DigiVC documentation
Installation and initial setup
The production server is intended for Oracle Linux 9 or DigiOS. PostgreSQL must be version 16 or later. The database may be local or hosted on a separate PostgreSQL server.
Supported server host
The production server is intended for Oracle Linux 9 or DigiOS. PostgreSQL must be version 16 or later. The database may be local or hosted on a separate PostgreSQL server.
What to upload to the server
For a new server installation, upload the complete DigiVC release bundle with a .tar.xz extension. Do not upload only a client package, and do not try to install the .tar.xz file as an RPM.
A bundle normally contains:
- the Server RPM;
- manifest and SHA-256 checksums;
install-digivc-server;- available Linux and Windows client packages.
Names depend on which clients are included, but the public version is a semantic version such as 0.1.3.
Installation
mkdir -p ~/digivc-install
cd ~/digivc-install
tar -xJf /path/to/DigiVC-Release-*.tar.xz
cd DigiVC-Release-*
sudo ./install-digivc-serverThe installer should:
- verify the bundle manifest and checksums;
- provide the required PostgreSQL client (
psqlandpg_isready); - install the Server RPM;
- prepare systemd services and protected runtime configuration;
- display a URL and one-time setup token for web setup.
Initial web setup
Open the URL printed by the installer and enter the setup token.
1. PostgreSQL
Select:
- Local — PostgreSQL runs on the DigiVC server;
- Remote — PostgreSQL runs on a different host.
For a remote connection, enter the host, port, PostgreSQL administrative role and password.
PostgreSQL SSL mode
| Mode | Use case |
|---|---|
disable | PostgreSQL has no SSL and the connection is on a protected internal network |
prefer | Try SSL, but allow a non-SSL fallback |
require | Require encryption without CA/hostname verification |
verify-ca | Require SSL and verify the issuing CA |
verify-full | Require SSL, CA verification and hostname matching; strictest mode |
Example: remote PostgreSQL at 10.10.0.40 without SSL support:
Database mode: Remote
Host: 10.10.0.40
Port: 5432
SSL mode: disable2. Web transport
Choose the protocol used by the internal DigiVC listener:
- HTTP — appropriate behind Digi Wall or another reverse proxy that terminates HTTPS;
- HTTPS — DigiVC terminates TLS itself.
The internal listener and public URL are separate settings. For example:
DigiVC listener: HTTP
Bind: 0.0.0.0:8000
Public URL: https://digivc.company.exampleIn HTTP mode DigiVC must not require or create TLS key/certificate files. In HTTPS mode the installer creates and validates the required TLS material.
3. First administrator
Enter:
- username;
- email;
- display name;
- password and confirmation.
The minimum password length is 8 characters. No additional 12/14-character or complexity rule is imposed unless explicitly configured later.
After installation
- Open the public URL.
- Sign in with the first administrator account.
- Review System and Operations.
- Create the first project and repository.
- Install the appropriate Desktop Client on user workstations.
Upgrades
Use the new release bundle and its lifecycle/installer workflow. Do not manually replace files under /opt, edit the encrypted configuration, or delete Vault Storage or PostgreSQL data.