EN: Oz Knowledge Base

Standalone Installer

The usage manual for the standalone installer

What Is Standalone Installer

The standalone installer is a program to install all Oz Forensics modules to customers servers, performing all required settings related to personal topology and customer requirements.
This installer is intended to deploy the software to servers directly, under the server administration user account. Servers could have or could have not (with some notes) direct access to the Internet, Linux OS should be preinstalled (CentOS 8 is recommended) with the ability to connect with full access via SSH.
For installation to Kubernetes, OpenShift, and other orchestrators, please, contact us.

How to Get the Installer

Request your personal copy of the installer with the preliminary ordered product bundle for your test or production environment.

Trial bundle

You can order a trial bundle for free. For this bundle, you'll need two servers meeting system requirements listed below.

Oz Biometry / Liveness Server

  • OS: any *nix OS that supports Docker, e.g., CentOS 8*
  • CPU: 16 cores
  • RAM: 16 GB
  • Disk: 80 GB

Oz API / Web UI / Web SDK Server

  • OS: any *nix OS that supports Docker, e.g., CentOS 8*
  • CPU: 8 cores
  • RAM: 16 GB
  • Disk: 300 GB
*Please check the OS version with our team.

How to Run the Installer

To run the installer, you need any machine with Windows or Linux matching the following system requirements:
  • 1 GB RAM, 1 CPU, 3 GB hard drive
  • Windows 10+ (recommended)
  • Linux 64 bit (Python 3.7 is required)

Servers preparation

  1. 1.
    Check the minimal system requirements related to the proposed list.
  2. 2.
    Check servers are accessible via the local network.
  3. 3.
    Check access via SSH with authorization by password or by key file and sudo without password.
  4. 4.
    For installation steps, the Docker software is recommended. Alternatively, the Internet should be accessible for automatic Docker download and installation.
    1. 1.
      Docker version 19.03 and higher
    2. 2.
      Docker Compose version 1.27 and higher (should be installed in /usr/sbin)
  5. 5.
    To install balancer (only in case your installation bundle include it) it is recommended to install nginx (version >= 1.17.5), and, also, SELinux should be switched to permissive mode (actual for CentOS and Redhat only). Alternatively, the Internet should be accessible for automatic download and installation.
  6. 6.
    Check the availability of license service by address https://api.cryptlex.com for servers.
Oz-Installer demonstration

Prepare the Installer

Download and unpack your personal installer bundle.
Put the required configuration to the settings.yml file. The most important settings are described below. Usually, it is only required to fill the authorization and variables sections.
Please note: the configuration file is your personal copy, sharing it with any 3rd side is prohibited.


# authorization block
ssh_user: # SSH user login
use_sudo: yes # use SUDO as
# full path to private ssh key. optional
ssh_private_key: C:\\cygwin64\\home\\user\\.ssh\\id_rsa
# variables block - could vary for your personal deploy bundle
# please, fill up variables in your copy, don't copy from this example
# usually, it contains IP addresses of servers by roles
# also, login-password of API user with ADMIN role
common-login: [email protected]
common-password: 123456
# servers list. usually, it uses variable values from the block above
# it is not needed to change anything manually here
- $api1
- $api2
oz-api-balancer: $balancer
- $api1
- $api2
- $api1
- $api2
oz-webadapter-balancer: $balancer
- $bio1
- $bio2
oz-bio-balancer: $balancer
oz-text: $text1
# if nothing is defined here, the full API configuration
# will use the host of the database docker service
# precise settings block
# personal license key
license-key: "123456-123456-123456-123456-123456-123456"
# local path on each server to store configuration and data
working-directory: /opt/oz
# docker settings to `docker-daemon.json`
# address space to run containers via Docker
# address spaces to run containers via docker-compose
- base:
size: 24
# settings for Oz API
install: yes # turn on installation of the component
install-statistic: no # turn on installation of statistic submodule
balancer: yes # turn on installation of balancer for component
# domain name for external access to component
# SSL certificate and key for HTTPS access (optional)
# the local path to the host where to save media files
# login/password of ADMIN preinstalled account on Oz API
login: $common-login
password: $common-password
# configuration to config.py - check details in Oz API section of knowledge base
# network port to access component
# (in case of SSL certificate installation, it is always 443)
port: 80
# settings for Oz Liveness Web Adapter
# settings, named the same as in the Oz API block, see above
install: yes
balancer: yes
# https address for redirect GET request of root /
# by default, demo page here
# configuration to app_config.json
port: 88
# settings for Oz Web UI
# settings, named the same as in the Oz API block, see above
install: yes
balancer: yes
# login/password for service account, is needed to synchronize database
login: admin
password: admin
# configuration to .env
port: 80
# settings for database for Oz API
# turn on installation of Postgres on the same machine with Oz API
# if "no" is chosen, then Oz API connects to external database
# in that case external address external address is specified in block
# servers -> oz-db
install: yes
# master - password for Postgres, in case of chosen installation
psql_password: CHANGEME
# database name
database: gateway
# login and password for database
user_name: gateway_user
user_password: CHANGEUSERPASS
# Settings for Oz Bio (Liveness + Biometry)
# settings, named the same as in the Oz API block, see above
install: yes
balancer: yes
# settings and list of models are not intended to be modified by customer


Run the command prompt with administrator's rights. Use the cd command to go to the folder where the unzipped installer is located. Launch the installation.
oz-installer.cmd install [parameters]
chmod +x oz-installer.sh
./oz-installer.sh install [parameters]
Optional parameters:
  • filename – filename with settings ('settings.yml' by default)
  • private_key – a path to the private SSH key (overwrites the appropriate option from settings file)
  • key_password – password to SSH key (if not specified, the system will ask to enter it in the console)
  • ssh_password – password for SSH login
  • debug – generate additional logging information for support
Usage example:
install.cmd filename=settings.prod.yml key_password=psyco --debug
For Linux, place the private SSH key into the installer directory and set up the corresponding path in configuration: /installer/priv_key


Every step of the installer echoes information to process.log. To report any installation issues, please, attach that file to your ticket.
If the installation was interrupted by an issue, then, after the problem resolution, the process usually is allowed to continue. If it doesn't, be ready to reset servers to their original condition. You can try to solve the issue by adding the --debug flag to the command line of the installer. You can also contact the Oz team for details.

Use the Putty ppk File for Connection

You need to extract the private part of the key and then specify the path to that file in section auth -> ssh_private_key

docker-compose: Command Not Found

This error could arise when the docker-compose tool was installed independently before the installer and default binary was set to /usr/local/bin
For the correct work of the installer, please, make a symbolic link:
ln -s /usr/local/bin/docker-compose /usr/sbin/docker-compose