How to get this stack up and running.
Any Linux server distribution will do, with the following requirements:
- 4 GiB of RAM is recommended. If there is too little memory available, ElasticSearch becomes surprisingly unresponsive.
- A recent version of Docker and
docker-composemust be installed. Follow the official Docker installation guides if in doubt. - This stack only listens on a local port. To expose it to the internet, an external reverse proxy or load balancer is required - check
/_docs/components.mdfor more details and an nginx example config.
For local testing, macOS with Docker Desktop is also supported.
- Clone this repository into a directory on the server. This guide assumes it will be installed into
/srv/web-bugs-analysis, but you're free to choose whatever you want to.git clone https://github.com/webcompat/web-bugs-analysis /srv/ - Pre-fetch external images with
docker-compose pull. - Build our custom Docker images with
docker-compose build. - Copy the example configs:
cp config/environment.example config/environmentcp config/htpasswd-data.example config/htpasswd-datacp config/kibana.example config/kibana
- Set up the external load balancer now - you will need access to the web interface in a bit. If you're setting this stack up locally on your own machine, you can skip this step.
Before we can get started, we need to do some initial configuration. Not all available values will be set at this time, and this is fine. Some things will be adjusted later.
- In
config/environment, change the following parameters:GITHUB_PERSONAL_ACCESS_TOKEN: This has to be a GitHub Personal Access Token. The token needs the fullrepopermission, including all sub-permissions.- Make sure
GITHUB_ORG,GITHUB_REPO_PRIVATE, andGITHUB_REPO_PUBLICare set to the right GitHub org and repos.
- In
config/kibana, change the following parameters:SERVER_PUBLICBASEURL: This needs to be the public address the application will be available on. The path is always/kibanaand cannot be changed, so only change the domain. If you're setting this up on a local machine, set this tohttp://localhost:8080/kibana.
Let's get things going.
As the first step, start only ElasticSearch:
docker-compose up elasticsearch -d
Wait 5 minutes. Seriously. Get a coffee or something, just give it a little bit of time. :) When you enjoyed your lovely cup of coffee and/or tea, start the password generation process with
docker-compose exec elasticsearch ./bin/elasticsearch-setup-passwords auto
The script will ask you if you want to continue. Acknowledge that with y. It will dump a couple of usernames and passwords. Store those credentials in a safe place, you will need them later, and possibly in the future.
Next, open the configuration file at config/kibana. Replace ELASTICSEARCH_PASSWORD with the password for kibana_system that has been provided by the previous step.
With the credentials entered into the config file, let's start Kibana and the app-internal reverse-proxy with
docker-compose up kibana -d
docker-compose up reverse-proxy -d
Wait another few minutes, while Kibana creates the required data storage and gets itself ready.
If you're running the stack locally, see if you get Kibana to show up at http://localhost:8080/kibana/. If this is running on a server on the Internet, access https://web-bugs-analysis.example.com/kibana/.
As soon as you see the login screen, you're done with this step.
Log into the Kibana UI with the username elastic, and the password generated in Step 1. It should let you in without complaining.
In the menu (which you need to expand by clicking the hamburger menu in the top left), head to "Stack Management" -> "Security" -> "API keys". Create a new API key with the name web-bugs-analysis, and leave all three checkboxes unchecked. It will show you a Base64 encoded API key. Copy this information, you'll only see this once. It's not a bad idea to store this API key in the same place as the other credentials.
Now, open config/environment. At the bottom of that file, set the value of ELASTIC_API_KEY to the API key you just generated.
Finally, run
docker-compose up -d
which will start all other services, and restart a couple of services because you changed the config files. When it appears to be done, check the process states with
docker-compose ps
There, you should see all processes marked as "running". The only exception here is the queue-cli service, which will show as exited (0). This is expected, as that service will only start when you interact with it.
The biggest part is done! Some final touches are needed, though.
- Set up snapshots and backups. Please see
/_docs/components.mdfor details. - Customize the "Kibana Space". With the
elasticuser, head to "Stack Management" > "Kibana" > "Spaces" > "Default". From the "Features" section, disable everything but "Analytics". The other features are not needed in our setup and only cause additional noise. - Create user accounts. You should not work with the
elasticuser. Instead, it is recommended to create user accounts that only have read-only access to the bug data, and work with those users. User Access Management is beyond the scope of this documentation, please consult the Kibana documentation for details. If a use case needs write-access, create a new user account for that, and create an API key for that user. Note that the permission model allows you to limit write access to specific indices only, which is recommended to do. - Set up the
htpasswdfor accessing the public/data/folder. The file is located atconfig/htpsswd-data, the official nginx documentation explains how to format and encode passwords. - Set up GitHub Webhooks: to allow the data to be updated in "real-time", go to the
web-bugsrepository and set up a Webhook. The Payload URL should behttps://web-bugs-analysis.example.com/webhooks/github/receive, the content type should be set toapplication/json, and you should select "individual events" and only mark "Issue comments" and "Issues". That's enough for us.