self hosting

189 views
Skip to first unread message

Christian Lallemand

unread,
Oct 30, 2014, 3:46:58 AM10/30/14
to mitr...@googlegroups.com
Hi i'm currently trying to install an own mitro instance,

server is up and running. but i have still a fiew questions.
  1. How can i define on which port the server runs or should i use nginx and point the backend to 8080 ?
  2. How can i register with my own installation ? Or is it required to registr with mitro.co ?
  3. How can i compile android app and browser plugins with the url from my installation ?

So many questions, hopefully someone can help me.

Looking forward to get some help here.

Many thanks in advance!

Vijay Pandurangan

unread,
Oct 30, 2014, 9:31:54 AM10/30/14
to Christian Lallemand, mitr...@googlegroups.com
There's a pull request that I just made a few comments on that will allow the site to be hosted on heroku. It should be merged shortly ... Maybe you could email with the author of that for more info: https://github.com/mitro-co/mitro/pull/72

--
You received this message because you are subscribed to the Google Groups "Mitro developers list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mitro-dev+...@googlegroups.com.
To post to this group, send email to mitr...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/mitro-dev/627961fc-0592-4160-8396-bd930e79d7ad%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Shane

unread,
Oct 30, 2014, 11:01:58 PM10/30/14
to mitr...@googlegroups.com
Hey Christian, Once you've got the server running, hit this url:

chrome-extension://iljkkpbfidmehafdbcacnhcaipdgbeij/html/preferences.html

The first part of that url might change, so I usually just hit sign up, get the sign up page, and then change the url to say preferences.html. Also note, until my change get merged, you'll have sign in to mitro.co first to be able to get to the preferences page. Or you can hack preferences.js on your local like I did, see the PR for details on that.

I'm working on a custom buildpack to allow for Heroku hosting. I've got it close but need to figure out the production signature stuff first. Once that is resolved it should be a 2 click install to get the server installed and running on heroku.

-Shane

Vijay Pandurangan

unread,
Nov 2, 2014, 11:47:55 AM11/2/14
to Shane, mitr...@googlegroups.com
OK, I merged in Christian's change. Once you revert your changes to the .java files, Shane, your change should be good to go! Looking forward to further updates. Happy to have you write a blog post on mitro.co and I'll tweet about it if you get documentation and a two-click heroku install :).

Vijay

--
You received this message because you are subscribed to the Google Groups "Mitro developers list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mitro-dev+unsubscribe@googlegroups.com.

To post to this group, send email to mitr...@googlegroups.com.

Shane

unread,
Nov 2, 2014, 8:23:52 PM11/2/14
to mitr...@googlegroups.com, shane...@gmail.com
Sounds good. Only thing left to solve is the keys. Can you explain a little more what they are used for? What would be the implication of re-generating new keys on every deploy (i.e., when the code was updated)? 

I can easily run the openssl commands and copy the keys on a heroku deploy, but it will happen on every git-push for deployment. If I can't do it every time, I'll have to find a way to generate the same key each time, or generate them locally and upload (less ideal since it is a manual step, but can do if necessary). I've got it working now but it still does generateSecretsForTest, how bad is that in production?

-Shane

On Sunday, November 2, 2014 10:47:55 AM UTC-6, Vijay P wrote:
OK, I merged in Christian's change. Once you revert your changes to the .java files, Shane, your change should be good to go! Looking forward to further updates. Happy to have you write a blog post on mitro.co and I'll tweet about it if you get documentation and a two-click heroku install :).

Vijay

On Thu Oct 30 2014 at 11:01:59 PM Shane <shane...@gmail.com> wrote:
Hey Christian, Once you've got the server running, hit this url:

chrome-extension://iljkkpbfidmehafdbcacnhcaipdgbeij/html/preferences.html

The first part of that url might change, so I usually just hit sign up, get the sign up page, and then change the url to say preferences.html. Also note, until my change get merged, you'll have sign in to mitro.co first to be able to get to the preferences page. Or you can hack preferences.js on your local like I did, see the PR for details on that.

I'm working on a custom buildpack to allow for Heroku hosting. I've got it close but need to figure out the production signature stuff first. Once that is resolved it should be a 2 click install to get the server installed and running on heroku.

-Shane


On Thursday, October 30, 2014 2:46:58 AM UTC-5, Christian Lallemand wrote:
Hi i'm currently trying to install an own mitro instance,

server is up and running. but i have still a fiew questions.
  1. How can i define on which port the server runs or should i use nginx and point the backend to 8080 ?
  2. How can i register with my own installation ? Or is it required to registr with mitro.co ?
  3. How can i compile android app and browser plugins with the url from my installation ?

So many questions, hopefully someone can help me.

Looking forward to get some help here.

Many thanks in advance!

--
You received this message because you are subscribed to the Google Groups "Mitro developers list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mitro-dev+...@googlegroups.com.

Vijay Pandurangan

unread,
Nov 2, 2014, 9:10:59 PM11/2/14
to Shane, mitr...@googlegroups.com
The keys are used to sign various things. If the keys change, anything signed by the system previously will no longer work.  For instance, device verification emails will no longer work if the keys change between restarts.

Each "domain" should ideally have a static set of keys that doesn't change regardless of new deploys. This is equivalent to an OAUTH key for instance and should not be stored in source. 

One idea is to generate these keys as part of the initial deployment script, then storing them on persistent storage. I'm not familiar with heroku but perhaps there's a way to store keys in a persistent KV store. Then of course anyone w/ access to those keys could impersonate the server. You could solve this by encrypting those keys with a passphrase (use the built-in pbkdf2) and then requiring the admin enter that passphrase every time the system is restarted.

To view this discussion on the web visit https://groups.google.com/d/msgid/mitro-dev/d3c49220-302d-4ecf-a3e6-97668673e40d%40googlegroups.com.

Evan Jones

unread,
Nov 3, 2014, 9:53:55 AM11/3/14
to Vijay Pandurangan, Shane, mitr...@googlegroups.com
The "test" localhost server does generate the keys every time you start it. As Vijay mentions: this means things like verification links in previous emails no longer work. In an environment like Heroku, you definitely want this to be shared across any instances of the server that it might start on your behalf. It would be very problematic if you ran multiple instances of the frontend with different keys.

Evan



Shane

unread,
Nov 3, 2014, 11:04:06 AM11/3/14
to mitr...@googlegroups.com, vij...@gmail.com, shane...@gmail.com
Ok, thanks for the info, I think I have a solution for the keys. I need to give it a bit more of a test and clean a few things up but I think I have this working. I'll post some more info soon. I just realized the mailer will have to get set up too, but that will probably be easier than the server.

Vijay Pandurangan

unread,
Nov 3, 2014, 11:06:50 AM11/3/14
to Shane, mitr...@googlegroups.com
The mailer should hopefully be pretty trivial. 
Reply all
Reply to author
Forward
0 new messages