Installation On Docker

This method installs ScriptRemote in a Docker container. It requires a MongoDB service to be available from another container or server. It assumes that either TLS is not needed or it is handled by an external proxy.

1. Copy environment file to Docker host

   You can download it from github using a browser or copy it from the demo website:

   >$ wget https://scriptremote.com/docker/docker.env
   

2. Set up credentials/secrets

   First set up an email forwarding account. This will be used to send security-related messages and user notifications. Rather than using an existing account, you may want to create one just for this purpose. Substitue your values for the MAILER dummy values in docker.env.

   Some services are stricter than others about relaying mail. To help ensure that mail can be sent choose the same provider as expected for registered user emails, and set MAILER_FROM to the same address as MAILER_EMAIL_ID. If users will have a variety of email providers then consider using a service like mailgun. Any mailing errors will be logged to the console. If there is a problem it will probably first show up when registering the admin user below.

   Secondly, generate a random string for the session middleware. For example:

   >$ openssl rand -base64 32
   

   Substitute the result for the SESSION_SECRET value in docker.env


3. Set up MongoDB service

   If no existing service is available create one and determine its ip address on the default bridge network

   >$ docker run --name some-mongo -p 27017:27017 -d mongo
   >$ docker network inspect bridge
   

   Modify the MONGO_URL environment value in docker.env if necessary.

   The simple Mongo install above does not persist data beyond deletion of the container - a Docker Data Volume should be used if persistence is required.



4. Create ScriptRemote container

   >$ docker run -p 3000:3000 --env-file docker.env -d jimb245/scriptremote
   

   This should start the server listening on the localhost and external interfaces. Check that you can access the server with a browser.

   A host port other than 3000 can be selected if necessary. To change the container port you will need to copy the Dockerfile, modify the EXPOSE setting, and build a new container. Then modify the SRPORT setting to match in docker.env before running.



5. Register the admin user

   Connect to the server in your browser.

   Select Login/Register on the home screen and then Register Here on the login screen. The registration screen should display a message that the admin account is being registered.

   Continue the registration by entering at least an email and password, and by selecting one of the options for registration of other users. The default is to allow other users to register themselves. You can also select a timeout for idle sessions.

   A confirmation email should be sent to the registered address. Complete the registration by submitting the token value from the email into the form displayed when attempting to login.

   Return to the home page and login using the admin account.

   Get script credentials by selecting Settings in menu bar and then selecting Generate in the API Credentials section. The User Id and Token values will be needed to authenticate messages to the server from scripts.



6. Check that the server can be reached from the private network

   Copy the API credentials obtained above to a machine in the private network. Get the bash utility script scriptremote/public/dist/srio.sh. You can download it from github using a browser or copy it from the demo website:

   >$ wget https://scriptremote.com/dist/srio.sh
   

   Set SRSERVER to the url of your server, by editing the script or as an environment variable. Be sure to include the protocol, http or https in the url. If the script will run behind a web proxy it may also be necessary to set the http_proxy or HTTPS_PROXY environment variable.

   Create a simple test:

   >$ cat > test.sh
   #!/bin/bash
   . ./srio.sh
   SR_start ${SRUSER} ${SRTOKEN} 'myproject' 'myjob'
   SR_set 'msg1' 'Hello World' 'false'
   SR_send 'mylocation'
   SR_end
   

   Export the API credentials and run the test:

   >$ export SRUSER=<your-userid>
   >$ export SRTOKEN=<your-token>
   >$ bash test.sh
   

   Check that the test message can be viewed in the browser by selecting Projects in the menu bar.

   If the script fails with a certificate verification error it may mean that there is no CA cert store available in the test machine OS. In that case you would need to install a root certificate.



7. Optional: Create non-admin user

   Since the admin has elevated priviledges to do things like viewing user details and registering new users, it is best for security purposes to minimize use of that account. Instead register as a normal user for actual projects. This will require a different email address from the one used to for the admin account.



8. Optional: Enable project data limits

   You may want to enable limits on the amount of message data that can be sent to the server, for example to help protect against scripting errors that could produce very large or very many messages. The available limits are defined in scriptremote/config/env/all.js. Any of them may be set as environment variables in docker.env prior to starting the server.