You need a running Linux Server with Docker installed. To install Docker, please follow the official documentation for your distribution, e. g.:
- Ubuntu: https://docs.docker.com/engine/install/ubuntu/
- Red Hat Enterprise Linux: https://docs.docker.com/engine/install/rhel/
Step 1 – Install docker-compose
The official documentation to install docker-compose is: https://docs.docker.com/compose/install/
You can also check your distribution-specific repositories. For ubuntu, docker-compose is part of the universe repository, which is, in most cases, enabled by default. You can install it with:
sudo apt install docker-compose
If your distribution doesn’t provide a package, the main steps from the official documentation are:
Download the script:
sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
Make it executable:
sudo chmod +x /usr/local/bin/docker-compose
If you do not have /usr/local/bin as part of you $PATH variable, either add it to $PATH or link the script to /usr/bin
sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
Step 2 – Prepare your host system
Create the folders neccessary for permanent storage:
mkdir -p /var/lib/simplifier/mysql mkdir -p /var/lib/simplifier/data mkdir -p /etc/simplifier/traefik
Remark: these are the important folders to include in your backup.
Step 3 – Get Simplifier setup files
First you need to install git
sudo apt install git
Clone the setup repository
git clone https://github.com/simplifier-ag/docker-compose.git
Change into the new directory and check its content
cd docker-compose ls -a
You should see at least the following entries:
.env file defines the environment in terms of variable values. This files needs to be changed.
security.toml defines security settings, especially TLS certificates. It is optional, but in most cases you want to use it.
simplifier-standalone.yml is the docker-compose file, which defines the necessary services. It defines the following 4 services:
- mysql: database backend for Simplifier
- traefik: proxy server
- simplifier: application server
- watchtower: automated updates
In most cases, you can leave this file unchanged.
Step 4 – Prepare the environment
Edit the environmet file
It defines 5 varibale values
HOSTNAME=example.simplifier.cloud DB_PASSWORD=MySecret123 DB_NAME=simplifier DB_ROOT_PASSWORD=MySuperSecret SIMPLIFIER_VERSION=6.5
Change the value of HOSTNAME to the hostname of the server (without https://).
Set DB_PASSWORD and DB_ROOT_PASSWORD to two different values according to your internal password policies.
Set SIMPLIFIER_VERSION to the major releaes of Simplifier you want to have installed. As the time of writing, this is 6.5. In most cases, if you just cloned the repository, the matching value should already be there and you do not need to change it.
Also, DB_NAME won’t need to be changed in most cases.
Now you can save and close the .env file.
Step 5 – Setting up TLS (commonly referred to as SSL)
The given docker compose file configures the traefik proxy to use HTTPS only. Without further changes, a self signed default certificate will be used, which causes warnings in all major browsers. To avoid this, you need to provide your own certificates. You need the private key as well as the public key. Usually they come in form of a pair of .crt and .key files.
Edit the security.toml file.
The first two sections handle the certificates and the certificates store:
[[tls.certificates]] certFile = "/configuration/my.custom.hostname.crt" keyFile = "/configuration/my.custom.hostname.key" [tls.stores] [tls.stores.default] [tls.stores.default.defaultCertificate] certFile = "/configuration/my.custom.hostname.crt" keyFile = "/configuration/my.custom.hostname.key"
Replace “my.custom.hostname.crt” and “my.custom.hostname.key” with file names of your cert and key files.
IMPORTANT: keep the path /configuration/ unchanged. This is the path within the container, not on the host system. It is defined in the traefik service definition of the docker compose file in the section volumes.
Place all three files in /etc/simplifier/traefik.
cp myKeyFile.key myCertFile.crt /etc/simplifier/traefik cp security.toml /etc/simplifier/traefik
Step 6 – OPTIONAL Configure Cipher Suites and TLS versions
Cyper security is a changing field. Algorithms which were thought to be secure may get compromised. Sometimes support for older software clients has a higher priority then state of the art security settings. This is why usually older algorithms and protocolls are supported, but can be disabled via configuration.
The prepared example file disables some older protocols and algorithms. It does only allow those, which were considered as secure at the time this article was written. This configuration is done with this part of the security.toml file:
[tls.options] # Valid constants: https://pkg.go.dev/crypto/tls#pkg-constants [tls.options.default] minVersion = "VersionTLS12" cipherSuites = [ "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_AES_128_GCM_SHA256", "TLS_AES_256_GCM_SHA384", "TLS_CHACHA20_POLY1305_SHA256" ] [tls.options.mintls12] minVersion = "VersionTLS12"
If you have trouble in connecting with older browsers (which you shouldn’t use) or other (propriatary) clients, try to remove this part of the configuration. Instead of deleting these lines, you can place a # at the beginning of each line to mark it as a comment.
Step 7 – Starting Simplifier
So far everything is prepared and Simplifier can be started.
Change back to the folder where you stored the simplifer-standalone.yml file. To start all services which are defined in the file run:
docker-compose -f simplifer-standalone.yml up -d
Now, from your desktop computer, open a new browser tab and navigate to the server. You should see a simple website which asks you to insert a Simplifer license. Copy the whole content of the licence file you received from the Simplifier Customer Success Team and paste it into the web form. Press Save. The browser now redirects you to the Simplifier login page. Log in with the default credentials admin/admin.
Step 8 – Basic Simplifier Setup
Some basic setup steps need to be done in the Simplifer UI.
Change the password of the admin and the guest user (Documentation).
Download the current standard content here and import it (Documentation).
Start the Basic Course and build your first App here.
Leave A Comment
You must be logged in to post a comment.