jami
/
jami-docs
mirror of https://git.jami.net/savoirfairelinux/jami-docs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

updating JAMS installation procedure with nginx reverse proxy 

Change-Id: Ic2ae0aa66afa8e17c8c95bc3d60799b25c8ebfef
This commit is contained in:
habdallah 2025-03-14 15:51:18 -04:00
parent 9be404e475
commit 37d59aa037
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
jams/admin.md
View File

@ -4,11 +4,6 @@ By default, the [Jami Account Management Server (JAMS)](https://jami.biz/) runs
However, this is impractical for many reasons.
This guide is designed to help with setting up a JAMS to run in a production environment.
```{contents}
:local:
:depth: 3
```
## JAMS and Nginx
It is generally not recommended to expose JAMS directly to the outside world.
@ -16,6 +11,8 @@ JAMS is required to run in SSL mode.
It is recommended to place JAMS behind an [Nginx](https://nginx.org/) or similar web server.
The Nginx, or similar, web server would proxy requests between the outside world and JAMS.
The following is an example map of how the JAMS could be configured behind an Nginx server.
The process would be similar if any other type of proxy solution is used.
@ -52,9 +49,14 @@ server {
This is the preferred setup method by most admins, as local traffic is usually run unencrypted since it is usually either an inter-VM connection, a VLAN, or another dedicated link.
```{note}
Since the CA is generated during the JAMS initial configuration, Nginx needs to be restarted once the initial setup is completed.
Since the CA is generated during the JAMS initial configuration, you need to add the following configuration to your nginx vhost (you can add before the location / block) and restart nginx once the initial JAMS setup is completed. If you add /opt/jams/CA.pem to your nginx configuration before completing JAMS installation it will fail because nginx won't find this file.
```
<pre>
ssl_client_certificate /opt/jams/CA.pem;
ssl_verify_client optional;
</pre>
## Troubleshooting and resetting
If a restart from 0 (i.e., reset everything and drop existing data) is required, delete the following files in the distribution folder (`<project-root-folder>/jams`):
@ -297,4 +299,4 @@ In System variables, edit **Path** and add `C:\openssl\`.
7. Now the JAMS application will start with the server.
Source: <https://medium.com/@lk.snatch/jar-file-as-windows-service-bonus-jar-to-exe-1b7b179053e4>
Source: <https://medium.com/@lk.snatch/jar-file-as-windows-service-bonus-jar-to-exe-1b7b179053e4>