Self-hosted version
For Windows Server 2012 and up, or Ubuntu 16.04.5 LTS.
Update DeploymentClient.exe to new version (0.5.14.0) - released 14 april 2019
Download here. This is for both Linux and Windows installations.
- Extract
- Move deploymentclient.exe to dpc_packer\pkg (go here to see full path for both OS)
- Done. Clients will auto update.
This update solves unintentionally uninstalled programs. Last update only solved one part of the problem.
Update to new server version - released 22 oct 2018
Go here for Linux instructions or here for Windows instructions.
New:
- Share domain with other user.
- Bug fixes for creating packages (MDC feed, package creation and more.).
- The possibility to download installed programs as a CSV file.
- Other minor bug fixes and improvements.
- Notice: You have to update deploymentclient.exe manually. Download the latest version above.
How it works - short version
Sites:
- API: The public API (api.{domain})
- app: Reversed proxy that lets the site and devices talk to the main API (NodeJS server).
- dpcpacker: A service that are packing Deployment Client to an MSI file.
- feed: Slightly modified Nuget server to host all nuget feeds (Only Windows).
- package: Simple nuget package generator (from EXE and MSI files) (Only Windows).
- socket.io: Same as app, but for /socket.io. It points to the same NodeJS server.
- app: This is the public site (app.{domain}).
- mdcfeeddeploy: A service that deploys a new nuget feed (the MDC feed in Deployify) when a user is signing up (Only Windows).
Neo4j
Database. Accessible via http://localhost:7474.
Vault
A vault to store hashed user passwords. Encrypted storage that needs to be unsealed to be accessible.
Your server is configured to unseal your vault automatically on startup, which is not the way it should be done. It should not be automated, that's the whole point with Vault. But at least, you have the option to make it safer. We unseal our vault manually, so if the storage is stolen, it will not be accessible.
Deployment client
You are in control of Deployment client updates. Just put the new version, or old, in this folder:
Windows: %programdata%\MDC\api\dpc_packer\pkg
Ubuntu: {installdir}/api/dpc_packer/pkg
All clients will update to that version. We will post updates somewhere on this site for you to decide for yourself if you want to use them in your Deployify.
Readme - Ubuntu Server
This installation script is tested on Ubuntu Server 16.04.5 LTS. The script will install the Deployify server in the current dir.
Update your Ubuntu server before you attempt to install Deployify.
Installation:
- curl -L https://deployify.io/download_file/96/0 -o install.sh
- sudo sh install.sh {username} {domain}
Examples for #2:
sudo sh install.sh prince deployify.io
After installation:
Enable SSL:
Make sure that your server is available from internet.
-
Edit redbird.js
-
Change "production: false" to "production: true" on both occurrences.
- Make sure that the email-address that are provided exists, or change it to another valid, also on both occurrences.
The email address does not have to be related to your Deployify domain. - reboot
Be aware that your server could take a while to startup and get ready. Give it a few minutes after reboot is done.
Setup mail:
-
Edit mail settings: %programdata%\MDC\api\mailer\settings_template.js
-
Change to your preferences.
- Save as: settings.js
Enable Password Reset:
-
Edit settings: {installdir}/api/settings.js
-
Change "emailEnabled: false" to "emailEnabled: true"
-
Change "resetPasswordEnabled: false" to "resetPasswordEnabled: true"
General:
To see what's up, check site logs with this command (no sudo):
pm2 logs
Update:
This script will update Deployify server to the latest version.
- cd into your the root of your Deployify installation directory.
- curl -L https://deployify.io/download_file/94/0 -o update.sh
- sudo sh update.sh {username}
Example: sudo sh update.sh prince
Common errors:
Creating MSI package fails:
- Could be a Wine error of some kind - try to update Wine to v. 1.8.
Readme - Windows Server
Tip: Install the Deployment Client (MSI) on computers via GPO. Just remember that you only can have one valid Deployment Client MSI package at a time.
--- Before installation ---
1. Install .net 4.5.2
2. Install IIS
Select (Do not change default checks):
Web server -> Performance -> check Dynamic Content Compression
Web server -> Common HTTP Features -> check HTTP Redirection
Web server -> check Application Development (click yes to add suggested)-> and .net ASP.NET 4.5 (click yes to add suggested) AND WebSockets
--- Installation ---
1. Run installer.exe as administrator, and fill the form.
2. Click install.
--- After installation ---
1. Reboot server. Very important.
2. Setup SSL with Let's Encrypt:
Let's encrypt have to verify your domain and needs be able to access to your sites externally.
a. Download https://github.com/Lone-Coder/letsencrypt-win-simple/releases/download/v1.9.6.2/letsencrypt-win-simple.V1.9.6.2.zip
b. Extract ZIP.
c. Run letsencrypt.exe as administrator.
d. Add admin mail
e. Accept license
f. Choose N, to Create new certificate.
g. Choose 1, for a Single binding of an IIS site.
h. Choose the site that starts with app.
i. If no error occurred, then choose y to create a scheduled renewal task.
j. Provide the password for your windows account.
k. Repeat step a to e for the site that starts with api.
3. If you choose to use SSL, you might want to redirect incoming connections to app.{domain} to https to ensure secure communications and full function.
Go to {installdir}\MDC\MDC_app\web.config and uncomment the snippet that looks like this:
<!-- <rule name="Allow LetsEncrypt" patternSyntax="Wildcard" stopProcessing="true">
<match url=".well-known/*" />
<action type="None" />
</rule>
<rule name="Redirect HTTP to HTTPS" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" ignoreCase="false" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" />
</rule> -->
4. Setup mail:
a. Edit mail settings: %programdata%\MDC\api\mailer\settings_template.js
b. Change to your preferences.
c. Save as: settings.js
5. Enable Password Reset:
a. Edit settings: %programdata%\MDC\api\settings.js.
b. Change "emailEnabled: false" to "emailEnabled: true".
c. Change "resetPasswordEnabled: false" to "resetPasswordEnabled: true".
- Download the usual installation file.
- Unzip.
- Run updater.exe as administrator.
- Fill the form and click "Update".
- Reboot.
--- Important security notice ---
Deployify is using Vault (https://www.vaultproject.io/) to store hashed passwords. The storage is sealed and needs to be unsealed on every startup.
The keys are, for the sake of simplicity, stored on the server to unlock the Vault on server startup with a scheduled task.
Here is the batch file that is triggered by scheduled task on startup: %programdata%\MDC\vault\unseal_vault.bat. This contains 3 of 6 keys (only 3 of any of these are needed to unseal the vault).
All 6 keys are stored in %programdata%\MDC\vault\keys.txt.
To utilize the security of Vault, none of the keys should be stored here. It's up to you to manage this.
Plugins - How to install
Instructions on how to install plugins for Deployify server.
Installation:
- Download plugin (zip).
- Extract zip.
- Move the folder to (win) %programdata%\MDC\api\plugins\, or (Linux) {installdir}/api/plugins/.
- Restart server or restart node.
Note:
A plugin is a folder, and in that folder it should be at least one file named app.js (and possible other files and folders) directly in the plugin folder. For example: api\plugins\disable_signup\app.js.