-
Notifications
You must be signed in to change notification settings - Fork 30
Production Installation
Note: The most tested way of deploying the ctf-scoreboard is using Heroku, or if you want to use your own server then using https://github.com/dokku/dokku. Don't deploy this in production without a proper and secure reverse proxy.
These steps are for production deployments using docker-compose.
- If you have not already, follow the steps to install docker-compose.
- Generate credentials:
./setup-docker-secrets.sh
- Run scoreboard database setup:
docker-compose run web rails db:initial_setup
- Add appropriate Application Environment Variables in your
.env-prod
file for your environment - Add
NGINX_HOST=your-scoreboard-domain.com
to the.env
file for your environment - Start the container:
docker-compose up -d
These steps are for production deployments using Dokku.
- If you have not already installed Dokku, follow the steps to install Dokku.
- Ensure you have the Dokku Postgres plugin installed
- Ensure you either have the LetsEncrypt plugin installed or manual management of your SSL certificates. The app will not work without some sort of SSL certificate generated.
- Create a new application on your dokku server:
dokku apps:create ctf-scoreboard
- Create a new postgres database on your dokku server:
dokku postgres:create scoreboard-db
- Link the database to the application on your dokku server:
dokku postgres:link scoreboard-db ctf-scoreboard
- Set the application to use the Heroku Ruby buildpack (since this repository has a Dockerfile it tries to default to building off the Dockerfile, however the Heroku Ruby buildpack provides a smoother experience):
dokku config:set ctf-scoreboard BUILDPACK_URL=https://github.com/heroku/heroku-buildpack-ruby.git#v230
- (Optional) Setup the proxy for your application:
dokku --app ctf-scoreboard config:set HTTP_PROXY=http://<proxy-server>
,dokku --app ctf-scoreboard config:set HTTPS_PROXY=http://<proxy-server>
- Add your dokku server as a git remote on your local machine for the application
- Clone the scoreboard locally using the clone button on the main page.
- Add the remote by running
git remote add ctf-dokku dokku@<address>:ctf-scoreboard
- Push the code to dokku in order to create an initial copy of the project on your server, from within your local git copy:
git push ctf-dokku master
.- Note: If you would like to deploy a branch other than master to dokku you can run
git push ctf-dokku otherbranch:master
.
- Note: If you would like to deploy a branch other than master to dokku you can run
- The application is setup to automatically run migrations during a code push, however this causes problems during the initial deploy. In order to get a clean initial deployment, run the following commands on your Dokku
- Set the rails environment
dokku --app ctf-scoreboard run rails db:environment:set RAILS_ENV=production
- Drop and recreate the database by running
dokku --app ctf-scoreboard run rake db:drop db:create db:schema:load DISABLE_DATABASE_ENVIRONMENT_CHECK=1
- Set the rails environment
- Push the code to dokku again using either
git push ctf-dokku master
orgit push ctf-dokku otherbranch:master
. This time the build will pass and your application will be deployed. - Add a domain to access your application by running
dokku --app ctf-scoreboard domains:add <yourdomain>
. - Setup your certificates by either using LetsEncrypt or
dokku certs:generate ctf-scoreboard <yourdomain>
. - Your app should now be accessible in the browser. Browse to in order to complete setup of your game and challenges.
If you are unable to access the scoreboard after deploying with Dokku, it is worthwhile to check the port mappings by running dokku proxy:ports ctf-scoreboard
. The output of this command should at least show port 80 and 443 mapped to the container as follows:
-----> Port mappings for ctf-scoreboard
-----> scheme host port container port
http 80 5000
https 443 5000
If this is not the case, try running the following commands:
dokku proxy:ports-clear ctf-scoreboard
dokku proxy:ports-add ctf-scoreboard http:80:5000
dokku proxy:ports-add ctf-scoreboard https:443:5000
If you deployed without setting the Ruby Buildpack originally, you may run into some errors involving the environment variables set by the Docker build. You can verify this by running dokku config:show ctf-scoreboard
. Check for the following lines:
DOKKU_DOCKERFILE_PORTS: 3000
DOKKU_PROXY_PORT_MAP: http:3000:3000
If they exist, run dokku config:unset ctf-scoreboard DOKKU_DOCKERFILE_PORTS DOKKU_PROXY_PORT_MAP
which will reset the bad port mappings and restart the application.
- Install ruby (using a ruby version manager like rvm is recommended).
- In your terminal run
gem install bundler
- Install postgres to your system (and create a role with your system username
sudo -u postgres -i
thencreateuser --interactive
). - Setup Recaptcha. This can be done by getting a site key from here and then setting the
RECAPTCHA_SITE_KEY
andRECAPTCHA_SECRET_KEY
environment variables for the application. The steps for this will vary based on your hosting platform. - Run
bundle install
to install dependencies - Run
bundle exec rake db:create
to create the database - Run
bundle exec rake db:schema:load
to load the database schema - Run
bundle exec rake db:create_admin
to launch an interactive session to create an administrator - Run
bundle exec rails s -e production
to launch the server in production mode - Open the webpage shown in your terminal from the last command in your browser.
- Login to the registration app
http://localhost:3000
as the admin user you created. - Access the administration panel at
http://localhost:3000/admin
to configure the application.
-
enabled:
(ENV: SCOREBOARD_ENABLE_SMTP)
-
settings:
-
address: Allows for a remote mail server
(ENV: SCOREBOARD_SMTP_ADDRESS)
-
port: Port for your mail server to run off of
(ENV: SCOREBOARD_SMTP_PORT)
-
domain: For specification of a HELO domain
(ENV: SCOREBOARD_SMTP_DOMAIN)
-
authentication: For specification of authentication type if the mail server requires it
(ENV: SCOREBOARD_SMTP_AUTHENTICATION)
-
tls: Enables SMTP to connect with SMTP/TLS
(ENV: SCOREBOARD_SMTP_TLS)
-
openssl_verify_mode: For specifying how OpenSSL checks certificates
(ENV: SCOREBOARD_SMTP_OPENSSL_VERIFY_MODE)
-
enable_starttls_auto: Checks if SMTP has STARTTLS enabled and starts to use it
(ENV: SCOREBOARD_SMTP_ENABLE_STARTTLS_AUTO)
-
user_name: For mail server authentication
(ENV: SCOREBOARD_SMTP_SERVER_USERNAME)
-
password: For mail server authentication
(ENV: SCOREBOARD_SMTP_SERVER_PASSWORD)
-
address: Allows for a remote mail server
-
email_confirmation: Turns on email confirmation for local registration.
(ENV: SCOREBOARD_ENABLE_EMAIL_CONFIRMATION)(default: false)