Setting up Node Solid Server
Instructions on how to set up Node-Solid-Server and how to get help are available at its website, and some documentation is also provided below.
Example config for NSS on a root server
We assume Linux (Debian 8) on the host system. This is how it’s tested. The aim is to get a Solid Pod Server that is publicly reachable in the Internet using a reverse-proxy.
Connect root-server to net (depends on Hosting Service Provider) (you will need ssh)
- Order virtual server at Provider of your choice
- Assign Fully Qualified Domain Name to the machine
- Setup DNS properly
- Get and deploy https certificate
- ssh into the machine as user root
- Deploy two certificates with letsencrypt/certbot (domain-cert and wildcard-cert). Note that you might need to edit a DNS-text-record depending on the challenge.
- sample commands using certbot-auto
$ wget https://dl.eff.org/certbot-auto
$ mv certbot-auto /usr/local/bin/certbot-auto
$ chown root /usr/local/bin/certbot-auto
$ chmod 0755 /usr/local/bin/certbot-auto
$ cd /usr/local/bin/
$ ./certbot-auto certonly \
--manual \
--preferred-challenges=dns \
--email <a href="mailto:mail@host.com">mail@host.com</a> \
--server https://acme-v02.api.letsencrypt.org/directory \
--agree-tos \
-d example.org -d *.example.org
//now DNS-challenge
$ chmod -R 755 /etc/letsencrypt/live/
Configure a reverse proxy
The Solid server will run as a local Web server. You can directly expose the port it binds to, but you may also choose to access it through a reverse proxy. We provide some guidance for the following reverse proxies:
Install Node Solid Server
-
First, if it is not already done on your machine, install Node.js (version 12 or above), and npm (this guide provides detailed instructions).
-
Then, run the command
$ npm install -g solid-server
. After the init-command you’ll be prompted a series of questions to configure the server:
$ solid init
* ? Path to the folder you want to serve. Default is (./data) /var/www/your.host.example.org/data
? SSL port to run on. Default is (8443) 8443
? Solid server uri (with protocol, hostname and port) https://your.host.example.org
? Enable WebID authentication Yes
? Serve Solid on URL path /
? Path to the config directory (for example: /etc/solid-server) (./config) /var/www/your.host.example.org/config
? Path to the config file (for example: ./config.json) (./config.json) /var/www/your.host.example.org/config.json
? Path to the server metadata db directory (for users/apps etc) (./.db) /var/www/your.host.example.org/.db
? Path to the SSL private key in PEM format /etc/letsencrypt/live/your.host.example.org/privkey.pem
? Path to the SSL certificate key in PEM format /etc/letsencrypt/live/your.host.example.org/fullchain.pem
? Enable multi-user mode Yes
? Do you want to set up an email service (y/N) N
? A name for your server (not required) your.host.example.org
? A description of your server (not requred) undefined
? A logo (not required) undefined
? Do you want to enforce Terms & Conditions for your service (y/N) N
? Do you want to disable password strength checking (y/N) N
? The support email you provide for your users (not required) undefined
config created on /root/config.json
- Finally, make sure to create the paths that you entered if they do not already exist. You would also need to copy the config.json file to where you indicated it should be.
Run NSS at startup
- add user solid:
$ adduser --system --ingroup www-data --no-create-home solid
- create
/lib/systemd/system/solid.service
[Unit]
Description=solid - Social Linked Data
Documentation=https://solid.inrupt.com/docs/
After=network.target
[Service]
Type=simple
User=solid
WorkingDirectory=/var/www/your.host.example.org
ExecStart=/usr/bin/solid start
Restart=on-failure
[Install]
WantedBy=multi-user.target
- Create symlink
$ ln -s /lib/systemd/system/solid.service /etc/systemd/system/multi-user.target.wants/
- chown solid config directories and config-file:
$ cd /var/www/your.host.example.org/
$ chown solid:www-data config.json
$ chown solid:www-data -R config/ data/ .db/
- start the service:
$ systemctl start solid.service