Installation/Dokku: Difference between revisions

From diaspora* project wiki
(How to run Diaspora on your own PaaS with Dokku)
 
m (diaspora.toml)
 
(4 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{UnsupportedEnvironment}}
= Running Diaspora in your own PaaS with Dokku =
= Running Diaspora in your own PaaS with Dokku =


Line 4: Line 6:


This guide outlines the steps to run your own Platform as a Service (PaaS) using [http://dokku.viewdocs.io/dokku Dokku] and deploy diaspora to it.
This guide outlines the steps to run your own Platform as a Service (PaaS) using [http://dokku.viewdocs.io/dokku Dokku] and deploy diaspora to it.
To keep this guide brief and to make sure you read the most up to date instructions, for some steps we simply link to instructions elsewhere.
To keep this guide brief and to make sure you read the most up to date instructions, for some steps we simply link to instructions elsewhere. We simply describe steps that worked, there may be other or better ways to achieve the same. If you are following the steps on this page, please improve or update them where appropriate
This is somewhat experimental. We simply describe steps that worked, there may be other ways to achieve the same.


== Requirements ==
== Requirements ==
Line 19: Line 20:
We assume you have setup and [https://www.linode.com/docs/security/securing-your-server secured your linux server] and have root access to it via ssh.
We assume you have setup and [https://www.linode.com/docs/security/securing-your-server secured your linux server] and have root access to it via ssh.


= Install Dokku =
== Install Dokku ==


Install Dokku following the their [http://dokku.viewdocs.io/dokku/getting-started/installation/ instructions]. If you have a domain name, dokku can setup "Virtual Hosts" for each application you deploy. This means you can visit diaspora at <code>diaspora.yourdomain.tld</code> and if you deploy another app called "myapp" you can visit it at <code>myapp.yourdomain.tld</code>. Otherwise the address of each app will be  <code><ip address>:<app port nr></code>. You can also get the domain name later and enable the Virtual Hosts later.
Install Dokku following their [http://dokku.viewdocs.io/dokku/getting-started/installation/ instructions]. If you have a domain name, dokku can setup "Virtual Hosts" for each application you deploy. This means you can visit diaspora at <code>diaspora.yourdomain.tld</code> and if you deploy another app called "myapp" you can visit it at <code>myapp.yourdomain.tld</code>. Otherwise the address of each app will be  <code><ip address>:<app port nr></code>. You can also get the domain name later and enable the Virtual Hosts later.


After dokku is installed run
After dokku is installed run
Line 27: Line 28:
dokku apps:create diaspora</nowiki>
dokku apps:create diaspora</nowiki>


= Local copy with Dokku as remote =
== Local copy with Dokku as remote ==


On your local machine (not the server) make sure you have a clone of diaspora
On your local machine (not the server) make sure you have a clone of diaspora
Line 35: Line 36:
git remote add dokku dokku@yourdomain.tld:diaspora</nowiki>
git remote add dokku dokku@yourdomain.tld:diaspora</nowiki>


The local branch can have any name you want. Here we name it <code>dokku_branch</code> to distinguish it from the remote branch <code>dokku</code> that we will create later. They can both be called dokku, that is fine.
The name of the remote must be <code>dokku</code>. The local branch can have any name you want. Here we name it <code>dokku_branch</code> to distinguish it from the name of the remote. They can both be called dokku, that is fine.


= Dokku plugins =
== Postgres database ==
=== postgres ===
Thanks to the hard work of the Dokku team, setting up a database is now as simple as this.


  <nowiki>#install postgresql. On the server run
  <nowiki>#install postgresql. On the server run
Line 48: Line 49:
The postgres:link command creates an environment variable DATABASE_URL and makes that available to the diaspora app. Then diaspora can use this url within its database.yml configuration.
The postgres:link command creates an environment variable DATABASE_URL and makes that available to the diaspora app. Then diaspora can use this url within its database.yml configuration.


=== letsencrypt ===
Do this last. You must have a deployed app running, before you can secure it with the letsencrypt plugin.


