On Premise Setup

Requirements

To setup a SMASHDOCs on premise installation you will need:

default_logo
brand_logo
email_logo
favicon

Docker engine is required to complete this installation. We deliver our services as docker containers, so this is a prerequisite for running SMASHDOCs. If you do not already have docker installed, obtain docker engine on your operating system of choice.

Docker compose is a required tool to compose and orchestrate the SMASHDOCs environment. If you do not already have docker compose installed, obtain docker compose on your operating system of choice.

Basic Setup

A basic SMASHDOCs installation consists of the following few docker images:
  1. mongo:3.4
  2. redis:3.2.8
  3. smashdocs/nginx:2.0.0.0 A standard Nginx Webserver Version 1.11.3 with an nginx-upload-module and the SMASHDOCs nginx config file
  4. smashdocs/backend:latest The SMASHDOCs Backend which will be used in 4 Docker Containers (Beat, Worker, Backend, Socketserver)
  5. smashdocs/frontend:latest The SMASHDOCs Frontend

To ensure an easy setup of a SMASHDOCs installation, we are providing a docker compose file. This docker compose file will spawn all docker containers which are needed for one SMASHDOCs Instance.

Certificates

SMASHDOCs can only be served via SSL. Therefore you must ensure that your SSL certificates are placed in the the /opt/smashdocs/certs/ folder and are named wildcard.crt and wildcard.key.

If you don’t have signed SSL certificates at hand you can generate a self-signed certificate as follows:

Hint

If you dont have SSL certs and quickly need to create some selfsigned ones try:

$(Host) cd /tmp $(Host) openssl req -x509 -newkey rsa:2048 -keyout wildcard.key -out wildcard.crt -days XXX -nodes -subj “/C=DE/ST=Bayern/L=Muenchen/O=Smashdocs Example/OU=Org/CN=*.smashdocs.local”

$(Host) mkdir -p /opt/smashdocs/certs/
$(Host) cp -R /tmp/* /opt/smashdocs/certs/

Traffic Routing and required webservers

SMASHDOCs is using Nginx to route and to server all the traffic to an installation.

1: Nginx: The “NGINX-Proxy” docker container accepts incoming TCP (Port 4434) and HTTP (Ports 80, 443) traffic and is responsible for the SSL termination. SMASHDOCs ships the NGINX-Proxy with a default nginx.config for easy installation and usage. Some of the properties in the nginx default config will be overwritten with defined the environment variables by the docker entryfile.

2: Frontend The “frontend” docker container serves the frontend HTML, CSS and JavaScript code served by and NGINX

3: Backend The “backend” docker container serves the backend. Both frontend and backend traffic is routed by the NGINX-Proxy

Docker container setup

The docker-compose.customer.yml file is an example docker compose file which sets up a SMASHDOCs Installation which could be available via https://customer.smashdocs.net. If you setup you own SMASHDOCs instance, make sure you change the configuration accordingly to your desired name and URL.

Download: docker-compose.customer.yml

version: '2'

networks:
  customer:

volumes:
  asset-data:
  mongo-data:

services:
  nginx-proxy:
    image: smashdocs/nginx:2.0.0.0
    mem_limit: 256m
    user: root
    restart: always
    volumes:
      - "/opt/docker/ssl/certs:/etc/nginx/certs:ro"
      - "asset-data:/usr/local/data:rw"
    environment:
      - "SSL_CERT=wildcard.crt"
      - "SSL_KEY=wildcard.key"
      - "SERVER_NAME_FRONTEND=customer.smashdocs.net"
      - "SERVER_NAME_BACKEND=customer-api.smashdocs.net"
      - "UPSTREAM_FRONTEND=frontend_upstream"
      - "UPSTREAM_BACKEND=backend_upstream"
      - "UPSTREAM_SOCKET=socket_upstream"
      - "UPSTREAM_FRONTEND_VALUE=frontend:80"
      - "UPSTREAM_BACKEND_VALUE=backend:8080"
      - "UPSTREAM_SOCKET_VALUE=socketserver:8080"
    networks:
      - customer
    ports:
      - 80:80
      - 443:443
      - 4434:4434

  frontend:
    image: smashdocs/frontend:2.0.0.4
    mem_limit: 256m
    user: root
    restart: always
    networks:
      - customer
    environment:
      - "API_URL=https://customer-api.smashdocs.net"
      - "MODE=normal"
    depends_on:
      - nginx-proxy

