Librum-Reader · DavidLazarescu · Nov 4, 2023 · Oct 26, 2023 · Oct 26, 2023 · Oct 26, 2023
diff --git a/self-hosting/librum-server.7 b/self-hosting/librum-server.7
@@ -0,0 +1,89 @@
+.TH librum-server 
+
+.SH NAME
+.B librum-server
+- the server for the Librum application
+
+
+.SH DESCRIPTION
+.B librum-server
+is a server running as a service 
+
+.SH INSTALLATION
+.TP
+After installing the librum-server package
+.RS 
+.B 1.
+Install and configure the MariaDb or MySql service
+.RS
+.LP 
+.B a)
+Edit /etc/mysql/mariadb.conf.d/50-server.cnf to set bind-address=127.0.0.1 and comment out the skip-networking option
+.LP
+.B b)
+Restart MySql server - systemctl restart mysqld
+.LP
+.B c)
+Run mysql and create a user for the mysql database. For example: 
+ALTER USER 'root'@'localhost' IDENTIFIED BY 'strongPassword123';
+.RE
+
+.LP 
+.B 2.
+Edit the configuration file at /etc/librum-server/librum-server.conf
+You must provide:
+.RS
+.LP
+.B JWTValidIssuer
+- Any string for key provider for example "myhomeKeyProvider"
+.LP
+.B  JWTKey
+- The secret key for JWT token generation (at least 20 symbols)
+.LP
+.B AdminEmail
+- An admin email for seeding the database with an admin account on the first run
+.LP
+.B AdminPassword
+- A password for the admin account (5 symbols minimum)
+.LP
+.B DBConnectionString
+- The connection string for Mysql (or MariaDB)
+for example "Server=127.0.0.1;port=3306;Database=my_database_name;Uid=mysql_user;Pwd=mysql_password;"
+.LP
+.B SMTPEndpoint
+- The smtp server endpoint used for sending emails to confirm your account
+.LP 
+.B SMTPUsername and SMTPPassword
+- The username and password for your smtp server
+.LP
+.B SMTPMailFrom
+- It is recommended to set this variable to be exactly the same email that you are using on your mail server
+.LP
+.B CleanUrl
+- A clean url without ports, it will be used to build the "reset password link".
+As an example, a server running on 127.0.0.1:5000 can be exposed to the web as https://myserver.com, so the CleanUrl would be https://myserver.com
+.RE
+.LP
+.B 3.
+Refresh the systemd services by running:  systemctl daemon-reload
+.LP
+.B 4.
+Run the server: systemctl start librum-server
+.LP 
+.B 5.
+Check status with: systemctl status librum-server
+.RE
+.LP 
+.B 6.
+Configure your librum-reader app to launch using your server. 
+In ~/.config/librum-server/librum-server.conf set selfHosted to true and set serverHost to the servers url (e.g. https://127.0.0.1:5001)
+
+.SH UNINSTALL
+.TP
+Delte the package and in ~/.config/librum-server/librum-server.conf, change selfHosted to false and serverHost to api.librumreader.com to switch back to the official servers.
+
+.SH DIAGNOSTICS
+.PP
+The activity of server is logged to /var/lib/librum-server/srv/Data/Logs and journalctl.
+
+
diff --git a/self-hosting/librum-server.conf b/self-hosting/librum-server.conf
@@ -0,0 +1,31 @@
+# Valid issuer for JWT Key - string
+JWTValidIssuer="exampleIssuer"
+
+# Secret key for JWT token generation (at least 20 symbols)
+JWTKey="exampleOfALongSecretToken"
+
+# An admin email for seeding the database with an admin account on the first run
+AdminEmail="admin@example.com"
+
+# A password for the admin account (5 symbols minimum)
+AdminPassword="strongPassword123"
+
+# The connection string for Mysql (or MariaDB)
+DBConnectionString="Server=127.0.0.1;port=3306;Database=my_database_name;Uid=mysql_user;Pwd=mysql_password;"
+
+# The smtp server endpoint used for sending emails to confirm your account
+SMTPEndpoint="smtp.example.com"
+
+# The username and password for your smtp server
+SMTPUsername="mailuser123"
+SMTPPassword="smtpUserPassword123"
+
+# It is recommended to set this variable to be exactly the same email that you are using on your mail server
+SMTPMailFrom="mailuser123@example.com"
+
+# A clean url without ports, it will be used to build the "reset password link".
