Knowledgebase

Install TaskServer (taskd) On CentOS Print

  • 0

TaskWarrior is an open source time management tool that is an improvement on the Todo.txt application and its clones. Due to the fact that the average person uses multiple devices/platforms in their daily schedule, it is critical to have the ability to have a centralized repository where the data can be accessed and updated from any device. This tutorial will focus on setting up both the server, called TaskServer (taskd), and the client, called TaskWarrior (task), allowing multiple client devices to access and exchange data securely.

It has the following features:

  • Unlimited tasks
  • Task prioritizing
  • Search filtering
  • Tagging
  • Automatic syncing
  • Automatic backup
  • Full control and privacy
  • Encrypted communication

Prerequisites

  • A CentOS 7 x64 server instance.
  • A sudo user.
  • Domain name pointed to a Rcs instance ( taskd.example.com )

Step 1: Update the system

Log in as your sudo user to install the EPEL Repository and update the system as follows:

sudo yum install epel-release -y
sudo yum clean all && sudo yum update -y

Step 2: Install RPM Build and tools for building

The EPEL repository doesn't contain an RPM for the TaskServer (taskd), so we have to build it from source into an RPM package ourselves.

  1. Install GCC, Make, RPM Build, development and signing tools.

     sudo yum install gcc gcc-c++ make rpmdevtools rpm-sign rpm-build -y
  2. Create a GnuPG directory which will hold the GPG files necessary for signing our RPM.

     mkdir .gnupg
  3. When creating a key, we require entropy in the system to properly randomize it. The rngd daemon generates the entropy necessary from /dev/urandom. So let's install that now.

     yum install rngd -y
  4. Start up the rngd daemon to generate entropy. The -r option points to /dev/urandom instead of the default /dev/hwrng.

     sudo rngd -r /dev/urandom
  5. Generate a key. The --gen-key option tells gpg to generate a new key pair.

     gpg --gen-key
  6. For the "Please select what kind of key you want:" option, select "(1) RSA and RSA (default)" for the key type by entering 1 and pressing the Return/Enter key.

  7. For the "What keysize do you want? (2048)" option, choose the default by pressing the Return/Enter key.

  8. For the "Please specify how long the key should be valid." option, choose the default by pressing the Return/Enter key.

  9. For the "Is this correct? (y/N)" option, enter y and press the Return/Enter key.

  10. Under "Real name:", enter a name of your choosing and press the Return/Enter key.

  11. Under "Email address:", enter an email address of your choosing and press the Return/Enter key.

  12. The Comment: section can be left blank if you so choose.

  13. Make any changes necessary if you didn't enter your information correctly. If you are satisfied with USER-ID information displayed, enter O (capital letter O, not zero) and press the Return/Enter key.

  14. GnuPG will now prompt you to create and verify a password for your key pair.

  15. After you have entered your passwords, your GnuPG key pair will be created under the .gnupg directory in your user directory.

  16. Run this command to display the contents of the .gnupg directory. It should contain the following directory private-keys-v1.d and files pubring.gpg, pubring.gpg~, random_seed, secring.gpg, S.gpg-agent, trustdb.gpg.

    ls -la .gnupg
  17. Export the created key pair. The --export option instructs GnuPG to export the key pair. The -a option instructs GnuPG to output the key pair in ascii armor format. Replace "Joe Q. Public" with the name you've entered when creating the key pair in step #10 above. Replace "jqpublic" with whatever text you choose.

    gpg --export -a 'Joe Q. Public' > RPM-GPG-KEY-jqpublic
  18. Import the key pair into the RPM keystore. Replace the "jqpublic" with the text you chose in step #17.

    sudo rpm --import RPM-GPG-KEY-jqpublic
  19. Verify that the key pair was added to the RPM keystore. The --q gpg-pubkey option queries the RPM GnuPG keystore. The %{name}-%{version}-%{release} --> %{summary}\n displays the result in a human readable format.

    rpm -q gpg-pubkey --qf '%{name}-%{version}-%{release} --> %{summary}\n'
  20. By creating a .rpmmacros file, RPM can be customized to perform assigned behaviors (example: ease automatic signing of RPMs). Use the nano program to create the file.

    nano .rpmmacros
  21. Then, add the following text below into the .rpmmacros file.

    %_gpg_name  Joe Q. Public
    %_query_all_fmt %%{name}-%%{version}-%%{release}.%%{arch}
    %_signature gpg
    %_topdir %(echo $HOME)/rpmbuild
  22. Save the document by entering the following keyboard combinations. The CTRL + X Keys. Then, the S Key. Finally, the Return/Enter Key.

  23. This command below will setup your RPM build environment. This will append additional macros to the .rpmmacros file you have created in step #20 and create the required directories to build and store RPMs.

    rpmdev-setuptree
  24. Run this command to display the contents of the rpmbuild directory. It should contain the following directories SOURCES, RPMS, BUILD, SRPMS and SPECS.

    find rpmbuild
  25. Download the TaskServer (taskd) source code to the rpmbuild/SOURCES directory.

    wget https://taskwarrior.org/download/taskd-1.1.0.tar.gz -P rpmbuild/SOURCES/
  26. Kill the running rgnd process.

    sudo kill -9 rngd

Step 3: Build TaskServer (taskd) RPM from source

  1. In order to build a new RPM from source, a TaskServer (taskd) SPEC file must be created.

     nano rpmbuild/SPECS/taskd.spec
  2. Add the following text below into the taskd.spec file.

