While the full Linux-based server image can be installed on a virtual machine, it is not specifically designed for that purpose. Installations that run Blocks in a virtualized environment often have different priorities than those using a stand-alone server. Many of the features included in the full server Linux image are typically managed by other parts of the infrastructure in a virtualized environment.

This is an advanced guide. If you don't feel at home in a Linux terminal window, you should probably not follow it.

The full Linux-based server runs an enhanced desktop version of Ubuntu, including a user friendly window-and-mouse based desktop environment. That's suitable for users that prefer such a desktop environment for managing their server. In contrast, the virtual server image discussed here runs on Debian, which is essentially the same operating system core, but a pure server-version, without any desktop environment. Thus, all system management and maintenance must be done from the command line.

The user-friendly, web-based webmin frontend is not included. While you may install webmin also on a virtual server, the assumption is that you likely prefer configuring the server directly, using the various configuration files traditionally used by server administrators.

There's no pre-configured DHCP server. When used as part of a virtualized server infrastructure, you likely already have a DHCP server in your system, and don't want the Blocks server to act as one.

The same applies for the DNS server. While the software is included also in the virtualized server image, it has not been pre-configured and is not enabled.

This image is designed to be used in a virtualized environment. It is distributed as an OVA file, compatible with most virtual hosts from VMWare, Oracle, Synology and QNAP. The image is based on Debian 10, and includes Blocks software and all components required to run Blocks. For testing purposes, you can use one of the following:

• Oracle VirtualBox – a free virtual machine available for most operating systems
• VMWare's free "Workstation Player" as well as their popular "VMWare Fusion".

After importing the OVA file into your virtualizer of choice, start it up and wait for the login screen to appear.

For full system access, log in with the user name root, with password pixi. This root user can do anything without restrictions, so be careful. Use this user for for system software installation, upgrades, etc requiring super-user privileges. The password can be changed using the passwd command.

User name blocks, with default password PixiServer! is the account under which the Blocks server is run. This user has limited rights, and can not use the sudo command to escalate its privileges (you can, however, use the su command to switch to the root user). The password can be changed by the root user using the passwd blocks command.

On the Host computer, running VirtualBox (or other preferred virtualizer), add a Bridged adapter as the primary one. You may need to shut down the Blocks server while changing network settings.

Find the network interface name and verify connectivity.

• Use the command ip addr to see all network interfaces with their names. Ignore the lo loopback interface.
• The name is typically something like enp0s3.
• If the interface is already UP, and you have internet access, you're done
• Verify internet access by using the command ping 1.1.1.1, that should show the turn-around time in mS repeatedly if OK.

If you didn't automatically get network access, you need to configure networking inside the virtual Blocks server. Settings are specified in the /etc/network/interface.d directory. If required, add a file there and name it primary (although the actual file name isn't important). Enter the following data into the file. You can do so using the simple terminal text editor nano.

auto enp0s3
allow-hotplug enp0s3
iface enp0s3 inet dhcp

Use the actual name of your interface in the file instead of enp0s3, if different. These settings result in a dynamic address, suitable for testing purposes. Since the interface is bridged, the virtual machine will get a network address from your local network, assuming there's a DHCP server. For real server purposes, you should change this file to assign a static address instead (see below).

Do not use a wifi network interface, since that will typically not provide a dynamic address to the virtual machine.

Alternatively, to use a fixed IP address instead, edit the primary file discussed above to read something like this (specifying IP addresses and subnet width as appropriate for your network):

 
auto enp0s3
allow-hotplug enp0s3
iface enp0s3 inet static
    address 192.168.0.31/24
    gateway 192.168.0.1
    dns-nameservers 1.1.1.1 8.8.8.8

After making changes, restart the virtual machine using reboot now or merely restart the networking stack by systemctl restart networking.

Blocks server software requires a license to be operational. Either connect a physical license key to a USB port or request a cloud-based license (requires internet access). A physical license key can be accessed either directly from a USB port attached to the virtual machine or over the local network.

Install a Blocks license.

There's no configuration file included for Blocks in the VM image. This means that Blocks defaults to HTTP over port 8080. Add a configuration file if you need to adjust Blocks' server settings. Note that since Blocks runs under a limited user account, ports below 1024 (thus including the default HTTP port 80) can't be directly specified in the configuration file. However, the included nginx program – acting as a reverse proxy – provides access to Blocks on the customary ports (80 and 443 if you have HTTPS enabled). More on nginx and HTTPS below.

Assuming that the license key is accessible, Blocks should start automatically. Blocks is started and stopped by an operating system service known as systemd, which is controlled by the systemctl command line program. Since Blocks runs under the blocks user account, you must be logged in as the blocks user in order to control Blocks using systemctl. Use this command to determine whether Blocks is currently active:

systemctl --user status blocks

If Blocks is currently active, you should see the text "Active: active (running)" as part of the status. To enable and start Blocks, use this command:

systemctl --user enable --now blocks

To stop and disable Blocks:

systemctl --user disable --now blocks

Note that systemd differentiates between starting and enabling a service. The command shown above will do both. An enabled service will automatically be started as the server computer is started, which is useful f you for some reason need to restart your Blocks server (e.g., as the result of a power outage). To merely start or stop a service, without changing its enablement, use the start and stop sub-commands instead. See the systemd documentation for details.

If you run into trouble launching Blocks, and the status command doesn't provide sufficient details, you can use the journalctl command to obtain more details:

journalctl -n 20 --no-pager --user-unit blocks

This will show the 20 most recent systemd log messages related to blocks. Again, you must be logged in as the blocks user in order to use this command.

The server image includes nginx, acting as a reverse proxy in front of Blocks. This can be configured to manage secure HTTPS connections, as described here.

This section describes some security considerations. You don't need to do any of this to get a functioning Blocks system.

Secure Shell is not enabled in the VM image. SSH may be useful for many system configuration and remote access purposes. If desired, enable SSH in the VM's console window using the command systemctl enable ssh while running as the root user. Before enabling SSH, set a strong password for the blocks user account. The root account is not enabled for SSH access. This can be changed in the file /etc/ssh/sshd_config (not recommended).

The firewall is not enabled in the VM image. Very few services are enabled, so you may not need a firewall since only the required ports are exposed. Feel free to configure and enable the pre-installed ufw firewall if desired. Or, even better, use an external firewall in your IT infrastructure.