-
Notifications
You must be signed in to change notification settings - Fork 0
2. Installation
Currently, the following OSes are officially tested and supported:
- Ubuntu 24.04 LTS (Noble Numbat)
- Debian 12 (Bookworm)
- Arch Linux (Rolling, State 2024-10-07)
Installation Instructions are given for Debian and Ubuntu, please adapt them for your OS accordingly.
Any system that is able to run an ASP.NET Runtime should work. Check the Microsoft .NET Releases page for details:
https://dotnet.microsoft.com/en-us/download/dotnet/8.0
To run and install AnonKey on your server, you need the Dotnet SDK, the ASP.NET Core Runtime, and make.
To install them, execute the commands below:
Ensure the package database and packages are up-to-date:
sudo apt update && sudo apt upgrade -yAdd the Microsoft Dotnet Repository
wget https://packages.microsoft.com/config/debian/12/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
sudo dpkg -i packages-microsoft-prod.deb
rm packages-microsoft-prod.deb
sudo apt updateInstall the .NET SDK and runtime
sudo apt install dotnet-sdk-8.0 aspnetcore-runtime-8.0Ensure the package database and packages are up-to-date:
sudo apt update && sudo apt upgrade -yInstall the .NET SDK and runtime
sudo apt install dotnet-sdk-8.0 aspnetcore-runtime-8.0Currently, only one installation option exists. More might be coming soon, including Debian Packages.
The Makefile in the repository will automatically build and install the application to /opt/AnonKey/, creating a service in the process.
To install AnonKey using the Makefile, install make:
sudo apt install makeAfterwards, clone the repository (or it's contents) onto the server.
Note
Please do not clone the repo to /opt/AnonKey/!
Warning
The following step will erase the contents of /opt/AnonKey. Please do NOT use this method to update the server!
Enter into the AnonKey directory, then execute the installation.
sudo make installThe service is now installed, and will be started on the next system startup. If you would like to start it now, run
sudo systemctl start AnonKey.serviceNote
You may install a debug version of AnonKey if you would like to.
Do do so, instead of make install, run make install-debug, and use the AnonKey-Debug.service.
TLS should be used to secure your endpoint. To achieve TLS, you need to set up a reverse proxy with a trusted TLS certificate. This guide uses Nginx as a reverse proxy, and certbot to acquire certificates. Any other reverse proxy that supports TLS should work though.
To install and start nginx, use the following command:
sudo apt install nginx
sudo systemctl enable --now nginxBelow you can see a sample configuration for AnonKey. You may need to adapt the IP address and possibly the port accordingly. The default port is 5000 in production deployments.
server {
listen 80;
listen [::]:80;
server_name api.anonkey.lightjack.de;
location / {
proxy_pass http://10.33.0.6:5000/;
include proxy_params;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}Place this configuration file under /etc/nginx/sites-available, then symlink it to /etc/nginx/sites-enabled:
cd /etc/nginx/sites-enabled
sudo ln -sf ../sites-available/{your_nginx_config_file.conf} .To get trusted TLS certificates, you will need some form of public hostname. This can be a domain, or a DynDNS hostname.
Once you have configured that hostname, follow the Certbot instructions for Nginx: https://certbot.eff.org/instructions?ws=nginx&os=pip
AnonKey itself does not require internet access. The OS it is running on usually does though!
AnonKey uses the following ports:
| Port | Usage |
|---|---|
| 5000 | API Interaction |
It is generally bad practice to run software as root, especcially if it is exposed to the internet. To run AnonKey as a non-root user, create a user, and modify the service file accordingly:
sudo vim /etc/systemd/system/AnonKey.service[Unit]
Description=AnonKey API Backend
Wants=network.target
After=network-online.target syslog.target
[Service]
Environment="ASPNETCORE_HTTP_PORTS=5000"
WorkingDirectory=/opt/AnonKey
Type=simple
User={USERNAME HERE}
ExecStart=/opt/AnonKey/AnonKey-Backend
Restart=always
RestartSec=5
[Install]
WantedBy=multi-user.targetThen restart the service:
sudo systemctl restart AnonKey.service