プロジェクトマネジメントに不可欠なもの
- タスク管理ツール
- コミュニケーションツール
- wiki 会社運営になると、以上に会計ソフトが加わる
オープンソースソフトで代替したい
- タスク管理ツール:Redmine
- コミュニケーションツール:rocket.chat
- wiki : xwiki
How to introduce Redmine
いかのdocker composeを走らせるだけ
version: '3.7'
services:
redmine:
image: redmine:6.0.1
ports:
- "8008:3000"
environment:
REDMINE_DB_MYSQL: db
REDMINE_DB_DATABASE: redmine
REDMINE_DB_USERNAME: redmine
REDMINE_DB_PASSWORD: redmine_password
volumes:
- redmine_data:/usr/src/redmine/files
db:
image: mysql:5.7
command: mysqld --character-set-server=utf8 --collation-server=utf8_unicode_ci #--default-authentication-plugin=mysql_native_password --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci
environment:
MYSQL_ROOT_PASSWORD: root_password
MYSQL_DATABASE: redmine
MYSQL_USER: redmine
MYSQL_PASSWORD: redmine_password
volumes:
- mysql_data:/var/lib/mysql
volumes:
redmine_data:
driver: local
mysql_data:
driver: local
詳しくは、こちらを読んでみてください、といった感じです。 https://blog.ingenboy.com/post/introduce_redmine/
How to introduce rocket.chat
volumes:
mongodb_data: { driver: local }
services:
rocketchat:
image: ${IMAGE:-registry.rocket.chat/rocketchat/rocket.chat}:${RELEASE:-latest}
restart: always
labels:
traefik.enable: "true"
traefik.http.routers.rocketchat.rule: Host(`${DOMAIN:-}`)
traefik.http.routers.rocketchat.tls: "true"
traefik.http.routers.rocketchat.entrypoints: https
traefik.http.routers.rocketchat.tls.certresolver: le
environment:
MONGO_URL: "${MONGO_URL:-\
mongodb://${MONGODB_ADVERTISED_HOSTNAME:-mongodb}:${MONGODB_INITIAL_PRIMARY_PORT_NUMBER:-27017}/\
${MONGODB_DATABASE:-rocketchat}?replicaSet=${MONGODB_REPLICA_SET_NAME:-rs0}}"
MONGO_OPLOG_URL: "${MONGO_OPLOG_URL:\
-mongodb://${MONGODB_ADVERTISED_HOSTNAME:-mongodb}:${MONGODB_INITIAL_PRIMARY_PORT_NUMBER:-27017}/\
local?replicaSet=${MONGODB_REPLICA_SET_NAME:-rs0}}"
ROOT_URL: ${ROOT_URL:-http://localhost:${HOST_PORT:-3000}}
PORT: ${PORT:-3000}
DEPLOY_METHOD: docker
DEPLOY_PLATFORM: ${DEPLOY_PLATFORM:-}
REG_TOKEN: ${REG_TOKEN:-}
depends_on:
- mongodb
expose:
- ${PORT:-3000}
ports:
- "${BIND_IP:-0.0.0.0}:${HOST_PORT:-3000}:${PORT:-3000}"
mongodb:
image: docker.io/bitnami/mongodb:${MONGODB_VERSION:-6.0}
restart: always
volumes:
- mongodb_data:/bitnami/mongodb
environment:
MONGODB_REPLICA_SET_MODE: primary
MONGODB_REPLICA_SET_NAME: ${MONGODB_REPLICA_SET_NAME:-rs0}
MONGODB_PORT_NUMBER: ${MONGODB_PORT_NUMBER:-27017}
MONGODB_INITIAL_PRIMARY_HOST: ${MONGODB_INITIAL_PRIMARY_HOST:-mongodb}
MONGODB_INITIAL_PRIMARY_PORT_NUMBER: ${MONGODB_INITIAL_PRIMARY_PORT_NUMBER:-27017}
MONGODB_ADVERTISED_HOSTNAME: ${MONGODB_ADVERTISED_HOSTNAME:-mongodb}
MONGODB_ENABLE_JOURNAL: ${MONGODB_ENABLE_JOURNAL:-true}
ALLOW_EMPTY_PASSWORD: ${ALLOW_EMPTY_PASSWORD:-yes}
あとは、 以下のようなnginxファイルをおいて、プロキシしてください。
server {
listen 443 ssl;
server_name chat.ingenboy.com;
ssl_certificate /etc/letsencrypt/live/chat.ingenboy.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/chat.ingenboy.com/privkey.pem; # managed by Certbot
