1
# Running `upspinserver` on Ubuntu 16.04
3
These instructions are part of the instructions for
4
[Setting up `upspinserver`](/doc/server_setup.md).
5
Please make sure you have read that document first.
9
These instructions assume you have access to an Debian or Ubuntu linux
10
server, and that the server is reachable at your chosen host name.
11
(`upspin.example.com`)
13
> Note that these instructions have been verified to work against Ubuntu 16.04.
14
> The exact commands may differ on your system.
16
Once the server is running you should log in to it as root and configure it to
17
run `upspinserver` by following these instructions.
19
## Create a user for `upspinserver`
21
The following commands must be executed on the server as the super user, `root`,
22
perhaps via `sudo su`.
24
Create a Unix account named `upspin`:
30
Give yourself SSH access to the `upspin` account on the server (a convenience):
37
$ cat > .ssh/authorized_keys
38
(Paste your SSH public key here and type Control-D and Enter)
41
## Build `upspinserver` and copy it to the server
43
From your workstation, run these commands:
46
$ GOOS=linux GOARCH=amd64 go build upspin.io/cmd/upspinserver
47
$ scp upspinserver upspin@upspin.example.com:.
50
## Run `upspinserver` on server startup
52
The following commands must be executed on the server as the super user, `root`.
54
These instructions assume that your Linux server is running `systemd`.
56
Create the file `/etc/systemd/system/upspinserver.service` that contains
57
the following service definition.
61
Description=Upspin server
64
ExecStart=/home/upspin/upspinserver
70
WantedBy=multi-user.target
73
### Allow `upspinserver` to listen on port `443`
75
The `upspinserver` binary needs to listen on port `443` in order to obtain
76
its TLS certificates through [LetsEncrypt](https://letsencrypt.org/).
78
Normally only user `root` can bind ports below `1024`.
79
Instead of running `upspinserver` as `root` (which is generally discouraged),
80
we will grant the `upspinserver` binary this capability by using `setcap` (as
84
$ setcap cap_net_bind_service=+ep /home/upspin/upspinserver
87
Note that you need to run this `setcap` command whenever the `upspinserver`
92
Use `systemctl` to enable and start the service:
95
$ systemctl enable --now /etc/systemd/system/upspinserver.service
98
You may also use `systemctl stop upspinserver` and `systemctl restart
99
upspinserver` to stop and restart the server, respectively.
101
You can use `journalctl` to see the log output of the server:
104
$ journalctl -f -u upspinserver
110
You can now continue following the instructions in
111
[Setting up `upspinserver`](/doc/server_setup.md).