A app for managing projects online using sticky notes to share and collaborate.
You can edit several walls of notes at the same time, add attachments, insert images, create relationships etc. Groups management makes it possible to finely control the sharing of data, and a chat is available for each wall.
wopits uses Swoole as a WebSocket & Task server.
Go to the docker/ directory, customize the .env file, take a look at docker-compose.yml and run docker-compose build & docker-compose up. Images are not on Docker Hub. The build of the 2 images wopits_db (MariaDB database) and wopits_app (Apache & Swoole services) can take a while... be patient :-)
The application needs to run on HTTPS. We use a self-signed certificate. Just ignore the browser warning.
Emails will not be sent, and this docker is not intended for production use!
You will need
PHP,Apache,MariaDBorPostgreSQL, andSwooleto make it work. In order to retrieve externalJavaScriptandPHPmodules, you also have to installnpmandcomposer.
Just clone the Git:
git clone git@github.com:esaracco/wopits.git.
The following actions have to be done on the machine that will host the wopits website. Which is not necessarily the source machine where you installed the Git repository.
- Install Swoole from the latest 4.8.x tag and activate it for both CLI and Apache. Then tweak
enable_preemptive_scheduler:
swoole.enable_preemptive_scheduler=On-
Install
Apache>= 2.4,MariaDB>= 10.3 orPostgreSQL>= 11.7 andPHP>= 7.3 (withphp-gettext,php-mysql,php-pgsql,php-imagick,php-zipand optionallyphp-ldap).php-ldapwill be required only if you intend to use LDAP authentication. Similarly, installphp-mysqlorphp-pgsqldepending on the SGBD you want to use. -
Configure system locales by adding or uncommenting
en_US.UTF-8 UTF-8andfr_FR.UTF-8 UTF-8to/etc/locale.genand runninglocale-gen. -
Configure Apache by customizing
/app/doc/apache/wopits.domain.com.conf. Enablemod_ssl,mod_rewrite,mod_headers,mod_proxyandmod_proxy_wstunnelApache modules. -
Configure SSL using Let's Encrypt or whatever Certificate Authority.
-
Create a user and a database (using the
app/db/mysql/wopits-create_db.example.sql(MariaDB) orapp/db/postgresql/wopits-create_db.example.sh(PostgreSQL) file after having customize it according to your needs). Then create tables usingapp/db/*/wopits-create_tables.sql: -
With MariaDB:
$ sudo -uroot mysql < app/db/mysql/wopits-create_db.example.sql
$ mysql wopits -uwopits -p < app/db/mysql/wopits-create_tables.sql- With PostgreSQL:
Edit the pg_hba.conf like this:
- According to your need, update:
# "local" is for Unix domain socket connections only
local all all peer- to:
# "local" is for Unix domain socket connections only
local all all md5- then:
$ sudo -upostgres app/db/postgresql/wopits-create_db.example.sh
$ psql wopits -Uwopits -W < app/db/postgresql/wopits-create_tables.sql- If you intend to use wopits Git repository "as is" as your Apache DocumentRoot, duplicate
site-config.template.phpinsite-config.phpand customize it.
First of all, install wopits on a decently sized server with at least 16GB of RAM, good bandwidth and high-performance I/O disks.
It is important to optimize the SGBD configuration as much as possible. Default settings will give poor results.
Edit PHP configuration file for apache and tweak the post_max_size:
post_max_size = 20MEdit PHP configuration file for both apache and CLI and remove the memory limit allowed for scripts:
memory_limit = -1or increase it significantly depending on available RAM.
Enable and customize PHP OPcache module for both apache and CLI (very important). Here is a common customization:
opcache.enable=1
opcache.enable_cli=1
opcache.validate_timestamps=0
opcache.revalidate_freq=60
opcache.save_comments=0
opcache.enable_file_override=1To allow PHP to use more than 1024 file descriptors and to be more performant at network level, do the following:
- http://socketo.me/docs/deploy#evented-io-extensions
- https://github.com/andreybolonin/RatchetBundle/blob/master/README.md
- Install the
evandeventmodules usingpecl. You will needlibevent-dev,php-devandphp-pearin order to install and compile those modules. - Add to
/etc/security/limits.d/local.conf:
* soft nofile 1000000
* hard nofile 1000000- Add to
/etc/sysctl.d/local.conf:
fs.file-max=1000000wopits can be used "as is" from the Git repository, without any deployment. However, we highly recommend to do this only if you want to contribute! For production use it is better to deploy it (local or remote, whatever).
After each upgrade, check the
BREAKING_CHANGES.mdfile.
In order to run the WebSocket server as a daemon you must add it to the startup scripts. Depending on your system, the procedure may vary. We will describe here the basics for systemd:
- Create a
/var/log/wopits/directory and give the wopits user full rights on it. - Create
/etc/systemd/system/wopits-ws.service(using theapp/doc/systemd/wopits-ws.servicetemplate file). - Execute
systemctl start wopits-wsandsystemctl enable wopits-ws. - To see the daemon logs, use
journalctl -fu wopits-ws. To see the WebSocket server logs, open/var/log/wopits/server-ws.log.
