Etebase: Difference between revisions

From NixOS Wiki
imported>Underknowledge
m Working config with reverse proxy plus minor comments
imported>Ngasull
Fix config env variable as per https://github.com/etesync/server/blob/e9de8f1adb16b47becf700100333c38b8e860f5c/etebase_server/settings.py#L145
Line 45: Line 45:




As a super user, run this command: <code>ETEBASE_EASY_CONFIG_INI=/path/to/etebase-server.ini etebase-server createsuperuser</code> and that should prompt you to create a user.
As a super user, run this command: <code>ETEBASE_EASY_CONFIG_PATH=/path/to/etebase-server.ini etebase-server createsuperuser</code> and that should prompt you to create a user.


Login with these credentials to https://etebase.your.domain/admin and create users for your etebase clients through the GUI.
Login with these credentials to https://etebase.your.domain/admin and create users for your etebase clients through the GUI.

Revision as of 13:02, 7 January 2024

Etebase is an end-to-end encrypted backend as a service. Think Firebase, but encrypted in a way that only your users can access their data.

This is a basic configuration to run the Etebase server:

  networking.firewall.allowedTCPPorts = [ 443 ];
  services = {
    etebase-server = {
      enable = true;
      unixSocket = "/var/lib/etebase-server/etebase-server.sock"; 
      user = "etebase-server";
      settings = {
        global.debug = false;
        global.secret_file = "/path/to/secret"; # mind permissions
        allowed_hosts.allowed_host1 = "etebase.your.domain";
      };
    };
    nginx = {
      enable = true;
      recommendedOptimisation = true;
      recommendedProxySettings = true;
      recommendedTlsSettings = true;
      recommendedGzipSettings = true;
      virtualHosts."etebase.your.domain" = {
        enableACME = true;
        forceSSL = true;
        locations."/".proxyPass = "http://unix:/var/lib/etebase-server/etebase-server.sock";
      };
    };
  };

For the server to accept requests from a remote machine allowed_host1 variable should be set as the server's subdomain/domain name and your proxy has to present a Host header.

The django secret key is preferably a randomly generated key, the use of a secret managing scheme might prove useful. see Comparison_of_secret_managing_schemes.

Admin user

To use the Etebase server, the creation of an admin account is required. This requires manual intervention:

First you need to find where the generated .ini configuration file is located:

ls /nix/store | grep etebase-server.ini


As a super user, run this command: ETEBASE_EASY_CONFIG_PATH=/path/to/etebase-server.ini etebase-server createsuperuser and that should prompt you to create a user.

Login with these credentials to https://etebase.your.domain/admin and create users for your etebase clients through the GUI.

See also