diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..e69de29 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..ebe5af0 --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +config/pushconfig.yml +config/tsconfig.yml +.DS_Store +certs/ diff --git a/Dockerfile b/Dockerfile index f40e014..ff53f06 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,24 +1,26 @@ -# Open Whisper Systems TextSecure Server +FROM ubuntu:15.10 -# Build the image with -# docker build --rm -t whisper . +MAINTAINER Jani Monoses -# Run the container in a directory containing the jar/ and config/ dirs -# and the scripts referenced here -# -# docker run -p 8080:8080 -p 8081:8081 -P -v $(pwd):/home/whisper -it whisper +RUN apt-get update && \ + apt-get install -y redis-server postgresql \ + python-software-properties supervisor software-properties-common sudo -FROM ubuntu:15.10 +RUN add-apt-repository -y ppa:webupd8team/java -MAINTAINER Jani Monoses +RUN echo "oracle-java7-unlimited-jce-policy shared/accepted-oracle-license-v1-1 select true" | debconf-set-selections -RUN DEBIAN_FRONTEND='noninteractive' apt-get update && apt-get install -y sudo redis-server postgresql openjdk-7-jre-headless supervisor +RUN apt-get update && apt-get install -y oracle-java7-unlimited-jce-policy git maven RUN adduser --disabled-password --quiet --gecos Whisper whisper ENV HOME /home/whisper +ENV JAVA_HOME /usr/lib/jvm/java-7-oracle WORKDIR /home/whisper COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf +COPY config /home/whisper/ +COPY jar/ /home/whisper/ +COPY run-server.sh /home/whisper RUN /etc/init.d/postgresql start && \ sudo -u postgres psql --command "CREATE USER whisper WITH SUPERUSER PASSWORD 'whisper';" && \ @@ -27,4 +29,7 @@ RUN /etc/init.d/postgresql start && \ EXPOSE 8080 8081 -CMD ./run-server +VOLUME /home/whisper/config +VOLUME /home/whisper/certs + +CMD ./run-server.sh diff --git a/README.md b/README.md index 187929f..df61744 100644 --- a/README.md +++ b/README.md @@ -1,19 +1,63 @@ Docker container to run TextSecure server ----------------------------------------- -This relies on the user providing the textsecure and push server jars in -jar/ and the config files under config/. +This is a docker to build your own TextSecure server. You can find the latest pre-build jars in the java folder. -See the Dockerfile comments for how to build the image. The container can -be run from the root of this repository. +## Build -Using https ------------ +To build the image run +```bash +docker build -t textsecure/server . +``` +This command will package all the required deps. Feel free to split the various dependencies in several docker. + +## Run + +To run the image + +```bash +docker run -d -p 8080:8080 -p 8081:8081 -v :/home/whisper/config -v :/home/whisper/certs textsecure/docker +``` + +Required services to be configured: + +- Twilio: for sms broadcasting(for registration in TextServer). **Required to start the TextSecure Server.** +- AWS S3: for documents in TextSecure. **Required to start the TextSecure Server.** +- Google developer: for push notifications. **Required to start the PushServer Service.** +- Apple Developer: for push notifications. **Required to start the PushServer Service.** + + +### Using https You can generate a root CA, host key and certificates and keystores for the server -using the gencert scripts, for example if your server is running on 192.168.1.100 +using the gencert scripts, for example if your server is running on 192.168.1.100 run +```bash ALTNAME=IP:192.168.1.100 ./gencerts +``` Copy the resulting example.keystore to config/ as referenced by tsconfig.yml and the rootCA.crt file to the client (pointed at by the rootCA config item in the Go client). + +### Generate Certificate for Apple + +Redo the following commands for push and voip +```bash + +# create cert.pem +openssl pkcs12 -in archive.p12 -nokeys -out cert.pem + +# create private key.pem +# need to enter password +# need to enter passphrase +openssl pkcs12 -in archive.p12 -nocerts -out private_key.pem + +# remove passphrase from key +# need to enter passphrase +openssl rsa -in private_key.pem -out private_key.rsa.pem + +``` + +**Rename the generated key and certificate so that the prefix match your appId Name** +I.E. if the id of your app is `com.example.MyApp` the name of the certificates and key files +should be `MyAppWhateverYouWantKey.pem`. diff --git a/build_source.sh b/build_source.sh new file mode 100644 index 0000000..549010e --- /dev/null +++ b/build_source.sh @@ -0,0 +1,18 @@ +#!