Adapted from: https://docs.odk-x.org/sync-endpoint/
- docker
- docker swarm mode
- Java 8 JRE + JDK
- mvn
- certbot
- A domain directed at the server (required for certbot validation check)
git clone https://github.com/odk-x/sync-endpoint-default-setup;
cd sync-endpoint-default-setup;
sudo certbot certonly --standalone \
--email "email@example.com" \
-d "my-domain.com" \
--rsa-key-size 4096 \
--agree-tos \
--cert-name bootstrap \
--keep-until-expiring \
--non-interactive
Check the certificate exists for your domain via certbot certificates
git clone https://github.com/odk-x/sync-endpoint ; \
docker build --pull -t odk/sync-web-ui https://github.com/odk-x/sync-endpoint-web-ui.git; \
docker build --pull -t odk/db-bootstrap db-bootstrap; \
docker build --pull -t odk/openldap openldap; \
docker build --pull -t odk/phpldapadmin phpldapadmin; \
mvn clean install -DskipTests=true -f ./sync-endpoint/pom.xml
Ensure all build steps pass successfully
Add a location to serve phpldapadmin from (instead of port 40000)
location ^~ /ldap/ {
proxy_pass https://phpldapadmin/;
}
config/nginx/sync-endpoint-locations.conf
Remove phpldapadmin port mapping (optional) Provide nginx access to the ldap network.
phpldapadmin:
# remove ports if wanted
ports:
- "${PHP_LDAPADMIN_PORT:-40000}:443"
nginx:
image: nginx:mainline
networks:
- sync-network
- ldap-network
docker-compose.yml
Make any other config changes required/as suggested from docs for passwords etc.
ldap.env
,sync.env
,db.env
,config/https.env
docker stack deploy -c docker-compose.yml -c docker-compose-https.yml syncldap
The platform should be deployed and after a minute or so be available on the domain specified, with phpldapadmin available at https://my-domain.com/ldap
A script does exist to automate the processes above, although requires installing
python on the device and manually making the config changes outlined above (it's also a bit fiddly)
sudo python init-odkx-sync-endpoint.py
- prompt 1, enter host url in quotation marks - "my-domain.com"
- prompt 2, enter include https in quotation - "y"
- prompt 3, enter email in quotation - "email@example.com"
- prompt 4 - "y"
-
It can take up to a minute or so for the domain to become available, so wait.
-
Check stats to see if services running
docker stats
-
Check logs for services (e.g. nginx, phpldapadmin)
docker service ls
docker service logs syncldap_nginx
docker service logs syncldap_phpldapadmin
-
Retry deployment (removing previous stack and ensuring all containers stopped)
docker stack rm syncldap; \
docker stop $(docker ps -aq); \
docker stack deploy -c docker-compose.yml -c docker-compose-https.yml syncldap