Installation Guide¶
1. Planning an Installation¶
- How to plan an installation
- Demo installation (trying functionality out)
- Production installation (persistent data, high-availability)
2. Version Requirements¶
3. Dependencies on Operator’s Machine¶
4. How to install Wire in a box (Demo)¶
- Demo Wire-in-a-Box Deployment Guide
- Introduction
- What will be installed?
- Wire Demo installation diagram
- Installation Guide
- Deployment requirements
- Getting Started
- Deployment Flow
- General Tips
- Trying Things Out
- Troubleshooting
- Cleaning/Uninstalling Wire-in-a-Box
5. Introduction¶
- Introduction
- What will be installed by following these parts?
- What will not be installed?
- What will not be installed by default?
- Getting support
- Next steps for high-available production installation
6. Installing Kubernetes and Databases¶
- How to install kubernetes and databases
- Introduction
- Assumptions
- Preparing to run ansible
- Running ansible to install software on your machines
7. Configuring AWS Services¶
- How to configure AWS services
- Introduction
- Using real AWS services for SNS
- Using real AWS services for SES / SQS
- Using real AWS services for S3
8. Installing Wire-Server using Helm¶
- How to install wire-server using Helm
- Introduction
- Prerequisites
- Preparing to install charts from the internet with Helm
- Watching changes as they happen
- General installation notes
- How to install charts that provide access to external databases
- How to install fake AWS services for SNS / SQS
- Preparing to install wire-server
- How to install RabbitMQ
- How to configure real SMTP (email) services
- How to install fake SMTP (email) services
- How to install wire-server itself
- DNS records
9. Infrastructure Configuration¶
- Infrastructure configuration
- Redirect some traffic through a http(s) proxy
- Enable push notifications using the public appstore / playstore mobile Wire clients
- Controlling the speed of websocket draining during cannon pod replacement
- Control nginz upstreams (routes) into the Kubernetes cluster
- Separate incoming websocket network traffic from the rest of the https traffic
- You may want
- Metrics/logging
- SMTP server
- Load balancer on bare metal servers
- Load Balancer on cloud-provider
- Real AWS services
- Persistence and high-availability
- Security
- 3rd-party proxying
- Routing traffic to other namespaces via nginz
- Marking an installation as self-hosted
- Configuring authentication cookie throttling
- S3 Addressing Style
- I have a team larger than 500 users
10. Monitoring Wire-Server¶
11. Centralized Logs for Wire-Server¶
- How to see centralized logs for wire-server
- Introduction
- Status
- Prerequisites
- Installing required helm charts
- Configuring fluent-bit
- Post-install kibana setup
- Usage after installation
- Nuking it all.
- Debugging
12. Ingress-Controller (Getting Traffic In)¶
- Ingress-controller (getting traffic in)
- Installing in a cloud-like environment
- Installing on bare-metal without dynamic load balancer support
13. Web App Settings¶
- Web app settings
- Enforce desktop application only
- Enforce constant bit rate
- Disable media plugins
- Enable extra entropy (only on Windows)
14. Installing Conference Calling 2.0 (aka SFT)¶
15. Installing Restund¶
16. Configure TLS Ciphers¶
- Configure TLS ciphers
- Ingress Traffic (wire-server)
- Egress Traffic (wire-server/federation)
- SFTD (ansible)
- SFTD (kubernetes)
- Coturn (kubernetes)
- Restund (ansible)
- Restund (kubernetes)
17. Managing Authentication with Ansible¶
- Managing authentication with ansible
- How to use password authentication when you ssh to a machine with ansible
- Configuring SSH keys
- Sudo without password
18. Using Tinc¶
19. Troubleshooting During Installation¶
- Troubleshooting during installation
- Problems with CSP on the web based applications (webapp, team-settings, account-pages)
- Problems with ansible and python versions
- Flaky issues with Cassandra (failed QUORUMs, etc.)
- I deployed
demo-smtp
but I’m not receiving any verification emails - I deployed
demo-smtp
and I want to skip email configuration and retrieve verification codes directly - Obtaining Brig logs, and the format of different team/user events
- Diagnosing and addressing bad network/disconnect issues
- Diagnosing issues with installation steps.
- Verifying correct deployment of DNS / DNS troubleshooting.