  backend:
    image: smashdocs/backend:2.0.0.4
    mem_limit: 5g
    user: nobody
    restart: always
    networks:
      - customer
    volumes:
      - "asset-data:/usr/local/data:rw"
    environment:
      - "DATABASE_DATABASE=customer"
      - "DATABASE_ADDRESS=mongodb"
      - "DATABASE_PORT=27017"
      - "API_URL_API_URL=https://customer-api.smashdocs.net"
      - "HTTP_SERVER_ADDRESS=http://customer.smashdocs.net"
      - "HTTP_SERVER_SSL_ADDRESS=https://customer.smashdocs.net"
      - "CELERY_ENABLED=true"
      - "CELERY_BROKER=redis://redis:6379/0"
      - "CELERY_BACKEND=redis://redis:6379/0"
      - "ASSETS_ASSET_ROOT=/usr/local/data/assets"
      - "REDIS_ADDRESS=redis"
      - "REDIS_PORT=6379"
      - "LOCAL_ENABLED=true"
      - 'PROVISIONING_ENABLED=true'
      - 'PROVISIONING_KEY=REPLACE_PROVISIONING_KEY'
    depends_on:
      - nginx-proxy
      - mongodb
      - redis
    links:
      - mongodb:mongodb
      - redis:redis

  beat:
    image: smashdocs/backend:2.0.0.4
    mem_limit: 512m
    user: nobody
    restart: always
    networks:
      - customer
    command: "beat"
    volumes:
      - "asset-data:/usr/local/data:rw"
    environment:
      - "SERVICE_NAME=beat-customer"
      - "SERVICE_TAGS=smashdocs,rest"
      - 'CELERY_ENABLED=true'
      - "CELERY_BROKER=redis://redis:6379/0"
      - "CELERY_BACKEND=redis://redis:6379/0"
      - 'CELERY_BEAT_SCHEDULE_PATH=/usr/local/data/celery/smashdocs_beat_schedule'
    depends_on:
      - redis
    links:
      - redis:redis

  worker:
    image: smashdocs/backend:2.0.0.4
    mem_limit: 512m
    user: nobody
    restart: always
    networks:
      - customer
    command: "worker"
    volumes:
      - "asset-data:/usr/local/data:rw"
    environment:
      - "DATABASE_DATABASE=customer"
      - "DATABASE_ADDRESS=mongodb"
      - "DATABASE_PORT=27017"
      - "API_URL_API_URL=https://customer-api.smashdocs.net"
      - "HTTP_SERVER_ADDRESS=http://customer.smashdocs.net"
      - "HTTP_SERVER_SSL_ADDRESS=https://customer.smashdocs.net"
      - "CELERY_ENABLED=true"
      - "CELERY_BROKER=redis://redis:6379/0"
      - "CELERY_BACKEND=redis://redis:6379/0"
      - 'CELERY_BEAT_SCHEDULE_PATH=/usr/local/data/celery/smashdocs_beat_schedule'
    depends_on:
      - mongodb
      - redis
    links:
      - mongodb:mongodb
      - redis:redis

  socketserver:
    image: smashdocs/backend:2.0.0.4
    mem_limit: 5g
    user: nobody
    restart: always
    networks:
      - customer
    command: "backend_socket"
    volumes:
      - "asset-data:/usr/local/data:rw"
    environment:
      - "DATABASE_DATABASE=customer"
      - "DATABASE_ADDRESS=mongodb"
      - "DATABASE_PORT=27017"
      - "DATABASE_MIGRATIONS=false"
      - "API_URL_API_URL=https://customer-api.smashdocs.net"
      - "HTTP_SERVER_ADDRESS=http://customer.smashdocs.net"
      - "HTTP_SERVER_SSL_ADDRESS=https://customer.smashdocs.net"
      - "CELERY_ENABLED=true"
      - "CELERY_BROKER=redis://redis:6379/0"
      - "CELERY_BACKEND=redis://redis:6379/0"
      - "ASSETS_ASSET_ROOT=/usr/local/data/assets"
      - "REDIS_ADDRESS=redis"
      - "REDIS_PORT=6379"
    depends_on:
      - nginx-proxy
      - mongodb
      - redis
    links:
      - mongodb:mongodb
      - redis:redis

  redis:
    image: redis:3.2.8
    mem_limit: 512m
    user: redis
    restart: always
    networks:
      - customer

  mongodb:
    image: mongo:3.4
    mem_limit: 5g
    user: root
    restart: always
    networks:
      - customer
    ports:
      - 27017
    volumes:
      - "mongo-data:/data/db:rw"
    environment:
      - "SERVICE_NAME=customer-mongodb"
      - 'SERVICE_TAGS=mongodb'
    command: "--storageEngine wiredTiger"

External Database Setup

SMASHDOCs can be used with an existing MongoDB Database Server. In this case the dependencies in the example docker compose file above need to be removed.

