mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-02 02:11:18 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
052d219465d0471b9c5daec7479b2bf79255baac
opencloud/docs/ocis/deployment/systemd.md
Willy Kloucek 6590565a2f introduce OCIS_INSECURE option
2021-11-10 16:55:12 +01:00

2.4 KiB
Raw Blame History

title, date, weight, geekdocRepo, geekdocEditPath, geekdocFilePath
title date weight geekdocRepo geekdocEditPath geekdocFilePath
Systemd service 2020-09-27T06:00:00+01:00 16 https://github.com/owncloud/ocis edit/master/docs/ocis/deployment systemd.md

{{< toc >}}

Install the oCIS binary

Download the oCIS binary of your preferred version and for your CPU architecture and operating system from download.owncloud.com.

Rename the downloaded binary to ocis and move it to /usr/bin/. As a next step, you need to mark it as executable with chmod +x /usr/bin/ocis.

When you now run ocis help on your command line, you should see the available options for the oCIS command.

Systemd service definition

Create the Systemd service definition for oCIS in the file /etc/systemd/system/ocis.service with following content:

[Unit]
Description=OCIS server

[Service]
Type=simple
User=root
Group=root
EnvironmentFile=/etc/ocis/ocis.env
ExecStart=ocis server
Restart=always

[Install]
WantedBy=multi-user.target

For reasons of simplicity we are using the root user and group to run oCIS which is not recommended. Please use a non-root user in production environments and modify the oCIS service definition accordingly.

In the service definition we referenced /etc/ocis/ocis.env as our file containing environment variables for the oCIS process. In order to create the file we need first to create the folder /etc/ocis/ and than we can add the actual /etc/ocis/ocis.env with following content:

OCIS_URL=https://some-hostname-or-ip:9200
PROXY_HTTP_ADDR=0.0.0.0:9200
OCIS_INSECURE=false

OCIS_LOG_LEVEL=error

GLAUTH_LDAPS_CERT=/etc/ocis/ldap/ldaps.crt
GLAUTH_LDAPS_KEY=/etc/ocis/ldap/ldaps.key
IDP_TRANSPORT_TLS_CERT=/etc/ocis/idp/server.crt
IDP_TRANSPORT_TLS_KEY=/etc/ocis/idp/server.key
PROXY_TRANSPORT_TLS_CERT=/etc/ocis/proxy/server.crt
PROXY_TRANSPORT_TLS_KEY=/etc/ocis/proxy/server.key

Please change your OCIS_URL in order to reflect your actual deployment. If you are using self signed certificates you need to set OCIS_INSECURE=true in /etc/ocis/ocis.env.

Starting the oCIS service

You can enable oCIS now by running systemctl enable --now ocis. It will ensure that oCIS also is restarted after a reboot of the host.

If you need to restart oCIS because of configuration changes in /etc/ocis/ocis.env, run systemctl restart ocis.

You can have a look at the logs of oCIS by issuing journalctl -f -u ocis.

Reference in New Issue View Git Blame Copy Permalink