OpenProject installed with NginX, LetEncrypt, and Docker – A How to on Secure Reverse Proxying.

10 Comments | Server By · 16/06/2023



OpenProject installed with NginX, LetEncrypt, and Docker – A How to on Secure Reverse Proxying.

OpenProject installed with NginX, LetEncrypt, and Docker - A How to on Secure Reverse Proxying.

Based on a request a few weeks back, I have put together this little video on how to use Docker, NginX, and LetsEncrypt to setup OpenProject as a self-hosted, open source option.

The good part about this video is that the process is repeatable for any Docker based application you want to run behind an NginX reverse proxy with LetsEncrypt security.

===Links===
Open Project: https://openproject.org
Documentation: https://docs.openproject.org/installation-and-operations/installation/packaged/
Docker-CE Install: https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-18-04

===Timestamps===

FYI – I don’t show much about how to use OpenProject. It’s not software I’m familiar with, and it’s a really big project to learn for a video. This video is based around setting up a Docker container project, and getting the NginX reverse proxy and LetsEncrypt certificates set for that.

00:10 – Introduction
02:00 – Digital Ocean Server Setup
04:00 – Updating our Server before Install
06:30 – Docker CE install
07:20 – NginX Install
08:10 – Install OpenProject as a Docker Container
10:35 – Test our NginX site and our OpenProject Site without waiting
11:15 – Install LetsEncrypt Certbot
12:15 – Create our NginX Configuration File to make our Reverse Proxy
15:30 – Test our Reverse Proxy
16:05 – Setup the LetsEncrypt Certificate for our site
18:40 – Check our https secure site.
18:55 – first login to OpenProject and a very quick look at the UI

===Code===
Install Docker CE using the link in the links section above.

Install Nginx (if needed)
Then setup NginX as a reverse proxy to it.

sudo apt install nginx -y

sudo service nginx start

sudo service nginx status

Create the necessary directories for Openproject docker

sudo mkdir -p /var/lib/openproject/pgdata

sudo mkdir -p /var/lib/openproject/static

Pill and run the docker for OpenProject

========================================================

docker run -d -p 8080:80 –name openproject -e SECRET_KEY_BASE=secret
-v /var/lib/openproject/pgdata:/var/openproject/pgdata
-v /var/lib/openproject/static:/var/openproject/assets
openproject/community:10

========================================================

Be patient, this will take a while to get running ~10 minutes depending on machine and resources.

While you’re waiting, it’s a good time to install Certbot for Nginx LetsEncrypt
 
sudo add-apt-repository ppa:certbot/certbot -y

sudo apt update

sudo apt install python-certbot-nginx

Now let’s setup our Nginx Config for our site:
Nginx config file

openproj.mydomain.com

You’ll save this file in /etc/nginx/sites-enabled/ (remove the default file if it’s there)
====================================================
server {
server_name project.opensourceisawesome.com;

location / {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
proxy_pass “http://127.0.0.1:8080”;
}
}
====================================================

Check the config with

sudo nginx -t

If the check is successful, move to the next step, if not, check the line it’s telling you has an error, and try again.

Reload the configuration with

 sudo service nginx reload

Test your site, and amke sure you can access it at your desired URL. NOTE: this will not be an encrypted site yet…we will set that up next.

Now we’ll get our LetsEncrypt certificate.

sudo certbot –nginx -d openproj.yoursitedomain.com

You should get a success message. If not, read what wentn wrong, and try again. NOTE: You must have an actual domain name, and it must be reachable over the open internet at port 80.

Test the certbot renewal

sudo certbot renew –dry-run

Should be good to go if no errors given.

===Contact Me===
Twitter: @mickintx
Telegram: @MickInTx
Mastodon: http://mastodon.partecipa.digital/ @MickInTX
or at
https://discourse.opensourceisawesome.com

Get a $50.00 credit for Digital Ocean by signing up with this link:
https://m.do.co/c/a6a61ae55242

Use Hover as your Domain Name Registrar to get some great control over you domains / sub-domains:
https://hover.com/SHPaiirr

Support my Channel and ongoing efforts through Patreon:
https://www.patreon.com/bePatron?u=234177

What does the money go to?
To Pay for Digital Ocean droplets, donations to open source projects I feature, any hardware I may need to purchase for future episodes (which I will then give to a subscriber in a drawing or contest).

Comments are closed.

53GB.COM GPTSTORE CPU Yougpt Gptsio Gpt-store-Nav