Checklist Installation

The purpose of this document is to list common steps needed to install a Convier instance up until the creation of a project.

  • Obtain credentials for the Convier Docker registry (contact support@convier.com).
  • Determine the URL of the instance (e.g., https://convier.acme.com/convier).
    • The URL is later referred to as public_url.
    • It must end with /convier.
    • The OIDC provider will require the URL to start with HTTPS and have a valid certificate.
  • Create an OIDC client (e.g., Enterprise Application in Azure).
    • Assign appropriate permissions (e.g., openid profile offline_access).
    • Copy client_id, client_secret, and openid-configuration URL.
      • In Azure, the URL looks like this: https://login.microsoftonline.com/<tenant_id>/v2.0/.well-known/openid-configuration
    • Add public_url as an accepted redirect URL for login.
    • Create roles Task.Manage and Task.Read, and assign users and groups to appropriate roles (users who will create projects and configure data collection and reporting should have Task.Manage).
  • Create an App Service or Virtual Machine.
    • Check network/firewall configuration to:
      • Enable users to reach the service through the browser.
      • Enable the installation to communicate with the OIDC provider to authenticate users.
      • Prevent external access.
    • If using a Virtual Machine, obtain a valid SSL certificate for the URL, encode it as PKCS#12, and add the entire chain as an environment variable called CERTBOT_FULL_CERT_CONTENT.
      • If using an App Service, the certificate is managed by Azure.
    • Enter Docker info:
      • Platform: Linux.
      • Docker repo: https://docker.convier.com.
      • Obtained username and password.
      • Image: convier:stable
    • With local (default) configuration, Convier does not support redundancy, make sure instance count is 1, or configure a central database connection (JDBC_CONNECTION_STRING)
  • Configure the application.
    • Consider whether to store the configuration locally or in a database server.
      • If using an external database, prepare values for configuration variables:
        • JDBC_CONNECTION_STRING
        • JDBC_USERNAME
        • JDBC_PASSWORD
    • See App Service Configuration for other required configuration.
  • Consider enabling the sending of telemetry data to Convier.
  • Consider enabling audit logging.
  • Consider enabling report storage.
  • Start or restart the App Service or Virtual Machine.
  • Go to public_url and verify that you can log in and see an empty project list.