# Installation & Setup

## Prerequisites

Before installing the ExaVault appliance, confirm that you can provision a virtual appliance that meets our [System Requirements](/installing-and-upgrading-the-appliance/system-requirements.md) and that you can comply with our required [Firewall Configuration](/installing-and-upgrading-the-appliance/firewall-configuration.md).

If you plan to use SSH to connect to your appliance, update your networking rules to allow inbound TCP 10022 from the addresses that will manage the appliance before starting.

### Networking

You will need a static (or rarely-changing) IP address because your installation's [license is associated with its IP address](/administration-tasks/license-keys.md#ip-address-changes). We recommend assigning an Elastic IP address, which prevents IP changes due to instance resizes, stops, and restarts. Frequent updates to the appliance's IP address will invalidate your license.

You will need to know the internal IP Address the appliance will be using as well as the public IP Address to be used for Network Address Translation (NAT).

### Domain Name

ExaVault requires that the server has a Fully Qualified Domain Name (FQDN) set as the server's hostname.

We recommend not using the word `ftp` in this domain. We suggest using `files.yourdomain.com` (for example, `files.example.com`).

### SSL Certificate

Obtain an SSL certificate for your domain name from a trusted vendor. It will be used to secure HTTPS and FTPS connections. Your appliance will not run successfully without an SSL certificate.

## Download & Import The ExaVault Image

If you are using VMWare, [download the ExaVault image](/installing-and-upgrading-the-appliance/downloading-the-base-image.md) and use your hypervisor system to import the ExaVault image and launch the VM. Add the secondary drive for data storage and attach it to the VM as part of this step.

If you are using VMWare, the image ships with a default username and password. Power on the virtual machine and log in via the VMWare console as `admin` with the password `DefaultPassChangeMe1!`.

### Amazon Web Services (AWS)

Refer to the [AWS Installation](/installing-and-upgrading-the-appliance/installation-and-setup/aws-installation.md) instructions.

### VMWare

ExaVault is distributed as a .ova file for VMWare.

[Download the ExaVault .ova image for VMWare.](https://www.files.com/api/download/exavault?platform=vmware)

After obtaining the ExaVault .ova image, follow the steps to configure the [VMWare Prerequisites](/installing-and-upgrading-the-appliance/installation-and-setup/vmware-prerequisites.md), then continue to Bootstrap the Appliance.

## Bootstrap The Appliance

If you are installing the appliance from the AWS Marketplace, bootstrapping is unnecessary. Refer to the [AWS Installation](/installing-and-upgrading-the-appliance/installation-and-setup/aws-installation.md) instructions.

Connect to the appliance using your VM console or via SSH. The VM uses a nonstandard port for SSH, so you must specify port 10022 for an SSH connection.

By default, ExaVault's cloud marketplace listings do not open inbound traffic to port 10022 from the Internet. If you plan to use SSH to connect to your appliance, update your networking rules in your cloud provider to allow inbound TCP 10022 from the addresses that will manage the appliance before starting.

Run the bootstrap command to mount your data drive and launch the Appliance Manager.

<pre><code><strong>sudo exavaultctl -o bootstrap --device &#x3C;device>
</strong></code></pre>

The `--device` option can be omitted if using the default `/dev/nvme1n1`. Otherwise replace `<device>` with the device of your data disk drive.

## Configure the ExaVault Appliance <a href="#login_to_the_file_hub_appliance_manager" id="login_to_the_file_hub_appliance_manager"></a>

After you've bootstrapped the appliance, the `exavault-admin-dashboard` container will be running. Use a web browser to visit the IP address for your appliance on port 9002 - https\://\<your-appliance-ip-or-hostname>:9002/. A security warning will appear because the SSL certificate is not yet configured.

When you connect for the first time, you'll set a password for the Appliance Manager. Save this password in a secure location.

You need to do some configuration before you can run the appliance: add the license information, update the server configuration, and install the SSL certificate. All of the steps must be completed before the appliance will start successfully.

### License Information

Complete the form to automatically generate your free license for ExaVault. No payment information is required, and your contact information is stored securely.

### Configuration

On the Configuration page, you'll enter information about your network environment.

* **Hostname:** The hostname (URL) the application will use. It must be set to the Fully Qualified Domain Name URL that you will use to access the service.
* **IP Address:** The IP address matching the DNS record used in the Hostname field of the appliance. It is used for FTP/SFTP to handle NAT properly.
* **External FTP IP Address:** Typically the same as IP Address. It can be different if the appliance has an internal IP and ports are being forwarded from an external IP address via a router.
* **Email Host**: The address of the server that will deliver email messages generated by your ExaVault appliance.
* **Email Port**: The port used for connecting to your mail service for sending.
* **Email SSL:** If your mail sender requires the use of SSL, check this box. This is typically the case when using port 465 for your email port.
* **Email Username & Email Password:** The credentials used to authenticate with your mail service for sending.
* **Email From:** The from email address that will be used for emails generated by the ExaVault appliance.

### SSL Certificate

Open the SSL Certificate page of the Appliance Manager and upload your SSL Certificate.

#### Upload Certificate

If you have already obtained your SSL certificate, upload it on the *Upload Certificate* tab. You will supply a single file which contains the certificate, its intermediate certificates, and its private key, in that order.

#### Generate Certificate (Self Signed)

The form on this tab will generate a self-signed cert. This is the least preferred option.

#### Generate CSR

This tab generates a brand new Certificate Signing Request (CSR) that you can submit to your SSL Certificate Provider.

Once your SSL Certificate Provider has provided you with your renewed SSL Certificate, use the *Upload Certificate tab* to import the certificate, its intermediate certificates, and its private key.

#### Trusted CA

The appliance can trust a CA Certificate under the *Trusted CA* tab. Organizations with their own Certificate Authority add their CA.crt to this section.

Do not change the settings under the System tab unless ExaVault Support has directed you to update them.

### Verify SSL Certificate

Once you have configured your certificate, open the appliance manager using your fully qualified domain name and verify that your certificate is being used for the connection.

For example, if your domain is files.example.com, open <https://files.example.com:9002>.

When the web page loads, no browser security warning will appear if everything has been configured correctly.

## Start the Appliance

Complete all of the steps to Configure the ExaVault Appliance, including verifying that SSL is properly configured before moving on to the next step.

Using your VM console or SSH, run the command to start the appliance:

```
sudo exavaultctl -o start
```

It may take several minutes for all of the containers to start. When the command has completed, you can access the web interface for your ExaVault installation.

## Log In To the Web Interface

Use a web browser to access your server at the address you configured for the appliance's hostname. Log in with the default username `administrator` and the password `password`. Change your password immediately upon logging in.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.exavault.com/installing-and-upgrading-the-appliance/installation-and-setup.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.