     Name:           taskd
     Version:        1.1.0
     Release:        1%{?dist}
     Summary:        Secure server providing multi-user, multi-client access to task data
     Group:          Applications/Productivity
     License:        MIT
     URL:            http://tasktools.org/projects/taskd.html
     Source0:        http://taskwarrior.org/download/%{name}-%{version}.tar.gz
     Source1:        taskd.service
     Source2:        taskd-config
     Source3:        taskd.xml
    
     BuildRequires:  cmake
     BuildRequires:  libuuid-devel
     BuildRequires:  gnutls-devel
     BuildRequires:  shadow-utils
    
    
     %if 0%{?rhel} && 0%{?rhel} <= 6
     # On rhel, we don't need systemd to build.  but we do on centos.        
     # ...just to define some macros
     %else
     BuildRequires:  systemd
     %endif
    
     # For certificate generation        
     Requires:       gnutls-utils
    
     # Systemd requires
     Requires(post):    systemd
     Requires(preun):   systemd
     Requires(postun):  systemd
    
     %description
     The TaskServer is a lightweight, secure server providing multi-user,
     multi-client access to task data.  This allows true syncing between desktop and
     mobile clients.
    
     Users want task list access from multiple devices running software of differing
     sophistication levels to synchronize data seamlessly.  Synchronization requires
     the ability to exchange transactions between devices that may not have
     continuous connectivity, and may not have feature parity.
    
     The TaskServer provides this and builds a framework to go several steps beyond
     merely synchronizing data.
    
     %prep
     %setup -q %{name}-%{version}
    
     %build
     %cmake
     make %{?_smp_mflags}
    
     %install
     make install DESTDIR=%{buildroot}
    
     mkdir -p %{buildroot}%{_sharedstatedir}/taskd/
    
     # Users will keep their keys here, but we copy some helpful scripts too.
     mkdir -p %{buildroot}%{_sysconfdir}/pki/taskd/
     cp -a pki/generate* %{buildroot}%{_sysconfdir}/pki/taskd/.
    
     mkdir -p %{buildroot}%{_localstatedir}/log/taskd/
    
     %if 0%{?rhel} && 0%{?rhel} <= 6
     # EL6 and earlier needs a sysvinit script
     # Also, no firewalld on old EL
     %else
     mkdir -p %{buildroot}%{_unitdir}/
     cp -a %{SOURCE1} %{buildroot}%{_unitdir}/taskd.service
    
     mkdir -p %{buildroot}%{_prefix}/lib/firewalld/services
     cp -a %{SOURCE3} %{buildroot}%{_prefix}/lib/firewalld/services/taskd.xml
     %endif
    
     mkdir -p %{buildroot}%{_sharedstatedir}/taskd/orgs/
     cp -a %{SOURCE2} %{buildroot}%{_sharedstatedir}/taskd/config
    
     rm -r %{buildroot}%{_datadir}/doc/taskd/
    
     %pre
     getent group taskd >/dev/null || groupadd -r taskd
     getent passwd taskd >/dev/null || \
         useradd -r -g taskd -d %{_sharedstatedir}/taskd/ -s /usr/bin/sh \
         -c "Task Server system user" taskd
     exit 0
    
     # Systemd scriptlets
     %if 0%{?rhel} && 0%{?rhel} <= 6
     # No systemd for el6
     %else
    
     %post
     %systemd_post taskd.service
    
     %preun
     %systemd_preun taskd.service
    
     %postun
     %systemd_postun_with_restart taskd.service
    
     %endif
    
    
     %files
     %doc AUTHORS COPYING ChangeLog NEWS README
     %{_bindir}/taskd
     %{_bindir}/taskdctl
     %{_mandir}/man1/taskd.1.*
     %{_mandir}/man1/taskdctl.1.*
     %{_mandir}/man5/taskdrc.5.*
    
     %{_sysconfdir}/pki/taskd/generate*
    
     %dir %attr(0750, taskd, taskd) %{_sysconfdir}/pki/taskd/
     %dir %attr(0750, taskd, taskd) %{_localstatedir}/log/taskd/
    
     %dir %attr(0750, taskd, taskd) %{_sharedstatedir}/taskd/
     %config(noreplace) %attr(0644, taskd, taskd) %{_sharedstatedir}/taskd/config
     %dir %attr(0750, taskd, taskd) %{_sharedstatedir}/taskd/orgs/
    
     %if 0%{?rhel} && 0%{?rhel} <= 6
     # No sysvinit files for el6
     %else
     %{_unitdir}/taskd.service
     %{_prefix}/lib/firewalld/services/taskd.xml
     %endif
    
     %changelog
     * Thu Aug 17 2017 Jarrett Graham <jarrett+rpmbuild@jarrettgraham.com> - 1.1.0
     - Initial packaging.
  3. The RPM also requires three additional files that must be created in the rpmbuild/SOURCES directory. Use the nano program to create the taskd-config file.

     nano rpmbuild/SOURCES/taskd-config
  4. Add the following text below into the taskd-config file.

