Getting zip-installed FusionAuth to run on startup, Debian 11

Hi

I've deployed the FusionAuth server on my Debian 11 installation running on a VPS, and made a bunch of configurations. I had chosen the Fast Path installation. According to docs here, the command to "[i]nstall for all users on the system using DEB or RPM packages, requires sudo access", is:

sh -c "curl -fsSL https://raw.githubusercontent.com/FusionAuth/fusionauth-install/master/install.sh | sh"

Since it said "requires sudo access", I ran it this way:

$ sudo sh -c "curl -fsSL https://raw.githubusercontent.com/FusionAuth/fusionauth-install/master/install.sh | sh"
[sudo] password for <username>:
sh: 64: [[: not found

As you can see, I got an error message, and seemingly nothing was installed. I discovered that by changing sh to bash, it worked:

$ sudo bash -c "curl -fsSL https://raw.githubusercontent.com/FusionAuth/fusionauth-install/master/install.sh | bash"

However, it installed using zip packages into my home folder, instead of system-wide using packages. I figured that didn't matter, and backed my whole server installation into a previous snapshot, from before I started installing FusionAuth, created a normal user with no sudo access (thought it might be safer to run FusionAuth-app as that user), and ran the same script without sudo:

$ bash -c "curl -fsSL https://raw.githubusercontent.com/FusionAuth/fusionauth-install/master/install.sh | bash"
Downloading zip packages
######################################################################## 100.0%
Installing packages

Install is complete. Time for tacos.

1. To start FusionAuth run the following command
    /home/fusion/fusionauth/bin/startup.sh

2. To begin, access FusionAuth by opening a browser to http://localhost:9011

3. If you're looking for documentation, open your browser and navigate to https://fusionauth.io/docs

Thank you for using FusionAuth. Happy coding!

I figured I might deal with the issue of getting it to run on startup later. Now, after doing lots of administration via the web interface, the time has come to do that, but I discovered that according to the forum, rather than trying to set up systemd manually, I should install FusionAuth via packages instead. Now, I don't remember what password FusionAuth set for its own Postgresql user, but I have a superuser password for Postgresql. What do you recommend next:

1. Reinstall FusionAuth using packages manually (or perhaps get the Fast Path script to work somehow), and then get FusionAuth to use the already configured db?
2. Find out how to setup systemd manually from where I am now?

I don't know which of the two is the smallest amount of hassle, and cleanest solution.

There is one more issue. When I run startup.sh, the logs indicate that it is listening on two ports, both 9011 and 9012. Is that wrong, and why does it happen?

2023-03-04 06:15:52.041 PM INFO  io.fusionauth.http.server.HTTPServer - Starting the HTTP server. Buckle up!
2023-03-04 06:15:52.051 PM INFO  io.fusionauth.http.server.HTTPServer - HTTP server listening on port [9011]
2023-03-04 06:15:52.052 PM INFO  io.fusionauth.http.server.HTTPServer - HTTP server started successfully
2023-03-04 06:15:52.052 PM INFO  io.fusionauth.http.server.HTTPServer - Starting the HTTP server. Buckle up!
2023-03-04 06:15:52.054 PM INFO  io.fusionauth.http.server.HTTPServer - HTTP server listening on port [9012]
2023-03-04 06:15:52.055 PM INFO  io.fusionauth.http.server.HTTPServer - HTTP server started successfully

Netstat indicates java is listening on both those two ports.

Hi

I'm working on a not yet deployed web SPA using the Vue framework, that needs user login to protect some of the features. I don't know if I'l ever make any money on this, so I was looking for a free alternative to handle user login and authentication. I've been implementing it with Auth0, and frankly the main reason was just that it was the first result on Google, and I thought the name sounded familiar and trusted. The last thing turned out to be me confusing "Auth0" with "OAuth". Which should tell you how much I know about security.

I'm struggling with the application not keeping users logged in when the browser is refreshed. I have found a solution, which includes a setting which allows the Auth0 library to store certain login credential information "locally", I believe that means in the browser. Auth0 themselves recommend against doing that. All other solutions I can think of, require me to upgrade my deal to one of their paid packages. In fact, their own testing tool to check if an app is ready for production, wants me to enable certain settings which are paid-only.

On top of that, their own web pages can't really keep track of whether I am logged in or not, which I think is odd for a company who sell login solutions. It's not an issue I have with other sites. So, I head over to their forums, to ask how to solve the initial problem (users not staying logged in), and although I already have a developer account with them, I have to create a new login for the forums, and wait for a confirmation e-mail. That e-mail has still not arrived, many hours later and after asking to resend confirmation e-mail and checking spam folder.

That was the straw that broke the camel's back. I can't even get into their forums to ask help, while I could easily get into this forum here.

So the reason I'm posting all this Auth0-related information is in case anyone can tell me how their experiences with FusionAuth compares, and also tell me whether the issues I'm having is an indication I should switch to FusionAuth. I know the forum will be biased, of course, but I'll keep that in mind...