# Outline Wiki This is the hardest deployment I’ve ever done. I wouldn’t have been able to deploy this without [Guru Computing’s Blog](https://blog.gurucomputing.com.au/Knowledgebases%20with%20Outline/Installing%20Outline%20Knowledgebase/)! I do not advise deploying this unless you’ve had some experience with deploying any of the other apps in this repostitory. If you get stuck here please refer to Guru’s Computing’s blog! ## Minimum File Structure ``` /home/ └── ~/ └── docker/ └── outline/ ├── .env ├── docker-compose.yml ├── docker.env └── keycloak/ ├── .env ├── docker-compose.yml ``` ## Add to Caddyfile (from \~/docker/caddy) Remember to `docker exec -w /etc/caddy caddy caddy reload` after editing your Caddyfile. ``` outline.yourdomain.com { reverse_proxy outline:3000 } outlinedata.yourdomain.com { reverse_proxy outline-minio:9000 } outlinedata-admin.yourdomain.com { reverse_proxy outline-minio:9001 } auth.yourdomain.com { reverse_proxy keycloak:8080 } ``` outline-minio is the s3 bucket we’ll be using. keycloak is the auth provider we will be self hosting # The “keycloak” directory We will start with keycloak for single sign on first because it is easier and we need to get the client secret from it for outline! Start by creating a empty keycloak directory similar to the minimum file structure section above. ## docker-compose.yml Copy and use the same docker-compose.yml in this repo’s ./keycloak directory Feel free to change the version of the pull in this repo I'm using 0.72.0 Then you copy the .env in this repo to the same directory and modify it ## modifying the .env This is self explanatory. There are 3 lines to modify after the = sign ```javascript KC_DB_PASSWORD= KC_HOSTNAME=auth.yourdomain.com KEYCLOAK_ADMIN_PASSWORD= ``` After you have both the docker-compose.yml and .env ready it’s time to start up the instances ```javascript docker-compose up -d ``` ### Keycloak Configuration On your browser go to `https://auth.yourdomain.com/`and login to the Administration Console * In your keycloak portal, under **clients**, create a new **oidc** client for **outline.yourdomain.com**. Set the following values: ```javascript Client Auth: On Client ID (can be whatever): outline..com Name (can be whatever): outline..com Root URL: https://outline..com Home URL: https://outline..com redirect URI: https://outline..com/auth/oidc.callback ``` ![Keycloak Create Client](https://github.com/StarWhiz/docker_deployment_notes/assets/9423276/c4b8f19e-912d-44e7-8d67-51a33d22e891) Finally create an account under users and set a password. ![Keycloak Create User](https://github.com/StarWhiz/docker_deployment_notes/assets/9423276/c74e2045-7ec2-4c64-856d-5f2a156a710a) ![Keycloak Setpassword](https://github.com/StarWhiz/docker_deployment_notes/assets/9423276/ac64c774-fdbb-4c3b-9968-e64fe99e7c1c) # The “outline” directory This one is much harder! ## docker-compose.yml Use the same docker-compose.yml located inside the outline directory of this repository ## docker.env From the same directory in this repo copy and make modifications to `docker.env` to suit your environment 5 variables that contain `yourdomain.com`needs to have `yourdomain.com`substituted with your own domain 1 variables that say `` need to be replaced with your own password 2 variables that say `` need to be replaced with your own password 1 variable `SECRET_KEY=` needs to have it’s SECRET_KEY replaced by the output of `openssl rand -hex 32` 1 variable `UTILS_SECRET=` needs to have it’s UTIL_SECRET replaced by the output of `openssl rand -hex 32` ### Modify the OIDC Authentication section of docker.env The 5 lines below need modification where `yourdomain.com` is replaced with your actual domain! ```javascript OIDC_CLIENT_ID=outline.yourdomain.com OIDC_CLIENT_SECRET= OIDC_AUTH_URI=https://auth.yourdomain.com/realms/master/protocol/openid-connect/auth