Versions Compared

Version Old Version 4 New Version Current
Changes made by

Colin Samuel Rosenthal

Colin Samuel Rosenthal

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This page is a summary of the steps we took to get browsertrix-cloud running on-prem in a k3s installation at KB.

...

Code Block
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.12.0/cert-manager.yaml

helm upgrade --install ingress-nginx ingress-nginx --repo https://kubernetes.github.io/ingress-nginx --namespace ingress-nginx --create-namespace

(Possible helm upgrade --install nginx ingress-nginx/ingress-nginx -n ingress-nginx --create-namespace)

Now clone or download browsertrix cloud. We installed from the ansible-k3s branch, but that should soon be merged with main. Change directory to the browsertrix-cloud directory

...

or using the kubernetes dashboard if you have that up and running

NB!!! This stopped working at one point. The confirmation email just went to the login page. Instead I had to go the "Forgotten password" dialogue for the new user, fill that out, and fish the reset-password link out of the logs. This allowed me to set a password for the user, but then he wasn't a member of any organisations. I can't remember exactly how I solved that - I think maybe I was able to log in as myself and invite him to join the orgranisation.

Limitations with Self-signed Certificates

Since this installation is When running with self-signed certificates, there can be problems with some functionality. In particular, we could not at first get replay to work in chrome. We found various workarounds:

  1. Start chrome from the command line with  "--ignore-certificate-errors" and replay one harvest. Quit chrome and start normally. Now it should work for a while.
  2. Use Firefox.
  3. Learn how to install a valid TLS certificate (see below!).
Kubernetes Dashboard

We also installed the kubernetes dashboard on port 8001. To access this at the moment you need to login to the machine and obtain a token:

Code Block
kubectl create token admin-user -n kubernetes-dashboard
Enabling https

Assuming that you got hold of your organisations start-certificate and chain, first concatenate them

Code Block
 cat star.kb.dk.crt star.kb.dk.chain.crt >full.crt

then create a named secret for them

Code Block
 kubectl create secret tls star.kb.dk --key star.kb.dk.key --cert full.crt

Finally in the kubernetes dashboard edit Ingresses → ingress-main by adding in spec:

Code Block
  tls:
     - hosts:
         - btrix-cloud-devel-02.kb.dk
       secretName: star.kb.dk

to add the secret to the ingress.

Enabling Mail

Integration to an external mail server can be set up by adding the following to values.yaml:

Code Block
# Email Options
# =========================================
email:
  # email sending is enabled when 'smtp_host' is set to non-empty value
  #ex: smtp_host: smtp.gmail.com
  smtp_host: "smtp.foo.bar."
  smtp_port: 25
  sender_email: browsertrix@foo.bar
  # password: password
  reply_to_email: user@foo.bar
  use_tls: False
  support_email: user@foo.bar