You need a running Linux Server with Docker installed (Sizing). To install Docker, please follow the official documentation for your distribution, e. g.:
- Ubuntu: https://docs.docker.com/engine/install/ubuntu/
- Red Hat Enterprise Linux: https://docs.docker.com/engine/install/rhel/
- Docker Compose Plugin is installed
- Docker Version at least 20.10.17
- Valid TLS Certificate (including Chain) for HTTPS
Step 1 – Install docker compose plugin (optional)
If you cannot execute the following command
your Installation is too old or the compose plugin is missing. The official documentation to install docker including compose plugin is https://docs.docker.com/engine/install/
You can also check your distribution-specific repositories. For ubuntu, docker compose is part of the docker repository, which is, in most cases, enabled by default. You can install it with:
sudo apt install docker-compose-plugin
If your distribution doesn’t provide a package, you can download the docker engine via script.
Step 2 – Prepare your host system
Create the folders neccessary for permanent storage:
mkdir -p /var/lib/simplifier/mysql mkdir -p /var/lib/simplifier/data mkdir -p /var/lib/simplifier/traefik mkdir -p /var/lib/simplifier/bin mkdir -p /var/lib/simplifier/launchpad chown 1000:1000 /var/lib/simplifier/launchpad
Remark: these are the important folders to include in your backup.
Step 3 – Get Simplifier setup files
First you need to install git
sudo apt install git
Clone the setup repository
cd /var/lib/simplifier/bin git clone --branch release/7.1 https://github.com/simplifier-ag/docker-compose.git
Change into the new directory and check its content
cd docker-compose ls -a
You should see at least the following entries:
.env.template file defines the environment in terms of variable values. This files needs to be copied as .env and changed.
cp .env.template .env
security.toml defines security settings, especially TLS certificates. It is optional, but in most cases you want to use it.
simplifier-standalone.yml is the docker-compose file, which defines the necessary services. It defines the following 5 services:
- mysql: database backend for Simplifier
- traefik: proxy server
- simplifier: application server
- launchpad: Simplifier launchpad
- watchtower: automated updates
In most cases, you can leave this file unchanged.
Step 4 – Prepare the environment
Edit the Environment file
It defines 6 variables
SIMPLIFIER_HOSTNAME=example.simplifier.cloud DB_PASSWORD=MySecret123 DB_NAME=simplifier DB_ROOT_PASSWORD=MySuperSecret SIMPLIFIER_VERSION=7.1 HOST_DATA_PATH=/var/lib/simplifier
Change the value of HOSTNAME to the hostname of the server (without https://).
Set DB_PASSWORD and DB_ROOT_PASSWORD to two different values according to your internal password policies.
Set SIMPLIFIER_VERSION to the major releaes of Simplifier you want to have installed. As the time of writing, this is 7.1. In most cases, if you just cloned the repository as described before, the matching value should already be there and you do not need to change it.
HOST_DATA_PATH is the path on the host systems,where Simplifier writes all the generated data and where MySQL stores its files. In a new Setup, it is receommended that you leave this unchanged.
Also, DB_NAME won’t need to be changed in most cases.
Now you can save and close the .env file.
Step 5 – Setting up TLS (commonly referred to as SSL)
The given docker compose file configures the traefik proxy to use HTTPS only. Without further changes, a self signed default certificate will be used, which causes warnings in all major browsers. To avoid this, you need to provide your own certificates. You need the private key as well as the public key. Usually they come in form of a pair of .crt and .key files.
Edit the security.toml file.
The first two sections handle the certificates and the certificates store:
[[tls.certificates]] certFile = "/configuration/my.custom.hostname.crt" keyFile = "/configuration/my.custom.hostname.key" [tls.stores] [tls.stores.default] [tls.stores.default.defaultCertificate] certFile = "/configuration/my.custom.hostname.crt" keyFile = "/configuration/my.custom.hostname.key"
Replace “my.custom.hostname.crt” and “my.custom.hostname.key” with file names of your cert and key files.
IMPORTANT: keep the path /configuration/ unchanged. This is the path within the container, not on the host system. It is defined in the traefik service definition of the docker compose file in the section volumes.
Place all three files in /var/lib/simplifier/traefik.
cp myKeyFile.key myCertFile.crt /var/lib/simplifier/traefik cp security.toml /var/lib/simplifier/traefik
Step 6 – OPTIONAL Configure Cipher Suites and TLS versions
Cyper security is a changing field. Algorithms which were thought to be secure may get compromised. Sometimes support for older software clients has a higher priority then state of the art security settings. This is why usually older algorithms and protocolls are supported, but can be disabled via configuration.
The prepared example file disables some older protocols and algorithms. It does only allow those, which were considered as secure at the time this article was written. This configuration is done with this part of the security.toml file:
[tls.options] # Valid constants: https://pkg.go.dev/crypto/tls#pkg-constants [tls.options.default] minVersion = "VersionTLS12" cipherSuites = [ "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305", "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", ] [tls.options.mintls12] minVersion = "VersionTLS12"
If you have trouble in connecting with older browsers (which you shouldn’t use) or other (propriatary) clients, try to remove this part of the configuration. Instead of deleting these lines, you can place a # at the beginning of each line to mark it as a comment.
Step 7 – Starting Simplifier
So far everything is prepared and Simplifier can be started.
Change back to the folder where you stored the simplifer-standalone.yml file. To start all services which are defined in the file run:
docker compose -f simplifier-standalone.yml up -d
Now, from your desktop computer, open a new browser tab and navigate to the server. You should see a simple website which asks you to insert a Simplifer license. Copy the whole content of the licence file you received from the Simplifier Customer Success Team and paste it into the web form. Press Save. The browser now redirects you to the Simplifier login page. Log in with the default credentials admin/admin.
Step 8 – Basic Simplifier Setup
Some basic setup steps need to be done in the Simplifer UI.
Change the password of the admin and the guest user (Documentation).
Download the current standard content here and import it (Documentation).
Start the Basic Course and build your first App here.
Leave A Comment
You must be logged in to post a comment.