Locker server tips

Install required packages

# apt install redis

Install virtualenv and locker-server

# python3 -m venv /opt/venv/locker-server
# cd /opt/venv/locker-server/
# . bin/activate

pip3 install git+https://github.com/yaroslaff/locker-server.git git+https://github.com/yaroslaff/locker-admin.git

install systemd service

# ln -s /opt/venv/locker-server/locker/systemd/locker-server.service /etc/systemd/system
# touch /etc/default/locker-server
# systemctl daemon-reload
# systemctl start locker-server

nginx

cp locker/nginx/locker /etc/nginx/sites-available/
ln -s /etc/nginx/sites-available/locker /etc/nginx/sites-enabled/
nginx -s reload

Local configuration (vendor credentials and other)

/etc/defaults/locker-server

LOCKER_APPS_PATH=/opt/locker-apps
LOCKER_LOCAL_CONFIG=/etc/locker-server.yml

/etc/locker-server.yml (example)

VENDOR_CREDENTIALS: 
  google:
    DISCOVERY_URL: https://accounts.google.com/.well-known/openid-configuration
    CLIENT_ID: zzz.apps.googleusercontent.com
    CLIENT_SECRET: zzz

# host
AUTH_HOST: auth.ll.www-security.net

# pubconf
PUBCONF:
  name: "Development locker server"
  socketio_addr: "http://socketio.ll.www-security.net:8899/"

Create first app

mkdir /opt/locker-apps
locker-admin --create u1 app1
# ensure it's www-data:www-data, or do chown