I will be using the systemd method.
Run everything as root.
Clone the project
cd /opt/ && \
git clone https://github.com/Py-KMS-Organization/py-kms.gitCreate a new Python Virtual Environment
python3 -m venv /opt/py-kms/venvActivate into the venv, move into project directory (not the venv)
source /opt/py-kms/venv/bin/activate && \
cd /opt/py-kms/Install requirements.txt
pip install -r requirements.txt && \
deactivateNOTE: python3 /opt/py-kms/py-kms/pykms_Server.py -h will show you available arguments
Create a new logging directory
mkdir /var/log/py-kms/Create a new service file
bash -c "cat > /etc/systemd/system/py-kms.service" <<'EOL'
[Unit]
Description=py-kms
After=network.target
StartLimitIntervalSec=0
[Service]
Type=simple
Restart=always
RestartSec=10
KillMode=process
User=root
ExecStart=/opt/py-kms/venv/bin/python3 /opt/py-kms/py-kms/pykms_Server.py :: 1688 -V INFO -F /var/log/py-kms/kms.log -s /opt/py-kms/pykms_database.db
[Install]
WantedBy=multi-user.target
EOLValidate the new service configuration
systemd-analyze verify py-kms.serviceReload systemd and enable the new service
systemctl daemon-reload && \
systemctl enable --now py-kms.service ; \
systemctl status py-kms.serviceCheck the contents of the log file to verify py-kms is running correctly
cat /var/log/py-kms/kms.logEnsure that any devices being activated can access port 1866/tcp on the py-kms server
The webUI is not necessary, but a nice feature to view devices registered against the KMS.
The webUI code is already packaged with the KMS install from above, we just need to additional configuration.
Simply create a new systemd service to launch the webUI. Gunicorn is set to listen on the server loopback, on port 8000/tcp
bash -c "cat > /etc/systemd/system/py-kms-web.service" <<'EOL'
[Unit]
Description=py-kms
After=network.target
StartLimitIntervalSec=0
[Service]
Type=simple
Restart=always
RestartSec=10
KillMode=process
User=root
WorkingDirectory=/opt/py-kms/py-kms/
Environment="PYKMS_SQLITE_DB_PATH=/opt/py-kms/pykms_database.db"
ExecStart=/opt/py-kms/venv/bin/gunicorn -b 127.0.0.1:8000 --log-file /var/log/py-kms/gunicorn.log pykms_WebUI:app --log-level INFO
[Install]
WantedBy=multi-user.target
EOLReload systemd and enable the new service
systemctl daemon-reload && \
systemctl enable --now py-kms-web.service ; \
systemctl status py-kms-web.serviceI'll be using NGINX as a reverse proxy, in front of the webUI, for SSL termination and Basic Auth.