Run Lookyloo in Production

Please follow the default installation guide first.

Remote captures with Lacus (v1.16+)

By default, Lookyloo will use LacusCore to capture websites. It is all done locally on the same machine as the one you installed Lookyloo on and you have nothing else to do.

But if you want to trigger captures from another system than the one you installed Lookyloo on, you can use Lacus as a service instead.

For that, you’ll need to:

  1. Install Lacus

    • You can make sure it works by loading http://127.0.0.1:7100 on the machine you have it running on (7100 is the default port, you can of course change it)

    • Trigger a capture from the lacus web interface

  2. Edit the config file config/generic.json (key remote_lacus)

    • Set enable to true

    • Set url to the url your loolyloo instance can use to connect to lacus: http://<ip>:<port>;

  3. Restart lookyloo and give it a try

Reverse proxy (nginx)

The relevant sample configuration file is:

etc/nginx/sites-available/lookyloo

Modify server_name to point to the domain or IP you want to use for Lookyloo.

If you didn’t modify website_listen_ip and website_listen_port in config/generic.json, the rest of this file will work out of the box. Otherwise, adapt the file accordingly.

Copy the file to the expected directory for nginx:

cp etc/nginx/sites-available/lookyloo /etc/nginx/sites-available/

Optionally, you can remove the default site:

sudo rm /etc/nginx/sites-enabled/default

Enable the website, check and restart nginx:

sudo ln -s /etc/nginx/sites-available/lookyloo /etc/nginx/sites-enabled
sudo nginx -t
# If it is cool:
sudo service nginx restart

Systemd service

Adapt the confirguration file to your system

The relevant sample configuration file is:

etc/systemd/system/lookyloo.service.sample

In this one, you will need to edit the file accordingly to your configuration:

  • User: system user used to install lookyloo

  • Group: group of the user used to install lookyloo

  • WorkingDirectory: path to the directory where you cloned the repository

  • Environment: Path to the directory where the poetry executable is. You can find it by using whereis:

    $ whereis poetry
poetry: /home/lookyloo/.local/bin/poetry

    In this case, you will use: /home/lookyloo/.local/bin. If you installed poetry as root, it might be /usr/local/bin or even /usr/bin

    Always make sure you have :/usr/bin at the end. Otherwise, the service may not be able to find the python3 executable.

In the end, the service file should look something like that:

[Unit]
Description=uWSGI instance to serve lookyloo
After=network.target

[Service]
User=lookyloo
Group=lookyloo
Type=forking
WorkingDirectory=/home/lookyloo/gits/lookyloo
Environment="PATH=/home/lookyloo/.local/bin:/usr/bin"
ExecStart=/bin/bash -c "exec poetry run start"
ExecStop=/bin/bash -c "exec poetry run stop"
StandardOutput=append:/var/log/lookyloo_message.log
StandardError=append:/var/log/lookyloo_error.log


[Install]
WantedBy=multi-user.target

Set it up

Copy the file to the expected directory:

cp etc/systemd/system/lookyloo.service.sample /etc/systemd/system/lookyloo.service
sudo systemctl daemon-reload

Start, and check the status of the systemd service:

sudo systemctl start lookyloo
sudo systemctl status lookyloo

If everything is fine, enable the service so it automatically starts on reboot:

sudo systemctl enable lookyloo

Logging and rotation

The systemd services write the stdout and stderr logs into /var/log. Over time, these files will keep growing and it may become a problem. If you want to avoid that, you can add the logrotate configurations:

---
sudo cp etc/logrotate.d/lookyloo /etc/logrotate.d/lookyloo
sudo systemctl restart logrotate
---

Final remarks

If everything above went fine, you can connect to lookyloo in your browser: http://<IP-or-domain-in-nginx-config>/

You probably want to enable TLS on the website. The easiest way is to use Let’s Encrypt, and Digital Ocean has a great guide for Ubuntu 20.04.