Versions Compared

Version Old Version 33 New Version 34
Changes made by

Harish Agrawal

Harish Agrawal

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This instance will be facing the team members for any Roost activity.

5.1

...

Replace Enterprise Server URL

Code Block
breakoutModewide
mkdir /var/tmp/Roost/bin;
cd /var/tmp/Roost
curl -L https://remote-roostprod.s3.us-west-1.amazonaws.com/RoostInstaller -o bin/RoostInstaller
chmod +x bin/RoostInstaller

# Install the AWS S3 key under admin sub-folder
mkdir /var/tmp/Roost/admin;

Code Block
breakoutModewide
# Install the AWS S3 Access keys (one-time) - unique to your organisation
cat > /var/tmp/Roost/admin/installer_keys.csv <<EOF
User name,Password,Access key ID,Secret access key,Console login link
roost_beyond,,AKIA4WFI752EX2KH46OY,4cNS6MvZrH1tWZ8WdyKVWbZklHMnpfmsHV+qrqlU,https://zbio.signin.aws.amazon.com/console
EOF
Code Block
breakoutModewide
# Replace zbioroost.link with enterprise server url
/var/tmp/Roost/bin/RoostInstaller -command write -entServer "zbioroost.link" -desiredVersion v1.0.2
Code Block
breakoutModewide
# Execute below command to get necessary files
/var/tmp/Roost/bin/RoostInstaller -command setup

5.2 Create Roost Schema (if using RDS)

Code Block
breakoutModewide
# supply password at prompt
sudo mysql -h <RDS URL> -u <> -P 3306 -p 
\. /var/tmp/Roost/db/roost.sql

# CREATE USER 'roost'@'localhost' identified WITH mysql_native_password by 'zbioRoost#123';
# GRANT ALL on *.* to 'roost'@'localhost';

5.3 Install SSL Certs (can skip for the second EC2)

  1. Get the SSL_certs.key and SSL_certs.crt file for your organisation domain and put it under a folder that will be accessible to the current user. Preferred to be kept under /var/tmp/Roost/certs

Code Block
breakoutModewide
cd /var/tmp/Roost/certs
# Copy your organisation SSL certs here (like server.cer and server.key)

# OR generate SSL certs

Steps - Generate Self SSL Certs

SSL Certs

...

Configure Roost JSON

Code Block
breakoutModewide
cdvi /var/tmp/Roost
vi /config.json

Sample Config looks like the below

  1. Replace the values to reflect for your organisation

  2. Keep values empty of the client_id/secrets for the 3rd party that is not needed (one set is needed at least)

  3. Keep ENV_DATABASE detail unchanged if database is not external

  4. Add JWT_SECRET

  5. Recommend value of remote_console_proxy is same as enterprise_dns unless you want to start proxy elsewhere.

  6. If your servers are behind Load Balancer, set load_balancer : “true” for different configuration.

Sample config.json
Code Block
{
  "enterprise_name": "MyCompany",
  "enterprise_logo": "https://roost.ai/hubfs/logos/LOGO-roost.png",
  "enterprise_email_domain": "mycompany.io",
  "enterprise_dns": "mycompany.io",
  "remote_console_proxy": "mycompany.io",
  "admin_email": "admin@mycompany.io",
  "email_sender": "noreply@mycompany.io",
  "email_sender_pass": "",
  "email_smtp_host": "",
  "email_smtp_port" : 465,

  "load_balancer": "falsetrue",

  "enterprise_ssl_certificate_path": "/var/tmp/Roost/certs/server.cer",
  "enterprise_ssl_certificate_key_path": "/var/tmp/Roost/certs/server.key",

  "ENV_SERVER": {
    "DEFAULT_PORT": 3000,
    "JWT_SECRET": "32-character-secure-long-secret",

    "GOOGLE_CLIENT_ID": "",
    "GOOGLE_CLIENT_SECRET": "",
    "AZURE_CLIENT_ID": "",
    "AZURE_CLIENT_SECRET": "",
    "GITHUB_CLIENT_ID": "",
    "GITHUB_CLIENT_SECRET": "",
    "LINKEDIN_CLIENT_ID": "",
    "LINKEDIN_CLIENT_SECRET": "",
    "OKTA_CLIENT_ISSUER": "",
    "OKTA_CLIENT_ID": "",
    "OKTA_CLIENT_SECRET": ""
  },

  "is_own_sql": "falsetrue",
  "ENV_DATABASE": {
    "MYSQL_HOST": "mysqldb_host_url",
    "MYSQL_PORT": 3306,

    "MYSQL_USERNAME": "Roost",
    "MYSQL_PASSWORD": "Roost#123",
    "MYSQL_ROOT_PASSWORD": "Admin#123",
    "MYSQL_DB_NAME": "roostio"
  }
}

Next step is to Start the Roost Control Plane
Start Roost Control Plane Server

...