Technical Deficit Episode 1: Hudu Self-Hosted Installation on Digital Ocean

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] hey oit fam welcome to our first ever episode of technical deficit with rey and friends each of these episodes we're going to be tackling a different technical challenge of something that comes up in the msp community well documentation is probably first and foremost of the conversations that are being had right now if you're following the reddit sub you probably noticed there are recent conversations on it glue versus hoodoo versus all the other options and i'm not going to argue which one's better worse that's that's not what this is for this is purely to talk about the installation options available if you're going to use hudu now i've been watching hudu for the past year or so uh with great interest it had a lot of things i liked it had good pricing it had self-hosting ability as well as a cloud option it had a very frequent dev cycle i kept watching and i kept seeing frequent releases with meaningful updates um i'm not going to mention any names but we've seen out there where you're not always getting real updates every time there's some kind of software release with who do that's not the case so about a week and a half ago i decided i was going to take the dive in and i wasn't happy with our current document management solution and i said let's give huda a try i talked to some users who gave me glowing reviews they said they were having a great time using it uh no real complaints about it um i've talked to jacob and the team over the past year i've used support myself over the past week and a half they've been very responsive and very willing to work with me and even when i asked for things that weren't in the package today their answer was let's try doing this let's try doing that and if you still need it let's talk about getting it incorporated into a future release that's the kind of attitude i'm looking for when i'm selecting a vendor especially something as important as documentation so with that because it's self-hosted and the recommendation is to host it on linux that might not be in the skill set of every one of the msps out there but i want to make sure you guys have access to this so with that in mind i decided let's go ahead and do a how-to video let's go ahead and i think our first episode of getting this installed we're going to use digitalocean today but i'm going to show you you can do this on vulture you can do this on aws there's tons of other options you're not tied to it at the end of the day it's just a linux instance running docker also a technology which i love means it's transportable to nearly everything it's fantastic excellent design choice by the way but we're going to do it on digitalocean for a couple reasons one it's one of the most commonly used two if you sign up digitalocean will give you a 100 trial for 60 days you put in a credit card but they don't charge you anything and three the steps are really easy i think if you're going to get involved in this digital ocean is probably the first place a lot of you are going to go if you want to see some of these videos on aws or lenode or vulture or something else or even your own ubuntu instance the steps are going to be nearly identical with the exception of api keys or object storage but reach out to me hit me up in the comments shoot me an email and i'll absolutely do those videos too because if it's important to you it's important to me but without with uh without much further ado let's get started so here one of the things you would expect from a documentation company is that they're going to have a documentation for how to install it right and they absolutely do i will include these links in the comments uh in the description of the video but self dash hosting.usehudo.com and you have here a list of everything you need to get done um including with a nice little overview uh things like you know your cloud environment setup if you're going to do this you can do this in your own environment right if you're doing a vm or esxi hyper-v whatever you're running doesn't matter we're going to do this cloud because that's the most widely applicable to the audience right there's going to be a few things you need you're going to need your smtp credentials for whatever email server you're going to use you're going to need some object storage and we'll get into what that is it's not that complicated but we'll get into it of course you're going to need to set up dns you're going to have dns pointed to your ip address that's used by for a couple reasons one it's used to access your instance but two it's also used with uh it's also used with let's encrypt let's encrypt let's uh hudu establish an ssl certificate and renew it using certbot or whatever tool they're using and it lets it do it on a regular regular schedule so you're always accessing your documentation over ssl which i don't need to tell the the msp community why that's so important so we're going to go to the cloud environment setup and we're going to look at these steps it's going to be a vm with at least four gigs of memory at least one vcpu they recommend ubuntu 18 as the os we're going to use 20 and i'll tell you why in a minute they don't support windows i will tell you one of the benefits of docker is that it's transportable you can run it on nearly anything however this is a commercial application you're going to want to have support for make sure you're following the guidelines of of the vendor so we're going to go over here and we're going