Deployify for Docker

on Ubuntu. 

sudo curl -L https://raw.githubusercontent.com/deployify/install-docker/master/extractor.txt | sudo bash -s mydomain.com

 

How to install Deployify server on Ubuntu 18.x LTS and above

Install Deployify with one command. You don't have to know anything about Linux/Ubuntu to install and use Deployify.

Preparations:

In this example, the domain name is mydomain.com.

  • In the domain settings panel, add these subdomains and point them to your internet IP address:
    app.mydomain.com
    api.mydomain.com
  • In your router, forward port 80, 81 and 443 to your server IP address. Port 81 is for generating Let's Encrypt certs.
  • Wait for DNS records to be updated globally before running the install command, otherwise creating SSL certs will fail. You can use mxtoolbox.com to see if the IP address is updated. If failed, the server will try to create certs again on docker/server restart.
     

Installation:
 

sudo curl -L https://raw.githubusercontent.com/deployify/install-docker/master/extractor.txt | sudo bash -s mydomain.com

There's no problem to run the install command multiple times, even with a different domain name (e.g if you misstyped the first time).

Yeah, that's it. Like magic.

You should now be able to go to http://app.mydomain.com and sign up your first account and claim the Global admin role. If SSL cert creation was successful, the server will redirect your browser to https.

Sources:

 

Now what?
 

Deployify with Docker hosting should just work, but to be able to understand more about the installation, what to do next, and what can be done in case of a problem, there's extra information in this section.
 

Your data lives here:

# Deployify data location
/var/lib/deployify

 

Global settings:

To change the global server settings, you first have to claim the global admin role. Read more about global settings and global admin here.

SSL:

If all is good and the domain is reachable from internet, then the proxy container will attempt to generate the SSL certificates for the subdomains listed in the preparations section.


Backup and restore:

First, make sure that you have the latest backup binary.

# download latest backup binary
cd /var/lib/deployify/
curl -L github.com/deployify/install-docker/raw/master/backup-linux -o backup-linux


Create backup:

# backup
sudo /var/lib/deployify/backup-linux backup


Restore backup:
If not already installed, install Deployify properly before restoring a backup (follow the install instructions above).

# restore backup
sudo /var/lib/deployify/backup-linux restore {input-file}


Restore a backup that  was created from another installation alternative, like Windows (migrate to the newer database engine):

  1. Restore the backup, and then wait about one minute before proceeding to the next step.
  2. Stop DB container and API container. 
    # stop api and db containers
sudo docker stop deployify_neo4j 
sudo docker stop deployify_api
  3. Download the migration script (anywhere), and run the script. Wait until the database is migrated and started (will be printed out). 
    # download and run migration script
curl -L https://raw.githubusercontent.com/deployify/install-docker/master/scripts/migrate_neo4j_4.0.0.sh -o migration.sh
sudo chmod 700 ./migration.sh
sudo ./migration.sh
  4. Press ctrl+c to end the script. Now, run the initiation script. 
    # reload all docker containers
cd /var/lib/deployify/scripts
sudo ./init.sh

 

Done.

Optimize database memory:

Sometimes Neo4j need optimized memory configuration to run well. For example if the database is large or the computer doesn't have a lot of memory, Neo4j can fail to start.

The simplest way is to just run the installation command. That's it. But if you want to do this manually you can follow the instructions below.

First, make sure that you have the latest backup binary.

# download latest backup binary
cd /var/lib/deployify/
curl -L github.com/deployify/install-docker/raw/master/backup-linux -o backup-linux


Then run this command:

# optimize database memory configuration
cd /var/lib/deployify/
sudo ./backup-linux optimize-database


It should all be done here, but if that command would fail for some reason (if Neo4j doesn't start for example), then you can try to run this command instead:

# optimize database memory configuration
# change 2 to your computers RAM size in GB
cd /var/lib/deployify/
sudo ./backup-linux optimize-database 2

 

Rerun this if the RAM size is changed, or after a while when the database size has grown.


Auto update:

The host is running a script once every 24/h that pulls Deployify images from the Docker hub (only downloading if a new is found), and if a new image was pulled, an initiation script executes. The initiation script is named init.sh and reloads the docker containers for Deployify. The script can be found here:

# script that reloads containers 
/var/lib/deployify/scripts/init.sh


This feature only updates the Docker images and reloads the containers, but does not perform a full installation like the installation script does.

An automated backup is always performed before updating the Deployify containers, and can be found here:

# automatic backup location
/var/lib/deployify/backups


You can disable the auto update service with this command:

# disable auto update service
sudo systemctl stop deployify-updater
sudo systemctl disable deployify-updater


This script is looking for updates and is triggered by the auto update service above:

# update script, triggered by deployify-updater service
/var/lib/deployify/scripts/auto_updater.sh

 

Unseal Vault from Deployify website manually:

The Vault is basically an encrypted user database. The passwords  stored in the user database is already hashed with salt, but the function of the Vault is to encrypt the whole database.

Vault must be "unsealed" before consuming data is possible. This is already automated when the server starts, but if you want to do this manually, you can. Why you may ask? Because the database cannot be read without the decryption keys (if stolen).

Anyway, this is how to do it:

1. First, enable this feature in the global settings (check webUnsealEnabled).

2. Then move the key file to a safe location (not on the server).

# Vault keys location
/var/lib/deployify/data/vault/keys.json

The keys.json file will look something like this inside:
["asd98er0rt908df09ds09sdf", "12390a8sd90re908waasd098", "sad45fdewr897e89ga", "54098etrgfbv09834"]

3. Now, if you restart the server, the website will ask for keys to unseal the vault. Take each key (without quotations) and paste them in the form on the Deployify website. One key per row.

4. Click "Unseal".
 

Basic Docker  commands
 

Good-to-know commands.

# list all containers
sudo docker ps -a
# show current log
sudo docker logs {container name/id}

 

Uninstallation:


Stop auto updater and remove Deployify from Docker:

# stop auto updater
sudo systemctl stop deployify-updater
# disable auto updater
sudo systemctl disable deployify-updater
# stop all deployify containers
sudo docker stop deployify_api
sudo docker stop deployify_site
sudo docker stop deployify_proxy
sudo docker stop deployify_neo4j
sudo docker stop deployify_vault
sudo docker stop deployify_management
# clean all deployify related from docker
sudo docker prune --filter "label!=deployify"


Remove all Deployify data, including backups:

# WARNING! this will delete all deployify data, including automatic backups
sudo rm -r /var/lib/deployify