Checklist Installation
The purpose of this document is to list common steps needed to install a Convier instance up until the creation of a project.
- Obtain credentials for the Convier Docker registry (contact support@convier.com).
- Determine the URL of the instance (e.g.,
https://convier.acme.com/convier
).- The URL is later referred to as
public_url
. - It must end with
/convier
. - The OIDC provider will require the URL to start with HTTPS and have a valid certificate.
- The URL is later referred to as
- Create an OIDC client (e.g., Enterprise Application in Azure).
- Assign appropriate permissions (e.g.,
openid profile offline_access
). - Copy
client_id
,client_secret
, andopenid-configuration
URL.- In Azure, the URL looks like this:
https://login.microsoftonline.com/<tenant_id>/v2.0/.well-known/openid-configuration
- In Azure, the URL looks like this:
- Add
public_url
as an accepted redirect URL for login. - Create roles
Task.Manage
andTask.Read
, and assign users and groups to appropriate roles (users who will create projects and configure data collection and reporting should haveTask.Manage
).
- Assign appropriate permissions (e.g.,
- Create an App Service or Virtual Machine.
- Check network/firewall configuration to:
- Enable users to reach the service through the browser.
- Enable the installation to communicate with the OIDC provider to authenticate users.
- Prevent external access.
- If using a Virtual Machine, obtain a valid SSL certificate for the URL, encode it as PKCS#12, and add the entire chain as an environment variable called
CERTBOT_FULL_CERT_CONTENT
.- If using an App Service, the certificate is managed by Azure.
- Enter Docker info:
- Platform: Linux.
- Docker repo:
https://docker.convier.com
. - Obtained username and password.
- Image:
convier:stable
- With local (default) configuration, Convier does not support redundancy, make sure instance count is 1, or configure a central database connection (
JDBC_CONNECTION_STRING
)
- Check network/firewall configuration to:
- Configure the application.
- Consider whether to store the configuration locally or in a database server.
- If using an external database, prepare values for configuration variables:
JDBC_CONNECTION_STRING
JDBC_USERNAME
JDBC_PASSWORD
- If using an external database, prepare values for configuration variables:
- See App Service Configuration for other required configuration.
- Consider whether to store the configuration locally or in a database server.
- Consider enabling the sending of telemetry data to Convier.
- Consider enabling audit logging.
- Consider enabling report storage.
- Start or restart the App Service or Virtual Machine.
- Go to
public_url
and verify that you can log in and see an empty project list.