/usr/bin/env bash + +# git clone https://github.com/WhisperSystems/WebSocket-Resources.git +git clone https://github.com/fabiofumarola/WebSocket-Resources.git +cd WebSocket-Resources && git checkout v0.3.2 && mvn install -Dskiptest && cd .. + +# git clone https://github.com/WhisperSystems/dropwizard-simpleauth.git +git clone https://github.com/fabiofumarola/dropwizard-simpleauth.git +cd dropwizard-simpleauth && mvn install -Dgpg.skip && cd .. + +git clone https://github.com/WhisperSystems/TextSecure-Server.git +cd TextSecure-Server && git checkout v0.54 && mvn install && cd .. + +git clone https://github.com/fabiofumarola/PushServer.git +cd PushServer && git checkout v0.9.8.1 && mvn install && cd .. + +cp /home/whisper/TextSecure-Server/target/TextSecureServer-0.54.jar /home/whisper +cp /home/whisper/PushServer/target/Push-Server-0.9.8-capsule-fat.jar /home/whisper diff --git a/config/pushconfig.yml.sample b/config/pushconfig.yml.sample index 39ce945..5d07a9c 100644 --- a/config/pushconfig.yml.sample +++ b/config/pushconfig.yml.sample @@ -1,7 +1,6 @@ gcm: senderId: 111111111111 apiKey: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa - redphoneApiKey: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa apn: pushCertificate: Cdsjalfksjdlfkjsdlfksdlfkjsdfkjas @@ -24,4 +23,3 @@ server: adminConnectors: - type: http port: 9091 - diff --git a/config/tsconfig.yml.sample b/config/tsconfig.yml.sample index 0f60a1c..5cecd5a 100644 --- a/config/tsconfig.yml.sample +++ b/config/tsconfig.yml.sample @@ -1,7 +1,7 @@ twilio: accountId: a accountToken: a - numbers: [1] + number: [1] localDomain: a push: diff --git a/gencerts b/gencerts.sh similarity index 100% rename from gencerts rename to gencerts.sh diff --git a/jar/Push-Server-0.9.8-capsule-fat.jar b/jar/Push-Server-0.9.8-capsule-fat.jar new file mode 100644 index 0000000..32c37c4 Binary files /dev/null and b/jar/Push-Server-0.9.8-capsule-fat.jar differ diff --git a/jar/TextSecureServer-0.54.jar b/jar/TextSecureServer-0.54.jar new file mode 100644 index 0000000..ff68b74 Binary files /dev/null and b/jar/TextSecureServer-0.54.jar differ diff --git a/run-server b/run-server deleted file mode 100755 index a57393d..0000000 --- a/run-server +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash - -#Start and supervise postgres, redis and memcache -supervisord - -#Start push server in the background -sudo -u whisper java -jar jar/Push-Server-*-capsule-fat.jar server config/pushconfig.yml & - -#Wait until push server is running -sleep 5 - -#Migrate database (needed on first run at least) -sudo -u whisper java -jar jar/TextSecureServer-*.jar accountdb migrate config/tsconfig.yml -sudo -u whisper java -jar jar/TextSecureServer-*.jar messagedb migrate config/tsconfig.yml - -#Start TextSecure server -sudo -u whisper java -jar jar/TextSecureServer-*.jar server config/tsconfig.yml diff --git a/run-server.sh b/run-server.sh new file mode 100755 index 0000000..55eb974 --- /dev/null +++ b/run-server.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +#Start and supervise postgres, redis and memcache +supervisord + +#Start push server in the background +sudo -u whisper java -jar Push-Server-0.9.8-capsule-fat.jar server config/pushconfig.yml & + +#Wait until push server is running +sleep 5 + +#Migrate database (needed on first run at least) +sudo -u whisper java -jar TextSecureServer-*.jar accountdb migrate config/tsconfig.yml +sudo -u whisper java -jar TextSecureServer-*.jar messagedb migrate config/tsconfig.yml + +#Start TextSecure server +sudo -u whisper java -jar TextSecureServer-*.jar server config/tsconfig.yml