Install Fangout File Server on Linux

Available on all plans

Self-hosted deployments

Minimum system requirements:

• Operating System: Ubuntu, RedHat, Amazon Linux
• Hardware: 1 vCPU/core with 2GB RAM (support for up to 1,000 users)
• Network:
  • Restful 55000, TCP In/Outbound
  • Data transfer 55001, UDP In/Outbound

A Fangout deployment includes 4 steps: download, install, setup, and update.

Download the latest Fangout File Server tarball

In a terminal window, ssh onto the system that will host the Fangout File Server.

Using wget, download the Fangout File Server release you want to install.

Latest release

wget https://fangout.io/releases/fangout-file-server-1.9.1-linux-amd64.tar.gz

Install

Ahead of installing the Fangout File Server, it’s good practice to update all your repositories and, where required, update existing packages by running the following commands:

sudo dnf update
sudo dnf upgrade

After any updates, and any system reboots, are complete, install the Fangout File Server.

Install the Fangout File Server by extracting the tarball, creating users and groups, and setting file/folder permissions.

First extract the tarball:

tar -xvzf fangout*.gz

Now move the entire folder to the /opt directory (or whatever path you require):

sudo mv fangout /opt

Note

If you choose a custom path, ensure this alternate path is used in all steps that follow.

Now set up a user and group called fangout:

sudo useradd --system --user-group fangout

Note

If you choose a custom user and group name, ensure it is used in all the steps that follow.

Set the file and folder permissions for your installation:

sudo chown -R fangout:fangout /opt/fangout

Give the fangout group write permissions to the application folder:

sudo chmod -R g+w /opt/fangout

You will now have the latest Fangout File Server version installed on your system.

Starting and stopping the Fangout File Server is done either by just running the /opt/fangout/bin/fangout with or without FANGOUT_HOME environment variable to designate the meta data/log folder (working directory), or using systemd.

Create the systemd unit file:

sudo touch /lib/systemd/system/fangout.service

As root, edit the systemd unit file to add the following lines:

[Unit]
Description=Fangout
After=network.target

[Service]
Type=notify
ExecStart=/opt/fangout/bin/fangout
TimeoutStartSec=3600
KillMode=mixed
Restart=always
RestartSec=10
WorkingDirectory=/opt/fangout
User=fangout
Group=fangout
LimitNOFILE=49152

[Install]
WantedBy=multi-user.target

Save the file and reload systemd using sudo systemctl daemon-reload. Fangout File Server is now installed and is ready for setup.

Setup

Increase UDP buffers

Fangout file server is a high speed file transfer server that maximizes your transfer speed. In order to utilize the full bandwidth, UDP buffers need to be increased on the Linux system.

Increase the read buffer

sudo sysctl -w net.core.rmem_max=28000000

Modifying the system permanently, add this line to the /etc/sysctl.conf file:

net.core.rmem_max = 28000000

Increase the write buffer

sudo sysctl -w net.core.wmem_max=28000000

Modifying the system permanently, add this line to the /etc/sysctl.conf file:

net.core.wmem_max = 28000000

Set the correct contexts for /opt/fangout

SELinux enforces security contexts for files and directories. To label your Fangout directory as safe, you’ll need to set an appropriate SELinux context.

1. Check current context by running ls -Z /opt/fangout. When you see something like drwxr-xr-x. root root unconfined_u:object_r:default_t:s0 fangout returned, the default_t indicates that SELinux doesn’t know what this directory is for.

2. Set a safe context by assigning a SELinux type that’s compatible with web services or applications by running sudo semanage fcontext -a -t httpd_sys_content_t "/opt/fangout(/.*)?". A common one is httpd_sys_content_t, used for serving files. Ensure you match the directory and its contents recursively. Run the sudo restorecon -R /opt/fangout to apply the changes.

Allow Fangout to bind to ports

When Fangout needs specific ports (e.g., 55000 and 55001), ensure that SELinux allows it by allowing Fangout to bind to ports. Run the sudo semanage port -l | grep 55000 command, and if the port’s not listed, you’ll need to add it by running sudo semanage port -a -t http_port_t -p tcp 55000, replacing the 55000 with the required port.

Handle custom policies

If Fangout requires actions that SELinux blocks, you’ll need to generate a custom policy.

1. Check for SELinux denials first in the logs by running sudo ausearch -m avc -ts recent, or by checking the audit log: sudo cat /var/log/audit/audit.log | grep denied.

2. If needed, generate a policy module by installing audit2allow to generate policies automatically.

sudo yum install -y policycoreutils-python-utils
sudo grep fangout /var/log/audit/audit.log | audit2allow -M fangout_policy
sudo semodule -i fangout_policy.pp

Test the configuration

Restart Fangout to confirm the configuation works as expected by running sudo systemctl restart fangout. In the case of failures, revisit the logs to identify other SELinux-related issues.

Note

The logs as well as the database folder are located in the working directory (or in FANGOUT_HOME), e.g. /opt/fangout.

Tip

Need Fangout working quickly for testing purposes? You can change SELinux to permissive mode by running the sudo setenforce 0. command where policies aren’t enforced, only logged. This command changes the SELinux mode to “permissive”. While in permissive mode, policies aren’t enforced, and violations are logged instead of being blocked. This can be helpful for debugging and troubleshooting issues related to SELinux policies. Ensure you re-enable enforcing mode once context is working as needed by running the sudo setenforce 1 command.

See the following SELinux resources for additional details:

• SELinux User’s and Administrator’s Guide

• SELinux Project Wiki

• Introduction to SELinux

• A Sysadmin’s Guide to SELinux: 42 Answers to the Big Questions

• Mastering SELinux: A Comprehensive Guide to Linux Security

Updates

Updating your Fangout File Server installation is easy. Download the tarball file of the new version of Fangout File Server, extract it and replace the binary file at /opt/fangout/bin/fangout and restart the service sudo systemctl restart fangout.

Note

The new binary will automatically migrate the data in /opt/fangout/fangout.db.

Backup server meta data

It is highly recommended to perodically backup the file server meta data located in /opt/fangout/fangout.db, the configuration file /opt/fangout/fangout.json.

The current log file fangout.log is in JSON format and it is rotated automatically according to the confiruration. The rotated log file name convention is like fangout-2024-11-14T22-41-29.259.log.gz.

You can copy the whole directory of /opt/fangout/fangout.db to wherever your backup location is while the server is still running. You can also copy the configuration file as well as the log files any time.

Remove Fangout

If you wish to remove the Fangout File Server for any reason, you must stop the Fangout File Server, back up all important files, and then run this command:

sudo rm /opt/fangout

You may also remove the Fangout systemd unit file and the user/group created for running the application.

Frequently asked questions

Why doesn’t Fangout file server start at system boot?

To have the Fangout file server start at system boot, the systemd until file needs to be enabled. Run the following command:

sudo systemctl enable fangout.service

Can I run Fangout without a proxy?

Yes. In such case Fangout can bind to 443 instead of 55000. The Fangout binary requires the correct permissions to do that binding. You must activate the CAP_NET_BIND_SERVICE capability to allow the Fangout file server binary to bind to ports lower than 1024 by running the following command:

sudo setcap cap_net_bind_service=+ep /opt/fangout/bin/fangout