Run Lookyloo in Production
Please follow the default installation guide first. |
Remote captures with Lacus (v1.16+)
By default, Lookyloo will use LacusCore to capture websites. It is all done locally on the same machine as the one you installed Lookyloo on and you have nothing else to do.
But if you want to trigger captures from another system than the one you installed Lookyloo on, you can use Lacus as a service instead.
For that, you’ll need to:
-
-
You can make sure it works by loading
http://127.0.0.1:7100
on the machine you have it running on (7100 is the default port, you can of course change it) -
Trigger a capture from the lacus web interface
-
-
Edit the config file
config/generic.json
(keyremote_lacus
)-
Set
enable
totrue
-
Set
url
to the url your loolyloo instance can use to connect to lacus:http://<ip>:<port>
-
-
Restart lookyloo and give it a try
Reverse proxy (nginx)
The relevant sample configuration file is:
etc/nginx/sites-available/lookyloo
Modify server_name
to point to the domain or IP you want to use for Lookyloo.
If you didn’t modify website_listen_ip
and website_listen_port
in config/generic.json
,
the rest of this file will work out of the box. Otherwise, adapt the file accordingly.
Copy the file to the expected directory for nginx:
cp etc/nginx/sites-available/lookyloo /etc/nginx/sites-available/
Optionally, you can remove the default site:
sudo rm /etc/nginx/sites-enabled/default
Enable the website, check and restart nginx:
sudo ln -s /etc/nginx/sites-available/lookyloo /etc/nginx/sites-enabled
sudo nginx -t
# If it is cool:
sudo service nginx restart
Systemd service
Adapt the confirguration file to your system
The relevant sample configuration file is:
etc/systemd/system/lookyloo.service.sample
In this one, you will need to edit the file accordingly to your configuration:
-
User
: system user used to install lookyloo -
Group
: group of the user used to install lookyloo -
WorkingDirectory
: path to the directory where you cloned the repository -
Environment
: Path to the directory where thepoetry
executable is. You can find it by usingwhereis
:$ whereis poetry poetry: /home/lookyloo/.local/bin/poetry
In this case, you will use:
/home/lookyloo/.local/bin
. If you installed poetry as root, it might be/usr/local/bin
or even/usr/bin
Always make sure you have :/usr/bin
at the end. Otherwise, the service may not be able to find thepython3
executable.
In the end, the service file should look something like that:
[Unit]
Description=uWSGI instance to serve lookyloo
After=network.target
[Service]
User=lookyloo
Group=lookyloo
Type=forking
WorkingDirectory=/home/lookyloo/gits/lookyloo
Environment="PATH=/home/lookyloo/.local/bin:/usr/bin"
ExecStart=/bin/bash -c "exec poetry run start"
ExecStop=/bin/bash -c "exec poetry run stop"
StandardOutput=append:/var/log/lookyloo_message.log
StandardError=append:/var/log/lookyloo_error.log
[Install]
WantedBy=multi-user.target
Set it up
Copy the file to the expected directory:
cp etc/systemd/system/lookyloo.service.sample /etc/systemd/system/lookyloo.service
sudo systemctl daemon-reload
Start, and check the status of the systemd service:
sudo systemctl start lookyloo
sudo systemctl status lookyloo
If everything is fine, enable the service so it automatically starts on reboot:
sudo systemctl enable lookyloo
Logging and rotation
The systemd services write the stdout
and stderr
logs into /var/log
. Over time, these files will
keep growing and it may become a problem.
If you want to avoid that, you can add the logrotate configurations:
---
sudo cp etc/logrotate.d/lookyloo /etc/logrotate.d/lookyloo
sudo systemctl restart logrotate
---
Final remarks
If everything above went fine, you can connect to lookyloo in your browser: http://<IP-or-domain-in-nginx-config>/
You probably want to enable TLS on the website. The easiest way is to use Let’s Encrypt, and Digital Ocean has a great guide for Ubuntu 20.04.