diff options
| author | Lars Wirzenius <liw@liw.fi> | 2021-01-23 11:43:52 +0200 |
|---|---|---|
| committer | Lars Wirzenius <liw@liw.fi> | 2021-01-23 11:48:06 +0200 |
| commit | 06d00d7d0028e6b39e768d6e43650c518808ea53 (patch) | |
| tree | 4847cf4ab4667d9b8e1fd2ca3d9fbc92b7196655 | |
| parent | 705b909c6cb75916404efe756eee8f7c65794d55 (diff) | |
| download | obnam2-06d00d7d0028e6b39e768d6e43650c518808ea53.tar.gz | |
doc: update README.md with server installation instructions
| -rw-r--r-- | README.md | 52 |
1 files changed, 49 insertions, 3 deletions
@@ -2,12 +2,58 @@ Obnam2 is a project to develop a backup system. -You probably want to read the [obnam.md](obnam.md) subplot file. This -README is just a placeholder. +You probably want to read the [obnam.md](obnam.md) subplot file. + +## Client installation + +See instructions at <https://obnam.org/download/> for installing the +client. It's not duplicated here to avoid having to keep the +information in sync in two places. + +## Server installation + +To install the Obnam server component, you need a Debian host with +sufficient disk space, and Ansible installed locally. Run the +following commands in the Obnam source tree, replacing +`obnam.example.com` with the domain name of your server: + +```sh +$ cd ansible +$ printf '[obnam-server]\nobnam.example.com\n' > hosts +$ ansible-playbook -i hosts obnam-server.yml -e domain=obnam.example.com +``` + +The above gets a free TLS certificate from [Let's Encrypt][], but only +works if the server is accessible from the public Internet. For a +private host use the following instead: + +```sh +$ cd ansible +$ printf '[obnam-server]\nprivate-vm\n' > hosts +$ ansible-playbook -i hosts obnam-server.yml +``` + +This uses a pre-created self-signed certificate from +`files/server.key` and `files/server.pem` and is probably only good +for trying out Obnam. You may want to generate your own certificates +instead. + +To create a self-signed certificate, something like the following +command might work, using [OpenSSL]: + +```sh +$ openssl req -x509 -newkey rsa:4096 -passout pass:hunter2 \ + -keyout key.pem -out cert.pem -days 365 -subj /CN=localhost +``` + + +[Let's Encrypt]: https://letsencrypt.org/ +[OpenSSL]: https://www.openssl.org/ + ## Legalese -Copyright 2020 Lars Wirzenius +Copyright 2020-2021 Lars Wirzenius This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by |