doc/md/guides/install-shaarli-with-debian9-and-docker.md

   1 _Last updated on 2018-07-01._
   2
   3 ## Goals
   4 - Getting a Virtual Private Server (VPS)
   5 - Running Shaarli:
   6     - as a Docker container,
   7     - using the Træfik reverse proxy,
   8     - securized with TLS certificates from Let's Encrypt.
   9
  10
  11 The following components and tools will be used:
  12
  13 - [Debian](https://www.debian.org/), a GNU/Linux distribution widely used in
  14   server environments;
  15 - [Docker](https://docs.docker.com/engine/docker-overview/), an open platform
  16   for developing, shipping, and running applications;
  17 - [Docker Compose](https://docs.docker.com/compose/), a tool for defining and
  18   running multi-container Docker applications.
  19
  20
  21 More information can be found in the [Resources](#resources) section at the
  22 bottom of the guide.
  23
  24 ## Getting a Virtual Private Server
  25 For this guide, I went for the smallest VPS available from DigitalOcean,
  26 a Droplet with 1 CPU, 1 GiB RAM and 25 GiB SSD storage, which costs
  27 $5/month ($0.007/hour):
  28
  29 - [Droplets Overview](https://www.digitalocean.com/docs/droplets/overview/)
  30 - [Pricing](https://www.digitalocean.com/pricing/)
  31 - [How to Create a Droplet from the DigitalOcean Control Panel](https://www.digitalocean.com/docs/droplets/how-to/create/)
  32 - [How to Add SSH Keys to Droplets](https://www.digitalocean.com/docs/droplets/how-to/add-ssh-keys/)
  33 - [Initial Server Setup with Debian 8](https://www.digitalocean.com/community/tutorials/initial-server-setup-with-debian-8) (also applies to Debian 9)
  34 - [An Introduction to Securing your Linux VPS](https://www.digitalocean.com/community/tutorials/an-introduction-to-securing-your-linux-vps)
  35
  36 ### Creating a Droplet
  37 Select `Debian 9` as the Droplet distribution:
  38
  39 <img src="../images/01-create-droplet-distro.jpg"
  40      width="500px"
  41      alt="Droplet distribution" />
  42
  43 Choose a region that is geographically close to you:
  44
  45 <img src="../images/02-create-droplet-region.jpg"
  46      width="500px"
  47      alt="Droplet region" />
  48
  49 Choose a Droplet size that corresponds to your usage and budget:
  50
  51 <img src="../images/03-create-droplet-size.jpg"
  52      width="500px"
  53      alt="Droplet size" />
  54
  55 Finalize the Droplet creation:
  56
  57 <img src="../images/04-finalize.jpg"
  58      width="500px"
  59      alt="Droplet finalization" />
  60
  61 Droplet information is displayed on the Control Panel:
  62
  63 <img src="../images/05-droplet.jpg"
  64      width="500px"
  65      alt="Droplet summary" />
  66
  67 Once your VPS has been created, you will receive an e-mail with connection
  68 instructions.
  69
  70 ## Obtaining a domain name
  71 After creating your VPS, it will be reachable using its IP address; some hosting
  72 providers also create a DNS record, e.g. `ns4853142.ip-01-47-127.eu`.
  73
  74 A domain name (DNS record) is required to obtain a certificate and setup HTTPS
  75 (HTTP with TLS encryption).
  76
  77 Domain names can be obtained from registrars through hosting providers such as
  78 [Gandi](https://www.gandi.net/en/domain).
  79
  80 Once you have your own domain, you need to create a new DNS record that points
  81 to your VPS' IP address:
  82
  83 <img src="../images/06-domain.jpg"
  84      width="650px"
  85      alt="Domain configuration" />
  86
  87 ## Host setup
  88 Now's the time to connect to your freshly created VPS!
  89
  90 ```shell
  91 $ ssh root@188.166.85.8
  92
  93 Linux stretch-shaarli-02 4.9.0-6-amd64 #1 SMP Debian 4.9.88-1+deb9u1 (2018-05-07) x86_64
  94
  95 The programs included with the Debian GNU/Linux system are free software;
  96 the exact distribution terms for each program are described in the
  97 individual files in /usr/share/doc/*/copyright.
  98
  99 Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
 100 permitted by applicable law.
 101 Last login: Sun Jul  1 11:20:18 2018 from <REDACTED>
 102
 103 root@stretch-shaarli-02:~$
 104 ```
 105
 106 ### Updating the system
 107 ```shell
 108 root@stretch-shaarli-02:~$ apt update && apt upgrade -y
 109 ```
 110
 111 ### Setting up Docker
 112 _The following instructions are from the
 113 [Get Docker CE for Debian](https://docs.docker.com/install/linux/docker-ce/debian/)
 114 guide._
 115
 116 Install package dependencies:
 117
 118 ```shell
 119 root@stretch-shaarli-02:~$ apt install -y apt-transport-https ca-certificates curl gnupg2 software-properties-common
 120 ```
 121
 122 Add Docker's package repository GPG key:
 123
 124 ```shell
 125 root@stretch-shaarli-02:~$ curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
 126 ```
 127
 128 Add Docker's package repository:
 129
 130 ```shell
 131 root@stretch-shaarli-02:~$ add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/debian stretch stable"
 132 ```
 133
 134 Update package lists and install Docker:
 135
 136 ```shell
 137 root@stretch-shaarli-02:~$ apt update && apt install -y docker-ce
 138 ```
 139
 140 Verify Docker is properly configured by running the `hello-world` image:
 141
 142 ```shell
 143 root@stretch-shaarli-02:~$ docker run hello-world
 144 ```
 145
 146 ### Setting up Docker Compose
 147 _The following instructions are from the
 148 [Install Docker Compose](https://docs.docker.com/compose/install/)
 149 guide._
 150
 151 Download the current version from the release page:
 152
 153 ```shell
 154 root@stretch-shaarli-02:~$ curl -L https://github.com/docker/compose/releases/download/1.21.2/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose
 155 root@stretch-shaarli-02:~$ chmod +x /usr/local/bin/docker-compose
 156 ```
 157
 158 ## Running Shaarli
 159 Shaarli comes with a configuration file for Docker Compose, that will setup:
 160
 161 - a local Docker network
 162 - a Docker [volume](https://docs.docker.com/storage/volumes/) to store Shaarli data
 163 - a Docker [volume](https://docs.docker.com/storage/volumes/) to store Træfik TLS configuration and certificates
 164 - a [Shaarli](https://hub.docker.com/r/shaarli/shaarli/) instance
 165 - a [Træfik](https://hub.docker.com/_/traefik/) instance
 166
 167 [Træfik](https://docs.traefik.io/) is a modern HTTP reverse proxy, with native
 168 support for Docker and [Let's Encrypt](https://letsencrypt.org/).