+# As an example, a server running on 127.0.0.1:5000 can be exposed to the web as https://myserver.com, so the CleanUrl would be https://myserver.com
+CleanUrl="https://127.0.0.1"
+
+# Your OpenAI api token - If left empty, all Ai services will simply be disabled
+OpenAIToken=""
diff --git a/self-hosting/librum-server.service b/self-hosting/librum-server.service
@@ -0,0 +1,19 @@
+[Unit]
+Description=Server for the Librum application
+
+[Service]
+WorkingDirectory=/var/lib/librum-server/srv
+ExecStart=/var/lib/librum-server/srv/run.sh
+User=librum-server
+Restart=always
+# Restart service after 10 seconds if the dotnet service crashes:
+RestartSec=10
+KillSignal=SIGINT
+SyslogIdentifier=librum-server
+Environment=ASPNETCORE_ENVIRONMENT=Production
+Environment=DOTNET_PRINT_TELEMETRY_MESSAGE=false
+Environment=LIBRUM_SELFHOSTED=true
+EnvironmentFile=/etc/librum-server/librum-server.conf
+
+[Install]
+WantedBy=multi-user.target
diff --git a/self-hosting/run.sh b/self-hosting/run.sh
@@ -0,0 +1,4 @@
+#!/bin/bash
+
+cd /var/lib/librum-server/srv
+dotnet Presentation.dll
diff --git a/self-hosting/self-host-installation.md b/self-hosting/self-host-installation.md
@@ -0,0 +1,203 @@
+# Librum-Server
+The build and deploy process was tested on Ubuntu 22.04. It should work on any other linux distribution, but the commands might need to be adjusted. 
+
+<br>
+
+## Dependencies
+
+You will need `dotnet`, `openssl` and `mariadb-server`.
+<br>
+<br>
+To download dotnet7 follow: https://learn.microsoft.com/en-us/dotnet/core/install/linux (if you run into problems with the dotnet7 installation on ubuntu, this: https://stackoverflow.com/a/77059342 might help).
+<br>
+<br>
+download the other packages via:
+```
+sudo apt install openssl mariadb-server
+```
+to install all dependencies.
+
+<br>
+
+## Build
+
+To build the server, clone the repository and use `dotnet publish`
+
+```
+git clone https://github.com/Librum-Reader/Librum-Server.git
+cd Librum-Server
+dotnet restore
+cd src/Presentation
+dotnet publish  -c Release -o build  --no-restore --verbosity m
+
+```
+
+<br>
+
+## Install
+### Create a `librum-server` group and user
+
+```
+groupadd -r -f librum-server
+sudo useradd -r -g librum-server -d /var/lib/librum-server --shell /usr/sbin/nologin librum-server 
+```
+
+### Install the .service file for systemd  
+
+```
+cd ../..