Make sure that the WebSocket server daemon's group can write to the data/ directory of the wopits DocumentRoot. It must be the same as the wopits data/ directory group (which has been chmoded with 2770).
In order to run the task server as a daemon you must add it to the startup scripts. Depending on your system, the procedure may vary. We will describe here the basics for systemd:
- Create a
/var/log/wopits/directory and give the wopits user full rights on it. - Create
/etc/systemd/system/wopits-task.service(using theapp/doc/systemd/wopits-task.servicetemplate file). - Execute
systemctl start wopits-taskandsystemctl enable wopits-task. - To see the daemon logs, use
journalctl -fu wopits-task. To see the Task server logs, open/var/log/wopits/server-task.log.
Make sure that the task server daemon's group can write to the data/ directory of the wopits DocumentRoot. It must be the same as the wopits data/ directory group (which has been chmoded with 2770).
If you are using the Git repository as your Apache DocumentRoot without deployment:
- Create a
data/directory and give the Apache user all rights on it:
# mkdir -p data/{walls,users}
# chown -R [wopitsUser]:[ApacheUserGroup] data
# chmod 2770 data- Install PHP and JavaScript external modules:
$ npm i --prefix=www/libs
$ composer update -d app/libs- Move to
app/deploy/. - Create a new file
config.phpin this directory by duplicatingconfig.example.php, and customize it. - In order to minify JS, CSS or HTML, you will need to customize the
minifierssection. Readconfig.example.phpfor more information. - Deploy the application by executing
./deploy -e[yourenv].yourenvshould have been defined in the newconfig.phpyou just created previously. If the target is located on remote, the SSH user must have full rights on the remote DocumentRoot. - The very first time the deployment script has been executed, you will have to log as root and execute the following commands before creating a service for the wopits WebSocket daemon:
# chown -R [wopitsUser]:[wopitsUserGroup] /var/www/wopits.domain.com/
# cd /var/www/wopits.domain.com/
# mkdir -p data/{walls,users}
# chown -R [ApacheUser]:[wopitsUserGroup] data
# chmod 2770 dataRight after each deployment you must execute as soon as possible the following post-deployment script as root:
# /var/www/wopits.domain.com/app/deploy/bin/post-deploy.phpThe use of DKIM for sending emails is not mandatory, but highly recommended if your SMTP server does not already manage it.
The wopits DKIM private key must be placed in app/dkim/dkim.private.
You can generate a pair of keys using:
$ openssl genrsa -out dkim.private 1024
$ openssl rsa -in dkim.private -out dkim.public -pubout -outform PEMIf you are using wopits as is, without depoyment, you must edit site-config.php:
define ('WPT_USE_DKIM', true);
define ('WPT_DKIM_DOMAIN', 'domain.com');
define ('WPT_DKIM_SELECTOR', 'mail');If you plan to deploy wopits, edit app/deploy/config.php and customize the following lines before adding them into your deployment environment settings:
'dkim' => [
'domain' => 'domain.com',
'selector' => 'mail'
]The following is needed only after the very first deployment, or later if you update your key:
Copy your private key in app/dkim/dkim.private on the target. Then:
# cd /var/www/wopits.domain.com/
# chown [ApacheUser]:[wopitsUserGroup] app/dkim/dkim.private
# chmod 440 app/dkim/dkim.privateDo not forget to install the PHP module
php-ldap!
You can tell wopits to use a LDAP directory for users authentication. In this case, users who are not in your directory will not be able to create a account on your wopits instance.
Edit app/deploy/config.php and customize the following lines before adding them into your deployment environment settings:
'ldap' => [
'host' => 'ldaps://ldap.domain.com:636',
'binddn' => 'uid=wopits,ou=sysaccounts,o=domain.com',
'bindpw' => 'ChangeMe',
'objectclass' => 'people',
'filter' => '(memberof=ou=admins,ou=sysaccounts,o=domain.com)',
'basedn' => 'o=domain.com'
]Synchronization is not required in order to run wopits with LDAP, however it is recommended that you synchronized regularly all your LDAP users. Doing so, they will always be available in full for wall sharing.
After deploying wopits, run the script app/ldap/synchro.php in order to synchronize LDAP users into the wopits database. The best way to keep your wopits database up to date is to cron this script.
Only run the synchronization script after configuring and deploying wopits!
Do not forget to add wopits crons to crontab!
Create a /var/log/wopits/ directory and customize the following lines before adding them into the wopits user crontab:
1 0 * * * /var/www/wopits.domain.com/app/crons/cleanup.php >> /var/log/wopits/cleanup.log 2>&1
1 0 * * * /var/www/wopits.domain.com/app/crons/check-deadline.php >> /var/log/wopits/check-deadline.log 2>&1
*/15 * * * * /var/www/wopits.domain.com/app/crons/ping.php >> /var/log/wopits/ping.log 2>&1