Current Release

Installing Simplifier

6091 views 2 February 16, 2023

Prerequisites

You need a running Linux Server with Docker installed (Sizing). To install Docker, please follow the official documentation for your distribution, e. g.:

To avoid problems especially with the whole variety of mobile devices, we strongly recommend to use TLS Certificates that includes the complete chain. To build the chain by yourself normally it is sufficent to copy the chain elements in the right order:

cat mysimplifierdomain.com.crt chainfromtlsvendor.pem > usethiscertficate.crt

Step 1 – Install docker compose plugin (optional)

If you cannot execute the following command

docker compose

your Installation is too old or the compose plugin is missing. The official documentation to install docker including compose plugin is https://docs.docker.com/engine/install/

You can also check your distribution-specific repositories. For ubuntu, docker compose is part of the docker repository, which is, in most cases, enabled by default. You can install it with:

sudo apt install docker-compose-plugin

If your distribution doesn’t provide a package, you can download the docker engine via script.

Step 2 – Prepare your host system

Create the folders neccessary for permanent storage:

mkdir -p /var/lib/simplifier/mysql
mkdir -p /var/lib/simplifier/data
mkdir -p /var/lib/simplifier/traefik
mkdir -p /var/lib/simplifier/bin
mkdir -p /var/lib/simplifier/launchpad 
chown 1000:1000 /var/lib/simplifier/launchpad

Remark: these are the important folders to include in your backup.

Step 3 – Get Simplifier setup files

First you need to install git

sudo apt install git

Clone the setup repository

cd /var/lib/simplifier/bin
git clone --branch release/7.1 https://github.com/simplifier-ag/docker-compose.git

Change into the new directory and check its content

cd docker-compose
ls -a

You should see at least the following entries:

  • .env.template
  • security.toml
  • simplifier-standalone.yml

.env.template file defines the environment in terms of variable values.  This files needs to be copied as .env and changed.

cp .env.template .env

security.toml defines security settings, especially TLS certificates. It is optional, but in most cases you want to use it.

simplifier-standalone.yml is the docker-compose file, which defines the necessary services. It defines the following 5 services:

In most cases, you can leave this file unchanged.

Step 4 – Prepare the environment

Edit the Environment file

nano .env

It defines 6 variables

SIMPLIFIER_HOSTNAME=example.simplifier.cloud
DB_PASSWORD=MySecret123
DB_NAME=simplifier
DB_ROOT_PASSWORD=MySuperSecret
SIMPLIFIER_VERSION=7.1
HOST_DATA_PATH=/var/lib/simplifier

Change the value of HOSTNAME to the hostname of the server (without https://).

Set DB_PASSWORD and DB_ROOT_PASSWORD to two different values according to your internal password policies.

Set SIMPLIFIER_VERSION to the major releaes of Simplifier you want to have installed. As the time of writing, this is 7.1. In most cases, if you just cloned the repository as described before, the matching value should already be there and you do not need to change it.

HOST_DATA_PATH is the path on the host systems,where Simplifier writes all the generated data and where MySQL stores its files. In a new Setup, it is receommended that you leave this unchanged.

Also, DB_NAME won’t need to be changed in most cases.

Now you can save and close the .env file.

Make sure that the values given in the .env file do not contain a dollar sign $, hash tag # or ampersand &.

Step 5 – Setting up TLS (commonly referred to as SSL)

The given docker compose file configures the traefik proxy to use HTTPS only. Without further changes, a self signed default certificate will be used, which causes warnings in all major browsers. To avoid this, you need to provide your own certificates. You need the private key as well as the public key. Usually they come in form of a pair of .crt and .key files.

If you got a .pfx file, please follow this guide to get .key and .crt: https://bobcares.com/blog/convert-pfx-to-crt-key-files/

If you got a .pem file, please follow this Stackoverflow answer to get .key and .crt: https://stackoverflow.com/a/60315721/8247892

To avoid problems especially with the whole variety of mobile devices, we strongly recommend to use TLS Certificates that includes the complete chain. To build the chain by yourself normally it is sufficent to copy the chain elements in the right order:

cat mysimplifierdomain.com.crt chainfromtlsvendor.pem > usethiscertficate.crt

Edit the security.toml file.

nano security.toml

The first two sections handle the certificates and the certificates store:

[[tls.certificates]]
  certFile = "/configuration/my.custom.hostname.crt"
  keyFile = "/configuration/my.custom.hostname.key"

[tls.stores]
  [tls.stores.default]
    [tls.stores.default.defaultCertificate]
      certFile = "/configuration/my.custom.hostname.crt"
      keyFile = "/configuration/my.custom.hostname.key"

Replace “my.custom.hostname.crt” and “my.custom.hostname.key” with file names of your cert and key files.

IMPORTANT: keep the path /configuration/ unchanged. This is the path within the container, not on the host system. It is defined in the traefik service definition of the docker compose file in the section volumes.

Place all three files in /var/lib/simplifier/traefik.

cp myKeyFile.key myCertFile.crt /var/lib/simplifier/traefik
cp security.toml /var/lib/simplifier/traefik

Step 6 – OPTIONAL Configure Cipher Suites and TLS versions

Cyper security is a changing field. Algorithms which were thought to be secure may get compromised. Sometimes support for older software clients has a higher priority then state of the art security settings. This is why usually older algorithms and protocolls are supported, but can be disabled via configuration.

The prepared example file disables some older protocols and algorithms. It does only allow those, which were considered as secure at the time this article was written. This configuration is done with this part of the security.toml file:

[tls.options]
  # Valid constants: https://pkg.go.dev/crypto/tls#pkg-constants
  [tls.options.default]
    minVersion = "VersionTLS12"
     cipherSuites = [
      "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
      "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
      "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
      "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
      "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
      "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
    ]
  [tls.options.mintls12]
    minVersion = "VersionTLS12"

If you have trouble in connecting with older browsers (which you shouldn’t use) or other (propriatary) clients, try to remove this part of the configuration. Instead of deleting these lines, you can place a # at the beginning of each line to mark it as a comment.

Step 7 – Starting Simplifier

So far everything is prepared and Simplifier can be started.

Change back to the folder where you stored the simplifer-standalone.yml file. To start all services which are defined in the file run:

docker compose -f simplifier-standalone.yml up -d

Now, from your desktop computer, open a new browser tab and navigate to the server. You should see a simple website which asks you to insert a Simplifer license. Copy the whole content of the licence file you received from the Simplifier Customer Success Team and paste it into the web form. Press Save. The browser now redirects you to the Simplifier login page. Log in with the default credentials admin/admin.

Step 8 – Basic Simplifier Setup

Some basic setup steps need to be done in the Simplifer UI.

User Management

Change the password of the admin and the guest user (Documentation).

Standard Content

Download the current standard content here and import it (Documentation).

Learn

Start the Basic Course and build your first App here.

Was this article helpful?

 
Related Articles
Leave A Comment