The following environment variables can be used in :

  • Backend
  • Worker
  • Socketserver
Name Type Description
DATABASE_ADDRESS String Database Address (default: 127.0.0.1)
DATABASE_PORT String Database Port (default: 27017)
DATABASE_USER String Database User (empty string for no authentication)
DATABASE_PASSWORD String Database Password (empty string for no authentication)
DATABASE_DATABASE String Database Name (required)

E-Mail Server Setup

For your own SMASHDOCs installation you can use your own SMTP server to send emails to your customers. The following environment variables can be configured in

  • Backend
  • Worker
Name Type Description
EMAIL_SMTP_SERVER_ADDRESS String E-Mail SMTP Address (default SMASHDOCs Mail Server)
EMAIL_SMTP_SERVER_PORT String E-Mail SMTP Port (default 587)
EMAIL_SMTP_USERNAME String SMTP Username (empty string for no authentication)
EMAIL_SMTP_PASSWORD String SMTP Password (empty string for no authentication)
EMAIL_STANDARD_EMAIL String Sender E-Mail Address (default: no-reply@smashdocs.net)
EMAIL_STANDARD_FROM String Sender E-Mail Display Text (default: SMASHDOCs Team)

Step 1: Prepare the configuration

Copy the Docker compose example setup file from above and place it to your hosts file system as /opt/docker-compose/docker-compose.smashdocs.yml.

The example configuration contains the domains

smashdocs.example.com smashdocs-api.example.com

These should be changed to reflect your environments needs.

$(Host) sed -i -- "s/customer.smashdocs.net/smashdocs.yourdomain.net/g" /opt/docker-compose/docker-compose.smashdocs.yml
$(Host) sed -i -- "s/customer.smashdocs.net/smashdocs-api.yourdomain.net/g" /opt/docker-compose/docker-compose.smashdocs.yml

Step 2: Replace the Provisioning key

SMASHDOCs has a Provisioning API (provisioning.html) which can be used to configure a SMASHDOCs installation. The provisioning key is a random key a partner can choose by himself and enable/disable to his needs.

For security reasons we advice to enabled the Provisioning API only if needed

In this example setup the provisioning key is generated using a python expression piped by sha256sum and written to the ``PROVISIONING_KEY` env variable

$(Host) export PROVISIONING_KEY=`python -c "import random; print random.randint(5,1000000)" | sha256sum | awk '{print $1}'`
$(Host) sed -i -- "s/REPLACE_PROVISIONING_KEY/$PROVISIONING_KEY/g" /opt/docker-compose/docker-compose.smashdocs.yml

Step 3: Select the Frontend MODE

SMASHDOCs can be run in 2 different modes: Standalone and Partner mode. 1. In Standalone mode (config variable "MODE=normal") a user can create an account and login. The user will see a document list and can create and open documents 2. In Partner mode (config variable "MODE=partner") the system can only be accessed via the Partner API

frontend:
  ...
  environment:
    ...
    - "MODE=normal"
    - "MODE=partner"

Step 4: Authenticate with Dockerhub

This step requires a contract with SMASHDOCs. The containers required to run a SMASHDOCs environment are contained in a protected private registry. Please contact SMASHDOCs if you require authentication.

$(Host) docker login --user <partneruser> --password <partnerpassword> https://index.docker.io/v1

Step 5: Run the docker compose file

On the host system run the following

$(Host) /usr/local/bin/docker-compose -f /opt/docker-compose/docker-compose.smashdocs.yml -p smashdocs up -d

Wait until all docker containers are spawned. See running docker containers using

$(Host) /usr/local/bin/docker-compose -f /opt/docker-compose/docker-compose.smashdocs.yml -p smashdocs ps

Any changes to the compose file will be rerun on the specific parts of the configuration on consecutive executions. Docker compose will restart the changed service and dependant services.

Step 7: Configure the DNS

The domain names chosen above are required to be resolvable from hosts using the SMASHDOCs system. For different customers this step will be quite different. SMASHDOCs consultation can be acquired.

Multitenancy

SMASHDOCs supports multiple tenants on one installation. Each tenant in SMASHDOCs is called Organization and can be created and updated by the Provisioning API: provisioning.html

Redundant Setup

please contact us