From 52e276e023686949546de6099d50f436513dedc4 Mon Sep 17 00:00:00 2001 From: Jesus Federico Date: Tue, 4 Feb 2020 15:14:41 -0500 Subject: Basic documentation (#1) * Updates to docker-compose.yml to fix persistency and security * Step 1, prerequisites * Added Steps to follow --- README.md | 112 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 112 insertions(+) (limited to 'README.md') diff --git a/README.md b/README.md index 47f6cac..c9de675 100644 --- a/README.md +++ b/README.md @@ -6,8 +6,120 @@ using docker-compose. ## Prerequisites +- Install +[docker](https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-18-04) + and +[docker-compose](https://www.digitalocean.com/community/tutorials/how-to-install-docker-compose-on-ubuntu-18-04) + +- Make sure you have access to Blindside Networks private repository in + [dockerhub](https://cloud.docker.com/u/blindsidenetwks/repository/list) particularly to: + + - [scalelite](https://cloud.docker.com/u/blindsidenetwks/repository/docker/blindsidenetwks/scalelite) + +- Make sure you have your own DNS and a public domain name or a delegated one under blindside-dev.com + (e.g. .blindside-dev.com) + ## Preliminary steps ## Steps + +Clone this repository: + +``` +git clone git@github.com:blindsidenetworks/scalelite-run.git +cd scalelite-run +``` + +Copy `dotenv` file located in the root of the project as `.env` and edit it + +``` +vi .env +``` + +You will need to replace both variables as in: +`DOMAIN_ROOT=bigbluebutton.org` to the one assigned to you (e.g. `DOMAIN_ROOT=blindside-dev.com`) +`DOMAIN_SUB=lab` to the one assigned to you (e.g. `DOMAIN_SUB=`) + +Create your own SSL Letsencrypt certificates. As you are normally going to +have this deployment running on your own computer (or in a private VM), you +need to generate the SSL certificates with certbot by adding the challenge to +your DNS. + +Install letsencrypt in your own computer + +``` +sudo apt-get update +sudo apt-get -y install letsencrypt +``` + +Make yourself root + +``` +sudo -i +``` + +Start creating the certificates + +``` +certbot certonly --manual -d sl..blindside-dev.com --agree-tos --no-bootstrap --manual-public-ip-logging-ok --preferred-challenges=dns --email hostmaster@blindsdie-dev.com --server https://acme-v02.api.letsencrypt.org/directory +``` + +You will see something like this +``` +-server https://acme-v02.api.letsencrypt.org/directory +Saving debug log to /var/log/letsencrypt/letsencrypt.log +Plugins selected: Authenticator manual, Installer None +Obtaining a new certificate +Performing the following challenges: +dns-01 challenge for gl..blindside-dev.com +dns-01 challenge for gl..blindside-dev.com + +- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +Please deploy a DNS TXT record under the name +_acme-challenge.sl..blindside-dev.com with the following value: + +2dxWYkcETHnimmQmCL0MCbhneRNxMEMo9yjk6P_17kE + +Before continuing, verify the record is deployed. +- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +Press Enter to Continue +``` + +Create a TXT record in your DNS for +`_acme-challenge.sl..blindside-dev.com` with the challenge string as +its value `2dxWYkcETHnimmQmCL0MCbhneRNxMEMo9yjk6P_17kE` + +Copy the certificates to your scalelite-run directory. Although `/etc/letsencrypt/live/` +holds the latest certificate, they are only symbolic links. The real files must be copied and renamed + +``` +cp -R /etc/letsencrypt/archive/sl..blindside-dev.com /scalelite-run/nginx/letsencrypt/live +``` + +``` +cd /scalelite-run/nginx/letsencrypt/live/sl..blindside-dev.com/ +mv cert1.pem cert.pem +mv chain1.pem chain.pem +mv fullchain1.pem fullchain.pem +mv privkey1.pem privkey.pem +``` + +As you have to have access to dockerhub private repositories sign in into docker hub with your account +with `docker login -u -p ` or `docker login -u ` if you +want to type your password using the stdin + +And finally, start your environment with docker-compose + +``` +cd /scalelite-run +docker-compose up +``` + +If everything goes well, you will see all the containers starting and at the +end you will have access to scalelite through: + +``` +https://sl..blindside-dev.com/bigbluebutton/api +``` -- cgit v1.2.3