Self hosting

[Shane]

I like this project and I'd like to make it easier to host yourself. I got the server built and running locally and I think I can make this easily deployable to heroku (via the Heroku Button or something). I have a couple of questions though:

1. Does this seem like a useful thing to do? Has it been done yet?
2. I read in a post that there is a hidden preference to set the server url in the browser extension, how do you do that?
3. When running ant server, it says 'Generating random secrets for testing; should not happen in production'. What do you do instead?
4. Any other tips/tricks to running this in production securely?

[Evan Jones]

I think anything that makes Mitro easier for people to run themselves would be totally welcome. 

Hidden preference: go to chrome-extension://iljkkpbfidmehafdbcacnhcaipdgbeij/html/preferences.html

3: the "ant server" target passes -DgenerateSecretsForTest=true , which causes that to happen. Without that flag, it will attempt to read a Keyczar signing key from mitrocore_secrets/sign_keyczar ; There is some additional documentation here: https://github.com/mitro-co/mitro/tree/master/mitro-core/production/ansible

Those ansible scripts handle *some* of the work of setting up a new instance on a machine. While we used them a lot for deploying updates, its only been lightly tested for setting up a brand new instance, so there will likely be bugs. Hope that helps,

Evan

--
You received this message because you are subscribed to the Google Groups "Mitro developers list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mitro-dev+...@googlegroups.com.
To post to this group, send email to mitr...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/mitro-dev/53eb66b1-c35b-4014-9c73-07bf0be09a83%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Anirudh Ranganath]

Hey

I was looking to take an open source project like this and self host on a cloud database too.

I only knew about keepass until a couple of minutes ago. I'm going through some documentation, and if you haven't already completed developing this feature, I would love to help out. 

Anirudh

[Michael Norman]

I have forked Mitro (https://github.com/mwnorman/mitro) to work on a 'pi'-version: - reduce footprint, replace Postgres with H2

basically trying to create a single jar that can run on a Raspberry Pi B(+)  

Any advice would greatly appreciated!

---

Mike Norman

[Shane]

I've actually got this running on heroku now. There are a few changes that I had to make but it wasn't anything too big. I will be submitting a proper pull request soon so keep an eye out. I'll try to post more details when it is ready and easy to use.

[Paul]

Shane,

Thanks for the good news.  I'm trying to get the Mitro server to run in Tomcat, over an existing database.  So far, I'm able to get the server running in the "test" mode by adding generateSecretsForTest="true".  modifying the client was pretty easy (good work on the part of the Mitro dev team).  So, the servlets are deployed in Tomcat, they attach to the postgres database, then bombs. My remaining issue is generating the "production" keys,

Any pointer on how to get the keys gen'd is greatly appreciated.  I have an SSL cert installed in Tomcat, but would be happy with anything working so I can see how the puzzle pieces fit.

Thanks in advance,

Paul

[Shane]

Generating the keys is pretty easy. You can find the commands here:

https://github.com/mitro-co/mitro/tree/master/mitro-core/production/ansible

Scroll down to 'Deploying a new primary with new data' around step 5. The formatting on that page is a bit off, there is more than 1 command there but you should be able to parse it out a bit. I haven't dealt with the ssl stuff, but that would be tomcat specific and I don't think the ssl keys are anything mitro cares about. Mainly it needs the keyczar keys. But they are easy to generate and if you remove that generateSecretsForTest option, mitro will tell you right away if you don't have it correctly. Main thing is getting them in the correct folder path. Hope that helps!

[Shane]

Generating the keys is pretty easy. You can find the commands here:

https://github.com/mitro-co/mitro/tree/master/mitro-core/production/ansible

Scroll down to 'Deploying a new primary with new data' around step 5. The formatting on that page is a bit off, there is more than 1 command there but you should be able to parse it out a bit. I haven't dealt with the ssl stuff, but that would be tomcat specific and I don't think the ssl keys are anything mitro cares about. Mainly it needs the keyczar keys. But they are easy to generate and if you remove that generateSecretsForTest option, mitro will tell you right away if you don't have it correctly. Main thing is getting them in the correct folder path. Hope that helps!

On Sunday, November 16, 2014 6:51:43 PM UTC-6, Paul wrote:

[Paul]

Thanks Shane,

After lots of ansible configuration corrections the primary is throwing out an error:
 refusing to convert between file and link for .... mitrocore.jar
Some goolge'ng around has gotten me to review the state=??? ansible setting for files; they appear to be correct.  Viz. all of the state vars are set to file where a file is named, directory where directories are named, etc.

Anything I should try?

Thanks in advance.