 169
 170 ### Compose configuration
 171 Create a new directory to store the configuration:
 172
 173 ```shell
 174 root@stretch-shaarli-02:~$ mkdir shaarli && cd shaarli
 175 root@stretch-shaarli-02:~/shaarli$
 176 ```
 177
 178 Download the current version of Shaarli's `docker-compose.yml`:
 179
 180 ```shell
 181 root@stretch-shaarli-02:~/shaarli$ curl -L https://raw.githubusercontent.com/shaarli/Shaarli/master/docker-compose.yml -o docker-compose.yml
 182 ```
 183
 184 Create the `.env` file and fill in your VPS and domain information (replace
 185 `<MY_SHAARLI_DOMAIN>` and `<MY_CONTACT_EMAIL>` with your actual information):
 186
 187 ```shell
 188 root@stretch-shaarli-02:~/shaarli$ vim .env
 189 ```
 190
 191 ```shell
 192 SHAARLI_VIRTUAL_HOST=<MY_SHAARLI_DOMAIN>
 193 SHAARLI_LETSENCRYPT_EMAIL=<MY_CONTACT_EMAIL>
 194 ```
 195
 196 ### Pull the Docker images
 197 ```shell
 198 root@stretch-shaarli-02:~/shaarli$ docker-compose pull
 199 Pulling shaarli ... done
 200 Pulling traefik ... done
 201 ```
 202
 203 ### Run!
 204 ```shell
 205 root@stretch-shaarli-02:~/shaarli$ docker-compose up -d
 206 Creating network "shaarli_http-proxy" with the default driver
 207 Creating volume "shaarli_traefik-acme" with default driver
 208 Creating volume "shaarli_shaarli-data" with default driver
 209 Creating shaarli_shaarli_1 ... done
 210 Creating shaarli_traefik_1 ... done
 211 ```
 212
 213 ## Conclusion
 214 Congratulations! Your Shaarli instance should be up and running, and available
 215 at `https://<MY_SHAARLI_DOMAIN>`.
 216
 217 <img src="../images/07-installation.jpg"
 218      width="500px"
 219      alt="Shaarli installation page" />
 220
 221 ## Resources
 222 ### Related Shaarli documentation
 223 - [Docker 101](../docker/docker-101.md)
 224 - [Shaarli images](../docker/shaarli-images.md)
 225
 226 ### Hosting providers
 227 - [DigitalOcean](https://www.digitalocean.com/)
 228 - [Gandi](https://www.gandi.net/en)
 229 - [OVH](https://www.ovh.co.uk/)
 230 - [RackSpace](https://www.rackspace.com/)
 231 - etc.
 232
 233 ### Domain Names and Registrars
 234 - [Introduction to the Domain Name System (DNS)](https://opensource.com/article/17/4/introduction-domain-name-system-dns)
 235 - [ICANN](https://www.icann.org/)
 236 - [Domain name registrar](https://en.wikipedia.org/wiki/Domain_name_registrar)
 237 - [OVH Domain Registration](https://www.ovh.co.uk/domains/)
 238 - [Gandi Domain Registration](https://www.gandi.net/en/domain)
 239
 240 ### HTTPS and Security
 241 - [Transport Layer Security](https://en.wikipedia.org/wiki/Transport_Layer_Security)
 242 - [Let's Encrypt](https://letsencrypt.org/)
 243
 244 ### Docker
 245 - [Docker Overview](https://docs.docker.com/engine/docker-overview/)
 246 - [Docker Documentation](https://docs.docker.com/)
 247 - [Get Docker CE for Debian](https://docs.docker.com/install/linux/docker-ce/debian/)
 248 - [docker logs](https://docs.docker.com/engine/reference/commandline/logs/)
 249 - [Volumes](https://docs.docker.com/storage/volumes/)
 250 - [Install Docker Compose](https://docs.docker.com/compose/install/)
 251 - [docker-compose logs](https://docs.docker.com/compose/reference/logs/)
 252
 253 ### Træfik
 254 - [Getting Started](https://docs.traefik.io/)
 255 - [Docker backend](https://docs.traefik.io/configuration/backends/docker/)
 256 - [Let's Encrypt and Docker](https://docs.traefik.io/user-guide/docker-and-lets-encrypt/)
 257 - [traefik](https://hub.docker.com/_/traefik/) Docker image