Next: , Previous: , Up: Getting Started   [Contents][Index]

2.2 The five-minute path

The full install lives in Installation. This is the abbreviated form.

  1. Clone the repo. 
    git clone https://github.com/blakemcbride/Ownsona.git
cd Ownsona
  2. Provision the database. 
    sudo -u postgres createuser --pwprompt ownsona
sudo -u postgres createdb -O ownsona ownsona
sql/setup_db.sh '<the-password-you-just-set>'

    This creates the schema, installs the pgvector and pg_trgm extensions, and grants the ownsona role the privileges the auto-migrator needs.

  3. Configure the server. 
    cp src/main/backend/application.ini.example src/main/backend/application.ini
$EDITOR src/main/backend/application.ini

    At minimum, set DatabasePassword, the OAuth AS login credentials OWNSONA_LOGIN_USERNAME / OWNSONA_LOGIN_PASSWORD (anything you’ll remember — you’ll type them once in a browser tab when you first connect an LLM client), OAuthAuthorizationServer = https://your-host, OAuthAsEnabled = true, and EMBEDDING_API_KEY. See Configuration for the full list of keys, and the “Where the AS keeps its signing key” subsection of Installation for why production installs should also set OAuthAsIniFile to an absolute path outside the deployed webapp.

  4. Build and deploy. 
    ./bld -v build
./bld war
sudo cp work/Kiss.war /home/ownsona/tomcat/webapps/ROOT.war

    (See Installation for how to set up the ownsona system user and the ownsona.service systemd unit.)

  5. Smoke-test the live endpoint.

    The smoke-test script needs an OAuth access token. The simplest way to obtain one is to add the server as an MCP connector in any OAuth-capable LLM client (see step 6 below for that flow); once the client has logged in, copy the access token out of its local config and export it: 

    export OWNSONA_ACCESS_TOKEN="eyJhbGciOiJSUzI1NiIs..."
sql/smoke_test.sh https://your-host/mcp

    A successful smoke test exercises every MCP tool against the live server and prints OK for each.

  6. Connect an MCP client.

    Modern OAuth-capable clients need only the /mcp URL — they discover the AS, register themselves dynamically, and walk you through a browser login. In every client’s connector form, paste: 

    https://your-host/mcp

    Pick OAuth as the auth mode (it’s the default in most UIs). The first request opens a browser tab; enter your OWNSONA_LOGIN_USERNAME / OWNSONA_LOGIN_PASSWORD from step 3, click Allow on the consent page, and the client stores its tokens. You will not see the browser flow again until the refresh token expires (30 days by default).

Next: Verify the install, Previous: Prerequisites, Up: Getting Started   [Contents][Index]