This page is a summary of the steps we took to get browsertrix-cloud running on-prem in a k3s installation at KB.
...
Limitations with Self-signed Certificates
Since this installation is When running with self-signed certificates, there can be problems with some functionality. In particular, we could not at first get replay to work in chrome. We found various workarounds:
- Start chrome from the command line with "--ignore-certificate-errors" and replay one harvest. Quit chrome and start normally. Now it should work for a while.
- Use Firefox.
- Learn how to install a valid TLS certificate (see below!).
Kubernetes Dashboard
We also installed the kubernetes dashboard on port 8001. To access this at the moment you need to login to the machine and obtain a token:
| Code Block |
|---|
kubectl create token admin-user -n kubernetes-dashboard |
Enabling https
Assuming that you got hold of your organisations start-certificate and chain, first concatenate them
| Code Block |
|---|
cat star.kb.dk.crt star.kb.dk.chain.crt >full.crt |
then create a named secret for them
| Code Block |
|---|
kubectl create secret tls star.kb.dk --key star.kb.dk.key --cert full.crt |
Finally in the kubernetes dashboard edit Ingresses → ingress-main by adding in spec:
| Code Block |
|---|
tls:
- hosts:
- btrix-cloud-devel-02.kb.dk
secretName: star.kb.dk |
to add the secret to the ingress.
Enabling Mail
Integration to an external mail server can be set up by adding the following to values.yaml:
| Code Block |
|---|
# Email Options
# =========================================
email:
# email sending is enabled when 'smtp_host' is set to non-empty value
#ex: smtp_host: smtp.gmail.com
smtp_host: "smtp.foo.bar."
smtp_port: 25
sender_email: browsertrix@foo.bar
# password: password
reply_to_email: user@foo.bar
use_tls: False
support_email: user@foo.bar |