NAME
azorius —
azorius administration
DESCRIPTION
The azorius daemon processes messages from
other federated servers. This is the admin manual. For user operation, see
azorius(1).
Setup
Set up a TLS reverse proxy. azorius can
listen on TCP or unix sockets, but will not terminate TLS. https is a
required component for federation. Also, http signature verification
requires accurate time keeping.
Make sure to pass the Host header, if necessary (as for nginx).
proxy_set_header Host $http_host;
Build
Building azorius requires a go compiler
1.18 and libsqlite. On OpenBSD this is the go and
sqlite3 packages. Other platforms may require additional development
libraries or headers to be installed, such as gcc or cc. Run make. Please be
patient. Even on fast machines, building from source can take several
seconds.
Options
The following options control where
azorius looks for data.
-datadirdir- The root data directory, where the database and other user data are stored. This directory contains all user data that persists across upgrades. Requires write access. Defaults to ".".
-viewdirdir- The root view directory, where html and other templates are stored. The contents of this directory are generally replaced with each release. Read only. Defaults to ".".
The following options control log output. Acceptable values include "stderr" (the default), "stdout", "null", "syslog", or a file name. syslog messages will be sent to the NEWS facility.
Init
Run the init command. This will create the
database and ask four questions, as well as creating the initial user.
Operation
Run azorius.
Customization
Site CSS may be overridden by creating a views/local.css file in the data directory. Site JS may similarly be included by creating views/local.js. A restart is required after changes.
Upgrade
Stop the old azorius process. Backup the database. Upgrade the
database with the upgrade command. Restart.
The current version of the azorius binary may be printed with the
version command.
Security
azorius is not currently hardened against
SSRF, server side request forgery. Be mindful of what other services may be
exposed via localhost or the local network.
Development
Development mode may be enabled or disabled by running
devel on|off. In devel mode,
secure cookies are disabled, TLS certs are not verified, and templates are
reloaded every request.
Advanced Options
Advanced configuration values may be set by running the
setconfig key value command.
For example, to increase the fast timeout value from 5 seconds to 10:
./azorius setconfig fasttimeout
10FILES
azorius files are split between the data
directory and the view directory. Both default to "." but may be
specified by command line options.
The data directory contains:
- azorius.db
- The main database.
- attachments
- Media and attachment storage.
- tempstore
- Temporary media and attachment storage.
The view directory contains:
- views
- HTML templates and CSS files.
EXAMPLES
This series of commands creates a new database, sets a friendly welcome message, and runs azorius.
azorius-v98> make azorius-v98> ./azorius -datadir ../azorius-data init listen address: /var/www/azorius.sock server name: azorius.example.com username: puffy password: OxychromaticBlowfishSwatDynamite azorius-v98> ./azorius -datadir ../azorius-data admin azorius-v98> date; ./azorius -log azorius.log -datadir ../azorius-data
Upgrade to the next version.
azorius-data> cp azorius.db backup.db azorius-data> cd ../azorius-v99 azorius-v99> make azorius-v99> ./azorius -datadir ../azorius-data upgrade azorius-v99> ./azorius -datadir ../azorius-data cleanup azorius-v99> date; ./azorius -log azorius.log -datadir ../azorius-data
ENVIRONMENT
Image processing and scaling requires considerable memory. It is recommended to adjust the datasize ulimit to at least 1GB.
SEE ALSO
CAVEATS
There's no online upgrade capability. Upgrades may result in minutes of downtime.