Technical requirements - 2langnic/GlobaLeaks GitHub Wiki

Below are the technical requirements to be satisfied by a GlobaLeaks installation.

You should carefully satisfy each of them, as described in following sections

While GlobaLeaks is designed to run over multiple operating systems, we officially support now a specific versions of Linux:

• Ubuntu 12.04 LTS
• Ubuntu 14.04 LTS

In the near future, we hope to be able to support other linux flavors.

You are advised to use one of these Linux distributions in order to achieve better compatibility and reliability purposes.

If for whatever reason you would like to experiment GlobaLeaks on another Linux distribution, be advised that you need at least Python 2.7 and AppArmor support, so you may encounter packaging-related issue.

GlobaLeaks uses iptables to enforce network sandboxing and so require to have full iptables support, with NAT.

Otherwise globaleaks will not install, failing to startup enabling network firewall.

Ask your Virtual Server provider to enable iptables/NAT support or if you manage the OpenVZ host do it yourself

If you need to install it anyway and you know what you are doing:

• before installing: set TRAVIS variable as "export TRAVIS=true"
• after installing: edit /etc/default/globaleaks and set NETWORK_SANDBOXING=0

GlobaLeaks does need to have a dedicated server to properly and securely run with enough resources. Depending on the Architecture you may need one or two servers to be allocated to GlobaLeaks. The two-server architecture requires that you use different datacenters for the two hostings.

As minimum configuration requirements we suggest:

• CPU: Dual core 2.0ghz
• RAM: 4GB
• HD : 40GB
• 10Mbit/s (shared)

The following characteristics must be considered also:

• Hard Disk size depending on your data retention policy and expected traffic
• RAM size does not impact the maximum file size that a node can handle in upload

It is very important to consider wisely where you decide to host your GlobaLeaks instance. While it is true that the location of your GlobaLeaks instance is not known, if an adversary is able to identify where it is located and it is hosted on a VPS this can lead to some risks.

If you decide to host it on a VPS you have some added risks due given by Virtual machine escapes. There have been in the past known cases of virtual machine exploits even in the hands of very sketchy companies.

It is important that when making this choice you carefully consider how powerful is the kind of adversary you want to protect against and when in doubt go for the most highly paranoid solution. In this case that is not host globaleaks on a virtual machine, but to use dedicated hardware for hosting your instance.

GlobaLeaks make use of email to handle Tip notification. To this aim you need an email account to be used to send Tip related notifications to the Receivers. This email account needs to be available and the respective SMTP server must support SMTPS or SMTP/TLS in order to securely manage sending capabilities.

You should have someone capable with design and communication to design a logo for your node. The logo should 140x140 pixel in PNG format.

To setup and maintain GlobaLeaks you should have some basic Linux skills with practice in installing packages, upgrading it, running web servers, basic debugging and email log analysis.

Now you can proceed with the installation by following the Installation-Guide