Skip to content

Synkzone World

The Standard delivery is a docker compose based deployment of a Synkzone World using one VPS.

A Synkzone World is made up of a world component.

The component is distributed via the Synkzone registry: registry.synkzone.com The installation package is distributed as zip.

Reference installation

The reference installation of the standard delivery is a example on how to set up and run a Synkzone World on a VPS.

The installation requires: 

VPS
1 vCPU, 4GB memory, 40GB storage
Ubuntu LTS 24.04

Network: 
* input:443
* input:51000

* SSH access to the VPS

docker
docker compose

Prerequisites

Docker Registry

Access to registry.synkzone.com is needed.

DNS

DNS entries for a Synkzone World need to be configured separately before deployment, see DNS.

Network configuration

To enable communication with the world, an external TCP port must be configured and made reachable.

Deploying a Synkzone World

Configuration explanation and requirements

  • Name of the world, this is also the DNS:
    • E.g. world.synkzone.be
  • External IP: The IP address where the world component can be reached
  • Port for world: 443
    • TBD more ?
  • UUID for world component
  • Mail and SMTP settings
    • mailservice: If email should be used, (true/false)
    • mailservice.bounce: An email to use for bounce emails
    • mailservice.dkim.privatekey.path: Path to the private key for DKIM
    • mailservice.dkim.selector: Points to what public key to use
    • mailservice.domain: The domain that emails should be sent from
    • mailservice.reply: The reply email address used in credential emails to users
    • mailservice.sender: The name that should be displayed as the "from" user
    • mailservice.startup: If an email should be sent at startup to indicate the organization use of email is correctly configured, provide the recipient email address here
    • mailservice.smtp.host: FQDN for SMTP host ex mail.serviceprovider.com
    • mailservice.smtp.port: 587/465
    • mailservice.smtp.credentials: Path to credentials to access the email server

Installation/Configuration

unzip world-$version.zip

See docs/INSTALLATION.md.

Certificates

Synkzone need to sign the initially created certificate requests, as well as the requests produced when the certificate should be extended.

  1. Start the world server at least once to let it generate certificates and corresponding signing requests.
  2. Go the <appdata>/certificates folder on the world server and make copies of the world.csr, world_CA.csr, and world.ksr signing request files. It is IMPORTANT that these files are copied and not removed from the server.
  3. Create a folder (named after current date) in the zone in extern.synkzone.com.
  4. Add the signing request files to the folder.
  5. Request that Synkzone signs the certificates.
  6. When world.pem, world_CA.pem, and world.kec have been added to the zone, copy those files to the world server <appdata>/certificates folder where the corresponding signing requests are still stored.
  7. Start the world server. This will cause the server to import the signed certificates, and then shut down again.
  8. Restart the world server. After this restart the imported certificates will be ready for use.

Backup requirements for Standard Delivery

The reference installation requires a complete VPS snapshot as backup.