You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is for setting up an nginx virtual host with webdav access, as well as open directory access if you've got a reader that doesn't support OPDS, or as a backup in the case your server is misconfigured, inaccessible, javascript is disabled, etc.
setup an htpasswd file (this will only be used for webdav, not for calibre itself). You may run this command as many times as you like to add extra users.
mkdir -p /etc/nginx/auth
printf "$(please enter your username):$(openssl passwd $(read -p "Please enter your password")\n" >> /etc/nginx/auth/calibre-webdav-users.passwd
Use this config instead of the one in the main file
server {
listen 127.0.0.1:80;
server_name library.example.com;
root /mnt/calibre/calibre_home/calibre_libraries;
index index.html;
location /files {
alias /mnt/calibre/calibre_home/calibre_libraries;
client_body_temp_path /var/www/webdav/temp;
dav_methods PUT DELETE MKCOL COPY MOVE;
dav_ext_methods PROPFIND OPTIONS;
limit_except GET PROPFIND OPTIONS HEAD { # This block password-protects webdav access, but not open directory access. If you want the directory to not be open, remove it and the closing bracket after the following two lines.
auth_basic "Restricted site.";
auth_basic_user_file /etc/nginx/auth/calibre-webdav-users.passwd;
}
create_full_put_path on;
dav_access user:rw group:rw all:rw;
autoindex on; # This controls the open directory; if you don't want a browseable directory, remove this line.
}
location / {
proxy_pass http://127.0.0.1:8883;
proxy_pass_request_headers on;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
Now run sudo chmod -R o+rwx /mnt/calibre/calibre_home/calibre_libraries to give the webserver access to the calibre libraries folder. If you don't want webdav, you don't need write access; you can leave out the w in o+rwx.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Calibre is a powerful cross-platform, open source, ebook manager and editing platform. Its
calibre-server component can be used to publish an e-book library on a local network. While you can launch calibre-server
as a desktop application, it can also be run as a daemon on a headless Linux server.
This tutorial on
setting up calibre-server using Ubuntu 14.04 is very good, but dated.
The following recipe comes from my personal notes on setting up our family library server on Ubuntu 16.04 LTS. I have reproduced the results on the latest Ubuntu 18.04 LTS Server. With a few minor adjustments this could be used to set up a similar
server on Fedora or other Linux distributions.
Preparation of the server
I prefer to get my servers all set up from the console and then use ssh to complete my preparation, mostly
because I can copy and paste into an ssh terminal. As a result, the first things I check on every server build
are: (a) Allow port 22 through the host firewall; (b) Make sure an ssh server is installed. On Ubuntu, the
stock firewall is ufw and the ssh server is openssh-server. The latest Ubuntu LTS Server (18.04) ships with
ssh enabled but ufw disabled.
Calibre system user
Create a calibre system user and group that will run the daemon. The server will need write privileges to the directory
where the calibre database is kept, which by default is the home directory of the user who runs the application.
I recommend selecting something other than "/home" for this to maintain separation from user and application data.
In the example that follows the user will be "calibre", and its home directory, "/mnt/calibre/calibre_home"; this works especially well with VPS providers like Digital Ocean that provide a block storage, as you can dump the VPS and keep only the block storage volume containing the user profile and library.
If you want to limit ssh access to the calibre user to sftp with a key file, modify your sshd config located at /etc/ssh/sshd_config and add the following to the bottom:
Match User calibre
ForceCommand internal-sftp
PasswordAuthentication no
then run sudo service ssh restart
Firewall
If you're running a host firewall (you are, aren't you?), you'll need to configure it to allow traffic
to whatever port the Calibre Server will be listening on. The default is the ubiquitous TCP 8080. To
avoid conflicts with other software that may be (and probably are) using that, you can set it to another unused
port. I chose 8883.
On Ubuntu Server the ufw firewall can be configured to do this:
ufw enable
ufw allow 8883
If you're using DigitalOcean (as I am), you'll probably want to use their cloud firewalls feature in the browser.
Additional packages
~~* imagemagick
xvfb~~
libxcomposite1
Calibre-server no longer depends on imagemagick or x11; you can now install and run it without a GUI with neither (if you expect to sign in via VNC or other protocol, you'll still want xvfb or similar). A completely fresh server install may require libXcomposite for basic graphics handling.
You may also find the following helpful additions for managing your server over VNC:
twm
xterm
vnc4server
Install Calibre
As a user with admin (sudo) rights, go to the official Calibre Download page for Linux and follow the instructions there for installation.
Note that you may receive some warnings related to desktop integration, these are safe to ignore because you won't
need to use the desktop interface (unless you want to, in which case you could install over a VNC session: but that's outside the scope of this note).
The script you'll run will look something like this:
Note: If this is the first time you've installed a graphical application with that user account you may have to re-permission the ~/.config folder, as the installer will create it as root if it doesn't find it:
cd ~
sudo chown -R myuser:myuser .config
## Post Install Tasks
Post Install Tasks
Now log in as the calibre user and create the ~/calibre-library directory to hold the ebook database.
Create a library using a sample ebook from gutenberg
Download a sample e-book to load into the library:
Substitute your server's FDQN for "hostname.example.com" in the above fake url.
Custom Calibre configuration
Calibre's global.py allows you to change the default configuration in helpful ways. It is in the calibre user's home
directory (in this example, /d1/media/calibre) under ~/.config/calibre. The main parameters to change here are
database_path and library_path. In my installation these are both set as follows:
The "u" leading the setting for these paths is intentional, be sure to include it (Calibre is written in
python, and this is a python thing).
Creating an init script
The main difference between previous tutorials using the Ubuntu 14.04 release and later versions is that since 14.04
you would now need to create a systemd init instead of an upstart init script.
There is a systemd service definition below this file. Download it and save it to /etc/systemd/system/calibre-server.service, modify the calibre library locations then run the following commands as root:
Check for errors with "systemctl status calibre-server".
The above init script is based on a sample provided in the Calibre manual.
Adding (or removing) e-books
Of course you'll want to add e-books to the server. When running in daemon mode the best way to do this is to
use the command line tool, calibredb, that comes with Calibre.
Notice the addition of the "--with-library" option above. This is necessary because with the server running
the database can only be modified through its web service. In this case, calibredb connects to the server
through the web service to make the necessary changes.
Setting up a reverse web proxy
This is entirely optional. E-book readers like FB Reader have plugins that allow them to connect to a Calibre library server through Calibre's web service, but in my house we mostly use our web browsers.
If you're like me and can't recall what you had for breakfast, let alone what port a particular service might be running on, you can use a web server to reverse proxy the Calibre service. A reverse proxy is different from a redirect in that the reverse proxy preserves the url originally used by the client through the whole conversation.
Here is an example of an nginx virtual host located on the same server as Calibre that can accomplish that:
In this case my users can simply go to "http://library.example.com" and reach the Calibre Server without having
to know the backend hostname or port Calibre is listening on.
The "listen" directive above contains the IP address that the site name resolves to, while "server_name" is the DNS name of the site.
Document "root" really doesn't matter in this vhost because there's no static content to serve up beyond what Calibre provides.
The "location" block is key: basically it tells the server to proxy everything it gets from the root of the Calibre server. Proxying the locahost address allows me to drop the firewall rule allowing remote users to connect directly to Calibre over port 8180.
setting up let's encrypt
You'll want to do this last, as certbot will modify your nginx config files, meaning these need to exist first.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