== Configuration ==
== Configuration ==


Diaspora is configured with two files. database.yml and diaspora.yml. In git these two files are ignored and so they won't be pushed when we push to dokku.
Diaspora is configured with two files. database.yml and diaspora.toml. In git these two files are ignored and so they won't be pushed when we push to dokku.


Open the .gitignore file and remove these two lines
Open the .gitignore file and remove these two lines
  <nowiki>config/diaspora.yml
  <nowiki>config/diaspora.toml
config/database.yml</nowiki>
config/database.yml</nowiki>
Never write anything secret in these files. Only use environment variables. Open config/database.yml.example. Edit the part near the bottom, change the production section to  
Never write anything secret in these files. Only use environment variables. Open config/database.yml.example. Edit the part near the bottom, change the production section to  
Line 66: Line 64:
   url: <%= ENV['DATABASE_URL'] %></nowiki>
   url: <%= ENV['DATABASE_URL'] %></nowiki>
then save the file as config/database.yml.
then save the file as config/database.yml.
Copy config/diaspora.yml.example and save it as config/diaspora.yml, but don't edit this file.
Copy config/diaspora.toml.example and save it as config/diaspora.toml, but don't edit this file.


Open the Gemfile and add this line as the second line:
Open the Gemfile and add this line as the second line:
Line 80: Line 78:


=== Environment Variables ===
=== Environment Variables ===
The rest of the configuration can be done on the server. Every value in diaspora.yml can be set with an environment variable as described in the file itself.
The rest of the configuration can be done on the server. Every value in diaspora.toml can be set with an environment variable as described in the file itself.


Here we set a few as example
Here we set a few as example
  <nowiki>dokku config:set --no-restart diaspora
  <nowiki>dokku config:set --no-restart diaspora
SETTINGS_POD_NAME='MyPod'
SETTINGS_POD_NAME=MyPod
ENVIRONMENT_ASSETS_SERVE=true
ENVIRONMENT_ASSETS_SERVE=true
ENVIRONMENT_URL=yourdomain.tld
ENVIRONMENT_URL=yourdomain.tld
RAILS_SERVE_STATIC_FILES=true
RAILS_SERVE_STATIC_FILES=true
SERVER_RAILS_ENVIRONMENT=production
SERVER_RAILS_ENVIRONMENT=production
SERVER_EMBED_SIDEKIQ_WORKER=true
SERVER_EMBED_SIDEKIQ_WORKER=false
ENVIRONMENT_CERTIFICATE_AUTHORITIES=/etc/ssl/certs/ca-certificates.crt</nowiki>
ENVIRONMENT_CERTIFICATE_AUTHORITIES=/etc/ssl/certs/ca-certificates.crt</nowiki>


