### Production Installation Introduction
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/README.md
Introduces the production installation of Wire, detailing what components will be installed by default and what will not. Also covers getting support and next steps for high-availability setups.
```markdown
# Introduction
## What will be installed by following these parts?
## What will not be installed?
## What will not be installed by default?
## Getting support
## Next steps for high-available production installation
```
--------------------------------
### Wire-in-a-Box Demo Installation
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/README.md
Provides a guide for deploying Wire in a demo environment using the Wire-in-a-Box method. Covers introduction, what will be installed, diagrams, requirements, getting started, deployment flow, tips, troubleshooting, and uninstallation.
```markdown
# Demo Wire-in-a-Box Deployment Guide
## Introduction
## What will be installed?
## Wire Demo installation diagram
## Installation Guide
## Deployment requirements
## Getting Started
## Deployment Flow
## General Tips
## Trying Things Out
## Troubleshooting
## Cleaning/Uninstalling Wire-in-a-Box
```
--------------------------------
### Kubernetes and Databases Installation
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/README.md
Guides on installing Kubernetes and databases, including introduction, assumptions, preparing to run Ansible, and executing Ansible for software installation on machines.
```markdown
# How to install kubernetes and databases
## Introduction
## Assumptions
## Preparing to run ansible
## Running ansible to install software on your machines
```
--------------------------------
### Helm Client Version Output Example
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/helm-prod.md
An example output demonstrating a successful Helm client version check, indicating the installed Helm version and build information.
```default
version.BuildInfo{Version:"v3.1.1", GitCommit:"afe70585407b420d0097d07b21c47dc511525ac8", GitTreeState:"clean", GoVersion:"go1.13.8"}
```
--------------------------------
### Wire-Server Helm Installation
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/README.md
Explains how to install Wire-Server using Helm, covering prerequisites, chart installation from the internet, watching changes, general notes, installing charts for external databases, fake AWS services, preparing for Wire-Server installation, installing RabbitMQ, configuring SMTP services (real and fake), installing Wire-Server itself, and DNS records.
```markdown
# How to install wire-server using Helm
## Introduction
## Prerequisites
## Preparing to install charts from the internet with Helm
## Watching changes as they happen
## General installation notes
## How to install charts that provide access to external databases
## How to install fake AWS services for SNS / SQS
## Preparing to install wire-server
## How to install RabbitMQ
## How to configure real SMTP (email) services
## How to install fake SMTP (email) services
## How to install wire-server itself
## DNS records
```
--------------------------------
### Nginx Ingress Service Setup
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/helm-prod.md
Initializes the Nginx ingress service by creating directories, copying example configuration files, and setting up secrets and values.
```shell
mkdir -p nginx-ingress-services && cd nginx-ingress-services
cp ../values/nginx-ingress-services/demo-secrets.example.yaml secrets.yaml
cp ../values/nginx-ingress-services/demo-values.example.yaml values.yaml
```
--------------------------------
### Ansible: Copy Example Hosts File
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/ansible-VMs.md
Copies the example hosts.example.ini file to hosts.ini, creating the configuration file needed for Ansible to manage the deployment.
```bash
cp hosts.example.ini hosts.ini
```
--------------------------------
### Prepare Wire-Server Configuration
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/helm-prod.md
Prepares the configuration for the wire-server by creating a new directory and copying example values and secrets files. This allows for modifications without altering the original example files.
```shell
mkdir -p my-wire-server
cp values/wire-server/prod-secrets.example.yaml my-wire-server/secrets.yaml
cp values/wire-server/prod-values.example.yaml my-wire-server/values.yaml
```
--------------------------------
### Legal Hold Setup - Installation and Configuration
Source: https://github.com/wireapp/wire-docs/blob/main/src/understand/README.md
Instructions for installing and configuring the Legal Hold feature within Wire.
```APIDOC
Legal Hold Setup:
Description: Guide for installing and configuring the Legal Hold feature.
Installation:
- Prerequisites: Ensure necessary backend services and database schemas are in place.
- Deployment: Steps to deploy the Legal Hold service or module.
Configuration:
- Team Settings: How to enable and configure Legal Hold for specific teams or organizations.
- User Permissions: Managing roles and permissions related to Legal Hold.
