CTT only requires Docker and Docker-Compose to be installed on the server. Provided links are for an Ubuntu installation.
- Docker: https://docs.docker.com/engine/install/ubuntu/
- Docker-Compose: https://docs.docker.com/compose/install/#install-compose-on-linux-systems
- Installation To download Docker Desktop (4.3.2), use the following link (01/2022): Download Docker Desktop
Follow the instructions.
Make sure the checkbox to install required Windows components for WSL 2 is checked:
In case the WSL 2 installation is incomplete, follow the following steps:
- Click on the link in the menu or here
- Download the recent update package for the WSL2 Linux kernel for your computer (Step 4)
- After installing the Linux kernel, click on ‘Restart’ to restart Docker Desktop.
- Either step through the Docker tutorial or skip it.
Go to the Microsoft Store and install ‘Ubuntu 20.04 LTS’
- Check if Linux subsystems are activated. To do so navigate to the Windows features: Windows search bar -> Control Panel -> Programs -> Turn Windows features on or off
- Check if ‘Virtual Machine Platform’ and ‘Windows Subsystem for Linux’ are checked:
In case ‘Virtual Machine Platform’ is not displayed, go to Task Manger -> Performance -> CPU and check if Virtualization is enabled. If this is the Case, continue follwing this Docker Setup (3. Start your Windows Command Terminal) If this is not the case, enable Virtualization by following online instructions.
- Start your Windows Command Terminal (enter cmd in the Windows search bar).
- Enter following code in the command line:
wsl --set-default-version 2
wsl --list -v
Then, change Ubuntu-20.04 to version 2:
conf wsl --set-version Ubuntu-20.04 2
To check if it succeeded enter:
conf wsl --list -v
Go to Settings (1) -> Resources (2) -> WSL Integration (3) -> enable Ubuntu-20.04 (4) Then, apply and restart Docker Desktop.
- Generate a personal access token: Github -> Settings -> Developer settings -> Personal access tokens -> Generate new Token Tick public_repo and click ‘Generate Token’. This token is per default available for 30 days.
- Open Ubuntu 20.04.
- and enter following code: a. docker login docker.pkg.github.com -u b. As password, enter your generated personal access token
- Open Ubuntu 20.04.
- Enter following code: docker-compose If an error occurs, please check the steps above and redo the instructions.
-
Create a directory, preferably with permissions restricted to the root user. For our server we use /var/local/ctt-app, but any location is valid. All further instructions will be relative to this folder.
-
Create a certs directory and copy your key, certificate, and optionally a file with the password for the key from our repository into the certs directory. The files should be named app.key and app.pem respectively. The file with the password must be linked in nginx.conf under server -> ssl_password_file. Make sure the key can only be accessed by the root user!
-
Create a file named .env. Enter following code (deployment specific configuration):
# Ensure the server is set to production mode
SERVER_ENV=production
# Override the URL used to construct absolute URLs
URL_OVERRIDE=https://your.domain.com/
# Override the public default database credentials
DB_USER=XXbPWmwdRW
DB_PW=grEtwOBI4E
# Add the user credentials for the site, see docker-compose for more information
# Note that user accounts are recreated on every startup from this variable and are not persisted anywhere else.
USER_CREDENTIALS=admin,$2a$10$BMCXL.xl/nHYAZWHsXNS8u6pOIlIYUU.8kJWD7raecbz/8rKoeRvC,ADMIN;
# AES Secret used to encrypt personal data in the database
DB_ENCRYPTION_SECRET=corona-ctt-20201
-
Navigate to the created repository in step ‘CTT Setup, 2.’ (/ctt-app). a. cd ../../mnt b. Example to navigate to /ctt-app:
cd ./c/Users/username/Desktop/CTT_Docker_App/var/local/ctt-app -
Copy the docker-compose.yml and nginx.conf files from the repository into the /ct-app repository. Neither should require further customization. If further customization is required, check the .env file for more information.
-
Run docker-compose pull && docker-compose up -d. This will ensure that the newest images are pulled and containers restarted, if necessary. The containers are configured to restart if anything breaks (cf. docker-compose.yml).
-
Now open any Browser (preferably FireFox) and enter localhost:80
-
To stop the server again use docker-compose down
-
Add the current user to the
dockergroup to use docker commands without sudo. -
Create a directory, preferably with permissions restricted to the root user. For our server we use
/var/local/ctt-app, but any location is valid. All further instructions will be relative to this folder. -
Create a certs directory and copy your key, certificate, and optionally a file with the password for the key into the certs directory. The files should be named
app.keyandapp.pemrespectively. The file with the password must be linked in nginx.conf under server -> ssl_password_file. Make sure the key can only be accessed by the root user! -
Create a file named
.env. It will contain deployment specific configuration:# Ensure the server is set to production mode SERVER_ENV=production # Override the URL used to construct absolute URLs URL_OVERRIDE=https://your.domain.com/ # Override the public default database credentials DB_USER=XXbPWmwdRW DB_PW=grEtwOBI4E # Add the user credentials for the site, see docker-compose for more information # Note that user accounts are recreated on every startup from this variable and are not persisted anywhere else. USER_CREDENTIALS=admin,$2a$10$BMCXL.xl/nHYAZWHsXNS8u6pOIlIYUU.8kJWD7raecbz/8rKoeRvC,ADMIN; # AES Secret used to encrypt personal data in the database DB_ENCRYPTION_SECRET=corona-ctt-20201 -
Copy the
docker-compose.ymlandnginx.conffiles from the repository. Neither should require further customization, if possible use the.envfor this purpose. -
Run
docker-compose pull && docker-compose up -d. This will ensure that the newest images are pulled and containers restarted, if necessary. The containers are configured to restart if anything breaks (cf. docker-compose.yml). -
To stop the server again use
docker-compose down.
If you haven't made changes to the password hashes provided in docker-compose.yml, the default login admin with password admin can be used.
Make sure to use safe passwords when deploying this app publicly!
To configure the rooms available in the building(s) upload a .csv file containing a list of rooms to https://your.domain.com/r/import. The CSV is semicolon delimited with Windows (CLRF) line-endings with three columns: Building letter; room name; room capacity.
An example row for room 'A008' in building 'A' :
A;A008;20
The page containing the check-in QR code can be generated as a .docx document for each building at https://your.domain.com/printout/rooms.
| |
| |
+----------------|----------|-------------------------------------+
| Port 443(https)| | Port 80 (http) Ubuntu Server |
| Proxied to App | | Forwarded to https |
| | | |
| +-----|----------|-----+ |
| | nginx - Reverse Proxy| |
| +-----------|----------+ |
| | |
| | |
| via http on port 8080| |
| | |
| +---------|--------+ Port 5432 +------------------+ |
| | CTT Java App |-----------| Postgres DB | |
| +------------------+ +------------------+ |
| |
| |
| |
+-----------------------------------------------------------------+
Provides persistance for the Java App. The Java App connects to the database via the internal docker network. The database is not reachable from the outside. An alternative database can be configured with the SPRING_DATASOURCE_* Java environment variables.
Handles encryption for https and upgrading unsecured http requests. It is the only component reachable from an external network. Https requests are internally proxied to the Java App.