These variables are not in diaspora.yml, but we set them as well
These variables are not in diaspora.toml, but we set them as well
  <nowiki>dokku config:set --no-restart diaspora
  <nowiki>dokku config:set --no-restart diaspora
RAILS_ENV=production
RAILS_ENV=production
Line 109: Line 107:
This will create the master branch in the remote dokku repository. Note the name of the remote branch must be <code>master</code>.
This will create the master branch in the remote dokku repository. Note the name of the remote branch must be <code>master</code>.
The first push and deploy will take a long time. Once it's done the app starts, but the database is not created yet. On the server run
The first push and deploy will take a long time. Once it's done the app starts, but the database is not created yet. On the server run
  <nowiki># on the server
  <nowiki>dokku run diaspora "env RAILS_ENV=production bin/rake db:create db:migrate"
dokku run diaspora "env RAILS_ENV=production bin/rake db:create db:migrate"
dokku ps:restart diaspora</nowiki>
dokku ps:restart diaspora</nowiki>
== Setup Redis, Sidekiq and Letsenscrypt ==
To get all of the functionality in diaspora working we need to setup a connection to redis and secure the server with SSL.
=== Redis ===
We run redis in a separate container, using the [https://github.com/dokku/dokku-redis redis plugin].
<nowiki>sudo dokku plugin:install https://github.com/dokku/dokku-redis.git redis
dokku redis:create diaspora-redis
dokku redis:link diaspora-redis diaspora</nowiki>
After linking redis, the diaspora app is restarted. Now posts made from your pod can appear on other pods!
However, we still cannot see any posts made by users on other pods. To get that working we need to start a separate container for sidekiq.
<nowiki>dokku ps:scale diaspora sidekiq=1</nowiki>
=== Letsencrypt ===
Finally, we need an SSL Certificate to secure the server. This requires a domain name and requires dokku virtual hosts to be enabled. See [https://stackoverflow.com/questions/21785901/dokku-change-settings-after-install/46009384#46009384 here] how to enable dokku vhosts if that was not enabled yet during installation.
We use the [https://github.com/dokku/dokku-letsencrypt dokku letsencrypt plugin].
<nowiki>sudo dokku plugin:install https://github.com/dokku/dokku-letsencrypt.git</nowiki>
Add some configuration first, and make sure that require ssl is now set to true.
<nowiki>dokku config:set --no-restart diaspora DOKKU_LETSENCRYPT_EMAIL=youremail@yourdomain.tld ENVIRONMENT_REQUIRE_SSL=true</nowiki>
The guys at the letsencrypt plugin have done a great job. You can now acquire and install an SSL certificate and secure your website with a single command.
<nowiki>dokku letsencrypt diaspora</nowiki>
You can check the security of your site at [https://www.ssllabs.com/ssltest/analyze.html ssllabs.com]. Follow instructions there to improve security. See also [https://glebbahmutov.com/blog/running-multiple-applications-in-dokku/ this link] for some helpful tips.
That's all.
[[Category:Podmin]]
[[Category:Installation]]

Latest revision as of 23:30, 9 June 2024

WarningWarning:

The following instructions are maintained by community contributors and describe the installation inside an environment not supported by the diaspora* team.

Due to the nature of these installations, diaspora* might not work, have some limitations, or encounter unexpected issues. The diaspora* team might not be able to help you with troubleshooting your installation. Proceed at your own risk.

Please check our official installation guides for information on how to install diaspora* inside a supported environment.

Running Diaspora in your own PaaS with Dokku

Introduction

This guide outlines the steps to run your own Platform as a Service (PaaS) using Dokku and deploy diaspora to it. To keep this guide brief and to make sure you read the most up to date instructions, for some steps we simply link to instructions elsewhere. We simply describe steps that worked, there may be other or better ways to achieve the same. If you are following the steps on this page, please improve or update them where appropriate

Requirements

  • A linux server running ubuntu 16.04 with at least 1GB memory
  • A local development machine.
  • (Optional) a domain name.

Let's say your domain name is yourdomain.tld, if you don't have a domain name just replace it with the IP address of the server.

After completing this guide we will have Dokku on the linux server. This allows us to simply git push changes made on Diaspora to our server. Then Dokku will take care of the rest. It receives the changes builds and deploys the new version.

We assume you have setup and secured your linux server and have root access to it via ssh.

Install Dokku

Install Dokku following their instructions. If you have a domain name, dokku can setup "Virtual Hosts" for each application you deploy. This means you can visit diaspora at diaspora.yourdomain.tld and if you deploy another app called "myapp" you can visit it at myapp.yourdomain.tld. Otherwise the address of each app will be <ip address>:<app port nr>. You can also get the domain name later and enable the Virtual Hosts later.

After dokku is installed run

# on the server
dokku apps:create diaspora

Local copy with Dokku as remote

On your local machine (not the server) make sure you have a clone of diaspora

git clone git@github.com:diaspora/diaspora.git

or clone it from your own fork. Create a branch from which we will push to dokku, and add dokku as a remote.

git checkout -b dokku_branch
git remote add dokku dokku@yourdomain.tld:diaspora

The name of the remote must be dokku. The local branch can have any name you want. Here we name it dokku_branch to distinguish it from the name of the remote. They can both be called dokku, that is fine.