+sudo install -d  /etc/systemd/system/
+sudo install self-hosting/librum-server.service -m660  /etc/systemd/system/
+```
+
+### Install the .conf file that contains the environment variables
+
+```
+sudo install -d  /etc/librum-server/
+sudo install -m660 self-hosting/librum-server.conf /etc/librum-server/
+```
+
+### Install the server
+
+```
+sudo mkdir -p /var/lib/librum-server/srv
+sudo cp src/Presentation/build/* /var/lib/librum-server/srv  --recursive
+sudo chmod --recursive 660 /var/lib/librum-server/
+sudo chmod 770 /var/lib/librum-server
+sudo chmod 770 /var/lib/librum-server/srv
+sudo install self-hosting/run.sh -m770 /var/lib/librum-server/srv
+sudo chown --recursive librum-server /var/lib/librum-server/
+```
+
+### Install the manpage  
+
+```
+mkdir -p /usr/share/man/man7  
+sudo install -m664 self-hosting/librum-server.7 /usr/share/man/man7
+```
+
+### Insall readme
+
+```
+sudo install -m664 self-hosting/self-host-installation.md /var/lib/librum-server/srv
+```
+
+### Create the SSL certificate for the server  
+
+```
+KEYOUT=/var/lib/librum-server/srv/librum-server.key
+CRTOUT=/var/lib/librum-server/srv/librum-server.crt
+PFXOUT=/var/lib/librum-server/srv/librum-server.pfx
+sudo /usr/bin/openssl req -x509 -newkey rsa:4096 -sha256 -days 365 -nodes -keyout $KEYOUT -out  $CRTOUT -subj "/CN=librum-server" -extensions v3_ca -extensions v3_req 
+sudo openssl pkcs12 -export -passout pass: -out $PFXOUT -inkey $KEYOUT -in $CRTOUT
+sudo chown librum-server $PFXOUT 
+```
+
+### Configure the server ports  
+
+Edit `/var/lib/librum-server/srv/appsettings.json` and change it to look like the following:
+
+```
+{
+  "Kestrel": {
+    "EndPoints": {
+      "Http": {
+        "Url": "http://127.0.0.1:5000"
+      },
+      "Https": {
+        "Url": "https://127.0.0.1:5001",
+		  "Certificate": {
+          "Path": "librum-server.pfx"
+        }
+      }
+    }
+  },
+  "Logging": {
+    "LogLevel": {
+      "Default": "Warning",
+      "Microsoft.AspNetCore": "Warning"
+    }
+  },
+  "AllowedHosts": "*",
+  "AzureKeyVaultUri": "https://librum-keyvault.vault.azure.net/",
+  "IpRateLimiting": {
+    "EnableEndpointRateLimiting": true,
+    "StackBlockedRequests": false,
+    "RealIpHeader": "X-Real-IP",
+    "ClientIdHeader": "X-ClientId",
+    "HttpStatusCode": 429,
+    "GeneralRules": [
+      {
+        "Endpoint": "post:/api/register",
+        "Period": "15m",
+        "Limit": 6
+      }
+    ]
+  }
+}
+```
+
+<br>
+
+## Run
+
+### Install and configure MariaDB
+
+Edit `/etc/mysql/mariadb.conf.d/50-server.cnf` (called differently on other linux distros e.g. `/etc/my.cnf.d/server.cnf` or `my.cnf`).
+
+Set `bind-adress` to `127.0.0.1` and if a `skip-networking` section exists, comment it out by adding a `#` infront of it.
+
+Then restart the mariaDB service:  
+
+```
+systemctl restart mysqld
+```
+
+#### Create Mysql user and password
+For example:
+
+```
+sudo mysql_secure_installation
+
+Switch to unix_socket authentication [Y/n] n
+Change the root password? [Y/n] y
+Remove anonymous users? [Y/n] y
+Disallow root login remotely? [Y/n] y
+Remove test database and access to it? [Y/n] y
+Reload privilege tables now? [Y/n] y
+```
+
+### Run the librum-server
+Firstly you must edit `/etc/librum-server/librum-server.conf` and change the variables following the comments above them.
+
+Then you can run:
+
+```
+sudo systemctl daemon-reload
+sudo systemctl start librum-server
+```
+
+to start the service.
+
+<br>
+
+## Note
+- By default the server listens to 5000 (http) and (5001) https. You can chage it in the `/var/lib/librum-server/srv/appsettings.json` file.
+- The server stores its files at `/var/librum-server/data_storage`
+- Logs are written to `/var/librum-server/srv/Data`
+
+<br>
+
+## Configuration for the client application
+
+By default the Librum client application is set up to use the official servers. To connect it with your self-hosted server, you will need to edit `~/.config/Librum-Reader/Librum.conf` and set `selfHosted=true` and `serverHost` to your server's url (e.g. `serverHost=https://127.0.0.1:5001`).<br>
+If there is no file at `~/.config/Librum-Reader/Librum.conf`, make sure that you have ran the application at least once before for the settings files to be generated.
+<br>
+<br>
+To switch back to the official servers, set `selfHosted=false` and `serverHost=api.librumreader.com`
+
+<br>
+
+## Questions
+
+If you have any questions or run into problems which you can't solve, feel free to open an issue.