Serving Erlang
Since OTP is such a powerful tool for creating servers, not surprising, I’m constantly installing Erlang on new hardware & virtualware.
I do this often, but not to a degree that warrants using a container solution, like docker. There’s always a few gotchas with installing OTP to, say, Digital Ocean. But after so many installations, my process is pretty solid.
A reference
After I fire up a fresh server, a prerequisite is to get users & timezones sussed out. I like to front-load annoying things right away. Then, using this guide, I’ve borrowed this & that to slightly harden the server, though I only go all in with this when the situation truly requires it.
Assuming we are shelled in for the first time as root to a Ubuntu machine, I add a new user (dale) via the following:
$ adduser dale # follow the prompts
$ usermod -aG sudo dale
$ su - dale; cd
$ sudo ls -lhart /root # testing 1, 2, 3
Next, NTP & timezones need to be set up so our service won’t give us surprises down the road. There are a few tools (even graphical ones) to perform this task, but the following are the ones I use all the time:
$ sudo apt update
$ sudo dpkg-reconfigure tzdata # choose your zone
$ sudo apt install ntp
One can go whole hog with securing a server. But for
nine out of ten servers, the requirements are such
that a simple firewall will suffice. Using Ubuntu’s
ufw
tool, we’ll open ssh
, and a few other
ports.
$ sudo ufw allow ssh
$ sudo ufw allow 80/tcp
$ sudo ufw allow 443/tcp
$ sudo ufw allow 25/tcp
You can glance at your handiwork with sudo ufw show added
.
If everything is to your liking, solidifying your new firewall
is just one more step:
$ sudo ufw enable
With that, our basic firewall is in place. You can list your
configuration at any time with sudo ufw status
.
Langs
Before we install any languages we love, we should handle the language we take for granted: our spoken one. While the King’s English is for some, American English will suit me just fine (choose the one you prefer, of course).
To see what your OS installation has available to use,
you can perform locale -a
to take a gander at all the
possible languages. If your language isn’t there, you will
have to install it.
The server’s current language can be displayed via locale
.
If it isn’t to your liking, perform the following:
$ sudo locale-gen fr_FR.UTF-8
$ sudo dpkg-reconfigure locales
…where the argument to the first is an example of French/UTF-8.
All said & done, if you cat /etc/default/locale
, you should see the
environment variables looking something like the following:
LC_ALL=fr_FR.UTF-8
LANG=fr_FR.UTF-8
You can edit that file by hand if you’re ever stuck & need to coerce things a bit.
The not-so-fun stuff
If you perform openssl version
, and what’s yielded is
‘not found’ or you’re shown a version that’s tremendously bygone,
it’s time to update OpenSSL. You can’t do much in
OTP without a new-ish version of it humming away, so let’s
jump on that pro-actively.
First, we should get a sense for any installation of OpenSSL already in place (if indeed it’s installed at all). The following can prove helpful:
$ apt-cache policy libssl-dev
If, again, nothing shows up, we should proceed with an install/update:
$ sudo apt install openssl libssl-dev
The interwebs are filled to the brim with helpful resources for those who march down this thorny path. Also note for later, the yield of the following:
$ sudo apt install apt-file
$ apt-file update
$ apt-file list libssl-dev # Note the listed include dirs
If you are installing OTP from source, you may need it.
OTP at last
With those four things behind us, it’s time to fill our hearts with something warm; let’s install Erlang! There are binaries, and pre-built packages out there, but we will take the worse-case scenario and build a somewhat new (at the time of writing) installation of OTP from source.
First, let’s install some GNU goodies. We need a C compiler & make. We can install those with ‘apt’ as follows:
$ sudo apt install gcc
$ sudo apt install make
You’ll also want to install ncurses, fop, xsltproc & odbc support:
$ sudo apt install libncurses5-dev fop xsltproc unixodbc-dev
Next, let’s create a corner for ourselves to work in:
$ cd; mkdir src; cd src
Moving along, let’s grab OTP from erlang.org :
$ wget erlang.org/download/otp_src_19.3.tar.gz
Finally, we can configure, make & install OTP. You can configure it with this guide by your side, or just do as follows:
$ tar xvf otp_src_19.3.tar.gz
$ cd otp_src_19.3
$ ./configure --with-ssl=/usr/include/openssl
$ make
$ sudo make install
N.B. The —with-ssl
value is
known from the above apt-file list libssl-dev
yield. Adjust
yours accordingly.
And with that, you are ready to go. Fire up an Erlang shell to make sure everything is working okay. You can do that like this:
$ erl
1> application:start(crypto). % How did we do?
2> init:stop().
If everything went smoothly, you are in good shape and won’t need to do much else for serving up oodles of OTP goodness.
Optional
I use relx
for my release handling, and install it globally. If
you’d like to leverage this great tool, you can install it in the
following way. Note that this tool will probably be bundled into
OTP one day, but for the time being, relx
is quasi third-party.
$ cd; mkdir tmp; cd tmp
$ wget github.com/erlware/relx/archive/v3.33.0.tar.gz
$ tar xvf v3.33.0.tar.gz
$ cd relx-3.33.0
$ wget s3.amazonaws.com/rebar3/rebar3 && chmod +x rebar3
$ ./rebar3 as tmp escriptize
$ sudo cp _build/tmp/bin/relx /usr/local/bin/
$ cd; rm -fr ./tmp
If everything went okay, when you type which relx
you should
see it listed in the ‘/usr/local/bin’ directory.