Postgres database

Thanks to the hard work of the Dokku team, setting up a database is now as simple as this.

#install postgresql. On the server run
dokku plugin:install https://github.com/dokku/dokku-postgres.git
# create a postgres database for diaspora
dokku postgres:create diaspora-db
dokku postgres:link diaspora-db diaspora

The postgres:link command creates an environment variable DATABASE_URL and makes that available to the diaspora app. Then diaspora can use this url within its database.yml configuration.


Configuration

Diaspora is configured with two files. database.yml and diaspora.toml. In git these two files are ignored and so they won't be pushed when we push to dokku.

Open the .gitignore file and remove these two lines

config/diaspora.toml
config/database.yml

Never write anything secret in these files. Only use environment variables. Open config/database.yml.example. Edit the part near the bottom, change the production section to

production:
  <<: *combined
  database: diaspora-db
  url: <%= ENV['DATABASE_URL'] %>

then save the file as config/database.yml. Copy config/diaspora.toml.example and save it as config/diaspora.toml, but don't edit this file.

Open the Gemfile and add this line as the second line:

ruby "2.4.1"

Then run

echo 2.4.1 > .ruby-version
bin/bundle install

Commit all changes on your dokku_branch.

git add .
git commit

Environment Variables

The rest of the configuration can be done on the server. Every value in diaspora.toml can be set with an environment variable as described in the file itself.

Here we set a few as example

dokku config:set --no-restart diaspora
SETTINGS_POD_NAME=MyPod
ENVIRONMENT_ASSETS_SERVE=true
ENVIRONMENT_URL=yourdomain.tld
RAILS_SERVE_STATIC_FILES=true
SERVER_RAILS_ENVIRONMENT=production
SERVER_EMBED_SIDEKIQ_WORKER=false
ENVIRONMENT_CERTIFICATE_AUTHORITIES=/etc/ssl/certs/ca-certificates.crt

These variables are not in diaspora.toml, but we set them as well

dokku config:set --no-restart diaspora
RAILS_ENV=production
BUNDLE_WITH=postgresql
PORT=5000
BUNDLE_BUILD__SIGAR="--with-cppflags='-fgnu89-inline'"
BUNDLE_WITH="production:postgresql"


Push and deploy

Now we can push and deploy with

git push dokku dokku_branch:master

This will create the master branch in the remote dokku repository. Note the name of the remote branch must be master. The first push and deploy will take a long time. Once it's done the app starts, but the database is not created yet. On the server run

dokku run diaspora "env RAILS_ENV=production bin/rake db:create db:migrate"
dokku ps:restart diaspora

Setup Redis, Sidekiq and Letsenscrypt

To get all of the functionality in diaspora working we need to setup a connection to redis and secure the server with SSL.

Redis

We run redis in a separate container, using the redis plugin.

sudo dokku plugin:install https://github.com/dokku/dokku-redis.git redis
dokku redis:create diaspora-redis
dokku redis:link diaspora-redis diaspora

After linking redis, the diaspora app is restarted. Now posts made from your pod can appear on other pods! However, we still cannot see any posts made by users on other pods. To get that working we need to start a separate container for sidekiq.

dokku ps:scale diaspora sidekiq=1

Letsencrypt

Finally, we need an SSL Certificate to secure the server. This requires a domain name and requires dokku virtual hosts to be enabled. See here how to enable dokku vhosts if that was not enabled yet during installation.

We use the dokku letsencrypt plugin.

sudo dokku plugin:install https://github.com/dokku/dokku-letsencrypt.git

Add some configuration first, and make sure that require ssl is now set to true.

dokku config:set --no-restart diaspora DOKKU_LETSENCRYPT_EMAIL=youremail@yourdomain.tld ENVIRONMENT_REQUIRE_SSL=true

The guys at the letsencrypt plugin have done a great job. You can now acquire and install an SSL certificate and secure your website with a single command.

dokku letsencrypt diaspora

You can check the security of your site at ssllabs.com. Follow instructions there to improve security. See also this link for some helpful tips.

That's all.