Related Documentation:
- Introduction: legalhold.md#introduction
- Configuring Team Settings: legalhold.md#configuring-team-settings-to-use-legal-hold
```
--------------------------------
### Wire-in-a-Box Demo Deployment Diagram
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md
Mermaid diagram illustrating the architecture and data flow of the demo Wire-in-a-Box setup, showing external components, the deployment node, and internal connections.
```mermaid
graph TB
%% External components
WebClients["π₯οΈ Web Clients/Android/iOS
Clients"]
AnsibleNode["π Ansible node"]
%% Main deploy_node containing all components
subgraph DeployNode ["π₯οΈ deploy_node"]
%% NIC on the node
NIC["π NIC (Public/Private)
ssh/https/Coturn UDP
traffic"]
%% Iptables NAT rules on the node
NAT["π Iptables NAT rules
redirect external traffic
to k8s pods"]
%% Wire server deployment on the node
WireServerDownload["π₯ Download wire-server-
deploy-static-demo-*.tgz
and start assets.service"]
%% Docker/k8s environment on the node
subgraph DockerK8s ["π³ Docker - minikube k8s"]
SeedContainer["seed-offline-containerized
(loads all the containers)"]
subgraph HelmCharts ["Helm Charts:
fake-sws | demo-smtp | rabbitmq
databases-ephemeral | wire-server
webapp | account-pages | team-settings
ingress-nginx-controller
nginx-ingress-services
coturn | SFT"]
end
end
end
GitCommands["π₯οΈ git clone github.com/wireapp/wire-server-deploy.git
cd wire-server-deploy
ansible-playbook -i ansible/inventory/demo/host.yml
ansible/wiab-demo/deploy_wiab.yml"]
%% Traffic flows
%% Wire application traffic from clients
WebClients -->|"π΅ Wire App Traffic
(https/websocket)"| NIC
NIC --> NAT
NAT -->|"Route to k8s pods"| DockerK8s
%% SSH/Ansible configuration traffic
AnsibleNode -->|"π’ SSH/Ansible Traffic
(configuration)"| NIC
AnsibleNode --> GitCommands
%% Internal connections on deploy_node
WireServerDownload -->|"Seeds"| SeedContainer
SeedContainer -->|"docker image loads"| HelmCharts
%% Color coding based on legend - softer colors for better readability
classDef yellow fill:#fff9c4,stroke:#666,stroke-width:1px,color:#4a4a4a
classDef blue fill:#e3f2fd,stroke:#666,stroke-width:1px,color:#1565c0
classDef green fill:#e8f5e8,stroke:#666,stroke-width:1px,color:#2e7d32
classDef red fill:#ffebee,stroke:#666,stroke-width:1px,color:#c62828
classDef purple fill:#f3e5f5,stroke:#666,stroke-width:1px,color:#7b1fa2
classDef rose fill:#fce4ec,stroke:#666,stroke-width:1px,color:#c2185b
classDef orange fill:#fff3e0,stroke:#666,stroke-width:1px,color:#ef6c00
classDef gray fill:#f5f5f5,stroke:#666,stroke-width:1px,color:#616161
%% Apply colors according to legend and function
class DeployNode yellow
class WireServerDownload,NAT blue
class HelmCharts,SeedContainer green
class DockerK8s red
class NIC purple
class WebClients rose
class AnsibleNode orange
class GitCommands gray
```
--------------------------------
### Setup Nginx Ingress Services
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/includes/helm_dns-ingress-troubleshooting.inc.md
Creates a directory for Nginx ingress services and copies example configuration files.
```shell
mkdir -p nginx-ingress-services && cd nginx-ingress-services
cp ../values/nginx-ingress-services/demo-secrets.example.yaml secrets.yaml
cp ../values/nginx-ingress-services/demo-values.example.yaml values.yaml
```
--------------------------------
### Install/Upgrade Helm Chart
Source: https://github.com/wireapp/wire-docs/blob/main/src/understand/helm.md
Demonstrates the basic command to install or upgrade a Helm chart, using `my-cassandra` as an example for the `wire/cassandra-ephemeral` chart.
```default
helm upgrade --install my-cassandra wire/cassandra-ephemeral
```
--------------------------------
### Manage SSH Keys for Minikube
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md
Imports and runs the setup_ssh.yml playbook to manage SSH keys for Minikube nodes and SSH proxying. This is conditional on the enablement of Minikube setup, asset host setup, or offline seed setup.