     # taskd configuration file
     confirmation=1
     verbose=1
     ip.log=on
     extensions=/usr/libexec/taskd
     queue.size=10
     request.limit=1048576
     server=0.0.0.0:53589
     root=/var/lib/taskd
     log=/var/log/taskd/taskd.log
     pid.file=/var/run/taskd.pid
     ca.cert=/etc/pki/taskd/ca.cert.pem
     server.cert=/etc/pki/taskd/server.cert.pem
     server.key=/etc/pki/taskd/server.key.pem
     server.crl=/etc/pki/taskd/server.crl.pem
  5. Use the nano program to create the taskd.service file.

     nano rpmbuild/SOURCES/taskd.service
  6. Add the following text below into the taskd.service file.

     [Unit]
     Description=Secure server providing multi-user, multi-client access to task data
     After=network.target
     Documentation=https://tasktools.org/projects/taskd.html
    
     [Service]
     ExecStart=/usr/bin/taskd server --data /var/lib/taskd
     Type=simple
     User=taskd
     Group=taskd
    
     [Install]
     WantedBy=multi-user.target
  7. Use the nano program to create the taskd.xml file.

     nano rpmbuild/SOURCES/taskd.xml
  8. Add the following text below into the taskd.xml file.

     <?xml version="1.0" encoding="utf-8"?>
     <service>
       <short>Task-warrior server</short>
       <description>This option allows you to connect to the task warrior server.</description>
       <port protocol="tcp" port="53589"/>
     </service>
  9. In order to build the TaskServer (taskd) RPM, three packages are required for building. Run the command below to install those packages.

     sudo yum install cmake libuuid-devel gnutls-devel gnutls-utils -y
  10. Now it is time to build from source and create an RPM for TaskServer (taskd). Run the commands below to get started. It should take less than a minute on a 1x CPU Rcs instance to build the RPMs. Enter the GnuPG password you created in step #14 to sign the RPM when prompted.

    cd rpmbuild/SPECS/
    rpm -ba -sign taskd.spec
  11. Install the TaskServer (taskd) RPM.

    cd
    sudo rpm -ivh rpmbuild/RPMS/x86_64/taskd-1.1.0-1.el7.centos.x86_64.rpm

Step 4: Configure TaskServer (task)

  1. In order for TaskServer (taskd) to communicate and sync with TaskWarrior (task) clients, you will need to use the generation scripts found under /etc/pki/taskd/ to generate server and client certificates/keys. Elevate to the root user using the command below and change directory to /etc/pki/taskd.

     sudo su -
     cd /etc/pki/taskd/
  2. Use the nano program to create a vars file in order to generate a self-signed Root CA.

     nano vars

    Add the following text below into the vars file. Change ORGANIZATION, CN, COUNTRY, STATE and LOCALITY to your satisfaction.

     BITS=4096
     EXPIRATION_DAYS=365
     ORGANIZATION="Rcs.com Inc."
     CN=taskd.example.com
     COUNTRY=US
     STATE="New York"
     LOCALITY="New York"
  3. Generate the self-signed Root CA, certificate, server key and server revocation list (optional).

     ./generate.ca
     ./generate.server
     ./generate.crl

    These commands will create the following files (ca.cert.pem, ca.key.pem, server.cert.pem, server.key.pem and server.crl.pem) inside the /etc/pki/taskd/ directory. In order for TaskServer (taskd) to start, the ownership and permissions on the certificates and keys generated in step #37 must be modified to allow TaskServer (taskd) to access them. Run the commands below to change them.

     chown taskd.taskd ca.cert.pem ca.key.pem server.cert.pem server.crl.pem server.key.pem
     chmod 400 ca.cert.pem ca.key.pem server.cert.pem server.crl.pem server.key.pem
  4. Enable and start the TaskServer (taskd) daemon.

     systemctl enable taskd
     systemctl start taskd
  5. Open the port in the firewall TaskServer (taskd) runs on.

     firewall-cmd --permanent --zone=public --add-port=53589/tcp
     firewall-cmd --reload

    TaskServer (taskd) is now installed and setup on your CentOS 7 instance.

Step 5: Configure TaskWarrior client certificate and key

  1. You must create client certificates and key to encrypt communications between TaskServer (taskd) and TaskWarrior (task). Run the command below to generate a client certificate and key. Replace NAME with a name you can easily recognize for your client.

     generate.client NAME

    This command will create the following files (NAME.cert.pem, NAME.key.pem) inside of the /etc/pki/taskd/ directory.

  2. Copy the following files to your user directory, change the ownership and permissions. Substitute joeqpublic below with your actual username directory.

     cp ca.cert.pem NAME.cert.pem NAME.key.pem /home/joeqpublic/
     chown joeqpublic.joeqpublic /home/joeqpublic/*.pem
     chmod 400 /home/joeqpublic/*.pem
  3. Create a zip archive of the certificates and key.

     zip certficates.zip ca.cert.pem NAME.cert.pem NAME.key.pem
  4. Use scp (command line) or WinSCP (GUI frontend for SCP) to download the certificates.zip file from your CentOS instance to your client device (computer/laptop/smartphone).

  5. Drop root privileges and perform the rest of your commands as your regular user.

     exit

    TaskServer (taskd) is now setup and ready for TaskWarrior (task) clients to connect.

Step 6: Create your first TaskWarrior group and user

  1. In order to create, delete, modify and sync your tasks, you will need a user account. However, before you can add users, you will first need to create an organizational group. Run the command below to create your first group. Replace GROUP with an easily recognizable name.

