Prerequisites
- Linux server (or Docker on any platform)
- PostgreSQL 15+ (or Docker to create one automatically)
- Go 1.24+ and a C compiler
- A domain name (for production)
Step 1: Get the source code
git clone https://github.com/foks-proj/go-foks.git
cd go-foks
Step 2: Create a work directory
This directory will hold FOKS binaries, configuration files, server keys, and scripts.
Step 3: Run config.bash
config.bash generates configuration files and scripts based on your deployment choices.
cd /path/to/workdir
/path/to/go-foks/scripts/srv/config.bash \
--network-mode prod \
--run-mode systemd \
--server-mode standalone \
--base-hostname foks.yourdomain.com
Key options
| Option | Values | Description |
|---|
--network-mode | prod, dev, test | How the server connects to the network |
--run-mode | systemd, docker_compose, pm2 | How processes are managed |
--server-mode | standalone, hosting_platform | Deployment topology |
--base-hostname | your domain | The DNS hostname all services advertise (becomes external_addr) |
--db-byo | (flag) | Use an existing PostgreSQL instance instead of Docker |
Read config.bash to understand all available options — it’s written to be readable documentation.
Output files
config.bash produces:
| File | Description |
|---|
conf/foks.jsonnet | Main FOKS config (Jsonnet format, shared among all services) |
conf/local.pre.libsonnet | Generated local overrides (hostname, ports, DB credentials) |
conf/local.post.libsonnet | Generated local overrides (encryption keys, etc.) |
env.sh | Environment variables for the next step |
scripts/build.bash | The build/setup script |
jsonnet conf/foks.jsonnet # requires the jsonnet tool
Step 4: Run build.bash
build.bash runs the setup steps one at a time:
cd /path/to/workdir
./scripts/build.bash next # run the next pending step
next repeatedly until setup completes. The sequence of steps:
setup_tools — install required toolsmake_web_assets — build the admin web UIcreate_docker_db — create a PostgreSQL container (skipped if --db-byo)create_foks_user — create the database userinit_db — initialize the database schemagen_probe_ca — generate the probe CAgen_cks_cas — generate chain key store CAsmake_host_chain — generate the host’s signing chain and HostIDissue_frontend_cert — TLS certificate for public-facing servicesissue_backend_cert — mTLS certificates for internal servicesissue_probe_cert — certificate for the probe serviceissue_beacon_cert — certificate for beacon registrationinit_merkle_tree — initialize the Merkle treewrite_public_zone — write the zone file (service endpoints)make_invite_code — generate an initial invite codewrite_dbkeys — write database encryption keysmake_systemd_units — generate systemd unit filesinstall_systemd_units — install themstart_systemd — start all servicesbeacon_register — register this host with the global beacon
Read build.bash — it’s also written as readable documentation for the setup process.
Step 5: Verify
After setup, verify that all services are running:
systemctl status foks-* # for systemd
# or
docker compose ps # for docker compose
DNS configuration
All FOKS services run on the same machine under the same hostname (--base-hostname), differentiated by port. You only need a single A record:
foks.yourdomain.com A <your-server-ip>
reg, user, kv_store, merkle_query) run on consecutive ports above it. Clients discover these ports automatically via the probe service — no additional DNS setup is needed.
Next steps