to go to create and we're going to create a droplet now you could simply do ubuntu pick your version 18 or 20 and pick your droplet size um and that would install ubuntu and then you'd continue down the process of making your directories installing docker ce installing docker compose that's not a big deal i personally found in one of my previous instances of doing this that there's some dependency issues with docker compose with the current version and you actually had to go back and use one two seven instead of one three one or whatever it is just to avoid all that we're going to take advantage of digitalocean's marketplace the marketplace has a bunch of apps that are already pre-made now you can actually see dockers right here docker190312 using ubuntu 2004 so we're going to select that to make our lives easy it's just taking care of those two steps i showed you now again we're going to need the one that has at least four use of ram in digital ocean that's the 20 droplet uh we're under the trial so it shouldn't really affect you too much i will tell you i have gotten hudu to work with the five dollar droplet by creating a swap file with a four gig swap file however that is not officially supported by hudu so if it doesn't work don't complain to them i will do another technical deficit video showing how to do that because i think it's a good skill set to have and understand how it works and just as a proof of concept but for this demonstration we're actually going to go ahead and use a 20 droplet now when selecting the data center region you want to select the one that's closest to you and that's simply because you want to have low latency i'm on the east coast i'm going to go ahead and pick new york three whether it's new york one or three i don't think it really matters i'm going to use ssh keys i already have mine saved here on digitalocean you can use a password if you don't want to use ssh keys however i strongly recommend using ssh keys if you can definitely more secure go down here we're going to pick a host name i'll do hoodoo demo uh oh one and then that's just going to be the the linux hostname that doesn't really affect anything and then if you want to add any tags we're not going to and if you want to enable backups you definitely want a backup strategy now hoodoo does have documentation for this i'll show you where later if you use the the digitalocean backups just keep in mind they're only once a week so that's not the best thing i choose to back up a different way so we'll go ahead and create the droplet that'll get running so as that's running it only takes a few minutes it's actually a few seconds it actually happens really fast we're going to go ahead and get started on our spaces on the spaces over here that's the storage spaces so we're going to create spaces again we're going to pick the one closest to us in this case you only have new york three there's no new york one we're going to restrict file listing this means anybody that browses over to the public uri of your spaces they're not going to be able to list the contents they have to know what they're looking for we're going to pick a name hoodoo demo and then some random numbers and then you're going to see it's going to populate a url down here on the bottom this is always going to be your region.digitaloceanspaces.com it'll have what's called your bucket name right here now this is important because we're going to use it later and i'll show you where create the space that one actually gets created very very fast i think we our droplet is already ready to go so there we go we have our hudu droplet i'm going to take advantage now and i'm going to create my dns entry so let's get that going all right so and then the last thing uh we're going to need our api keys but i'm going to leave that for for last so the next step here we're going to have is we're going to need to create our environment file now the environment file is pretty easy [Music] we're going to go here i know it's listed here it's this step 8. like i said i'm going to be doing this a little bit out of order i'm doing it where it makes sense so i'll open this in a new tab and let's start populating this so your sub domain you should already have selected what your subdomain is i'm going to use hoodoodemo dot oitdemo.co that's going to be what we're using here for our bucket we will go over here and i will have my spaces now the bucket name is this part here whatever you named your bucket so we're going to enter that here the region is going to be whatever region you have it that's that nyc3 so let's enter nyc3 if you're using amazon s3 for this you actually don't have to you do have to add the region there you don't have to add the endpoint the endpoint is going to be this part here nyc3.digitaloceanspaces.com and you do have to put https all right um and hoodoo has excellent docs on this stuff they tell you how to do it for amazon s3 for digital ocean spaces including how to get the api key which we're going to do next so the next thing we're going to do is go back to digitalocean down here on the bottom left the last option is api you're going to skip this section you're going to go down to spaces access keys these are very important these api keys are going to give access to be able to upload and download files from your object storage so you want to be careful with it we're going to give you a name hoodoo demo again i like creating random name random numbers it doesn't affect anything on the naming here it's just a name for reference um you're gonna copy this key and