Advanced Installation

The method described in the installation guide will install fully functional contact synchronization server. The information in this file will describe the installation with configuration files and with one additional and optional component called Admin server. Admin server is a service based on Spring Boot Admin that provides some statistics and control over the server.

Installation

Note

A lot of steps are similar to steps in the simple installation guide. We recommend reading it first. It may describe some steps in greater detail.

We start by creating some configuration files. Create the following files with the following content. Replace the passwords with secure ones that you generate:

File /etc/acrobits/admin-server/application.yml:

security:
    user:
        # You will use this username and password to access the admin-server
        name: admin
        password: adminserverpassword

File /etc/acrobits/sso/application.yml:

security:
  user:
    name: sso
    # change this password to something random. You will not use this password manually.
    password: password_to_sso
spring:
  boot:
    admin:
      url: http://admin-server:8004
      # username and password from admin-server config
      username: admin
      password: adminserverpassword
      client:
          url: http://sso:8080
          enabled: true

File /etc/acrobits/contact_server/application.yml:

security:
  user:
    name: contact
    # change this password to something random. You will not use this password manually.
    password: password_to_contact
spring:
  boot:
    admin:
      url: http://admin-server:8004
      # username and password from admin-server config
      username: admin
      password: adminserverpassword
      client:
          url: http://contacts:8080
          enabled: true

Replace adminserverpassword in all three files with a secure password. This password will be used by you to log into Admin server. It will also be used by other services to talk to the Admin server. The other passwords (password_to_sso and password_to_contact) should be replaced too. Those will be used by the Admin server to connect to the services. You will not have to remember those.

Note

In default installation (without configuration files) the passwords for the services are generated randomly when the service starts.

The next step is logging into our docker registry.

docker login -u customer -p Aen1ieB5sh docker.acrobits.net

Create an empty directory named contacts and inside it create a file called docker-compose.yml with the following content:

---
version: '2'
networks:
    contactnetwork:

services:
    sso:
        image: docker.acrobits.net/releases/sso
        ports:
            - "127.0.0.1:8082:8080"
        restart: always
        volumes:
            - /etc/acrobits/sso/application.yml:/etc/acrobits/sso/application.yml:ro
        networks:
            contactnetwork:


    redis:
        image: redis:3.0
        restart: always
        networks:
            contactnetwork:

    mongo:
        image: mongo:3.0
        volumes:
            - /data/mongo:/data/db
        restart: always
        networks:
            contactnetwork:

    contact_server:
        image:  docker.acrobits.net/releases/contact_server
        ports:
            - "127.0.0.1:8081:8080"
        restart: always
        networks:
            contactnetwork:
                aliases:
                    - contacts
        volumes:
            - /etc/acrobits/contact_server/application.yml:/etc/acrobits/contact_server/application.yml:ro

    admin-server:
        image: docker.acrobits.net/releases/admin-server
        ports:
            - "127.0.0.1:8004:8004"
        volumes:
            - /etc/acrobits/admin-server/application.yml:/etc/acrobits/admin-server/application.yml:ro
        restart: always
        networks:
            contactnetwork:

To start the services , run the following command in the directory:

docker-compose up -d

The next step is setting up reverse TLS proxy. The process is described in regular installation guide. The difference is an additional location section.

server {
    listen 443 ssl;
    ssl_certificate /your/cert.pem;
    ssl_certificate_key /your/key.pem;
    server_name example.com;
    client_max_body_size 50m;

    location /contacts/ {
        proxy_pass http://localhost:8081/;
        error_log /var/log/nginx/contacts.error.log;
        access_log /var/log/nginx/contacts.access.log;
    }

    location /sso/ {
        error_log /var/log/nginx/sso.error.log;
        access_log /var/log/nginx/sso.access.log;
        proxy_pass http://localhost:8082/;
    }

    location /admin/ {
        error_log /var/log/nginx/admin.error.log;
        access_log /var/log/nginx/admin.access.log;
        proxy_pass http://127.0.0.1:8004/;
    }
}

Replace server_name with the name of your server and provide your ssl certificate and key. Then reload nginx. Admin server will then be accessible at /admin endpoint (as in https://example.com/admin).

Migrating from basic installation

Migration from basic installation is fairly straightforward. Go to your contacts directory and run

docker-compose down

Then follow this guide (set up configuration files and edit docker-compose.yml file). Before starting the services (but after changing docker-compose.yml) run also the following command in the directory with docker-compose.yml.

docker-compose pull

This will download the new versions of the services.

Admin server basics

You can connect to your admin server at https://example.com/admin (change example.com to your server address). You can login with the username and password you provided in the configuration file.

After logging in, you will see status of your services. You can click on details and see their metrics or environment.

Note

Contact server’s Logging tab will show "error": "Couldn't find Logback JMXConfigurator-MBean". You can safely ignore this.

The control part for Contact server is in JMX subpage. Click on acrobits.jmx section. This will display three options: AvatarService, DataViewer and DELETE_ACCOUNT_DEVICE. You can safely look through DataViewer which does not modify the data and try operations there. Be careful with DELETE_ACCOUNT_DEVICE and with AvatarService.

Warning

AvatarService contains only one operation (rescaleAllAvatars()) which runs immediatelly after you click it since it does not require any parameters (it downscales user’s pictures). DELETE_ACCOUNT_DEVICE contains two operations which need additional parameters so those will not run immediatelly after clicking them.