  2. IMPORTANT! The taskd command to create groups/users must be ran as the taskd user. Running as the root user will create directories and files owned by the root user under /var/lib/taskd/orgs which will prevent TaskWarrior (task) clients from being able to access or modify anything in the group to which they have been assigned. Access will be denied.

     sudo -u taskd taskd add org GROUP --data /var/lib/taskd
  3. Now, that you've created your first group, let's create your first user. Run the command below to create a user assigned to the group created in step #1. Copy and paste the generated user key, user and group in a text file. Repeat the process to add additional users.

     sudo -u taskd taskd add user GROUP 'Joe. Q. Public' --data /var/lib/taskd

Step 7: Install TaskWarrior clients

Windows 10 (Build later than 1607+)

To use TaskWarrior (task) on Windows 10, you need to install the Windows Subsystem For Linux from the Windows Store.

  1. To install WSL, an elevated Powershell prompt is required. Press the Window Key and type powershell. Right click on Windows Powershell at the top of the results and select "Run as administrator". At the User Account Control prompt, click Yes. Copy and paste the text found below in the Powershell windows. When WSL finishes installing, press the Y Key to restart Windows.

     Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux
  2. After rebooting, open a command prompt and type the following command bash. This will install Ubuntu on Windows. Press the Y Key. It will now be downloaded and extracted. Choose a username and password.

     bash
  3. Now it's time to install TaskWarrior (task). Type the following command inside the console.

     sudo apt-get install task -y
  4. Type exit twice to exit out of bash terminal and the Windows command prompt.

  5. Click the Start Menu button. Type ubuntu. Right click on Bash on Ubuntu on Windows. Select Pin to taskbar. This provides convenience to quickly access bash to access TaskWarrior (task).

  6. Click on the Ubuntu icon you have just created on the taskbar. This will open a terminal window running Bash. Type the following command below to create TaskWarrior (task) data directory (~/.task/) and configuration file (.taskrc).

     task version
     yes
  7. You need to move the certificates.zip file you've saved earlier during the TaskServer setup into the ~/.taskd/ directory inside of your user directory. To extract the files from the zip file, install the unzip program first. Copy and paste the following commands below substituting the actual location of your copy of certificates.zip.

     sudo apt-get install unzip -y
     cp /mnt/c/User/WINDOWSUSER/Desktop/certificates.zip .
     cd .task
     unzip ../certificates.zip
     cd
  8. Type the following commands to set TaskWarrior (task) up to connect with TaskServer (taskd). Replace NAME with what you've named your certificate and key, GROUP with the group you've created, Joe Q. Public with the username you've created and XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX with the key assigned when your user was created on the TaskWarrior (taskd) server.

     task config taskd.ca -- ~/.task/ca.cert.pem
     task config taskd.certificate -- ~/.task/**NAME**.cert.pem
     task config taskd.key -- ~/.task/**NAME**.key.pem
     task config taskd.server -- taskd.example.com:53589
     task config taskd.credentials -- GROUP/Joe Q. Public/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX
  9. Now it's time to sync TaskWarrior (task) with TaskServer (taskd). Run the command below to initialize the database.

     task sync init

    Syncing between your TaskWarrior (task) client and the TaskServer (taskd) is now setup on the Windows 10 platform.

Android

To use TaskWarrior (task) on Android, you need to install the TaskWarrior For Android from the Google Play Store.

  1. Install the TaskWarrior (task) For Android app on Google's Play Store.

  2. Open the TaskWarrior (task) For Android app.

  3. You will be prompted by the app to create an account with a Desired account name. Input the name you chose when you created an username for a TaskServer (taskd) user.

  4. Leave the data folder to the default setting of <<Create new>> and tap the OK button. Use a file manager app to create a folder in your storage root (for example: /storage/emulate/0/Certs). Send the app to the background.

  5. Copy the certificates.zip file you've created earlier and extract its contents in your directory created in step #4.

  6. Foreground the "TaskWarrior (task) For Android" app and tap the the menu at the top left corner of the app to open it.

  7. Scroll down to the bottom of the menu and tap the Settings option.

  8. This will open a simple built-in TaskWarrior For Android app text editor.

  9. Enter the following options to set up syncing with your TaskServer (taskd). Replace the taskd.ca/taskd.certificate/taskd.key` variables with the actual ca/certificate/key directory path(s), NAME with what you named your certificate and key, GROUP with the group you created, Joe Q. Public with the username you created and XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX with the key assigned when you created your user on the TaskWarrior (taskd) server.

     taskd.ca=/storage/emulate/0/Certs/ca.cert.pem
     taskd.certificate=/storage/emulate/0/Certs/NAME.cert.pem
     taskd.credentials=GROUP/Joe Q. Public/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
     taskd.key=/storage/emulate/0/Certs/NAME.key.pem
     taskd.server=taskd.example.com:53589
  10. Tap the the floppy disk icon to save your settings.

Syncing between your TaskWarrior (task) client and the TaskServer (taskd) is now setup on the Android platform.