we're gonna put in the environment uh in the access key and we're gonna copy this secret and we're going to put it in the access key secret now you want to document this because once you're off this page if i go to billing and i come back here i will not be able to see that secret again okay so be careful with that you can go back and you can regenerate a key you get a new key and a new secret but you'll never be able to see that secret again so be careful that you document everything you have here now for the smtp domain we're going to use oitdemo.co which is what we use for uh which is what we use for these demos for the let's see here for our smtp address i'm going to use smtp.postmarkapp.com i like postmark app you can use sendgrid mailgun ses whatever smptp to go whatever you want use 587 the username and the password for smtp to go and this is going to come from hudu oitdemo.co easy enough now when you do all that it's going to create this environment file it's going to create the contents of it this is very important information this you want to actually save in somewhere some repository save it wherever you back up your important files your ssh keys and whatever else make sure you have that there you should be good all right so now that you have this let's go back we have this and we've done dns records we have our object storage we have our smtp server we have our server and we created i already created the a record for hoodoodemo.oitdemo.co now let's ssh in so go ahead and grab my favorite ssh client actually my favorite ssh client is moba x term i just don't want to open all that fun stuff so i'll do root at hoodoodemo.oitdemo.co so now that we're in there's a few things we need to do we don't have to worry about installing docker ce or docker compose that's taken care of what i do want to do however is the first thing i do on every brand new server i'm going to app get update now i'm going to update my repositories make sure they're up to date and i'm going to app get an upgrade i'm going to make sure all my repositories are upgraded um you're going to this is self-hosting this should go without saying but it's very very important that you're going to be maintaining your servers so if you don't want to maintain your servers talk to jacob and the hoodoo team i know they had a cloud hosted option at some point or work it out with somebody that already has this so i got my app get update and now i'm going to do my apt-get upgrade and the upgrade is actually doing the upgrade of those files now if this is a production server when i'm doing my upgrades i'm going through and i'm paying attention to what it's actually upgrading it's quite a few things because it's a brand new server in this case i'm going to hit yes let it upgrade everything because it's a demo server i don't care now keep in mind app get does check dependencies it does check the status of those files and the versions and make sure everything works well together so it's not the end of the world um but in production especially keep in mind we manage a very large voice network we only upgrade exactly what we want to upgrade so we go for specific packages you know and obviously you're going to want to do your snapshots or whatever else you're doing digitalocean makes that very very easy to do so it's not not a big deal so this is going to go through upgrading each of those things you can see there's quite a few packages this is something you want to put on some kind of schedule right you want to do it once a month or whatever it is you know what works for you also hoodoo you're going to have to do maintenance upgrades with them as well i'll take advantage and talk about that now while this is going on um the cool thing is from what i've seen over the past year and change hoodoo's been very communicative of what updates or what releases come out and when you need to update one of the things i love about docker is it's very easy to do if you go down here on this page maintenance of your hudu instance it's as simple as taking down your docker pulling down the all the updates from their from the repository bring it back up you're done um so not a big deal if hoodoo also while we're talking about this hoodoo is going to run its ssh it's ssl certificate renewals so it's not something you have to worry about but if something happens they give you the documentation how to do it uh using let's encrypt which is pretty awesome tells you exactly what you want to back up how to restore from a backup it's all pretty simple not a big deal um they even talk about scaling which is nice they talk about the number one thing that slows down your your instance is memory as you as you grow so just keep that in mind you know what i mean you don't want to even though i'm going to have that other video with the swap file and all that fun stuff you definitely want to have um you definitely want to have the resources you need one gig may be fine for the beginning but as you start to add stuff definitely increase your resources now the cool thing is digitalocean does let you increase resources as you need um they do not let you go the other way you can't go from bigger to smaller that'll that'll mess some stuff up so you definitely don't want to do that so just keep that in mind this should be wrapping up fairly quickly i think this is at the end of these updates so we should be good to go okay so this is something the resolver file is what's used for dns this is one of those cases i'm not actually going to let it overwrite my file i'm going to keep my current installed