diff --git a/docs/configuration/webserver/caddy/Caddyfile b/docs/configuration/webserver/caddy/Caddyfile new file mode 100644 index 0000000000000000000000000000000000000000..83d15c3a62c6ff97f8970fa2c52fbdeeb32ba9c5 --- /dev/null +++ b/docs/configuration/webserver/caddy/Caddyfile @@ -0,0 +1,5 @@ +kanboard.your-domain.com +tls you@mail.com +proxy / http://localhost:3333 { + websocket +} diff --git a/docs/configuration/webserver/caddy/README.md b/docs/configuration/webserver/caddy/README.md new file mode 100644 index 0000000000000000000000000000000000000000..61e1a49472b8571024d854901e5ca8c049fdc3e1 --- /dev/null +++ b/docs/configuration/webserver/caddy/README.md @@ -0,0 +1,22 @@ +# Caddy web server configuration guide + +This is how to secure kanban with a free https certificate from [let's encypt](letsencypt.org). +The Caddy webserver has a [preset for proxing websocket connections](https://caddyserver.com/docs/proxy): + +``` +proxy / http://localhost:3333 { + websocket +} +``` + +This assumes kanban is running on port 3333 + +If you are already using Caddy, you might as well secure your installation with a free certificate which is automatically renewed by Caddy: + +``` +kanboard.your-domain.com +tls you@mail.com +proxy / http://localhost:3333 { + websocket +} +``` diff --git a/docs/installation/README.md b/docs/installation/README.md index 51829e8e2a2e4e80abf2b066bfdcc92092b70a85..79617d27f6dd623d71d091ee498066b89c81981e 100644 --- a/docs/installation/README.md +++ b/docs/installation/README.md @@ -7,3 +7,8 @@ For now we officially support two installation types: - [Installation from binary](/docs/installation/binary.md) - [Installation with docker](/docs/installation/docker.md) + + +There are also installation types provided by the community: + +- [Automatic https via docker-compose and Caddy](/docs/installation/docker-compose.md) diff --git a/docs/installation/docker-compose.md b/docs/installation/docker-compose.md new file mode 100644 index 0000000000000000000000000000000000000000..1ee50b32696da7ce6aa0f3ca9eb2ba2ca5415b91 --- /dev/null +++ b/docs/installation/docker-compose.md @@ -0,0 +1,90 @@ +# Installation via via docker-compose and Caddy +by [brasilikum](github.com/brasilikum) + +## Prerequisites + +- docker is installed on your machine +- docker-compose is installed on your machine +- a domain (eg `mykanban.com`) points to your machine + + +## Setup application for OAuth in GitLab. + +Go to your GitLab profile section "Application" and press button "New Application" + +![applications page](gitlab_oauth/applications.jpg) + +Under **name**, enter something you whish, like: kanban +Under Redirect URI enter: https://**mykanban.com**/assets/html/user/views/oauth.html +Swap `mykanban.com` with your custom domain. + +![new application](gitlab_oauth/create_desc.jpg) + +Next you get a success page. Leave it open, you will need the the values in the next step. + +![installed application](gitlab_oauth/create_success_alt.jpg) + +## Adapt the docker-compose.yaml file + +Create a new directory on your server, called `kanboard`. +Inside, create the following `docker-compose.yaml` file: + +```yml + +caddy: + image: abiosoft/caddy + ports: + - "1180:80" + - "11443:443" + volumes: + - ./Caddyfile:/etc/Caddyfile + - ./caddy:/root/.caddy + links: + - kanboard +kanboard: + image: leanlabs/kanban:1.6.0 + links: + - redis + environment: + - KANBAN_SERVER_HOSTNAME=https://mykanban.com + - KANBAN_GITLAB_URL=https://mygit.com + - KANBAN_GITLAB_CLIENT=clientidhere + - KANBAN_GITLAB_SECRET=secrethere + - KANBAN_REDIS_ADDR=redis:6379 + - KANBAN_SECURITY_SECRET=secret +redis: + image: leanlabs/redis:1.0.0 +``` + +Here you have to modify the following environment variables: + +- KANBAN_SERVER_HOSTNAME: put in your domainname +- KANBAN_GITLAB_URL: put in your gitlab url +- KANBAN_GITLAB_CLIENT: put in the ID from gitlab +- KANBAN_GITLAB_SECRET: put in the secret from gitlab +- KANBAN_SECURITY_SECRET: put in some randomnes. Let your passwordmanager generate something. + + +## Configure Caddyfile +Now the only thing missing is our `Caddyfile`. Put it in the same folder as the docker-compose file. + +``` + +mykanban.com +tls me@mail.com +proxy / http://kanboard:80 { + websocket +} +``` + +Fill in your domain and email. + +## Run +We are done! +In the kanban directory run: + +``` +docker-compose up +``` + +You can now open your browser at your domain and should automatically be redirected to https.