Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
zulip/docs/prod-install.md

7.4 KiB
Raw Blame History

Production Installation

Make sure you want to install a Zulip production server; if you'd instead like to test or develop a new feature, we recommend the Zulip server development environment instead.

You will need an Ubuntu system that satisfies the installation requirements. In short, you need:

  • A Ubuntu 14.04 Trusty or Ubuntu 16.04 Xenial 64-bit server
  • At least 2GB RAM and 10 GB disk space (4GB and 2 CPUs recommended for 100+ users).
  • A DNS name, an SSL certificate, and credentials for sending email.

Step 0: Subscribe

Please subscribe to low-traffic the Zulip announcements Google Group to get announcements about new releases, security issues, etc.

Step 1: Install SSL Certificates

Zulip runs over https only and requires ssl certificates in order to work. It looks for the certificates in /etc/ssl/private/zulip.key and /etc/ssl/certs/zulip.combined-chain.crt. Note that Zulip uses nginx as its webserver and thus expects a chained certificate bundle

If you need an SSL certificate, see our SSL certificate documentation. If you already have an SSL certificate, just install (or symlink) them into place at the above paths, and move on to the next step.

Step 2: Download and install latest release

If you haven't already, download and unpack the latest built server tarball with the following commands:

sudo -i  # If not already root
cd /root
wget https://www.zulip.org/dist/releases/zulip-server-latest.tar.gz
rm -rf /root/zulip && mkdir /root/zulip
tar -xf zulip-server-latest.tar.gz --directory=/root/zulip --strip-components=1

Then, run the Zulip install script:

/root/zulip/scripts/setup/install

This may take a while to run, since it will install a large number of dependencies. It also creates zulip user, which will be used to run the various Zulip servers.

The Zulip install script is designed to be idempotent, so if it fails, you can just rerun it after correcting the issue that caused it to fail. Also note that it automatically logs a transcript to /var/log/zulip/install.log; please include a copy of that file in any bug reports.

Step 3: Configure Zulip

Configure the Zulip server instance by editing /etc/zulip/settings.py and providing values for the mandatory settings, which are all found under the heading ### MANDATORY SETTINGS.

These settings include:

  • EXTERNAL_HOST: the user-accessible Zulip domain name for your Zulip installation (aka what users will type in their web browser). This should of course match the DNS name you configured to point to your server and for which you configured SSL certificates. If you plan to use multiple domains, add the others to ALLOWED_HOSTS.

  • ZULIP_ADMINISTRATOR: the email address of the person or team maintaining this installation and who will get support and error emails.

  • EMAIL_*, DEFAULT_FROM_EMAIL, and NOREPLY_EMAIL_ADDRESS: credentials for an outgoing SMTP server so Zulip can send emails when needed (don't forget to set email_password in the zulip-secrets.conf file!). We highly recommend reading our production email docs and following the test procedure discussed there to make sure you've setup outgoing email correctly, since outgoing email is the most common configuration problem.

  • AUTHENTICATION_BACKENDS: a list of enabled authentication mechanisms. You'll need to enable at least one authentication mechanism by uncommenting its corresponding line, and then also do any additional configuration required for that backend as documented in the settings.py file (the email backend requires no extra configuration). See the section on Authentication for more detail on the available authentication backends and how to configure them.

Step 4: Initialize Zulip database

At this point, you are done doing things as root. The remaining commands are run as the zulip user using su zulip. To initialize the Zulip database for your production install, run:

su zulip -c /home/zulip/deployments/current/scripts/setup/initialize-database

The initialize-database script will report an error if you did not fill in all the mandatory settings from /etc/zulip/settings.py. It is safe to rerun it after correcting the problem if that happens.

This completes the process of installing Zulip on your server. However, in order to use Zulip, you'll need to create an organization in your Zulip installation.

Step 5: Create a Zulip organization and login

  • If you haven't already, verify that your outgoing email configuration works. The organization creation process will fail if outgoing email is not configured properly.

  • Run the organization (realm) creation management command :

    su zulip # If you weren't already the zulip user
/home/zulip/deployments/current/manage.py generate_realm_creation_link

    This will print out a secure 1-time use link that allows creation of a new Zulip organization on your server. For most servers, you will only ever do this once, but you can run manage.py generate_realm_creation_link again if you want to host another organization on your Zulip server.

  • Open the link generated with your web browser. You'll see the create organization page (screenshot here). Enter your email address and click Create organization.

  • Check your email to find the confirmation email and click the link. You'll be prompted to finish setting up your organization and initial administrator user (screenshot here). Complete this form and log in!

Congratulations! You are logged in as an organization administrator for your new Zulip organization. After getting oriented, we recommend visiting the "Organization settings" UI (linked from the upper-right gear menu in the Zulip webapp) to configure important policy settings like how users can join your new organization. By default, your organization will be configured as follows depending on what type of organization you selected:

Community Organization:

  • restricted_to_domain=False: No restriction on user email addresses.
  • invite_required=True: A user must be invited to join.

Corporate Organization:

  • restricted_to_domain=True: New users must have an email address in the same domain (e.g. @acme.com) as yours.
  • invite_required=False: No invitation is required to join.

Next, you'll likely want to do one of the following:

Troubleshooting

If you get an error after scripts/setup/install completes, check /var/log/zulip/errors.log for a traceback, and consult the troubleshooting section for advice on how to debug. If that doesn't help, please visit #production help in the Zulip developerment community server for realtime help or email zulip-help@googlegroups.com with the full traceback and we'll try to help you out!