version so i'll hit no and i think that's one of the last things so all right so once you see your you're back at the prompt you can go ahead and get started so the next thing we're going to do is we're going to follow this step 5 here creating that directory for hoodoo 2. so let's go ahead and make dur spell it correctly tild hoodoo too then we'll go ahead and get to that directory and then we're going to get this file this dockercompose.yaml let's see here place file docker compose.yaml the contents can be found here so there's a couple ways to do this you could download the file to your local pc and then ftp it over or when sap or whatever you want to do i'm just going to do an easy command w get and i'll paste in that url and it'll copy the file and you can do an ls and you see it's there next thing you're going to want to do is you're going to want to take your env file and post it in there remember that env file is here all this content is here so i will go ahead and copy and then again you can save the file locally which you should have a copy saved locally and then when scp or ft sftp or whatever you want to do i'm actually just going to use nano and i'm going to create it for those of you windows admins that haven't done linux a lot a dot file a file that begins with dot is a hidden file so we're going to create a file called dot env i know you're used to seeing file name dot extension linux doesn't care and now honestly windows doesn't care either it's just use the extension for the file associations for what apps to open or whatever to do with the file but the dot env file is perfectly valid it's very common when you're creating applications apis scripting to create to store your variables and or all your data all your keys and stuff in there it's pretty commonplace so we're gonna use nano which is basically notepad for linux please don't comment telling me how vim is better or vi or whatever else i don't care i like nano that's where i'm comfortable so it's notepad there you go i will paste in here and that has all my information in nano you're going to do control x yes to save and then hit enter and now that file if i do ls you're not going to see it it's a hidden file like i said if i do ls hyphen a you will see the env file it's right there so now that that's there the next step is the one that's going to take a while this docker compose up and i want to take a second because i want to talk about docker and i'll do it while this is happening so docker compose up so this is going to do a lot of things this is actually running that yaml file that docker where is it here that we downloaded it [Music] this dockercompose.yaml file that file is actually giving a list of instructions on what to do that's saying i want to run this i want to pull down and install this redis database i want to pull down and install this postgres database i want to pull down install let's encrypt and i want to do the same thing i'm going to create an app called hudu and download the package and run it and it's going to have these dependencies it's going to restart if there's an issue it has all of these instructions and while that's happening i can actually go ahead and start another instance of git bash so you can read it now one of the things i want to go ahead and bring up here is these instructions while it's doing this this is probably the most frustrating part now when you see pool that's it's downloading from the cloud repositories right pulling the app one of the most frustrating parts of these installations is with who do i've seen it can take upwards of 10 or 15 minutes each time you do this all right there's plenty of times where it looks like it froze or you see nothing happening i promise leave it alone it's working okay and i'll show you what to look for and how to do that um and there you see it's running getting red as it's getting let's encrypt it's doing a bunch of stuff it's telling you here it's going to take a long time it's going to take a long time for a lot of stuff so we'll go ahead and ssh in while that's happening and the server is working and we'll get into that hoodoo 2 folder and that file let's clear up that file and we'll move this over here so you can still see what's going on but let's go here i want you to be able to understand what those docker files are they're actually really cool so let's go ahead and cat that docker file and this docker file is actually a list of instructions telling docker what to do that's one of the most so powerful things about docker if you've done aws lambda it's it's the same thing lambda itself is not a server it's just taking a series of instructions and doing a bunch of things with it which is awesome um it's getting postgres it's getting redis uh it's downloading hudu using the latest version of hudu is telling it where to store files what volumes to create so it's doing all this and this is how it knows it even tells it what ports to use this is how it knows what to do and i think that's one of the most wonderful things about hoodoo selecting docker is the the environment to do this in because these instructions can apply in many many environments can or operating systems right this can run on ubuntu this can run on centos this can run on windows this can run on now i'm saying docker can run on windows i'm not saying hoodoo can run on windows okay so i want to be clear on that but with that said it is one of the very cool things uh they can that is about docker so this will keep going um this doesn't tell you hey i'm finished okay the best i can tell you