<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>How to run Oasis, a Secure Scuttlebutt client, on a remote server - Archive - MayVaneDay Studios</title> <link href="../style.css" rel="stylesheet" type="text/css" media="all"> <meta name="author" content="Vane Vander"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> </head> <body class="mayvaneday"> <article> <div class="box"> <h1>How to run Oasis, a Secure Scuttlebutt client, on a remote server</h1> <p>published: 2021-11-13</p> </div> <hr> <div class="box"> <p>This tutorial assumes you already have a functioning Node.js and Caddy installation.</p> <ol type="1"> <li>Install Oasis.</li> </ol> <code>git clone https://github.com/fraction/oasis.git<br />cd oasis<br />npm install</code> <p>Test the installation by running <code>node .</code> (yes, including the period).</p> <ul> <li>If the output stops after a few lines and isn't an obvious Node error, hit Control and C at the same time to exit; you're ready for the <code>systemd</code> file.</li> <li>If you get an error about port 3000 already being in use, use the command <code>node . --port PORTNUMBER</code> instead, where <code>PORTNUMBER</code> is any open port you want.</li> </ul> <p>If your instance immediately throws <a href="https://github.com/fraction/oasis/issues/718#issuecomment-927379995">an error about <code>ssb.friends.get</code></a>:</p> <code>git checkout 4e8f7426a4eb1d95f6e55cf894a3168f523f8af8<br />rm -rf node_modules<br />npm install</code> <ol start="2" type="1"> <li>Prepare the <code>systemd</code> daemon file.</li> </ol> <p>Edit <code>/lib/systemd/system/oasis.service</code> as root with your favorite text editor. Paste the following:</p> <pre> [Unit] Description=Oasis client for Secure Scuttlebutt After=network.target [Service] User=YourUsername Group=YourUsername ExecStart=/path/to/your/node/binary . --port 8787 WorkingDirectory=/path/to/where/you/cloned/oasis/ TimeoutStopSec=5s LimitNOFILE=1048576 PrivateTmp=true ProtectSystem=full [Install] WantedBy=multi-user.target </pre> <p>Replace <code>/path/to/your/node/binary</code> with whatever comes up when you run <code>which node</code>. You may need to change this if you update Node.</p> <ol start="3" type="1"> <li>Edit your Caddyfile. (This will probably also require root.)</li> </ol> <pre> yourdomain.tld { reverse_proxy 127.0.0.1:PORTNUMBER { header_up Host 127.0.0.1 header_up Referer http://localhost } basicauth * { AnyUsernameYouWant EXTREMELYLONGCADDYHASHHERE } } </pre> <p><code>EXTREMELYLONGCADDYHASHHERE</code> is used instead of an actual password so you don't have cleartext credentials hanging around. Generate this with <code>caddy hash-password</code>. Make sure you save your actual password in a password manager, as you can't reverse a hash!</p> <p>The <code>header_up</code> lines are there to trick Oasis into thinking it is running on a local machine, as it (very aggressively) wants to be. Normally this would be true, as Secure Scuttlebutt is peer-to-peer and intended to be run on a personal device that may see intermittent internet connectivity. However, if you're looking at this tutorial, you probably want to host a public peer as an <em>actually functioning</em> alternative to a <a href="https://github.com/ssbc/ssb-server">pub</a> or <a href="https://github.com/ssb-ngi-pointer/go-ssb-room/">room</a>.</p> <ol start="4" type="1"> <li>Get everything running.</li> </ol> <code>sudo systemctl daemon-reload<br />sudo systemctl restart caddy<br />sudo systemctl start oasis && sudo systemctl enable oasis</code> </div> <hr> <div class="box"> <p align=right>CC BY-NC-SA 4.0 © Vane Vander</p> </div> </article> </body> </html>