Personal Data & Privacy Management Software
A ready-to-use solution for personal data and consent management.
Pryv.io is a solid foundation on which you build your own digital health solution, so you can collect, store, share and rightfully use personal data.
Maintained and developed by Pryv.
- Provides latest Pryv.io core system ready for production
- User registration and authentication
- Granular consent-based access control rights
- Data model made for privacy, aggregation and sharing Data in Pryv
- Full data life-cycle: collect - store - change - delete
- REST & Socket.io API
- Ease of software integration and configuration
- Seamless connectivity and interoperability
- API Documentation & Guides: api.pryv.com
- Support: support.pryv.com
- More information about Pryv : Pryv Home
- Choose your setup
- Download the required files / Run the installation scripts
- Edit the configuration files
- Start the services
- Try the API
- Customize your platform
Pryv.io is designed to be exposed by a third party SSL termination such as NGINX.
Choose your Set-up
- Discover Open Pryv.io on your local environment, this will only allow localhost apps to connect to your platform.
- Download docker images without SSL (quick start)
- Download docker images with SSL
- Native installation
- Launch Pryv.io on a server exposed to the Internet with built-in SSL, this requires to have a hostname pointing to the public IP of your server.
- Download docker images (quick start)
- Launch image with Open Pryv.io installed on Exoscale hosting provider: link to guide (quick start including hosting)
- Native installation
- Launch Pryv.io on a server with an external SSL termination. You know what you are doing.
- Download docker images
- Native installation
The dockerized versions and their instructions are available at this link: Download link.
If you wish to build the images yourself, refer to the following README: docker/README-build.md.
Once it is running, you can continue with the tutorials.
Prerequisites:
- Node v12.13.1 Node.js home page
- Yarn v1
npm install -g yarn
The installation script has been tested on Linux Ubuntu 18.04 LTS and MacOSX.
yarn setup
: (seescripts/
for details)- Fetch dependencies
- Install mongodb
- Install service mail
- Install assets & app-web-auth3
- Generate random alpha-numeric adminKey
yarn release
create distribution for release
yarn pryv
- mail and database logs will be kept invar-pryv/logs/local-*.log
Each service independently - logs will be displayed on the console
yarn database
start mongodbyarn api
start the API server on port 3000 (default)yarn mail
start the mail service
-
yarn local
is the equivalent of runningyarn pryv
+yarn proxy
usingconfigs/rec-la.yml
. This setup is useful to test Open Pryv.io locally. -
yarn proxy
based on rec-la, it will expose the server running on http://localhost:3000 with an SSL certificate on https://my-computer.rec.la:4443 in this case you need to editconfigs/rec-la.yml
.
- Run
yarn pryv
to start the API - Configure NGINX and certificate
You can find a NGINX configuration that you can include in your sites-enabled/
in configs/site.conf.
You must change ${HOSTNAME}
to match the hostname of the public URL.
Using certbot, you can generate a SSL certificate for your platform using sudo certbot --nginx -d ${HOSTNAME}
.
To set an automatic renewal, run crontab -e
and append the following line:
0 12 * * * /usr/bin/certbot renew --quiet
For the native installation, edit config.yml
, otherwise docker/local/dockerized-config.yml
:
dnsLess:
publicUrl: http://localhost:3000
http:
port: 3000
ip: 127.0.0.1
auth:
adminAccessKey: iuahwd0ba87hw0bd7a8hwd
trustedApps: "*@https://pryv.github.io*, *@https://*.rec.la*"
eventFiles:
attachmentsDirPath: var-pryv/attachment-files
service:
name: Open-Pryv.io
support: https://pryv.com/open-pryv-non-configured-page/
terms: https://pryv.com/open-pryv-non-configured-page/
home: https://pryv.com/open-pryv-non-configured-page/
eventTypes: https://api.pryv.com/event-types/flat.json
services:
email:
enabled:
welcome: true
resetPassword: true
- publicUrl Is the "Public" URL to reach the service, usually exposed in https by a third party SSL service such as NGNIX.
- http
- port The local port to listen
- ip The IP adress to use. Keep it 127.0.0.1 unless you explicitely want to expose the service in
http
to another network.
- auth
- adminAccesskey key to use for system calls such as
/reg/admin/users
. A random key should be generated on setup. - trustedApps list of web apps that can be trusted-app functionalities API for trusted apps: API reference see: SETUP Guide - customize authentication
- adminAccesskey key to use for system calls such as
- eventFiles
- attachmentsDirPath Directory where event attachment files will be stored on the file system.
- service API documentation on Service Information
- services:email see Options & Customization below
At this moment you should have your application running on the public URL you defined.
- Create an account and launch the authentication process on App-Web-Access: https://api.pryv.com/app-web-access/?pryvServiceInfoUrl=https://my-computer.rec.la:4443/reg/service/info.
- The service info URL to your platform is: https://my-computer.rec.la:4443/reg/service/info
If you are using another public URL, replace https://my-computer.rec.la:4443
by it in the link above.
Data in Pryv is stored in streams and events. We provide you with all necessary information to design your own data model in our Data Modelling Guide through a broad range of use cases and scenarios you might encounter.
After this process, you should have an account on your Open Pryv.io platform with a valid authorization token in the form of an API endpoint, you can try various API requests using Postman following this guide https://api.pryv.com/open-api/.
You can also try our example apps with guides and tutorials.
Open Pryv.io comes packaged with app-web-auth3, the default web pages for app authentication, user registration and password reset.
During the set-up process it has been built and published in public_html/access/
. To customize it, refer to its README
in app-web-auth3/
.
To use a new build, simply copy the contents of the generated files from app-web-auth3/dist/
to public_html/access/
Open Pryv.io comes with default event types.
The default ones are fetched at boot from the URL defined in service:eventTypes in the .yml
config file, set to https://api.pryv.com/event-types/flat.json.
To customize your own, clone the Data Types repository and follow the guide there.
By default the MongoDB data are stored in var-pryv/mongodb-data
. If you want to modify the folder where the MongoDB data files are stored, you can modify in scripts/setup-mongodb.bash
the variable MONGO_DATA_FOLDER
.
Your platforms visuals can be customized in public_html/assets/
, please refer to the README inside. These assets are a clone of the assets-open-pryv.io.
Pryv.io can send e-mails at registration and password reset request.
The emails can be sent either by local sendmail (default) or SMTP.
This service, its documentation and mail templates can be found in service-mail/
.
Prerequisites:
- rsync
To make a backup of your data:
Run ./scripts/backup-database-native.sh ${BACKUP_FOLDER}
to generate a dump of the current database contents
Run ./scripts/backup-attachments-native.sh ${BACKUP_FOLDER}
to copy the current attachment files.
To restore the database, run ./scripts/restore-database-native.sh ${BACKUP_FOLDER}
to restore data from the provided backup folder.
To restore attachments, run ./scripts/restore-attachments-native.sh ${BACKUP_FOLDER}
to restore data from the provided backup folder.
Depending on your setup, you may need additional access rights.
Follow the guide in the docker package.
Contributions are welcome. Get in touch with the Pryv team or submit a PR with your changes or adaptation.
Copyright (C) 2020-2021 Pryv S.A. https://pryv.com
This file is part of Open-Pryv.io and released under BSD-Clause-3 License
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
-
Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
-
Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
-
Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
SPDX-License-Identifier: BSD-3-Clause