```yaml
- name: Manage SSH Key Management
ansible.builtin.import_tasks: ../../ansible/wiab-demo/setup_ssh.yml
when:
- minikube_setup
- asset_host_setup
- offline_seed_setup
```
--------------------------------
### Ansible: Skip Setup Tasks for Iptables Regeneration
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md
Shows how to execute an Ansible playbook while skipping initial setup tasks, often used when regenerating iptables rules or performing specific parts of the deployment.
```bash
ansible-playbook -i ansible/inventory/demo/host.yml ansible/wiab-demo/deploy_wiab.yml -e "skip_setup_offline_seed=true skip_wire_secrets=true skip_asset_host=true skip_download=true skip_install_pkgs=true"
```
--------------------------------
### Install RabbitMQ
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/helm-prod.md
Installs RabbitMQ, which is required for enabling federation. This process involves generating a password, copying example configuration files, updating the secrets file with the generated password, and then installing the Helm chart.
```shell
openssl rand -base64 64 | env LC_CTYPE=C tr -dc a-zA-Z0-9 | head -c 42 > my-wire-server/rabbitmq-password
cp values/rabbitmq/prod-secrets.example.yaml values/rabbitmq/secrets.yaml
cp values/rabbitmq/prod-values.example.yaml values/rabbitmq/values.yaml
```
```shell
helm upgrade --install rabbitmq wire/rabbitmq -f values/rabbitmq/values.yaml -f values/rabbitmq/secrets.yaml
```
--------------------------------
### AWS Services Configuration
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/README.md
Details the configuration of AWS services for Wire production deployment, including general introduction and specific instructions for using real AWS services for SNS, SES, SQS, and S3.
```markdown
# How to configure AWS services
## Introduction
## Using real AWS services for SNS
## Using real AWS services for SES / SQS
## Using real AWS services for S3
```
--------------------------------
### Get Wire Server Deployment Information
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/includes/helm_dns-ingress-troubleshooting.inc.md
Retrieves detailed information about a running Wire server deployment, including Docker image version, Helm chart version, and associated commit hashes. Requires kubectl, git, and helm to be installed.
```shell
./bin/deployment-info.sh
```
--------------------------------
### Install Nginx Ingress Controllers
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/includes/helm_dns-ingress-troubleshooting.inc.md
Installs the Nginx ingress controller and services using Helm.
```shell
helm upgrade --install nginx-ingress-controller wire/nginx-ingress-controller --wait
helm upgrade --install nginx-ingress-services wire/nginx-ingress-services -f values.yaml -f secrets.yaml --wait
```
--------------------------------
### Install cert-manager
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/includes/helm_dns-ingress-troubleshooting.inc.md
Installs the cert-manager Helm chart for automated certificate management.
```shell
helm upgrade --install -n cert-manager-ns --set 'installCRDs=true' cert-manager jetstack/cert-manager
```
--------------------------------
### Describe Pod Details
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md
Provides detailed information about a specific Kubernetes pod, including its configuration, events, and status. This is useful for understanding why a pod might be failing or not starting correctly.
```default
kubectl --namespace describe
```
--------------------------------
### Run Legal Hold Docker Container
Source: https://github.com/wireapp/wire-docs/blob/main/src/understand/legalhold.md
Starts the Legal Hold service using a Docker container, configuring database connection, service token, and port mapping.
```bash
docker run \
-e DB_URL='jdbc:postgresql://localhost/legalhold' \
-e DB_USER='postgres' \
-e DB_PASSWORD='your-postgresql-password' \
-e SERVICE_TOKEN='secr3t' \
-p 80:8080 \
--name secure-hold --rm quay.io/wire/legalhold:1.0.4
```
--------------------------------
### Example /etc/hosts Configuration
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/includes/helm_dns-ingress-troubleshooting.inc.md
Demonstrates how to configure the /etc/hosts file on a client machine to manually map Wire-related domain names to a specific IP address, bypassing traditional DNS setup.
```shell
1.2.3.4 nginz-https. nginz-ssl. assets. webapp. teams. account. sftd. restund01. restund02. federator.
```
--------------------------------
### Single Sign-On (SSO) Integration - Generic Setup
Source: https://github.com/wireapp/wire-docs/blob/main/src/understand/README.md
Provides a generic guide for setting up Single Sign-On (SSO) with Wire, applicable to various identity providers.
```APIDOC
Generic SSO Setup:
Description: General steps for integrating Wire with an SSO provider.
Protocols Supported:
- SAML 2.0
- OpenID Connect
Configuration Steps:
1. Configure the Identity Provider (IdP) with Wire as a Service Provider (SP).
2. Provide IdP metadata to Wire.
3. Configure Wire with SP metadata and IdP details.
4. Map user attributes between IdP and Wire.
Related Documentation:
- SSO with ADFS: single-sign-on/adfs/main.md
- SSO with Azure: single-sign-on/azure/main.md
- SSO with Okta: single-sign-on/okta/main.md
```
--------------------------------
### Install Required Dependencies
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md
Imports and executes the install_pkgs.yml playbook to install necessary dependencies for the Wire deployment. This process can be bypassed by setting the 'skip_install_pkgs' variable to true.
```yaml
- name: Install Required Dependencies
ansible.builtin.import_tasks: ../../ansible/wiab-demo/install_pkgs.yml
when: not skip_install_pkgs
```
--------------------------------
### Ansible Inventory Host Configuration
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md
Example of essential variables required in the `ansible/inventory/demo/host.yml` file for a successful WIAB deployment. These include connection details and domain information.
```yaml
ansible_host: ""
ansible_user: ""
ansible_ssh_private_key_file: ""
target_domain: "example.com"
wire_ip: "" # Optional
artifact_hash: ""
```
--------------------------------
### Install QEMU User Static on Debian
Source: https://github.com/wireapp/wire-docs/blob/main/src/developer/reference/make-docker-and-qemu.md
This snippet demonstrates the command to install the `qemu-user-static` package on a Debian system using apt. It includes the expected output showing the package installation process and disk space usage.
```bash
## apt install qemu-user-static
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
qemu-user-static
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/21.1 MB of archives.
After this operation, 211 MB of additional disk space will be used.
Selecting previously unselected package qemu-user-static.
(Reading database ... 111963 files and directories currently installed.)
Preparing to unpack .../qemu-user-static_1%3a3.1+dfsg-4_amd64.deb ...
Unpacking qemu-user-static (1:3.1+dfsg-4) ...
Setting up qemu-user-static (1:3.1+dfsg-4) ...
Processing triggers for man-db (2.8.5-2) ...
```
--------------------------------
### Ansible: Navigate to Ansible Directory
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/ansible-VMs.md
Changes the current directory to the wire-server-deploy/ansible folder, which is the starting point for Ansible operations.
```bash
cd wire-server-deploy/ansible
```
--------------------------------
### Setup Asset Host for Offline Sources
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md
Imports and executes the setup-offline-sources.yml playbook to configure the asset host, making Wire deployment artifacts available as a service. This can be skipped by setting 'skip_asset_host=true'.
```yaml
- name: Setup Asset Host
ansible.builtin.import_tasks: ../../ansible/setup-offline-sources.yml
when: not skip_asset_host
```
--------------------------------
### Install PostgreSQL
Source: https://github.com/wireapp/wire-docs/blob/main/src/understand/legalhold.md
Installs PostgreSQL on Ubuntu 18.04, a prerequisite for the Legal Hold service.
```bash
sudo apt update
sudo apt install postgresql
```
--------------------------------
### Install Docker
Source: https://github.com/wireapp/wire-docs/blob/main/src/understand/legalhold.md
Installs Docker on Ubuntu 18.04, a requirement for running the Legal Hold service container.
```bash
sudo apt update
sudo apt install docker.io
```
--------------------------------
### Wire SSO Authentication Code Example
Source: https://github.com/wireapp/wire-docs/blob/main/src/understand/single-sign-on/generic-setup.md
Illustrates the format of the login code provided by Wire for SSO authentication. This code is used to initiate the SSO login process from the Wire client.
```APIDOC
Authentication Code Format:
Example:
`wire-959b5840-3e8a-11e9-adff-0fa5314b31c0`
Description:
This code is displayed in the team settings and is used to log in with SSO. Refer to Wire support documentation for detailed login instructions.
```
--------------------------------
### Basic Makefile Example
Source: https://github.com/wireapp/wire-docs/blob/main/src/developer/reference/make-docker-and-qemu.md
A foundational Makefile demonstrating the use of variables (CC, CFLAGS, DEPS), pattern rules (%.o: %.c), and explicit rules for building a C program. It includes a 'clean' target for removing build artifacts.
```make
CC=gcc
CFLAGS=-I.
DEPS = hellomake.h
%.o: %.c $(DEPS)
$(CC) -c -o $@ $< $(CFLAGS)
hellomake: hellomake.o hellofunc.o
$(CC) -o hellomake hellomake.o hellofunc.o
clean:
rm hellomake hellomake.o hellofunc.o
```
--------------------------------
### Verify Kubectl Configuration
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md
Demonstrates how to check the kubectl configuration and list pods in all namespaces using the specified kubeconfig file.
```bash
# make sure you are logged with ansible_user
cat ~/.kube/config
kubectl --kubeconfig='~/.kube/config' get pods -A
```
--------------------------------
### Demo Installation Requirements
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/planning.md
Details the system, DNS, SSL/TLS, network, package, and permission requirements for a demo installation of Wire. It specifies hardware, software dependencies like Ansible and Git, and necessary network access rules.
```markdown
## Demo installation (trying functionality out)
Please note that there is no way to migrate data from a demo
installation to a production installation - it is really meant as a way
to try things out.
Please note your data will be in-memory only and may disappear at any given moment!
### What you need:
- **System**: Ubuntu 24.04 (Focal) on amd64 architecture with following requirements:
- CPU cores >= 16
- Memory > 16 GiB
- Disk > 200 GiB
- **DNS Records**:
- a way to create DNS records for your domain name (e.g. wire.example.com)
- Find a detailed explanation at [How to set up DNS records](demo-wiab.md#dns-requirements)
- **SSL/TLS certificates**:
- a way to create SSL/TLS certificates for your domain name (to allow connecting via https://)
- To ease out the process of managing certs, we recommend using [Let\'s Encrypt](https://letsencrypt.org/getting-started/) &
[cert-manager](https://cert-manager.io/docs/tutorials/acme/http-validation/)
- **Network**: No interference from UFW or other system specific firewalls, and IP forwarding enabled between network cards. Public internet access to download Wire artifacts and Ubuntu packages.
- **Packages**: Ansible and Git installed on the localhost (any machine you have access to)
- Ansible version: [core 2.16.3] or compatible
- **Permissions**: Sudo access required for installation on remote_node
- **Deployment requirements**:
- Clone of [wire-server-repository](https://github.com/wireapp/wire-server-deploy) and editing `ansible/inventory/demo/host.yml` as explained in [Deployment requirements](demo-wiab.md#deployment-requirements)
- **Network Access Requirements**:
| Protocol | Direction | Start Port | End Port | Ether Type | IP Range | Reason |
|----------|-----------|------------|----------|------------|------------|---------------------------------------------|
| Any | egress | Any | Any | IPv4 | Any | Allow all outgoing IPv4 traffic |
| Any | egress | Any | Any | IPv6 | Any | Allow all outgoing IPv6 traffic |
| tcp | ingress | 22 | 22 | IPv4 | 0.0.0.0/0 | Allow SSH access |
| tcp | ingress | 443 | 443 | IPv4 | 0.0.0.0/0 | Allow HTTPS traffic |
| tcp | ingress | 80 | 80 | IPv4 | 0.0.0.0/0 | Allow HTTP traffic |
| tcp | ingress | 3478 | 3478 | IPv4 | 0.0.0.0/0 | Allow alternative STUN/TURN traffic over TCP|
| udp | ingress | 3478 | 3478 | IPv4 | Any | Allow STUN/TURN traffic for Coturn |
| udp | ingress | 49152 | 65535 | IPv4 | 0.0.0.0/0 | Allow calling traffic for Coturn over UDP |
- Note: If outbound traffic is restricted, [Note on port ranges](https://docs.wire.com/latest/understand/notes/port-ranges.html) should be followed.
### Next steps for demo installation
When the above [requirements](#what-you-need) are achieved, continue with the ansible playbook instructions for the [demo wire in a box](demo-wiab.md) installation.
```
--------------------------------
### Sed Command Example for Image Prefixing
Source: https://github.com/wireapp/wire-docs/blob/main/src/developer/reference/make-docker-and-qemu.md
Demonstrates the usage of the sed command with '=' as a delimiter to prepend 'i386/' to a Docker FROM instruction, illustrating pattern matching and substitution.
```bash
$ echo "FROM image-version" | sed "s=^\(FROM \)(.*)$$=\1i386/\2="
FROM i386/image-version
```
--------------------------------
### Install Fake SMTP Services
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/helm-prod.md
Installs a fake SMTP service (demo-smtp) as a placeholder when mail services are not being used. This involves copying an example values file and then running the Helm upgrade command.
```shell
cp values/demo-smtp/prod-values.example.yaml values/demo-smtp/values.yaml
helm upgrade --install smtp wire/demo-smtp -f values/demo-smtp/values.yaml
```
--------------------------------
### Ansible Playbook for Wire-in-a-Box Demo Deployment
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md
Commands to clone the Wire server deploy repository and execute the Ansible playbook for a demo Wire-in-a-Box deployment.
```bash
git clone github.com/wireapp/wire-server-deploy.git
cd wire-server-deploy
ansible-playbook -i ansible/inventory/demo/host.yml ansible/wiab-demo/deploy_wiab.yml
```
--------------------------------
### Clone Wire Server Deploy Repository
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md
Clones the necessary Ansible playbook repository from GitHub to the local machine. This is the first step before configuring and running the deployment.
```bash
git clone https://github.com/wireapp/wire-server-deploy.git
cd wire-server-deploy
```
--------------------------------
### Ansible Playbook Execution
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/planning.md
Provides instructions on how to proceed with the demo installation using Ansible playbooks after all prerequisites are met. This assumes the user has cloned the repository and configured the inventory.
```bash
# After meeting all requirements and configuring ansible/inventory/demo/host.yml:
# Navigate to the cloned wire-server-deploy repository
# cd wire-server-deploy
# Execute the demo Wire in a Box playbook
# ansible-playbook -i ansible/inventory/demo/ playbooks/wire-in-a-box.yml
```
--------------------------------
### Install and Use Hasktags for Emacs
Source: https://github.com/wireapp/wire-docs/blob/main/src/developer/developer/editor-setup.md
Instructions for installing the 'hasktags' tool and configuring Emacs for jump-to-definition functionality. It includes installing the tool via stack or cabal, generating tags, and setting up a Git hook for automatic tag regeneration.
```bash
stack install hasktags # or cabal install hasktags
```
```bash
M-x haskell-mode-generate-tags
```
```bash
echo "hasktags -e -x ." > .git/hooks/post-checkout
chmod +x .git/hooks/post-checkout
```
--------------------------------
### Production Hardware Requirements Overview
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/planning.md
This table details the recommended virtual machine specifications for a high-availability Wire production installation, including the number of instances, CPU cores, memory, and disk space for each component.
```markdown
| Name | Amount | CPU Cores | Memory (GB) | Disk Space (GB) |
|------------------------------------------------------|----------|--------------|---------------|-------------------|
| Cassandra | 3 | 2 | 4 | 80 |
| MinIO | 3 | 1 | 2 | 400 |
| ElasticSearch | 3 | 1 | 2 | 60 |
| KubernetesΒ³ | 3 | 6ΒΉ | 8 | 40 |
| Restundβ΄ | 2 | 1 | 2 | 10 |
| **Per-Server Totals** | β | 11 CPU Cores | 18 GB Memory | 590 GB Disk Space |
| Admin HostΒ² | 1 | 1 | 4 | 40 |
| Asset HostΒ² | 1 | 1 | 4 | 100 |
| **Per-Server Totals with
Admin and Asset Hosts** | β | 13 CPU Cores | 26 GB Memory | 730 GB Disk Space |
```
--------------------------------
### Restund Configuration Example
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/restund.md
This INI configuration snippet shows how to set the network interface for Restund and provides an example of host definitions within an Ansible inventory file.
```ini
[all]
(...)
restund01 ansible_host=X.X.X.X
(...)
[all:vars]
## Set the network interface name for restund to bind to if you have more than one network interface
## If unset, defaults to the ansible_default_ipv4 (if defined) otherwise to eth0
restund_network_interface = eth0
```
--------------------------------
### Authorization Request Example
Source: https://github.com/wireapp/wire-docs/blob/main/src/developer/reference/oauth.md
An example of an HTTP GET request to initiate the authorization process. It includes parameters like scope, response_type, client_id, redirect_uri, state, code_challenge, and code_challenge_method.
```http
GET /authorize?
scope=read%3Aself%20write%3Aconversation&
response_type=code&
client_id=b9e65569-aa61-462d-915d-94c8d6ef17a7&
redirect_uri=https%3A%2F%2Fclient.example.com&
state=foobar&
code_challenge=qVrqDTN8ivyWEEw6wyfUc3bwhCA2RE4V2fbiC4mC7ofqAF4t&
code_challenge_method=S256 HTTP/1.1
```
--------------------------------
### Connecting Wire Desktop via Startup Parameters
Source: https://github.com/wireapp/wire-docs/blob/main/src/understand/associate/custom-backend-for-desktop-client.md
This section details how to use command-line arguments to connect the Wire desktop application to a custom backend. It covers different operating systems.
```powershell
Create a shortcut to the Wire application.
Edit the shortcut ( Right click > Properties )
Add the following command line parameters to the shortcut: --env {URL}, where {URL} is the URL of your webapp.
```
```bash
open -b com.wearezeta.zclient.mac --args --env {URL}, where {URL} is the URL of your webapp as noted down above
```
```bash
--env {URL}, where {URL} is the URL of your custom backend
```
--------------------------------
### Ansible: Hosts.ini Configuration Example
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/ansible-VMs.md
Provides examples of how to configure the hosts.ini file for Ansible, including setting Cassandra cluster names and specifying network interfaces for inter-node communication.
```ini
[cassandra:vars]
# cassandra_clustername: default
[all:vars]
## set to True if using AWS
is_aws_environment = False
```
--------------------------------
### Start Minio Server
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/administrate/minio.md
Command to restart the Minio server service after maintenance has been completed.
```default
systemctl start minio-server
```
--------------------------------
### Wire Deployment Cleanup Options
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md
Details the various options available for the Wire-in-a-Box cleanup playbook, allowing granular control over what components are removed during the uninstallation process.
```APIDOC
Wire Deployment Cleanup Options:
- remove_minikube: (boolean) Stops and deletes the Minikube Kubernetes cluster.
- remove_iptables: (boolean) Restores pre-installation network rules, removing any iptables rules added by the deployment.
- remove_ssh: (boolean) Removes generated SSH keys from the deploy_node.
- remove_artifacts: (boolean) Deletes downloaded deployment artifacts and Wire files from the deploy_node.
- clean_assethost: (boolean) Stops the asset hosting service and cleans up related files.
- uninstall_pkgs: (boolean, optional) Removes installed dependencies such as Docker, kubectl, yq, etc. Use with caution as it might remove pre-existing packages.
```
--------------------------------
### Install Fake AWS Services for SNS/SQS
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/helm-prod.md
Installs a fake AWS service for SNS and SQS, which uses a websocket method for notifications. This is an alternative to using real AWS services and is suitable for development or testing. It involves copying an example values file and then running the Helm upgrade command.
```shell
cp values/fake-aws/prod-values.example.yaml values/fake-aws/values.yaml
helm upgrade --install fake-aws wire/fake-aws -f values/fake-aws/values.yaml --wait
```
--------------------------------
### Minio Administration
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/administrate/README.md
Guides for managing Minio, including deciding on its usage, setting up interaction, maintenance tasks, rotating root credentials, and checking node health.
```markdown
# Minio
- [Should you be using Minio?](minio.md#should-you-be-using-minio)
- [Setting up interaction with Minio](minio.md#setting-up-interaction-with-minio)
- [Minio maintenance](minio.md#minio-maintenance)
- [Rotate root credentials](minio.md#rotate-root-credentials)
- [Check the health of a MinIO node](minio.md#check-the-health-of-a-minio-node)
```
--------------------------------
### VSCode Haskell Setup
Source: https://github.com/wireapp/wire-docs/blob/main/src/developer/developer/editor-setup.md
Instructions for setting up VSCode with the Haskell Language Server (hls) for enhanced Haskell development. This includes installing necessary VSCode extensions, generating the hie.yaml configuration file, and selecting the Nix environment.
```bash
make hie.yaml
Nix-Env: Select environment
```
--------------------------------
### Download Wire Artifacts
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md
Imports and runs the download_artifact.yml playbook to fetch necessary Wire components, including Docker images and Helm charts. This step can be skipped by setting 'skip_download=true'.
```yaml
- name: Download Wire Artifacts
ansible.builtin.import_tasks: ../../ansible/wiab-demo/download_artifact.yml
when: not skip_download
```
--------------------------------
### Verify NTP Setup with Ansible
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/ansible-VMs.md
Runs an Ansible playbook to verify the Network Time Protocol (NTP) setup after deployment. The '-i hosts.ini' flag specifies the inventory file, 'cassandra-verify-ntp.yml' is the playbook, and '-vv' increases verbosity.
```bash
ansible-playbook -i hosts.ini cassandra-verify-ntp.yml -vv
```
--------------------------------
### Run WIAB Demo Deployment Playbook
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md
Executes the Ansible playbook to deploy the Wire-in-a-Box demo environment. Requires the inventory file to be pre-configured with necessary variables.
```bash
ansible-playbook -i ansible/inventory/demo/host.yml ansible/wiab-demo/deploy_wiab.yml
```
--------------------------------
### Get Wire Server Deployment Version
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/helm-prod.md
This script retrieves information about the running Wire server deployment, including the Docker image version, Helm chart version, and associated commit hashes. It requires kubectl, git, and helm to be installed.
```shell
./bin/deployment-info.sh
```
--------------------------------
### Makefile Rule Structure
Source: https://github.com/wireapp/wire-docs/blob/main/src/developer/reference/make-docker-and-qemu.md
Illustrates the general structure of a Makefile rule, defining the target, the prerequisites needed to build it, and the shell commands (recipe) to perform the build. Emphasizes that recipe lines must start with a tab.
```make
my_thing: things I need first
bash commands to build it
target: prerequisites
recipe line 1
```
--------------------------------
### Nginx Ingress Configuration
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/helm-prod.md
Configuration for the Nginx ingress service, including domain replacement and TLS certificate setup.
```yaml
secrets:
tlsWildcardCert: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
tlsWildcardKey: |
-----BEGIN RSA PRIVATE KEY -----
...
-----END RSA PRIVATE KEY-----
```
--------------------------------
### Initiate Minio Cluster Heal
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/administrate/minio.md
Command to start the healing process for the Minio cluster, which redistributes data and parity information to ensure redundancy.
```default
mc admin heal -r local
```
--------------------------------
### Federation Setup - DNS Configuration
Source: https://github.com/wireapp/wire-docs/blob/main/src/understand/README.md
Details the necessary DNS setup steps required for enabling federation between Wire instances.
```APIDOC
Federation DNS Setup:
Description: Configuration of DNS records for successful federation.
Required Records:
- SRV records: For service discovery (e.g., `_wire-federation._tcp.yourdomain.com`).
- TXT records: Potentially for domain verification or federation policy.
- A/AAAA records: For backend server IP addresses.
Example SRV Record:
`_wire-federation._tcp.example.com. IN SRV 10 60 5050 federator.example.com.`
Related Documentation:
- Federation Architecture: federation/architecture.md
- TLS certificate configuration: configure-federation.md#generate-and-configure-tls-server-and-client-certificates
```
--------------------------------
### Get Minio Admin Information
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/administrate/minio.md
Retrieves administrative information about the Minio cluster. This command is used to check the status and health of the Minio server.
```default
mc admin info local
```
--------------------------------
### Deploy Wire Components with Helm
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/demo-wiab.md
Imports and runs the helm_install.yml playbook to deploy Wire components using Helm charts. Chart configurations are available in host.yml, and the deployment can be skipped with 'skip_helm_install=true'.
```yaml
- name: Helm Chart Installation
ansible.builtin.import_tasks: ../../ansible/wiab-demo/helm_install.yml
when: not skip_helm_install
```
--------------------------------
### Delete Helm Releases
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/install/logging.md
Removes Helm deployments associated with the logging setup. It requires identifying the correct Helm release names for each component.
```bash
helm del --purge
```
--------------------------------
### Minio Cluster Heal Status Output
Source: https://github.com/wireapp/wire-docs/blob/main/src/how-to/administrate/minio.md
Example output of the Minio cluster heal command, showing the health status of drives and overall cluster health.
```default
β bunny
0/0 objects; 0 B in 2s
ββββββββββ¬ββββ¬ββββββββββββββββββββββ
β Green β 2 β 66.7% ββββββββ β
β Yellow β 1 β 33.3% ββββ β
β Red β 0 β 0.0% β
β Grey β 0 β 0.0% β
ββββββββββ΄ββββ΄ββββββββββββββββββββββ
```