Linux

  1. Refer to the TaskWarrior (task) distribution section to install for your particular Linux distribution.

  2. Open a terminal window. Type the following command below to create TaskWarrior (task) data directory (~/.task/) and configuration file (.taskrc).

     task version
     yes
  3. You need to move the certificates.zip file you've saved earlier in the TaskServer setup to the ~/.taskd/ directory inside of your user directory. To extract the files from the zip file, install the unzip program first for your particular distribution. Copy and paste the following commands below, substituting the actual location of your copy of certificates.zip.

     cp /location/of/certificates.zip .
     cd .task
     unzip ../certificates.zip
     cd
  4. Type the following commands to set TaskWarrior (task) up to connect with TaskServer (taskd). Replace NAME with what you've named your certificate and key, GROUP with the group you've created, Joe Q. Public with the username you've created and XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX with the key assigned when your user was created on the TaskWarrior (taskd) server.

     task config taskd.ca -- ~/.task/ca.cert.pem
     task config taskd.certificate -- ~/.task/**NAME**.cert.pem
     task config taskd.key -- ~/.task/**NAME**.key.pem
     task config taskd.server -- taskd.example.com:53589
     task config taskd.credentials -- GROUP/Joe Q. Public/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX
  5. Now it's time to sync TaskWarrior (task) with TaskServer (taskd). Run the command below to initialize the database.

     task sync init

Addendum: If you run Gnome Shell, there's an extension called TaskWhisper that integrates with TaskWarrior (task).

Syncing between your TaskWarrior (task) client and the TaskServer (taskd) is now setup on your favorite Linux distro.

