Press "Enter" to skip to content

How to Install Kimchi/Wok on debian 9 (stretch)

I wanted to install some VM’s on the server that hosts this blog.  I decided to try out Kimchi which is a neat html5 management engine for kvm.  As this server is running apache the method was a little different than the one in the docs.  Here are the steps:

Install the necessary dependencies:

#this is all pretty standard - the only unusual thing here is sudo, Wok throws a permission error without it even if logged in as root 
apt install python-cherrypy3 python-cheetah python-pam python-m2crypto python-jsonschema python-psutil python-ldap python-lxml apache2 openssl websockify libvirt-daemon-system sudo dnsmasq ebtables gcc make autoconf automake gettext git pkgconf xsltproc logrotate novnc python-libvirt libvirt-daemon nfs-common qemu-kvm python-ethtool sosreport python-ipaddr open-iscsi python-guestfs libguestfs-tools spice-html5 python-magic python-paramiko python-imaging fonts-font-awesome hddtemp libuser1 python-augeas python-libuser python-configobj python-parted unzip

Get wok and install it – wok is the web-framework that runs kimchi

wget https://github.com/kimchi-project/wok/archive/master.zip
unzip master.zip
cd wok-master
./autogen.sh --system
make
make install

Copy the apache configuration:

cp contrib/wok.conf.apache /etc/apache2/sites-available/wok.conf
ln -s /etc/apache2/sites-available/wok.conf /etc/apache2/sites-enabled/wok.conf

Edit the ssl details.  My certs come from let’s encrypt so the relevent lines in /etc/apache2/sites-enabled/wok.conf look like this:

SSLCertificateFile /etc/letsencrypt/live/m4ldonado.io/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/m4ldonado.io/privkey.pem

Note the following line below about DHParameters – create that file:

openssl dhparam -out /etc/letsencrypt/dhparams.pem 2048

Then change that line to:

SSLOpenSSLCondCmd DHParameters /etc/letsencrypt/dhparams.pem

Enable the apache modules:

a2enmod proxy
a2enmod proxy_wstunnel
a2enmod proxy_http
a2enmod ssl
a2enmod rewrite

We’re finally ready to install kimchi:

#if you're still in the wok directory you'll want to go up a level and remove the previous master.zip
cd ../ && rm master.zip

wget https://github.com/kimchi-project/kimchi/archive/master.zip
unzip master.zip
cd kimchi-master
./autogen.sh --system
make
make install

Restart the services:

systemctl restart wokd
apachectl --graceful

You’re done!  Wok is now available on port 8001 in my case the url is

https://m4ldonado.io:8001/login.html

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *