### Production Installation Introduction Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/README.md Introduces the production installation of Wire, detailing what components will be installed by default and what will not. Also covers getting support and next steps for high-availability setups. ```markdown # Introduction ## What will be installed by following these parts? ## What will not be installed? ## What will not be installed by default? ## Getting support ## Next steps for high-available production installation ``` -------------------------------- ### Wire-in-a-Box Demo Installation Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/README.md Provides a guide for deploying Wire in a demo environment using the Wire-in-a-Box method. Covers introduction, what will be installed, diagrams, requirements, getting started, deployment flow, tips, troubleshooting, and uninstallation. ```markdown # Demo Wire-in-a-Box Deployment Guide ## Introduction ## What will be installed? ## Wire Demo installation diagram ## Installation Guide ## Deployment requirements ## Getting Started ## Deployment Flow ## General Tips ## Trying Things Out ## Troubleshooting ## Cleaning/Uninstalling Wire-in-a-Box ``` -------------------------------- ### Kubernetes and Databases Installation Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/README.md Guides on installing Kubernetes and databases, including introduction, assumptions, preparing to run Ansible, and executing Ansible for software installation on machines. ```markdown # How to install kubernetes and databases ## Introduction ## Assumptions ## Preparing to run ansible ## Running ansible to install software on your machines ``` -------------------------------- ### Helm Client Version Output Example Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/helm-prod.md An example output demonstrating a successful Helm client version check, indicating the installed Helm version and build information. ```default version.BuildInfo{Version:"v3.1.1", GitCommit:"afe70585407b420d0097d07b21c47dc511525ac8", GitTreeState:"clean", GoVersion:"go1.13.8"} ``` -------------------------------- ### Wire-Server Helm Installation Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/README.md Explains how to install Wire-Server using Helm, covering prerequisites, chart installation from the internet, watching changes, general notes, installing charts for external databases, fake AWS services, preparing for Wire-Server installation, installing RabbitMQ, configuring SMTP services (real and fake), installing Wire-Server itself, and DNS records. ```markdown # How to install wire-server using Helm ## Introduction ## Prerequisites ## Preparing to install charts from the internet with Helm ## Watching changes as they happen ## General installation notes ## How to install charts that provide access to external databases ## How to install fake AWS services for SNS / SQS ## Preparing to install wire-server ## How to install RabbitMQ ## How to configure real SMTP (email) services ## How to install fake SMTP (email) services ## How to install wire-server itself ## DNS records ``` -------------------------------- ### Nginx Ingress Service Setup Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/helm-prod.md Initializes the Nginx ingress service by creating directories, copying example configuration files, and setting up secrets and values. ```shell mkdir -p nginx-ingress-services && cd nginx-ingress-services cp ../values/nginx-ingress-services/demo-secrets.example.yaml secrets.yaml cp ../values/nginx-ingress-services/demo-values.example.yaml values.yaml ``` -------------------------------- ### Ansible: Copy Example Hosts File Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/ansible-VMs.md Copies the example hosts.example.ini file to hosts.ini, creating the configuration file needed for Ansible to manage the deployment. ```bash cp hosts.example.ini hosts.ini ``` -------------------------------- ### Prepare Wire-Server Configuration Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/helm-prod.md Prepares the configuration for the wire-server by creating a new directory and copying example values and secrets files. This allows for modifications without altering the original example files. ```shell mkdir -p my-wire-server cp values/wire-server/prod-secrets.example.yaml my-wire-server/secrets.yaml cp values/wire-server/prod-values.example.yaml my-wire-server/values.yaml ``` -------------------------------- ### Legal Hold Setup - Installation and Configuration Source: https://github.com/wireapp/wire-docs/blob/main/src/understand/README.md Instructions for installing and configuring the Legal Hold feature within Wire. ```APIDOC Legal Hold Setup: Description: Guide for installing and configuring the Legal Hold feature. Installation: - Prerequisites: Ensure necessary backend services and database schemas are in place. - Deployment: Steps to deploy the Legal Hold service or module. Configuration: - Team Settings: How to enable and configure Legal Hold for specific teams or organizations. - User Permissions: Managing roles and permissions related to Legal Hold. Related Documentation: - Introduction: legalhold.md#introduction - Configuring Team Settings: legalhold.md#configuring-team-settings-to-use-legal-hold ``` -------------------------------- ### Wire-in-a-Box Demo Deployment Diagram Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md Mermaid diagram illustrating the architecture and data flow of the demo Wire-in-a-Box setup, showing external components, the deployment node, and internal connections. ```mermaid graph TB %% External components WebClients["πŸ–₯️ Web Clients/Android/iOS
Clients"] AnsibleNode["πŸ“‹ Ansible node"] %% Main deploy_node containing all components subgraph DeployNode ["πŸ–₯️ deploy_node"] %% NIC on the node NIC["🌐 NIC (Public/Private)
ssh/https/Coturn UDP
traffic"] %% Iptables NAT rules on the node NAT["πŸ”„ Iptables NAT rules
redirect external traffic
to k8s pods"] %% Wire server deployment on the node WireServerDownload["πŸ“₯ Download wire-server-
deploy-static-demo-*.tgz
and start assets.service"] %% Docker/k8s environment on the node subgraph DockerK8s ["🐳 Docker - minikube k8s"] SeedContainer["seed-offline-containerized
(loads all the containers)"] subgraph HelmCharts ["Helm Charts:
fake-sws | demo-smtp | rabbitmq
databases-ephemeral | wire-server
webapp | account-pages | team-settings
ingress-nginx-controller nginx-ingress-services coturn | SFT"] end end end GitCommands["πŸ–₯️ git clone github.com/wireapp/wire-server-deploy.git
cd wire-server-deploy
ansible-playbook -i ansible/inventory/demo/host.yml
ansible/wiab-demo/deploy_wiab.yml"] %% Traffic flows %% Wire application traffic from clients WebClients -->|"πŸ”΅ Wire App Traffic
(https/websocket)"| NIC NIC --> NAT NAT -->|"Route to k8s pods"| DockerK8s %% SSH/Ansible configuration traffic AnsibleNode -->|"🟒 SSH/Ansible Traffic
(configuration)"| NIC AnsibleNode --> GitCommands %% Internal connections on deploy_node WireServerDownload -->|"Seeds"| SeedContainer SeedContainer -->|"docker image loads"| HelmCharts %% Color coding based on legend - softer colors for better readability classDef yellow fill:#fff9c4,stroke:#666,stroke-width:1px,color:#4a4a4a classDef blue fill:#e3f2fd,stroke:#666,stroke-width:1px,color:#1565c0 classDef green fill:#e8f5e8,stroke:#666,stroke-width:1px,color:#2e7d32 classDef red fill:#ffebee,stroke:#666,stroke-width:1px,color:#c62828 classDef purple fill:#f3e5f5,stroke:#666,stroke-width:1px,color:#7b1fa2 classDef rose fill:#fce4ec,stroke:#666,stroke-width:1px,color:#c2185b classDef orange fill:#fff3e0,stroke:#666,stroke-width:1px,color:#ef6c00 classDef gray fill:#f5f5f5,stroke:#666,stroke-width:1px,color:#616161 %% Apply colors according to legend and function class DeployNode yellow class WireServerDownload,NAT blue class HelmCharts,SeedContainer green class DockerK8s red class NIC purple class WebClients rose class AnsibleNode orange class GitCommands gray ``` -------------------------------- ### Setup Nginx Ingress Services Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/includes/helm_dns-ingress-troubleshooting.inc.md Creates a directory for Nginx ingress services and copies example configuration files. ```shell mkdir -p nginx-ingress-services && cd nginx-ingress-services cp ../values/nginx-ingress-services/demo-secrets.example.yaml secrets.yaml cp ../values/nginx-ingress-services/demo-values.example.yaml values.yaml ``` -------------------------------- ### Install/Upgrade Helm Chart Source: https://github.com/wireapp/wire-docs/blob/main/src/understand/helm.md Demonstrates the basic command to install or upgrade a Helm chart, using `my-cassandra` as an example for the `wire/cassandra-ephemeral` chart. ```default helm upgrade --install my-cassandra wire/cassandra-ephemeral ``` -------------------------------- ### Manage SSH Keys for Minikube Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md Imports and runs the setup_ssh.yml playbook to manage SSH keys for Minikube nodes and SSH proxying. This is conditional on the enablement of Minikube setup, asset host setup, or offline seed setup. ```yaml - name: Manage SSH Key Management ansible.builtin.import_tasks: ../../ansible/wiab-demo/setup_ssh.yml when: - minikube_setup - asset_host_setup - offline_seed_setup ``` -------------------------------- ### Ansible: Skip Setup Tasks for Iptables Regeneration Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md Shows how to execute an Ansible playbook while skipping initial setup tasks, often used when regenerating iptables rules or performing specific parts of the deployment. ```bash ansible-playbook -i ansible/inventory/demo/host.yml ansible/wiab-demo/deploy_wiab.yml -e "skip_setup_offline_seed=true skip_wire_secrets=true skip_asset_host=true skip_download=true skip_install_pkgs=true" ``` -------------------------------- ### Install RabbitMQ Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/helm-prod.md Installs RabbitMQ, which is required for enabling federation. This process involves generating a password, copying example configuration files, updating the secrets file with the generated password, and then installing the Helm chart. ```shell openssl rand -base64 64 | env LC_CTYPE=C tr -dc a-zA-Z0-9 | head -c 42 > my-wire-server/rabbitmq-password cp values/rabbitmq/prod-secrets.example.yaml values/rabbitmq/secrets.yaml cp values/rabbitmq/prod-values.example.yaml values/rabbitmq/values.yaml ``` ```shell helm upgrade --install rabbitmq wire/rabbitmq -f values/rabbitmq/values.yaml -f values/rabbitmq/secrets.yaml ``` -------------------------------- ### AWS Services Configuration Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/README.md Details the configuration of AWS services for Wire production deployment, including general introduction and specific instructions for using real AWS services for SNS, SES, SQS, and S3. ```markdown # How to configure AWS services ## Introduction ## Using real AWS services for SNS ## Using real AWS services for SES / SQS ## Using real AWS services for S3 ``` -------------------------------- ### Get Wire Server Deployment Information Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/includes/helm_dns-ingress-troubleshooting.inc.md Retrieves detailed information about a running Wire server deployment, including Docker image version, Helm chart version, and associated commit hashes. Requires kubectl, git, and helm to be installed. ```shell ./bin/deployment-info.sh ``` -------------------------------- ### Install Nginx Ingress Controllers Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/includes/helm_dns-ingress-troubleshooting.inc.md Installs the Nginx ingress controller and services using Helm. ```shell helm upgrade --install nginx-ingress-controller wire/nginx-ingress-controller --wait helm upgrade --install nginx-ingress-services wire/nginx-ingress-services -f values.yaml -f secrets.yaml --wait ``` -------------------------------- ### Install cert-manager Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/includes/helm_dns-ingress-troubleshooting.inc.md Installs the cert-manager Helm chart for automated certificate management. ```shell helm upgrade --install -n cert-manager-ns --set 'installCRDs=true' cert-manager jetstack/cert-manager ``` -------------------------------- ### Describe Pod Details Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md Provides detailed information about a specific Kubernetes pod, including its configuration, events, and status. This is useful for understanding why a pod might be failing or not starting correctly. ```default kubectl --namespace describe ``` -------------------------------- ### Run Legal Hold Docker Container Source: https://github.com/wireapp/wire-docs/blob/main/src/understand/legalhold.md Starts the Legal Hold service using a Docker container, configuring database connection, service token, and port mapping. ```bash docker run \ -e DB_URL='jdbc:postgresql://localhost/legalhold' \ -e DB_USER='postgres' \ -e DB_PASSWORD='your-postgresql-password' \ -e SERVICE_TOKEN='secr3t' \ -p 80:8080 \ --name secure-hold --rm quay.io/wire/legalhold:1.0.4 ``` -------------------------------- ### Example /etc/hosts Configuration Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/includes/helm_dns-ingress-troubleshooting.inc.md Demonstrates how to configure the /etc/hosts file on a client machine to manually map Wire-related domain names to a specific IP address, bypassing traditional DNS setup. ```shell 1.2.3.4 nginz-https. nginz-ssl. assets. webapp. teams. account. sftd. restund01. restund02. federator. ``` -------------------------------- ### Single Sign-On (SSO) Integration - Generic Setup Source: https://github.com/wireapp/wire-docs/blob/main/src/understand/README.md Provides a generic guide for setting up Single Sign-On (SSO) with Wire, applicable to various identity providers. ```APIDOC Generic SSO Setup: Description: General steps for integrating Wire with an SSO provider. Protocols Supported: - SAML 2.0 - OpenID Connect Configuration Steps: 1. Configure the Identity Provider (IdP) with Wire as a Service Provider (SP). 2. Provide IdP metadata to Wire. 3. Configure Wire with SP metadata and IdP details. 4. Map user attributes between IdP and Wire. Related Documentation: - SSO with ADFS: single-sign-on/adfs/main.md - SSO with Azure: single-sign-on/azure/main.md - SSO with Okta: single-sign-on/okta/main.md ``` -------------------------------- ### Install Required Dependencies Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md Imports and executes the install_pkgs.yml playbook to install necessary dependencies for the Wire deployment. This process can be bypassed by setting the 'skip_install_pkgs' variable to true. ```yaml - name: Install Required Dependencies ansible.builtin.import_tasks: ../../ansible/wiab-demo/install_pkgs.yml when: not skip_install_pkgs ``` -------------------------------- ### Ansible Inventory Host Configuration Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md Example of essential variables required in the `ansible/inventory/demo/host.yml` file for a successful WIAB deployment. These include connection details and domain information. ```yaml ansible_host: "" ansible_user: "" ansible_ssh_private_key_file: "" target_domain: "example.com" wire_ip: "" # Optional artifact_hash: "" ``` -------------------------------- ### Install QEMU User Static on Debian Source: https://github.com/wireapp/wire-docs/blob/main/src/developer/reference/make-docker-and-qemu.md This snippet demonstrates the command to install the `qemu-user-static` package on a Debian system using apt. It includes the expected output showing the package installation process and disk space usage. ```bash ## apt install qemu-user-static Reading package lists... Done Building dependency tree Reading state information... Done The following NEW packages will be installed: qemu-user-static 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 0 B/21.1 MB of archives. After this operation, 211 MB of additional disk space will be used. Selecting previously unselected package qemu-user-static. (Reading database ... 111963 files and directories currently installed.) Preparing to unpack .../qemu-user-static_1%3a3.1+dfsg-4_amd64.deb ... Unpacking qemu-user-static (1:3.1+dfsg-4) ... Setting up qemu-user-static (1:3.1+dfsg-4) ... Processing triggers for man-db (2.8.5-2) ... ``` -------------------------------- ### Ansible: Navigate to Ansible Directory Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/ansible-VMs.md Changes the current directory to the wire-server-deploy/ansible folder, which is the starting point for Ansible operations. ```bash cd wire-server-deploy/ansible ``` -------------------------------- ### Setup Asset Host for Offline Sources Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md Imports and executes the setup-offline-sources.yml playbook to configure the asset host, making Wire deployment artifacts available as a service. This can be skipped by setting 'skip_asset_host=true'. ```yaml - name: Setup Asset Host ansible.builtin.import_tasks: ../../ansible/setup-offline-sources.yml when: not skip_asset_host ``` -------------------------------- ### Install PostgreSQL Source: https://github.com/wireapp/wire-docs/blob/main/src/understand/legalhold.md Installs PostgreSQL on Ubuntu 18.04, a prerequisite for the Legal Hold service. ```bash sudo apt update sudo apt install postgresql ``` -------------------------------- ### Install Docker Source: https://github.com/wireapp/wire-docs/blob/main/src/understand/legalhold.md Installs Docker on Ubuntu 18.04, a requirement for running the Legal Hold service container. ```bash sudo apt update sudo apt install docker.io ``` -------------------------------- ### Wire SSO Authentication Code Example Source: https://github.com/wireapp/wire-docs/blob/main/src/understand/single-sign-on/generic-setup.md Illustrates the format of the login code provided by Wire for SSO authentication. This code is used to initiate the SSO login process from the Wire client. ```APIDOC Authentication Code Format: Example: `wire-959b5840-3e8a-11e9-adff-0fa5314b31c0` Description: This code is displayed in the team settings and is used to log in with SSO. Refer to Wire support documentation for detailed login instructions. ``` -------------------------------- ### Basic Makefile Example Source: https://github.com/wireapp/wire-docs/blob/main/src/developer/reference/make-docker-and-qemu.md A foundational Makefile demonstrating the use of variables (CC, CFLAGS, DEPS), pattern rules (%.o: %.c), and explicit rules for building a C program. It includes a 'clean' target for removing build artifacts. ```make CC=gcc CFLAGS=-I. DEPS = hellomake.h %.o: %.c $(DEPS) $(CC) -c -o $@ $< $(CFLAGS) hellomake: hellomake.o hellofunc.o $(CC) -o hellomake hellomake.o hellofunc.o clean: rm hellomake hellomake.o hellofunc.o ``` -------------------------------- ### Verify Kubectl Configuration Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md Demonstrates how to check the kubectl configuration and list pods in all namespaces using the specified kubeconfig file. ```bash # make sure you are logged with ansible_user cat ~/.kube/config kubectl --kubeconfig='~/.kube/config' get pods -A ``` -------------------------------- ### Demo Installation Requirements Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/planning.md Details the system, DNS, SSL/TLS, network, package, and permission requirements for a demo installation of Wire. It specifies hardware, software dependencies like Ansible and Git, and necessary network access rules. ```markdown ## Demo installation (trying functionality out) Please note that there is no way to migrate data from a demo installation to a production installation - it is really meant as a way to try things out. Please note your data will be in-memory only and may disappear at any given moment! ### What you need: - **System**: Ubuntu 24.04 (Focal) on amd64 architecture with following requirements: - CPU cores >= 16 - Memory > 16 GiB - Disk > 200 GiB - **DNS Records**: - a way to create DNS records for your domain name (e.g. wire.example.com) - Find a detailed explanation at [How to set up DNS records](demo-wiab.md#dns-requirements) - **SSL/TLS certificates**: - a way to create SSL/TLS certificates for your domain name (to allow connecting via https://) - To ease out the process of managing certs, we recommend using [Let\'s Encrypt](https://letsencrypt.org/getting-started/) & [cert-manager](https://cert-manager.io/docs/tutorials/acme/http-validation/) - **Network**: No interference from UFW or other system specific firewalls, and IP forwarding enabled between network cards. Public internet access to download Wire artifacts and Ubuntu packages. - **Packages**: Ansible and Git installed on the localhost (any machine you have access to) - Ansible version: [core 2.16.3] or compatible - **Permissions**: Sudo access required for installation on remote_node - **Deployment requirements**: - Clone of [wire-server-repository](https://github.com/wireapp/wire-server-deploy) and editing `ansible/inventory/demo/host.yml` as explained in [Deployment requirements](demo-wiab.md#deployment-requirements) - **Network Access Requirements**: | Protocol | Direction | Start Port | End Port | Ether Type | IP Range | Reason | |----------|-----------|------------|----------|------------|------------|---------------------------------------------| | Any | egress | Any | Any | IPv4 | Any | Allow all outgoing IPv4 traffic | | Any | egress | Any | Any | IPv6 | Any | Allow all outgoing IPv6 traffic | | tcp | ingress | 22 | 22 | IPv4 | 0.0.0.0/0 | Allow SSH access | | tcp | ingress | 443 | 443 | IPv4 | 0.0.0.0/0 | Allow HTTPS traffic | | tcp | ingress | 80 | 80 | IPv4 | 0.0.0.0/0 | Allow HTTP traffic | | tcp | ingress | 3478 | 3478 | IPv4 | 0.0.0.0/0 | Allow alternative STUN/TURN traffic over TCP| | udp | ingress | 3478 | 3478 | IPv4 | Any | Allow STUN/TURN traffic for Coturn | | udp | ingress | 49152 | 65535 | IPv4 | 0.0.0.0/0 | Allow calling traffic for Coturn over UDP | - Note: If outbound traffic is restricted, [Note on port ranges](https://docs.wire.com/latest/understand/notes/port-ranges.html) should be followed. ### Next steps for demo installation When the above [requirements](#what-you-need) are achieved, continue with the ansible playbook instructions for the [demo wire in a box](demo-wiab.md) installation. ``` -------------------------------- ### Sed Command Example for Image Prefixing Source: https://github.com/wireapp/wire-docs/blob/main/src/developer/reference/make-docker-and-qemu.md Demonstrates the usage of the sed command with '=' as a delimiter to prepend 'i386/' to a Docker FROM instruction, illustrating pattern matching and substitution. ```bash $ echo "FROM image-version" | sed "s=^\(FROM \)(.*)$$=\1i386/\2=" FROM i386/image-version ``` -------------------------------- ### Install Fake SMTP Services Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/helm-prod.md Installs a fake SMTP service (demo-smtp) as a placeholder when mail services are not being used. This involves copying an example values file and then running the Helm upgrade command. ```shell cp values/demo-smtp/prod-values.example.yaml values/demo-smtp/values.yaml helm upgrade --install smtp wire/demo-smtp -f values/demo-smtp/values.yaml ``` -------------------------------- ### Ansible Playbook for Wire-in-a-Box Demo Deployment Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md Commands to clone the Wire server deploy repository and execute the Ansible playbook for a demo Wire-in-a-Box deployment. ```bash git clone github.com/wireapp/wire-server-deploy.git cd wire-server-deploy ansible-playbook -i ansible/inventory/demo/host.yml ansible/wiab-demo/deploy_wiab.yml ``` -------------------------------- ### Clone Wire Server Deploy Repository Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md Clones the necessary Ansible playbook repository from GitHub to the local machine. This is the first step before configuring and running the deployment. ```bash git clone https://github.com/wireapp/wire-server-deploy.git cd wire-server-deploy ``` -------------------------------- ### Ansible Playbook Execution Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/planning.md Provides instructions on how to proceed with the demo installation using Ansible playbooks after all prerequisites are met. This assumes the user has cloned the repository and configured the inventory. ```bash # After meeting all requirements and configuring ansible/inventory/demo/host.yml: # Navigate to the cloned wire-server-deploy repository # cd wire-server-deploy # Execute the demo Wire in a Box playbook # ansible-playbook -i ansible/inventory/demo/ playbooks/wire-in-a-box.yml ``` -------------------------------- ### Install and Use Hasktags for Emacs Source: https://github.com/wireapp/wire-docs/blob/main/src/developer/developer/editor-setup.md Instructions for installing the 'hasktags' tool and configuring Emacs for jump-to-definition functionality. It includes installing the tool via stack or cabal, generating tags, and setting up a Git hook for automatic tag regeneration. ```bash stack install hasktags # or cabal install hasktags ``` ```bash M-x haskell-mode-generate-tags ``` ```bash echo "hasktags -e -x ." > .git/hooks/post-checkout chmod +x .git/hooks/post-checkout ``` -------------------------------- ### Production Hardware Requirements Overview Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/planning.md This table details the recommended virtual machine specifications for a high-availability Wire production installation, including the number of instances, CPU cores, memory, and disk space for each component. ```markdown | Name | Amount | CPU Cores | Memory (GB) | Disk Space (GB) | |------------------------------------------------------|----------|--------------|---------------|-------------------| | Cassandra | 3 | 2 | 4 | 80 | | MinIO | 3 | 1 | 2 | 400 | | ElasticSearch | 3 | 1 | 2 | 60 | | KubernetesΒ³ | 3 | 6ΒΉ | 8 | 40 | | Restund⁴ | 2 | 1 | 2 | 10 | | **Per-Server Totals** | β€” | 11 CPU Cores | 18 GB Memory | 590 GB Disk Space | | Admin HostΒ² | 1 | 1 | 4 | 40 | | Asset HostΒ² | 1 | 1 | 4 | 100 | | **Per-Server Totals with
Admin and Asset Hosts** | β€” | 13 CPU Cores | 26 GB Memory | 730 GB Disk Space | ``` -------------------------------- ### Restund Configuration Example Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/restund.md This INI configuration snippet shows how to set the network interface for Restund and provides an example of host definitions within an Ansible inventory file. ```ini [all] (...) restund01 ansible_host=X.X.X.X (...) [all:vars] ## Set the network interface name for restund to bind to if you have more than one network interface ## If unset, defaults to the ansible_default_ipv4 (if defined) otherwise to eth0 restund_network_interface = eth0 ``` -------------------------------- ### Authorization Request Example Source: https://github.com/wireapp/wire-docs/blob/main/src/developer/reference/oauth.md An example of an HTTP GET request to initiate the authorization process. It includes parameters like scope, response_type, client_id, redirect_uri, state, code_challenge, and code_challenge_method. ```http GET /authorize? scope=read%3Aself%20write%3Aconversation& response_type=code& client_id=b9e65569-aa61-462d-915d-94c8d6ef17a7& redirect_uri=https%3A%2F%2Fclient.example.com& state=foobar& code_challenge=qVrqDTN8ivyWEEw6wyfUc3bwhCA2RE4V2fbiC4mC7ofqAF4t& code_challenge_method=S256 HTTP/1.1 ``` -------------------------------- ### Connecting Wire Desktop via Startup Parameters Source: https://github.com/wireapp/wire-docs/blob/main/src/understand/associate/custom-backend-for-desktop-client.md This section details how to use command-line arguments to connect the Wire desktop application to a custom backend. It covers different operating systems. ```powershell Create a shortcut to the Wire application. Edit the shortcut ( Right click > Properties ) Add the following command line parameters to the shortcut: --env {URL}, where {URL} is the URL of your webapp. ``` ```bash open -b com.wearezeta.zclient.mac --args --env {URL}, where {URL} is the URL of your webapp as noted down above ``` ```bash --env {URL}, where {URL} is the URL of your custom backend ``` -------------------------------- ### Ansible: Hosts.ini Configuration Example Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/ansible-VMs.md Provides examples of how to configure the hosts.ini file for Ansible, including setting Cassandra cluster names and specifying network interfaces for inter-node communication. ```ini [cassandra:vars] # cassandra_clustername: default [all:vars] ## set to True if using AWS is_aws_environment = False ``` -------------------------------- ### Start Minio Server Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/administrate/minio.md Command to restart the Minio server service after maintenance has been completed. ```default systemctl start minio-server ``` -------------------------------- ### Wire Deployment Cleanup Options Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md Details the various options available for the Wire-in-a-Box cleanup playbook, allowing granular control over what components are removed during the uninstallation process. ```APIDOC Wire Deployment Cleanup Options: - remove_minikube: (boolean) Stops and deletes the Minikube Kubernetes cluster. - remove_iptables: (boolean) Restores pre-installation network rules, removing any iptables rules added by the deployment. - remove_ssh: (boolean) Removes generated SSH keys from the deploy_node. - remove_artifacts: (boolean) Deletes downloaded deployment artifacts and Wire files from the deploy_node. - clean_assethost: (boolean) Stops the asset hosting service and cleans up related files. - uninstall_pkgs: (boolean, optional) Removes installed dependencies such as Docker, kubectl, yq, etc. Use with caution as it might remove pre-existing packages. ``` -------------------------------- ### Install Fake AWS Services for SNS/SQS Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/helm-prod.md Installs a fake AWS service for SNS and SQS, which uses a websocket method for notifications. This is an alternative to using real AWS services and is suitable for development or testing. It involves copying an example values file and then running the Helm upgrade command. ```shell cp values/fake-aws/prod-values.example.yaml values/fake-aws/values.yaml helm upgrade --install fake-aws wire/fake-aws -f values/fake-aws/values.yaml --wait ``` -------------------------------- ### Minio Administration Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/administrate/README.md Guides for managing Minio, including deciding on its usage, setting up interaction, maintenance tasks, rotating root credentials, and checking node health. ```markdown # Minio - [Should you be using Minio?](minio.md#should-you-be-using-minio) - [Setting up interaction with Minio](minio.md#setting-up-interaction-with-minio) - [Minio maintenance](minio.md#minio-maintenance) - [Rotate root credentials](minio.md#rotate-root-credentials) - [Check the health of a MinIO node](minio.md#check-the-health-of-a-minio-node) ``` -------------------------------- ### VSCode Haskell Setup Source: https://github.com/wireapp/wire-docs/blob/main/src/developer/developer/editor-setup.md Instructions for setting up VSCode with the Haskell Language Server (hls) for enhanced Haskell development. This includes installing necessary VSCode extensions, generating the hie.yaml configuration file, and selecting the Nix environment. ```bash make hie.yaml Nix-Env: Select environment ``` -------------------------------- ### Download Wire Artifacts Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md Imports and runs the download_artifact.yml playbook to fetch necessary Wire components, including Docker images and Helm charts. This step can be skipped by setting 'skip_download=true'. ```yaml - name: Download Wire Artifacts ansible.builtin.import_tasks: ../../ansible/wiab-demo/download_artifact.yml when: not skip_download ``` -------------------------------- ### Verify NTP Setup with Ansible Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/ansible-VMs.md Runs an Ansible playbook to verify the Network Time Protocol (NTP) setup after deployment. The '-i hosts.ini' flag specifies the inventory file, 'cassandra-verify-ntp.yml' is the playbook, and '-vv' increases verbosity. ```bash ansible-playbook -i hosts.ini cassandra-verify-ntp.yml -vv ``` -------------------------------- ### Run WIAB Demo Deployment Playbook Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md Executes the Ansible playbook to deploy the Wire-in-a-Box demo environment. Requires the inventory file to be pre-configured with necessary variables. ```bash ansible-playbook -i ansible/inventory/demo/host.yml ansible/wiab-demo/deploy_wiab.yml ``` -------------------------------- ### Get Wire Server Deployment Version Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/helm-prod.md This script retrieves information about the running Wire server deployment, including the Docker image version, Helm chart version, and associated commit hashes. It requires kubectl, git, and helm to be installed. ```shell ./bin/deployment-info.sh ``` -------------------------------- ### Makefile Rule Structure Source: https://github.com/wireapp/wire-docs/blob/main/src/developer/reference/make-docker-and-qemu.md Illustrates the general structure of a Makefile rule, defining the target, the prerequisites needed to build it, and the shell commands (recipe) to perform the build. Emphasizes that recipe lines must start with a tab. ```make my_thing: things I need first bash commands to build it target: prerequisites recipe line 1 ``` -------------------------------- ### Nginx Ingress Configuration Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/helm-prod.md Configuration for the Nginx ingress service, including domain replacement and TLS certificate setup. ```yaml secrets: tlsWildcardCert: | -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- tlsWildcardKey: | -----BEGIN RSA PRIVATE KEY ----- ... -----END RSA PRIVATE KEY----- ``` -------------------------------- ### Initiate Minio Cluster Heal Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/administrate/minio.md Command to start the healing process for the Minio cluster, which redistributes data and parity information to ensure redundancy. ```default mc admin heal -r local ``` -------------------------------- ### Federation Setup - DNS Configuration Source: https://github.com/wireapp/wire-docs/blob/main/src/understand/README.md Details the necessary DNS setup steps required for enabling federation between Wire instances. ```APIDOC Federation DNS Setup: Description: Configuration of DNS records for successful federation. Required Records: - SRV records: For service discovery (e.g., `_wire-federation._tcp.yourdomain.com`). - TXT records: Potentially for domain verification or federation policy. - A/AAAA records: For backend server IP addresses. Example SRV Record: `_wire-federation._tcp.example.com. IN SRV 10 60 5050 federator.example.com.` Related Documentation: - Federation Architecture: federation/architecture.md - TLS certificate configuration: configure-federation.md#generate-and-configure-tls-server-and-client-certificates ``` -------------------------------- ### Get Minio Admin Information Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/administrate/minio.md Retrieves administrative information about the Minio cluster. This command is used to check the status and health of the Minio server. ```default mc admin info local ``` -------------------------------- ### Deploy Wire Components with Helm Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md Imports and runs the helm_install.yml playbook to deploy Wire components using Helm charts. Chart configurations are available in host.yml, and the deployment can be skipped with 'skip_helm_install=true'. ```yaml - name: Helm Chart Installation ansible.builtin.import_tasks: ../../ansible/wiab-demo/helm_install.yml when: not skip_helm_install ``` -------------------------------- ### Delete Helm Releases Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/logging.md Removes Helm deployments associated with the logging setup. It requires identifying the correct Helm release names for each component. ```bash helm del --purge ``` -------------------------------- ### Minio Cluster Heal Status Output Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/administrate/minio.md Example output of the Minio cluster heal command, showing the health status of drives and overall cluster health. ```default β—‘ bunny 0/0 objects; 0 B in 2s β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ Green β”‚ 2 β”‚ 66.7% β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ β”‚ β”‚ Yellow β”‚ 1 β”‚ 33.3% β–ˆβ–ˆβ–ˆβ–ˆ β”‚ β”‚ Red β”‚ 0 β”‚ 0.0% β”‚ β”‚ Grey β”‚ 0 β”‚ 0.0% β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ ```