Wekan Kanban Install: Difference between revisions
Jump to navigation
Jump to search
| (30 intermediate revisions by the same user not shown) | |||
| Line 3: | Line 3: | ||
https://wekan.github.io/ | https://wekan.github.io/ | ||
See Also: [[Wekan_Install_Archive]] | |||
= Snap Take 3: Herd Securities = | |||
== Grab a Domain Name == | |||
Registered herdsecurities.com on NameCheap | |||
* kanban.herdsecurities.com -> WeKan | |||
* wiki.herdsecurities.com -> Mediawiki | |||
== Create an Instance == | |||
Create a Lightsail instance, OS Only, Debian latest. | |||
Initialization Script: | |||
<pre> | <pre> | ||
apt update -y | |||
apt upgrade -y | |||
apt install -y emacs-nox | |||
apt install -y snapd | |||
snap install wekan | |||
</pre> | </pre> | ||
Attach a static IP (52.38.144.14) | |||
Assign that IP to kanban.herdsecurities.com | |||
That will take a while to propagate through DNS, so add it to your local hosts file too. | |||
<pre> | <pre> | ||
sudo | $ sudo emacs -nw /etc/hosts | ||
> 52.38.144.14 kanban.herdsecurities.com | |||
</pre> | </pre> | ||
Connect to console | |||
<pre> | <pre> | ||
ssh -i ~/.ssh/id_rsa_social001 admin@kanban.herdsecurities.com | |||
</pre> | </pre> | ||
== SSL & NGINX == | |||
<pre> | |||
$ sudo emacs -nw /etc/apt/sources.list | |||
> deb http://ftp.debian.org/debian buster-backports main | |||
$ sudo apt update -y | |||
$ sudo apt install -y python-certbot-nginx -t buster-backports | |||
</pre> | |||
<pre> | |||
$ sudo emacs -nw /etc/nginx/nginx.conf | |||
# uncomment the following: | |||
> server_names_hash_bucket_size 64; | |||
$ sudo systemctl restart nginx | |||
</pre> | |||
<pre> | <pre> | ||
sudo | $ sudo emacs -nw /etc/nginx/sites-available/wekan.conf | ||
</pre> | </pre> | ||
<pre> | |||
map $http_upgrade $connection_upgrade { | |||
default upgrade; | |||
'' close; | |||
} | |||
server { | |||
listen 443; | |||
server_name kanban.herdsecurities.com; | |||
if ($http_user_agent ~ "MSIE") { | |||
return 303 https://browser-update.org/update.html; | |||
} | |||
location / { | |||
proxy_pass http://127.0.0.1:8080; | |||
proxy_http_version 1.1; | |||
proxy_set_header Upgrade $http_upgrade; # allow websockets | |||
proxy_set_header Connection $connection_upgrade; | |||
proxy_set_header X-Forwarded-For $remote_addr; # preserve client IP | |||
} | |||
} | |||
</pre> | |||
<pre> | <pre> | ||
sudo | sudo nginx -t | ||
sudo systemctl restart nginx | |||
sudo | |||
</pre> | </pre> | ||
<pre> | <pre> | ||
sudo | $ sudo ln -s /etc/nginx/sites-available/wekan.conf /etc/nginx/sites-enabled/ | ||
</pre> | </pre> | ||
Create email address herdsecurities@traxel.com as admin address for cert. | |||
<pre> | <pre> | ||
sudo certbot --nginx -d kanban.herdsecurities.com | |||
</pre> | </pre> | ||
Fair warning: The above documentation (just the NGINX and SSL section) is not an exact match for what I did. My sequence biffed and I had to manually fix it. It's a bit messy. I may start over, but it's working, so probably not. | |||
[[Category:Hacking]] | [[Category:Hacking]] | ||
[[Category:OpenDevOps]] | [[Category:OpenDevOps]] | ||
Latest revision as of 19:28, 17 April 2021
Document an install of this:
See Also: Wekan_Install_Archive
Snap Take 3: Herd Securities
Grab a Domain Name
Registered herdsecurities.com on NameCheap
- kanban.herdsecurities.com -> WeKan
- wiki.herdsecurities.com -> Mediawiki
Create an Instance
Create a Lightsail instance, OS Only, Debian latest.
Initialization Script:
apt update -y apt upgrade -y apt install -y emacs-nox apt install -y snapd snap install wekan
Attach a static IP (52.38.144.14)
Assign that IP to kanban.herdsecurities.com
That will take a while to propagate through DNS, so add it to your local hosts file too.
$ sudo emacs -nw /etc/hosts > 52.38.144.14 kanban.herdsecurities.com
Connect to console
ssh -i ~/.ssh/id_rsa_social001 admin@kanban.herdsecurities.com
SSL & NGINX
$ sudo emacs -nw /etc/apt/sources.list > deb http://ftp.debian.org/debian buster-backports main $ sudo apt update -y $ sudo apt install -y python-certbot-nginx -t buster-backports
$ sudo emacs -nw /etc/nginx/nginx.conf # uncomment the following: > server_names_hash_bucket_size 64; $ sudo systemctl restart nginx
$ sudo emacs -nw /etc/nginx/sites-available/wekan.conf
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 443;
server_name kanban.herdsecurities.com;
if ($http_user_agent ~ "MSIE") {
return 303 https://browser-update.org/update.html;
}
location / {
proxy_pass http://127.0.0.1:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade; # allow websockets
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Forwarded-For $remote_addr; # preserve client IP
}
}
sudo nginx -t sudo systemctl restart nginx
$ sudo ln -s /etc/nginx/sites-available/wekan.conf /etc/nginx/sites-enabled/
Create email address herdsecurities@traxel.com as admin address for cert.
sudo certbot --nginx -d kanban.herdsecurities.com
Fair warning: The above documentation (just the NGINX and SSL section) is not an exact match for what I did. My sequence biffed and I had to manually fix it. It's a bit messy. I may start over, but it's working, so probably not.