# Jibe Installation

Jibe runs as a Docker container. These instructions assume you are running Docker from a Access Anywhere host. There will be changes required if you are running from another host.

To install Docker see [Install Docker Compose](https://docs.docker.com/compose/install/).

For general information see [[/jibe]].

## Installation

### Docker Configuration

As root, create a folder in the host machine for the Docker configuration file.
This specifies what services should be created. 

    mkdir /root/jibe

Create a Docker Compose file: `/root/jibe/docker-compose.yml`.

If you are NOT using a Nasuni source use this configuration file:

    version: '3.9'

    services:
      jibe:
        image: registry.storagemadeeasy.com/jibe/jibe:1.10.0
        container_name: jibe
        restart: always
        network_mode: "host"
        environment:
          - 'AWS_SHARED_CREDENTIALS_FILE=/root/config/aws_credentials'
          - 'AWS_CONFIG_FILE=/root/config/aws_config'
        volumes:
          - '/root/jibe/config:/root/config'
          - '/root/jibe/data:/root/data'
          - '/root/jibe/logs:/root/logs'

If you are using a Nasuni source and need a messaging service use
this configuration which includes RabbitMQ.

    version: '3.9'

    services:
      jibe:
        depends_on:
          - rabbitmq
        image: registry.storagemadeeasy.com/jibe/jibe:1.10.0
        container_name: jibe
        restart: always
        network_mode: "host"
        environment:
          - 'AWS_SHARED_CREDENTIALS_FILE=/root/config/aws_credentials'
          - 'AWS_CONFIG_FILE=/root/config/aws_config'
        volumes:
          - '/root/jibe/config:/root/config'
          - '/root/jibe/data:/root/data'
          - '/root/jibe/logs:/root/logs'
          - '/etc/letsencrypt:/etc/letsencrypt'
          - '/etc/pki:/etc/pki'

      rabbitmq:
        image: rabbitmq:3-management
        container_name: rabbitmq
        hostname: my-rabbit
        environment:
          - 'RABBITMQ_CONFIG_FILE=/var/lib/rabbitmq/config/rabbitmq.conf'
          - 'RABBITMQ_DEFAULT_USER=admin'
          - 'RABBITMQ_DEFAULT_PASS=Jib46Bun1'
        volumes:
          - '/root/jibe/data/rabbitmq:/var/lib/rabbitmq/mnesia/rabbit@my-rabbit'
          - '/root/jibe/config/rabbitmq:/var/lib/rabbitmq/config'
          - '/etc/letsencrypt:/etc/letsencrypt'
        ports:
          - '4369:4369'
          - '5671:5671'
          - '5672:5672'
          - '15671:15671'

Pull the Docker containers:

    # cd /root/jibe/
    # /usr/local/bin/docker-compose pull
    Pulling jibe     ... done
    Pulling rabbitmq ... done

If you are not using RabbitMQ skip the next section down to Start Services.

### RabbitMQ Configuration

Skip this section if you are not using RabbitMQ.

#### Host Folders

Create the following folders in the host. These are used for information that persists
when the rabbitmq container is stopped. The RabbitMQ service runs as user with ID 999.

    mkdir /root/jibe/config/rabbitmq
    chown 999 /root/jibe/config/rabbitmq
    mkdir /root/jibe/data/rabbitmq
    chown 999 /root/jibe/data/rabbitmq

#### Configuration File

Nasuni will connect using a public key so RabbitMQ needs to know the private key.
If you are using Let's Encrypt on the host you'll use the same public/private 
certificates.

Create a `rabbitmq.conf` file at `/root/jibe/config/rabbitmq/rabbitmq.conf`. 

    ## RabbitMQ Settings for Jibe

    loopback_users.guest = false

    # disables non-TLS listeners, only TLS-enabled clients will be able to connect
    listeners.tcp = none

    listeners.ssl.default  = 5671
    ssl_options.certfile	 = /var/lib/rabbitmq/config/tls/cert.pem
    ssl_options.keyfile	   = /var/lib/rabbitmq/config/tls/privkey.pem
    ssl_options.cacertfile = /var/lib/rabbitmq/config/tls/fullchain.pem

    # management.tcp.port      = 15672
    management.ssl.port       = 15671
    management.ssl.certfile		= /var/lib/rabbitmq/config/tls/cert.pem
    management.ssl.keyfile		= /var/lib/rabbitmq/config/tls/privkey.pem
    management.ssl.cacertfile	= /var/lib/rabbitmq/config/tls/fullchain.pem

The server runs as the user `rabbitmq` which does not have acccess
to the Let's Encrypt private key. To give all users read access use:

    mkdir /root/jibe/config/rabbitmq/tls
    cp /etc/letsencrypt/live/*.*/*pem /root/jibe/config/rabbitmq/tls

To apply the permission change again when the key is renewed edit the Let's file `/etc/letsencrypt/renewal/*.conf`. Make the following change:

    [renewalparams]
    post_hook = systemctl start httpd;cp /etc/letsencrypt/live/*.*/*pem /root/jibe/config/rabbitmq/tls

####

Start up RabbitMQ

    docker start rabbitmq

Check the logs for succesful startup

    docker logs rabbitmq -f

### Start Services

Start up Jibe and RabbitMQ

    # /usr/local/bin/docker-compose up -d
    Creating network "jibe_default" with the default driver
    Creating rabbitmq ... done
    Creating jibe     ... done

The container will attempt to start Jibe once every minute until it is configured and startup
is successful. 

Wait until Jibe starts up by monitoring the Docker log:

    cd /root/jibe
    docker-compose logs -f

Then see [[/jibe/configuration|Configuration]] to complete configuration.

If you are using RabbitMQ copy templates/rabbitmq.conf to config/rabbitmq

    mkdir /root/jibe/config/rabbitmq
    copy /