Jibe Installation

Jibe runs as a Docker container. These instructions assume you are running Docker from a Access Anywhere host. There will be changes required if you are running from another host.

To install Docker see Install Docker Compose.

For general information see Jibe Documentation.

Installation

Docker Configuration

As root, create a folder in the host machine for the Docker configuration file. This specifies what services should be created.

mkdir /root/jibe

Create a Docker Compose file: /root/jibe/docker-compose.yml.

If you are NOT using a Nasuni source use this configuration file:

version: '3.9'

services:
  jibe:
    image: registry.storagemadeeasy.com/jibe/jibe:1.10.0
    container_name: jibe
    restart: always
    network_mode: "host"
    environment:
      - 'AWS_SHARED_CREDENTIALS_FILE=/root/config/aws_credentials'
      - 'AWS_CONFIG_FILE=/root/config/aws_config'
    volumes:
      - '/root/jibe/config:/root/config'
      - '/root/jibe/data:/root/data'
      - '/root/jibe/logs:/root/logs'

If you are using a Nasuni source and need a messaging service use this configuration which includes RabbitMQ.

version: '3.9'

services:
  jibe:
    depends_on:
      - rabbitmq
    image: registry.storagemadeeasy.com/jibe/jibe:1.10.0
    container_name: jibe
    restart: always
    network_mode: "host"
    environment:
      - 'AWS_SHARED_CREDENTIALS_FILE=/root/config/aws_credentials'
      - 'AWS_CONFIG_FILE=/root/config/aws_config'
    volumes:
      - '/root/jibe/config:/root/config'
      - '/root/jibe/data:/root/data'
      - '/root/jibe/logs:/root/logs'
      - '/etc/letsencrypt:/etc/letsencrypt'
      - '/etc/pki:/etc/pki'

  rabbitmq:
    image: rabbitmq:3-management
    container_name: rabbitmq
    hostname: my-rabbit
    environment:
      - 'RABBITMQ_CONFIG_FILE=/var/lib/rabbitmq/config/rabbitmq.conf'
      - 'RABBITMQ_DEFAULT_USER=admin'
      - 'RABBITMQ_DEFAULT_PASS=Jib46Bun1'
    volumes:
      - '/root/jibe/data/rabbitmq:/var/lib/rabbitmq/mnesia/rabbit@my-rabbit'
      - '/root/jibe/config/rabbitmq:/var/lib/rabbitmq/config'
      - '/etc/letsencrypt:/etc/letsencrypt'
    ports:
      - '4369:4369'
      - '5671:5671'
      - '5672:5672'
      - '15671:15671'

Pull the Docker containers:

# cd /root/jibe/
# /usr/local/bin/docker-compose pull
Pulling jibe     ... done
Pulling rabbitmq ... done

If you are not using RabbitMQ skip the next section down to Start Services.

RabbitMQ Configuration

Skip this section if you are not using RabbitMQ.

Host Folders

Create the following folders in the host. These are used for information that persists when the rabbitmq container is stopped. The RabbitMQ service runs as user with ID 999.

mkdir /root/jibe/config/rabbitmq
chown 999 /root/jibe/config/rabbitmq
mkdir /root/jibe/data/rabbitmq
chown 999 /root/jibe/data/rabbitmq

Configuration File

Nasuni will connect using a public key so RabbitMQ needs to know the private key. If you are using Let's Encrypt on the host you'll use the same public/private certificates.

Create a rabbitmq.conf file at /root/jibe/config/rabbitmq/rabbitmq.conf.

## RabbitMQ Settings for Jibe

loopback_users.guest = false

# disables non-TLS listeners, only TLS-enabled clients will be able to connect
listeners.tcp = none

listeners.ssl.default  = 5671
ssl_options.certfile	 = /var/lib/rabbitmq/config/tls/cert.pem
ssl_options.keyfile	   = /var/lib/rabbitmq/config/tls/privkey.pem
ssl_options.cacertfile = /var/lib/rabbitmq/config/tls/fullchain.pem

# management.tcp.port      = 15672
management.ssl.port       = 15671
management.ssl.certfile		= /var/lib/rabbitmq/config/tls/cert.pem
management.ssl.keyfile		= /var/lib/rabbitmq/config/tls/privkey.pem
management.ssl.cacertfile	= /var/lib/rabbitmq/config/tls/fullchain.pem

The server runs as the user rabbitmq which does not have acccess to the Let's Encrypt private key. To give all users read access use:

mkdir /root/jibe/config/rabbitmq/tls
cp /etc/letsencrypt/live/*.*/*pem /root/jibe/config/rabbitmq/tls

To apply the permission change again when the key is renewed edit the Let's file /etc/letsencrypt/renewal/*.conf. Make the following change:

[renewalparams]
post_hook = systemctl start httpd;cp /etc/letsencrypt/live/*.*/*pem /root/jibe/config/rabbitmq/tls

Start up RabbitMQ

docker start rabbitmq

Check the logs for succesful startup

docker logs rabbitmq -f

Start Services

Start up Jibe and RabbitMQ

# /usr/local/bin/docker-compose up -d
Creating network "jibe_default" with the default driver
Creating rabbitmq ... done
Creating jibe     ... done

The container will attempt to start Jibe once every minute until it is configured and startup is successful.

Wait until Jibe starts up by monitoring the Docker log:

cd /root/jibe
docker-compose logs -f

Then see Configuration to complete configuration.

If you are using RabbitMQ copy templates/rabbitmq.conf to config/rabbitmq

mkdir /root/jibe/config/rabbitmq
copy /