TaskWarrior is an open source time management tool that is an improvement on the Todo.txt application and its clones. Due to the fact that the average person uses multiple devices/platforms in their daily schedule, it is critical to have the ability to have a centralized repository where the data can be accessed and updated from any device. This tutorial will focus on setting up both the server, called TaskServer (taskd), and the client, called TaskWarrior (task), allowing multiple client devices to access and exchange data securely. It has the following features: Unlimited tasks Task prioritizing Search filtering Tagging Automatic syncing Automatic backup Full control and privacy Encrypted communication Prerequisites A CentOS 7 x64 server instance. A sudo user. Domain name pointed to a Rcs instance ( taskd.example.com ) Step 1: Update the system Log in as your sudo user to install the EPEL Repository and update the system as follows: sudo yum install epel-release -y sudo yum clean all && sudo yum update -y Step 2: Install RPM Build and tools for building The EPEL repository doesn't contain an RPM for the TaskServer (taskd), so we have to build it from source into an RPM package ourselves. Install GCC, Make, RPM Build, development and signing tools. sudo yum install gcc gcc-c++ make rpmdevtools rpm-sign rpm-build -y Create a GnuPG directory which will hold the GPG files necessary for signing our RPM. mkdir .gnupg When creating a key, we require entropy in the system to properly randomize it. The rngd daemon generates the entropy necessary from /dev/urandom. So let's install that now. yum install rngd -y Start up the rngd daemon to generate entropy. The -r option points to /dev/urandom instead of the default /dev/hwrng. sudo rngd -r /dev/urandom Generate a key. The --gen-key option tells gpg to generate a new key pair. gpg --gen-key For the "Please select what kind of key you want:" option, select "(1) RSA and RSA (default)" for the key type by entering 1 and pressing the Return/Enter key. For the "What keysize do you want? (2048)" option, choose the default by pressing the Return/Enter key. For the "Please specify how long the key should be valid." option, choose the default by pressing the Return/Enter key. For the "Is this correct? (y/N)" option, enter y and press the Return/Enter key. Under "Real name:", enter a name of your choosing and press the Return/Enter key. Under "Email address:", enter an email address of your choosing and press the Return/Enter key. The Comment: section can be left blank if you so choose. Make any changes necessary if you didn't enter your information correctly. If you are satisfied with USER-ID information displayed, enter O (capital letter O, not zero) and press the Return/Enter key. GnuPG will now prompt you to create and verify a password for your key pair. After you have entered your passwords, your GnuPG key pair will be created under the .gnupg directory in your user directory. Run this command to display the contents of the .gnupg directory. It should contain the following directory private-keys-v1.d and files pubring.gpg, pubring.gpg~, random_seed, secring.gpg, S.gpg-agent, trustdb.gpg. ls -la .gnupg Export the created key pair. The --export option instructs GnuPG to export the key pair. The -a option instructs GnuPG to output the key pair in ascii armor format. Replace "Joe Q. Public" with the name you've entered when creating the key pair in step #10 above. Replace "jqpublic" with whatever text you choose. gpg --export -a 'Joe Q. Public' > RPM-GPG-KEY-jqpublic Import the key pair into the RPM keystore. Replace the "jqpublic" with the text you chose in step #17. sudo rpm --import RPM-GPG-KEY-jqpublic Verify that the key pair was added to the RPM keystore. The --q gpg-pubkey option queries the RPM GnuPG keystore. The %{name}-%{version}-%{release} --> %{summary}\n displays the result in a human readable format. rpm -q gpg-pubkey --qf '%{name}-%{version}-%{release} --> %{summary}\n' By creating a .rpmmacros file, RPM can be customized to perform assigned behaviors (example: ease automatic signing of RPMs). Use the nano program to create the file. nano .rpmmacros Then, add the following text below into the .rpmmacros file. %_gpg_name Joe Q. Public %_query_all_fmt %%{name}-%%{version}-%%{release}.%%{arch} %_signature gpg %_topdir %(echo $HOME)/rpmbuild Save the document by entering the following keyboard combinations. The CTRL + X Keys. Then, the S Key. Finally, the Return/Enter Key. This command below will setup your RPM build environment. This will append additional macros to the .rpmmacros file you have created in step #20 and create the required directories to build and store RPMs. rpmdev-setuptree Run this command to display the contents of the rpmbuild directory. It should contain the following directories SOURCES, RPMS, BUILD, SRPMS and SPECS. find rpmbuild Download the TaskServer (taskd) source code to the rpmbuild/SOURCES directory. wget https://taskwarrior.org/download/taskd-1.1.0.tar.gz -P rpmbuild/SOURCES/ Kill the running rgnd process. sudo kill -9 rngd Step 3: Build TaskServer (taskd) RPM from source In order to build a new RPM from source, a TaskServer (taskd) SPEC file must be created. nano rpmbuild/SPECS/taskd.spec Add the following text below into the taskd.spec file. Name: taskd Version: 1.1.0 Release: 1%{?dist} Summary: Secure server providing multi-user, multi-client access to task data Group: Applications/Productivity License: MIT URL: http://tasktools.org/projects/taskd.html Source0: http://taskwarrior.org/download/%{name}-%{version}.tar.gz Source1: taskd.service Source2: taskd-config Source3: taskd.xml BuildRequires: cmake BuildRequires: libuuid-devel BuildRequires: gnutls-devel BuildRequires: shadow-utils %if 0%{?rhel} && 0%{?rhel} <= 6 # On rhel, we don't need systemd to build. but we do on centos. # ...just to define some macros %else BuildRequires: systemd %endif # For certificate generation Requires: gnutls-utils # Systemd requires Requires(post): systemd Requires(preun): systemd Requires(postun): systemd %description The TaskServer is a lightweight, secure server providing multi-user, multi-client access to task data. This allows true syncing between desktop and mobile clients. Users want task list access from multiple devices running software of differing sophistication levels to synchronize data seamlessly. Synchronization requires the ability to exchange transactions between devices that may not have continuous connectivity, and may not have feature parity. The TaskServer provides this and builds a framework to go several steps beyond merely synchronizing data. %prep %setup -q %{name}-%{version} %build %cmake make %{?