is open a web browser go to hoodoo demo or whatever your thing is and when you see this it's done when you see that web page it's done okay which is awesome you're not finished with the installation process but you're finished with that step okay so the next thing you're going to do is now we're going to need to install our ssl cert so we're actually going to bring down docker and again that's actually pretty simple it's not a not a big deal you can control c that'll go ahead it's gracefully stopping it's not forcing anything it'll give you status updates and this is one of the cool things if you break the install process right this is one of the things where you can feel comfortable if you break the install process because it's based on a series of instructions when you bring it back up it's aware of itself it will try to pull down everything again and it'll say i'm missing this i have this ignore it don't pull it down again i need another copy of this because the copy i have is no good it makes it that much more that much more resilient so you don't have to worry about these things so let's go ahead and and navigate over here cd var www hoodoo config nginx which is the web server and then cite the configuration file in there there's going to be that default file that's right here right and again windows admins don't worry that it doesn't have an extension so we're going to remove that default file rm is removed so if we do ls again it's gone we're going to replace it with the one that's here so let's go ahead and copy that link address and now we're going to do wget we're going to paste if you're in putty just right click is paste i'm using git bash so i have to right click i have a context menu um but if you're used to using putty which is probably what ninety percent of all other id professionals you do don't sweat it uh don't worry about like you don't have a context menu so now the file is there we check we're going to make sure that the contents are populated which they are and we're going to go back to our hoodoo file and let's clear this window up because it's a little too much now at this point you're ready to bring up docker so now you're ready for the production version of docker you're ready to have it you know hit the ground running so the instructions say docker compose up and i'm not doing sudo because i'm already logged in as root you can see that here um not best practice best practice login as a user and then you know sudo to get to you know whatever you need to do but i'm just doing the default installation so we're not going to talk there then i'll i'll give some wrap up comments also about security when we're done here so but what we're going to do is we're going to do docker compose up hyphen d so the reason i do it is this docker hyphen compose is the docker composer it reads files it does what it's supposed to do when i say down it tears down the servers when i say up it brings up the servers so if i do docker ps that's going to tell me all the running servers right now and as you would expect there are no running servers so if i went docker compose up it would start to run all that script again but it would run the script in the session that i'm logged in if i close a session we're going to have a problem that's not what i want so i'm actually going to type hyphen d hyphen d is going to detach the commands from the session that i'm running it's going to run it as the system so docker is actually going to be running the system now here's the downside to this you're going to see a bunch of done and you think it's done and it's not if i go over to our server and i refresh i'm going to get that bad gateway okay that's fine it's doing what's supposed to so what i need to do to see what's going on is i'm going to do docker compose logs hyphen t hyphen f okay docker compose those are the docker composer commands logs will say even though this is running as the system let me see the logs let me see what's happening and then the hyphen t hyphen f uh just some flags and this is all the stuff that it was doing remember the first time i ran docker compose up it was doing all this you saw it all so you know it's doing the same thing it's just it's doing the back end you're going to see a lot of these errors and stuff don't worry about it you're going to see a lot where it says compiling and it looks like it's stuck right don't worry about it even with the proper resources the first couple times i did this it took between 8 and 15 minutes each time that's normal it looks like it's frozen that's normal leave it the best thing i can tell you go over here to your domain to your web browser just keep refreshing do it every couple minutes don't don't go crazy on this so it'll keep going don't worry about it what i would do is every couple minutes go into here and just check to make sure that your um check to make sure that you know it's it's scrolling down when you hit enter that you want it to do um that you want it to do because you want to make sure that you know the session's still connected so it's very straightforward not a big deal so let's go here you see it's still in that compiling stage and if i go here i'm still probably going to see a bad gateway don't sweat it it looks like that until eventually you get a sign up screen that'll tell you put your name in put your email address put your company name that's what we're looking for so i'm gonna go ahead and let this run like i said it took eight minutes ten minutes or so the first couple times let it do its thing don't worry about it honestly i