# Strong SSL settings
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256';
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 1h;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
ポイントは、websocketを使うので、
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
が必要なところです。
How to introduce xwiki
version: '2'
networks:
bridge:
driver: bridge
services:
web:
image: "xwiki:stable-mysql-tomcat"
container_name: xwiki-mysql-tomcat-web
depends_on:
- db
ports:
- "8888:8080"
environment:
- DB_USER=xwiki
- DB_PASSWORD=xwiki
- DB_HOST=xwiki-mysql-db
volumes:
- xwiki-data:/usr/local/xwiki
networks:
- bridge
db:
image: "mysql:8.1"
container_name: xwiki-mysql-db
volumes:
- mysql-data:/var/lib/mysql
- ./init.sql:/docker-entrypoint-initdb.d/init.sql
environment:
- MYSQL_ROOT_PASSWORD=xwiki
- MYSQL_USER=xwiki
- MYSQL_PASSWORD=xwiki
- MYSQL_DATABASE=xwiki
command:
- "--character-set-server=utf8mb4"
- "--collation-server=utf8mb4_bin"
- "--explicit-defaults-for-timestamp=1"
networks:
- bridge
volumes:
mysql-data: {}
xwiki-data: {}
で、こんな感じのプロキシ設定を入れる
server {
listen 443 ssl;
server_name wiki.ingenboy.com;
ssl_certificate /etc/letsencrypt/live/wiki.ingenboy.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/wiki.ingenboy.com/privkey.pem; # managed by Certbot
location / {
proxy_pass http://100.64.1.61:8888;
proxy_set_header Host wiki.ingenboy.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_cache_bypass $http_upgrade;
}
}
server {
listen 80;
server_name wiki.ingenboy.com;
return 301 https://$host$request_uri;
}
地味に大事なのが、80番ポートへのリクエストを301でhttpsにリダイレクトするところかな。これはかなり大事。 httpでプロキシされてくるので、httpをhtmlに埋め込んでレスポンス返しているらしいな。まあよくある仕様だな。 いや、上の設定ではうまくいかない。一番下を見てくれ。
Main/#edit:1 Mixed Content: The page at 'https://wiki.ingenboy.com/bin/view/Main/#edit' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://wiki.ingenboy.com/bin/lock/Main/WebHome?ajax=1&action=edit&language=en'. This request has been blocked; the content must be served over HTTPS.
このエラーが出てリクエストできなくなるんだよな。つまり、tomcatをsslで動かすしかないって話だ。どうやって?って話だけどさ。 既知の問題なんですよね。 https://forum.xwiki.org/t/message-failed-to-lock-the-page-when-tring-to-edit-a-page/7609/24
結局これが一番簡単な解決方法
location / {
proxy_pass http://100.64.1.61:8888;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Accept-Encoding ""; # Disable compression from backend
proxy_cache_bypass $http_upgrade;
sub_filter 'http://wiki.ingenboy.com' 'https://wiki.ingenboy.com';
sub_filter_once off;
sub_filter_types text/html;
add_header X-Filter-Applied $upstream_http_content_type;
add_header Content-Security-Policy "upgrade-insecure-requests";
}
add_header Content-Security-Policy “upgrade-insecure-requests”; これいれることで、ブラウザは自動的にhttpリクエストをhttpsでリクエストするようになる。
もう一つ気を付けてほしいのが、 一番最初にスタートするとき以下のエラーが出る。
[jodconverter-offprocmng-0] WARN tartProcessAndConnectRetryable - Office process died with exit code 81; restarting it
関連記事:https://forum.xwiki.org/t/office-process-died-with-exit-code-81/12550/2
三種の神器がそろった
最高だ。無料でPMツールが全部そろったんだぜ。これはすごいことだ。 あとは、会計ソフトだけ入れることができればもう俺の勝ちだ。