Windows Server installation
Prepare an environment with Windows Server. Refer to the Get started with Windows Server guide for more information.
System requirements
Supported operating systems
Windows Server 2008 or higher
Minimum hardware requirements
4 GB RAM
2 vCores
100 MBit network connection
120 MB free disk space for the installation files
10 GB free disk space for application data
The actual requirement depends on the use case, a scalable store solution is recommended
Environment dependencies
DNS name
Free port (e.g.,
80
or443
, other ports can be configured as well)HTTP(S) connectivity client => server
SSL certificate (.p12 / .pfx) with or without a private key passphrase
The passphrase is stored as plain text in
server-config.json
SMTP server with or without authentication
Recommendations
Store Ninox data files on SSD storage
Implement a backup strategy with at least two layers of backup
VM snapshots
File system-based incremental backups of the data directory
Implement a fail-over strategy
Network configuration
Ninox client/server communication is based on HTTP(S). There are multiple ways to configure a Ninox installation, however, the following properties must be given:
Clients must be able to connect to the Ninox server by HTTPS via TCP/IP
A DNS name for the Ninox server (or the first component in the configuration that terminates the client connection) that reliably resolves to the server's IP
Static IP addresses are highly encouraged, DynDNS is not recommended
If clients connect from the internet and intranet, they need to use the same address/DNS name
Follow the steps for one of the deployment configurations.
Simple setup
Client –> HTTPS –> Server
The basic configuration requires that the Ninox server exposes a port for HTTP communication on the internet or on a private network.
Forward proxy setup
Client –> HTTPS –> Forward Proxy –> HTTPS –> Server
DMZ setup
Client –> HTTPS –> Reverse Proxy –> HTTP –> Server
In a DMZ environment, a reverse proxy terminates any client-side communication. This is the recommended configuration for environments that have already implemented a DMZ. Two main advantages of a DMZ setup are:
Centralized certificate management on the reverse proxy
A reverse proxy can act as a security component with traffic inspection
Requirements
Allow at least the following HTTP methods:
POST
,GET
,PUT
,PATCH
,DELETE
,OPTIONS
, andHEAD
TCP timeouts must be higher than 60 seconds
No path rewriting rules, Ninox cannot be mounted on a sub-path
Ninox may heavily rely on parallel TCP connections
The reverse proxy needs to be able to handle multiple TCP connections—ideally at least 2 concurrent connections per concurrent client
Configuration file
Edit server-config.json
in the installation directory. Refer to section Sample configuration file for more information.
On Windows, do not use Notepad to edit the configuration file. Other code editors, including Notepad ++, are suitable options.
Ensure the configuration file complies with the UTF-8 encoded JSON format. The configuration file must not involve proprietary UTF-8 encoding headers.