restart on file save (requires nodemon installed via npm)
  7. The server is now installed, and ready for basic development/testing use! See the Admin Account Setup section for account setup.

Canopy as a System Service Setup

  1. Create a user named 'canopy' and move the production canopy folder to it's home dir, making sure to give it ownership and exclusive permissions
  2. Create a new file at /etc/systemd/system/canopy.service, and add:
[Unit]
Description=canopy
After=network.target

[Service]
User=canopy
WorkingDirectory=/home/canopy/canopy/
ExecStart=node /home/canopy/canopy/src/server.js
Restart=always

[Install]
WantedBy=multi-user.target
  1. Run sudo systemctl enable --now canopy to run canopy in the background as a system service now, and automagically on application crash or system boot

SSL Setup

  1. Ignore the EFF's instruction like an asshole, and install certbot through apt sudo apt install certbot.
    Snap is garbage and pip is weird on Debian 12. Was having issues with pulling it over pipx.
  2. Run sudo cerbot certonly --webroot to initiate the certificate challenge
  3. Accept the ToS and make decisions about your email address usage.
  4. Enter your instance domain name
  5. Enter your webroot location (such as '/home/canopy/canopy/www')
  6. Hand the certs over to the 'canopy' user sudo chown canopy:canopy -R /etc/letsencrypt/live
  7. Add the new cert and key file to your config, and set protocol to HTTPS

Reverse-Proxy Setup

  1. Install NGINX sudo apt install nginx

Server-Hardening

###This will be documented once we start public testing, for now development boxes don't need this.

###At some point we will document basic server hardening for canopy such as proper SSH configurations, and firewall rules.

Admin Account Setup

  1. Start-up canopy npm run start
  2. Navigate to your servers ip/domain name in your web-browser. (including port if it's set to non-standard w/o a reverse-proxy in-front of it.)
  3. Create a new user account (don't log in yet, if you do log-out so you won't have a stale session hanging around.)
  4. Drop into a mongosh under the canopy user mongosh --authenticationDatabase "canopy" -u "canopy"
  5. Switch over to the canopy database use canopy
  6. Update the user document 'rank' property to 'admin': db.users.updateOne({user:'USER_NAME'},{$set: {rank:'admin'}})

You may now log-in to your spanky-new canopy instance with your fresh admin account. You are ready to start making channels and taking tokes!