_smp_mflags} %install make install DESTDIR=%{buildroot} mkdir -p %{buildroot}%{_sharedstatedir}/taskd/ # Users will keep their keys here, but we copy some helpful scripts too. mkdir -p %{buildroot}%{_sysconfdir}/pki/taskd/ cp -a pki/generate* %{buildroot}%{_sysconfdir}/pki/taskd/. mkdir -p %{buildroot}%{_localstatedir}/log/taskd/ %if 0%{?rhel} && 0%{?rhel} <= 6 # EL6 and earlier needs a sysvinit script # Also, no firewalld on old EL %else mkdir -p %{buildroot}%{_unitdir}/ cp -a %{SOURCE1} %{buildroot}%{_unitdir}/taskd.service mkdir -p %{buildroot}%{_prefix}/lib/firewalld/services cp -a %{SOURCE3} %{buildroot}%{_prefix}/lib/firewalld/services/taskd.xml %endif mkdir -p %{buildroot}%{_sharedstatedir}/taskd/orgs/ cp -a %{SOURCE2} %{buildroot}%{_sharedstatedir}/taskd/config rm -r %{buildroot}%{_datadir}/doc/taskd/ %pre getent group taskd >/dev/null || groupadd -r taskd getent passwd taskd >/dev/null || \ useradd -r -g taskd -d %{_sharedstatedir}/taskd/ -s /usr/bin/sh \ -c "Task Server system user" taskd exit 0 # Systemd scriptlets %if 0%{?rhel} && 0%{?rhel} <= 6 # No systemd for el6 %else %post %systemd_post taskd.service %preun %systemd_preun taskd.service %postun %systemd_postun_with_restart taskd.service %endif %files %doc AUTHORS COPYING ChangeLog NEWS README %{_bindir}/taskd %{_bindir}/taskdctl %{_mandir}/man1/taskd.1.* %{_mandir}/man1/taskdctl.1.* %{_mandir}/man5/taskdrc.5.* %{_sysconfdir}/pki/taskd/generate* %dir %attr(0750, taskd, taskd) %{_sysconfdir}/pki/taskd/ %dir %attr(0750, taskd, taskd) %{_localstatedir}/log/taskd/ %dir %attr(0750, taskd, taskd) %{_sharedstatedir}/taskd/ %config(noreplace) %attr(0644, taskd, taskd) %{_sharedstatedir}/taskd/config %dir %attr(0750, taskd, taskd) %{_sharedstatedir}/taskd/orgs/ %if 0%{?rhel} && 0%{?rhel} <= 6 # No sysvinit files for el6 %else %{_unitdir}/taskd.service %{_prefix}/lib/firewalld/services/taskd.xml %endif %changelog * Thu Aug 17 2017 Jarrett Graham - 1.1.0 - Initial packaging. The RPM also requires three additional files that must be created in the rpmbuild/SOURCES directory. Use the nano program to create the taskd-config file. nano rpmbuild/SOURCES/taskd-config Add the following text below into the taskd-config file. # taskd configuration file confirmation=1 verbose=1 ip.log=on extensions=/usr/libexec/taskd queue.size=10 request.limit=1048576 server=0.0.0.0:53589 root=/var/lib/taskd log=/var/log/taskd/taskd.log pid.file=/var/run/taskd.pid ca.cert=/etc/pki/taskd/ca.cert.pem server.cert=/etc/pki/taskd/server.cert.pem server.key=/etc/pki/taskd/server.key.pem server.crl=/etc/pki/taskd/server.crl.pem Use the nano program to create the taskd.service file. nano rpmbuild/SOURCES/taskd.service Add the following text below into the taskd.service file. [Unit] Description=Secure server providing multi-user, multi-client access to task data After=network.target Documentation=https://tasktools.org/projects/taskd.html [Service] ExecStart=/usr/bin/taskd server --data /var/lib/taskd Type=simple User=taskd Group=taskd [Install] WantedBy=multi-user.target Use the nano program to create the taskd.xml file. nano rpmbuild/SOURCES/taskd.xml Add the following text below into the taskd.xml file. Task-warrior server This option allows you to connect to the task warrior server. In order to build the TaskServer (taskd) RPM, three packages are required for building. Run the command below to install those packages. sudo yum install cmake libuuid-devel gnutls-devel gnutls-utils -y Now it is time to build from source and create an RPM for TaskServer (taskd). Run the commands below to get started. It should take less than a minute on a 1x CPU Rcs instance to build the RPMs. Enter the GnuPG password you created in step #14 to sign the RPM when prompted. cd rpmbuild/SPECS/ rpm -ba -sign taskd.spec Install the TaskServer (taskd) RPM. cd sudo rpm -ivh rpmbuild/RPMS/x86_64/taskd-1.1.0-1.el7.centos.x86_64.rpm Step 4: Configure TaskServer (task) In order for TaskServer (taskd) to communicate and sync with TaskWarrior (task) clients, you will need to use the generation scripts found under /etc/pki/taskd/ to generate server and client certificates/keys. Elevate to the root user using the command below and change directory to /etc/pki/taskd. sudo su - cd /etc/pki/taskd/ Use the nano program to create a vars file in order to generate a self-signed Root CA. nano vars Add the following text below into the vars file. Change ORGANIZATION, CN, COUNTRY, STATE and LOCALITY to your satisfaction. BITS=4096 EXPIRATION_DAYS=365 ORGANIZATION="Rcs.com Inc." CN=taskd.example.com COUNTRY=US STATE="New York" LOCALITY="New York" Generate the self-signed Root CA, certificate, server key and server revocation list (optional). ./generate.ca ./generate.server ./generate.crl These commands will create the following files (ca.cert.pem, ca.key.pem, server.cert.pem, server.key.pem and server.crl.pem) inside the /etc/pki/taskd/ directory. In order for TaskServer (taskd) to start, the ownership and permissions on the certificates and keys generated in step #37 must be modified to allow TaskServer (taskd) to access them. Run the commands below to change them. chown taskd.taskd ca.cert.pem ca.key.pem server.cert.pem server.crl.pem server.key.pem chmod 400 ca.cert.pem ca.key.pem server.cert.pem server.crl.pem server.key.pem Enable and start the TaskServer (taskd) daemon. systemctl enable taskd systemctl start taskd Open the port in the firewall TaskServer (taskd) runs on. firewall-cmd --permanent --zone=public --add-port=53589/tcp firewall-cmd --reload TaskServer (taskd) is now installed and setup on your CentOS 7 instance. Step 5: Configure TaskWarrior client certificate and key You must create client certificates and key to encrypt communications between TaskServer (taskd) and TaskWarrior (task). Run the command below to generate a client certificate and key. Replace NAME with a name you can easily recognize for your client. generate.client NAME This command will create the following files (NAME.cert.pem, NAME.key.pem) inside of the /etc/pki/taskd/ directory. Copy the following files to your user directory, change the ownership and permissions. Substitute joeqpublic below with your actual username directory. cp ca.cert.pem NAME.cert.pem NAME.key.pem /home/joeqpublic/ chown joeqpublic.joeqpublic /home/joeqpublic/*.pem chmod 400 /home/joeqpublic/*.pem Create a zip archive of the certificates and key. zip certficates.zip ca.cert.pem NAME.cert.pem NAME.key.pem Use scp (command line) or WinSCP (GUI frontend for SCP) to download the certificates.zip file from your CentOS instance to your client device (computer/laptop/smartphone). Drop root privileges and perform the rest of your commands as your regular user. exit TaskServer (taskd) is now setup and ready for TaskWarrior (task) clients to connect. Step 6: Create your first TaskWarrior group and user In order to create, delete, modify and sync your tasks, you will need a user account. However, before you can add users, you will first need to create an organizational group. Run the command below to create your first group. Replace GROUP with an easily recognizable name. IMPORTANT! The taskd command to create groups/users must be ran as the taskd user. Running as the root user will create directories and files owned by the root user under /var/lib/taskd/orgs which will prevent TaskWarrior (task) clients from being able to access or modify anything in the group to which they have been assigned. Access will be denied. sudo -u taskd taskd add org GROUP --data /var/lib/taskd Now, that you've created your first group, let's create your first user. Run the command below to create a user assigned to the group created in step #1. Copy and paste the generated user key, user and group in a text file. Repeat the process to add additional users. sudo -u taskd taskd add user GROUP 'Joe. Q. Public' --data /var/lib/taskd Step 7: Install TaskWarrior clients Windows 10 (Build later than 1607+) To use TaskWarrior (task) on Windows 10, you need to install the Windows Subsystem For Linux from the Windows Store. To install WSL, an elevated Powershell prompt is required. Press the Window Key and type powershell. Right click on Windows Powershell at the top of the results and select "Run as administrator". At the User Account Control prompt, click Yes. Copy and paste the text found below in the Powershell windows. When WSL finishes installing, press the Y Key to restart Windows. Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux After rebooting, open a command prompt and type the following command bash. This will install Ubuntu on Windows. Press the Y Key. It will now be downloaded and extracted. Choose a username and password. bash Now it's time to install TaskWarrior (task). Type the following command inside the console. sudo apt-get install task -y Type exit twice to exit out of bash terminal and the Windows command prompt. Click the Start Menu button. Type ubuntu. Right click on Bash on Ubuntu on Windows. Select Pin to taskbar. This provides convenience to quickly access bash to access TaskWarrior (task). Click on the Ubuntu icon you have just created on the taskbar. This will open a terminal window running Bash. Type the following command below to create TaskWarrior (task) data directory (~/.task/) and configuration file (.taskrc). task version yes You need to move the certificates.zip file you've saved earlier during the TaskServer setup into the ~/.taskd/ directory inside of your user directory. To extract the files from the zip file, install the unzip program first. Copy and paste the following commands below substituting the actual location of your copy of certificates.zip. sudo apt-get install unzip -y cp /mnt/c/User/WINDOWSUSER/Desktop/certificates.zip . cd .task unzip ../certificates.zip cd Type the following commands to set TaskWarrior (task) up to connect with TaskServer (taskd). Replace NAME with what you've named your certificate and key, GROUP with the group you've created, Joe Q. Public with the username you've created and XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX with the key assigned when your user was created on the TaskWarrior (taskd) server. task config taskd.ca -- ~/.task/ca.cert.pem task config taskd.certificate -- ~/.task/**NAME**.cert.pem task config taskd.key -- ~/.task/**NAME**.key.pem task config taskd.server -- taskd.example.com:53589 task config taskd.credentials -- GROUP/Joe Q. Public/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX Now it's time to sync TaskWarrior (task) with TaskServer (taskd). Run the command below to initialize the database. task sync init Syncing between your TaskWarrior (task) client and the TaskServer (taskd) is now setup on the Windows 10 platform. Android To use TaskWarrior (task) on Android, you need to install the TaskWarrior For Android from the Google Play Store. Install the TaskWarrior (task) For Android app on Google's Play Store. Open the TaskWarrior (task) For Android app. You will be prompted by the app to create an account with a Desired account name. Input the name you chose when you created an username for a TaskServer (taskd) user. Leave the data folder to the default setting of <> and tap the OK button. Use a file manager app to create a folder in your storage root (for example: /storage/emulate/0/Certs). Send the app to the background. Copy the certificates.zip file you've created earlier and extract its contents in your directory created in step #4. Foreground the "TaskWarrior (task) For Android" app and tap the the menu at the top left corner of the app to open it. Scroll down to the bottom of the menu and tap the Settings option. This will open a simple built-in TaskWarrior For Android app text editor. Enter the following options to set up syncing with your TaskServer (taskd). Replace the taskd.ca/taskd.certificate/taskd.key` variables with the actual ca/certificate/key directory path(s), NAME with what you named your certificate and key, GROUP with the group you created, Joe Q. Public with the username you created and XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX with the key assigned when you created your user on the TaskWarrior (taskd) server. taskd.ca=/storage/emulate/0/Certs/ca.cert.pem taskd.certificate=/storage/emulate/0/Certs/NAME.cert.pem taskd.credentials=GROUP/Joe Q. Public/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX taskd.key=/storage/emulate/0/Certs/NAME.key.pem taskd.server=taskd.example.com:53589 Tap the the floppy disk icon to save your settings. Syncing between your TaskWarrior (task) client and the TaskServer (taskd) is now setup on the Android platform. Linux Refer to the TaskWarrior (task) distribution section to install for your particular Linux distribution. Open a terminal window. Type the following command below to create TaskWarrior (task) data directory (~/.task/) and configuration file (.taskrc). task version yes You need to move the certificates.zip file you've saved earlier in the TaskServer setup to the ~/.taskd/ directory inside of your user directory. To extract the files from the zip file, install the unzip program first for your particular distribution. Copy and paste the following commands below, substituting the actual location of your copy of certificates.zip. cp /location/of/certificates.zip . cd .task unzip ../certificates.zip cd Type the following commands to set TaskWarrior (task) up to connect with TaskServer (taskd). Replace NAME with what you've named your certificate and key, GROUP with the group you've created, Joe Q. Public with the username you've created and XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX with the key assigned when your user was created on the TaskWarrior (taskd) server. task config taskd.ca -- ~/.task/ca.cert.pem task config taskd.certificate -- ~/.task/**NAME**.cert.pem task config taskd.key -- ~/.task/**NAME**.key.pem task config taskd.server -- taskd.example.com:53589 task config taskd.credentials -- GROUP/Joe Q. Public/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX Now it's time to sync TaskWarrior (task) with TaskServer (taskd). Run the command below to initialize the database. task sync init Addendum: If you run Gnome Shell, there's an extension called TaskWhisper that integrates with TaskWarrior (task). Syncing between your TaskWarrior (task) client and the TaskServer (taskd) is now setup on your favorite Linux distro.

Was this answer helpful?
Back

Powered by WHMCompleteSolution