would not even sweat it until you got to the 20-minute mark at the 20-minute mark if i refresh this page and i don't see my webpage and you have all the resources you've done all these steps you don't have any errors that's when i'm starting to contact hudu and see what can be going what can go on but before the 20 minute mark don't don't sweat it we'll sit here and wait all right so once you see this from what i've seen this background saving terminated with success um with the redis app that usually means you're done um everything you saw pop-up afterwards because i have the logs open when i refresh the web page you're seeing those logs that's me doing it off-site so if i do it here now you see you're getting started you're up and running so because of what we've done i don't have i can close the session right exit out of here and hoodoo's still running which is great i do want to teach you how to view the status of this docker so i'll go ahead and ssh back in so if you do let me make this a little bigger so it's easier to see if you do docker ps it's going to tell you the status let's see here there you go it's going to tell you a status it's going to tell you the names of the docker actual docker files or apps that are running those are called apps in docker world there's hudu app one who to worker who to db who do redis as well as the let's encrypt and it tells you what their ids are their containers uh it tells you what ports they have open so this is running on port 3000 but nothing's open to the outside world this is running on 5432 6379 so the internal server the vm can communicate with itself but here you see the outside world port 80 is going to the inside world port 80. the outside world 443 is going to the inside world 443 so nothing's actually open um something else i want to check that i actually haven't checked here okay so ubuntu 20 on and all the ubuntu instances on uh that i've checked 16 18 20. uh on digitalocean come with ufw uh uncomplicated firewall these are the default firewall firewall rules that come out 22 is open and then limited to anywhere these other ports are allowed so do think about security that's a little beyond what i want to do for this video personally i would lock down ssh to just uh whatever your known ips are and then leave 443 and you know 80 open if you're wondering why 443 and 80 are open but not showing here the reason is this ufw is a front end for iptables docker actually works in works with iptables directly iptables being the firewall so docker will do things to ip tables that will not show up in ufw but it is cumulative if i do something to block something in in ufw it will block in ip tables and will take effect like i said that's a little more deep dive um digitalocean actually has its own security mechanisms for blocking things we can go over that another day maybe we'll get somebody in the security space to help us out with it we'll get jason slagle or uh maybe kyle or one of us one of the other team over at huntress to give us best practices but for now you know this is what we are so just so you know with that said you have your getting started with hoodoo go ahead and give yourself your name hoodoo demo instance demo biz of course we're in msp let's do hudo demo at oitdemo.co and let's create some really complicated password and you're good to go um get your license key from hoodoo but i originally thought when i saw this that it meant i couldn't use it without a license key um so the first version of this video that i recorded muted it was actually i was telling you that you couldn't do without a license key that's not true if you take this off you do have a working instance it's limited obviously you need your key to get things done it tells you how to get started all the admin but you see it's very snappy it's actually really nice there's that user that i just created you can do 2fa i've already done sso on my instance you can brand it it's i really like it i'm going to do another video on um actually getting this you know best practices and stuff like that um i can give you a quick what mine looks like um actually using uh we actually have it with azure so i can do sso directly from azure um have it branded obviously with uh with our stuff it's really cool so you know but that's it you have hoodoo up and running it doesn't take all that long i know this video we dragged things out to try to explain it to you so i wanted to make sure that you knew what was going on but with that said it's very easy if you have difficulty with anything hit me up i'll put my email in the on the screen and also or put in the comments we'll respond to the comments if you want to see this done anywhere else vulture linode aws if you want me to talk about security or you have other technical topics you want to you want to see us do videos on please put it in the comments below because i want us to do what's important to you um but thank you for joining us on this first episode of technical deficit with ray and friends and future episodes we're actually going to do this live with other people um so you can see all the mistakes that we make as we go on but until next time have a great day and the rest of your week you

Info

Channel: OITVOIP

Views: 3,390

Rating: undefined out of 5

Keywords: oitvoip, hudu, documentation, msp, managed service provider, self service installation, msp documentation, how to, hudu install, oit, technical deficit, tutorial, hudu documentation

Id: IE30pedq_ww

Channel Id: undefined

Length: 36min 27sec (2187 seconds)

Published: Tue Feb 09 2021