-
Notifications
You must be signed in to change notification settings - Fork 826
Notes on installing on Ubuntu 18.04 (Amazon Lightsail)
I have had some success getting things working on Ubuntu 18.04. I haven't tried all services but have mail and roundcube working so far on Amazon Lightsail. Owncloud is running too but I haven't tested connecting clients yet. I also haven't upgraded roundcube yet; the version installed by the playbooks is from ~2017.
Dovecot and roundcube were challenging - see https://github.com/sovereign/sovereign/issues/796
https://github.com/sovereign/sovereign/issues/802
You'll need to make the config changes outlined in the above thread
You need to open ports in the Lightsail console as well as on the box itself within Ubuntu. That is probably also the case for DigitalOcean and others.
Rough List
53 ALLOW Anywhere (DNS)
60000:61000/udp ALLOW Anywhere (Mosh)
80/tcp ALLOW Anywhere (http)
443/tcp ALLOW Anywhere (https)
22/tcp ALLOW Anywhere (ssh)
25/tcp ALLOW Anywhere (SMTP - outgoing?)
465/tcp ALLOW Anywhere (SMTPS)
587/tcp ALLOW Anywhere (MSA - mail related)
993/tcp ALLOW Anywhere Dovecote -IMA
995/tcp ALLOW Anywhere Dovecot -IMAP
6697/tcp ALLOW Anywhere (IRC)
1194/udp ALLOW Anywhere (Open VPN)
Amazon Lightsail box is 1 GB RAM, 1 vCPU, 40 GB SSD ($5 / month)
Make a swap file for 1024 MB - composer could not allocate memory without this. Google for instructions on creating a swapfile on Ubuntu 18.04. You may see memory errors during deployment otherwise. It's also good practice.
Note that I haven't installed git, xmpp or tarsnap so I don't know if they work. I have also only tested roundcube and the mailserver so far (Edit - owncloud also works fine with mobile clients)
Here is the list of stuff I had to change:
- I had to update the letsencrypt api url to acmev2 in the playbooks
- I was using Ansible 2.10 - updated all state=installed to state=present in all playbooks
- Rename all occurrences of tomcat7 to tomcat9 but leave user and group as tomcat (you'll need to search and replace in the playbooks)
- I've installed Php 7.2 - many of the playbooks specify php5. It's ancient. Ubuntu will install PHP 7.2 (at time of writing)
- PHP no longer has mcrypt by default so needs to be manually compiled and added to php.ini
- https://lukasmestan.com/install-mcrypt-extension-in-php7-2/
- Need to install php-mbstring
Some php extension names have changed:
- Php-zip
- Php sqlite is now php-sqlite3 (check all names and all added extensions)
- I think I had to add php-tidy too
If using ssh specify —-private-key when running playbook or add it to an ansible inventory file.
Sudo su to get root on lightsail for restarting some services
I had to edit authorised_keys for the deploy user (copy contents of the ubuntu user’s authorised_keys file)
Remember to look in system log files for the individual services & apps e.g. /var/www/roundcube/logs/errors and /var/log/mail.log for errors relating to sending and receiving email.
Not working:
Dovecot needs some attention - see last comment https://github.com/sovereign/sovereign/issues/796 Monitoring of tomcat. See https://github.com/sovereign/sovereign/issues/802
ZNC - config didn't get copied over correctly it seems.
https://launchpad.net/~teward/+archive/ubuntu/znc contains more up to date versions. ZNC did not install correctly when I ran the playbooks. Have not investigated but this should get you further:
sudo add-apt-repository ppa:teward/znc
sudo apt-get update
sudo apt-get install znc znc-dbg znc-dev znc-perl znc-python znc-tcl
The above would need to be added to the znc task.
News - Selfoss index page shows 'an error occured'. Have not investigated further.