OIDC_TOKEN_URI=https://auth.yourdomain.com/realms/master/protocol/openid-connect/token OIDC_USERINFO_URI=https://auth.yourdomain.com/realms/master/protocol/openid-connect/userinfo ``` ### Optional: Set up SMTP variables to receive emails from outline ```javascript SMTP_HOST= SMTP_PORT= SMTP_USERNAME= SMTP_PASSWORD= SMTP_FROM_EMAIL=hello@example.com SMTP_REPLY_EMAIL=hello@example.com SMTP_TLS_CIPHERS= SMTP_SECURE=true ``` ## .env modifications needed The three variables `MINIO_ROOT_PASSWORD`, `MINIO_BROWSER_REDIRECT_URL`, and `POSTGRES_PW` need to be replaced similarly to docker.env. Use the same minio password `` and PG `` password as above. As for the URL replace `yourdomain.com` with your actual domain you will be hosting this on. ```javascript MINIO_ROOT_PASSWORD= MINIO_BROWSER_REDIRECT_URL=https://outlinedata.yourdomain.com POSTGRES_PW= ``` ## Now that all files and modifications are in place. In the outline directory… Create the db by running ```javascript docker-compose run --rm outline yarn db:create --env=production-ssl-disabled ``` You’ll get some error saying ```javascript ERROR: getaddrinfo EAI_AGAIN outline-postgres ``` Don’t worry we will carry on. Now run ```javascript sudo chown -R 999:999 ./psqldatabase-data ``` Then run the migration command below ```javascript docker-compose run --rm outline yarn db:migrate --env=production-ssl-disabled ``` After migration is complete. You can start the app with ```javascript docker-compose up -d ``` Optional: If you run into any problems inspect the logs with ```javascript docker-compose logs -f ``` Optional: Anytime you want to start over from scratch you can run the following in the ./outline directory ```javascript docker-compose down --remove-orphans -v sudo rm -R container-data/ psqldatabase-data/ redis.conf/ ``` Okay so outline is finished hosting! ## Logging into your minio bucket and creating outlinebucket This step needs to be done so you can drag / drop upload files to your outline pages In your browser go to `https://outlinedata-admin.yourdomain.com` and login Finally create a bucket called `outlinebucket` After creation, under the anonymous tab add two access rules: `avatar` and `public` as readonly access rules. Don’t worry if you’re confused here’s a gif below explaining all this. ![Minio](https://github.com/StarWhiz/docker_deployment_notes/assets/9423276/32d34e39-1cb9-422a-a849-132f07893100) That’s it! Now login to outline with your keycloak account. And you should be able to drag and drop images to your documents! ## Troubleshooting You may have to run `sudo chown -R systemd-coredump:systemd-coredump psqldatabase-data/` on your psqldatabase-data folder if you get the error (on docker-compose logs -f) that says `initdb: error: could not change permissions of directory "/var/lib/postgresql/data": Operation not permitted` ## Migrating Domain Notes back up .env, docker-compose.yml, and docker.env edit only docker.env (if you plan on keeping same database + keycloak) ``` URL=https://outline.stoplagging.com PORT=3000 OIDC_CLIENT_ID=outline.stoplagging.com ``` If new instance with new database edit ``` AWS_S3_UPLOAD_BUCKET_URL=https://outlinedata.stoplagging.com ``` If new instance with new keycloak edit ``` OIDC_AUTH_URI=https://auth.stoplagging.com/realms/master/protocol/openid-connect/auth OIDC_TOKEN_URI=https://auth.stoplagging.com/realms/master/protocol/openid-connect/token OIDC_USERINFO_URI=https://auth.stoplagging.com/realms/master/protocol/openid-connect/userinfo ``` docker-compose up again don't forget to edit caddy docker exec -w /etc/caddy caddy caddy reload Now in keycloak go to Clients export the original domain name edit the .json find & replace all old domain name with new domain name in text editor. Edit description reimport new domain name!