PicoLisp Server Setup (Ubuntu 20.04)
A basic PicoLisp server setup that allows an arbitrary number of PicoLisp applications to be accessed from a single domain.Assumptions
This article assumes you already have a Digital Ocean droplet with Ubuntu 20.04 installed and are able to access it with ssh. You'll also need a domain. If starting from scratch, the following resources will be helpful:- create a droplet
- add ssh keys
- connect with ssh
- initial server setup
- setup a firewall
- link your server and domain
- manage dns records
Update server packages
Access your server and update the package manager, just to be sure.$ ssh {user}@{ip-address} ... $ sudo apt update
Installing httpGate
Here's the httpGate documentation.Install the prerequisites:
$ sudo apt install build-essential libssl-dev
pil64
To use the 64-bit version of PicoLisp:$ wget https://software-lab.de/picoLisp.tgz $ tar xfz picoLisp.tgz $ cd picoLisp/ $ wget https://software-lab.de/x86-64.linux.tgz $ tar xfz x86-64.linux.tgz $ (cd src64; make) $ (cd src; make tools gate)Copy httpGate to /usr/local/bin for ease of use later:
$ sudo cp bin/httpGate /usr/local/bin
pil21
To be on the cutting edge of PicoLisp development, use the lastest pil21:$ wget https://software-lab.de/pil21.tgz $ tar xfz pil21.tgz $ cd pil21/Install the dependencies (see INSTALL file):
$ sudo apt install make clang llvm libreadline-dev libffi-dev libssl-dev pkg-configIf you're getting errors about the 'clang' and 'llvm' packages not being found, use this script from https://apt.llvm.org:
$ bash -c "$(wget -O - https://apt.llvm.org/llvm.sh)"After that has finished, try sudo apt install ... again.
Now we're ready to build:
$ (cd src; make)Copy httpGate to /usr/local/bin for ease of use later:
$ sudo cp bin/httpGate /usr/local/bin
rc.local
According to the httpGate documentation, the easiest way to start httpGate automatically is to add it to /etc/rc.local. Unfortunately /etc/rc.local doesn't work out of the box in Ubuntu (thanks systemd). That's ok, the functionality is easy enough to restore. We'll need to manually create a systemd service which will run at system boot. Create a new file with your editor of choice:$ sudo vim /etc/systemd/system/rc-local.serviceAdd the following text:
[Unit] Description=/etc/rc.local Compatibility ConditionPathExists=/etc/rc.local After=network.service [Service] Type=forking ExecStart=/etc/rc.local start TimeoutSec=0 StandardOutput=tty RemainAfterExit=yes SysVStartPriority=99 [Install] WantedBy=multi-user.targetNow we can use /etc/rc.local (mostly) as normal.
$ sudo vim /etc/rc.localAdd the following text:
#!/bin/bash /usr/local/bin/httpGate 80 /home/{user}/namesMake the file executable and change ownership so it can run as root:
$ sudo chmod +x /etc/rc.local $ sudo chown root /etc/rc.local
The "names" config file
The names config file tells httpGate how to dispatch PicoLisp applications.$ cd $ vim namesAdd the following text:
# serve static file as default app @ 8080 {user} /home/{user} ^ ./{picoLisp|pil21}/pil @lib/http.l @lib/xhtml.l --server 8080 index.l -wait
A simple webpage
$ vim index.lAdd the following text:
(html 0 "Hello" NIL NIL (<h1> NIL "Hello, web!") )
reboot
We're ready to reboot:$ sudo rebootWait 10 seconds or so and ssh back:
$ ssh {user}@{ip-address}Confirm that httpGate is running:
$ systemctl status rc-localAnd you're ready to visit your website in the browser!
http://your-website.whatever
HTTPS with Let's Encrypt
All the cool kids are using HTTPS these days. It's easy enough to setup. First we need to stop httpGate so certbot can do its thing.$ sudo killall httpGateNext install certbot:
$ sudo apt install certbot $ sudo certbot certonlyAnswer the questions. You really only need an email address and your domain name; the rest can be left blank. If all went well certbot will tell you where the new certificates live.
The next step is to add another httpGate call to /etc/rc.local:
$ sudo vim /etc/rc.localAnd add the following line:
/usr/local/bin/httpGate 443 /home/{user}/names /etc/letsencrypt/live/{your-domain}/privkey.pem,/etc/letsencrypt/live/{your-domain}/fullchain.pemAfter another reboot, you should be good to go. Visit your website in the browser, now with the peace of mind that a secure connection provides:
https://your-website.whatever
Conclusion
Hopefully your PicoLisp server is setup and ready to go! New PicoLisp apps can be added to the names config file and accessed (e.g. https://your-website.whatever/app). Make sure to reload httpGate after changing the config:$ sudo pkill -HUP -P1 httpGate
https://picolisp.com/wiki/?serversetup
26dec20 | erik |