For compliance, security or technical reasons, it might not be possible to use the public or cloud node hosting of Appshare. Appshare provides a “Local Node” for these situations. The Appshare PWA can be hosted on a server in the local network.
Appshare node manager helps to manage Appshare local nodes.
Prerequisites
- Server spec- 1 core, 2 GB RAM, 50 GB Hard Disk
- Recommended Operating System Linux
- Docker is installed on the server. (Minimum Version 19.03.0)
- Internet access on the server. If you have restricted Internet, please make sure your server has access to these domains. All domains are high available with multiple IP addresses
- Appshare configuration
- https://api.appshare.app
- Download docker images
- https://hub.docker.com
- https://registry-1.docker.io
- https://production.cloudflare.docker.com
- Appshare configuration
Deploy Node Manager
Run the following command in your shell program to install the node manager on port 8082. Please change the port to another port when required:
docker run -d -p 8082:8082 -v /var/run/docker.sock:/var/run/docker.sock --security-opt label:disable --name appshare-node-manager --restart always steltix/appshare-node-manager
- -d, –detach
- Run container in background and print container ID
- -p, –publish list
- Publish a container’s port(s) to the host (host_port:container_port)
- -v /var/run/docker.sock:/var/run/docker.sock
- Bind docker daemon api socket into node manager container. Node manager creates local nodes through this api
- –security-opt label:disable
- Turn off label confinement for the container. See Docker Run Ssecurity configuration for more specific options
- –name
- Assign a name to the container
- –restart always
- Always restart the container regardless of the exit status. When you specify always, the Docker daemon will try to restart the container indefinitely. The container will also always start on daemon startup, regardless of the current state of the container.
- steltix/appshare-node-manage
- Docker image for appshare node manager
Internet access through a http proxy:
When Apphare must use a http proxy to access the internet
docker run -d -p 8082:8082 -v /var/run/docker.sock:/var/run/docker.sock \
-e http_proxy=YourProxyUrl -e https_proxy=YourProxyUrl \
--security-opt label:disable --name appshare-node-manager --restart always \
steltix/appshare-node-manager
Options
- -e http_proxy=YourProxyUrl
- Environment variable to set proxy for http urls
- -e https_proxy=YourProxyUrl
- Environment variable to set proxy for https urls
Internet access through a SSL proxy:
If a SSL proxy is used to access the internet then traffic is decrypted and encrypted again. If encryption is done with a private (company) root certificate then the node manager must import this certificate into the trust store of the container
docker run -d -p 8082:8082 -v /var/run/docker.sock:/var/run/docker.sock \
-e http_proxy=YourProxyUrl -e https_proxy=YourProxyUrl \
-v "/path.to/host/share/ca-cetificate:/usr/local/share/ca-certificates" \
-e UNSAFE_LEGACY_SERVER_CONNECT \
--security-opt label:disable --name appshare-node-manager --restart always \
steltix/appshare-node-manager
Options
- -v “/path.to/host/share/ca-cetificate:/usr/local/share/ca-certificates”
- Directory Location of additional root certificates on the host. The certificates must be in PEM format
- -e UNSAFE_LEGACY_SERVER_CONNECT
- Permits the use of unsafe legacy renegotiation for OpenSSL clients. Appshare does not allow by default to communicate with legacy Ciphers and Encryption Algorithms
Run node manager with HTTPS
docker run -d -p 8082:8082 -v /var/run/docker.sock:/var/run/docker.sock \
-v "/path.to/private/domain-key.pem:/etc/ssl/private/https.key" \
-v "/path.to/certs/domain-certs.pem:/etc/ssl/cert/https.crt" \
--security-opt label:disable --name appshare-node-manager --restart always \
steltix/appshare-node-manager
Options
- -v “/path.to/private/domain-key.pem:/etc/ssl/private/https.key”
- File location on the host of the private key
- -v “/path.to/certs/domain-certs.pem:/etc/ssl/cert/https.crt”
- File location on the host of the certificate chain. This includes the server certificate and intermediate certificates
Login
You must log in to Appshare with your Admin Account to use Node Manager and, Add the node manager URL(your server IP and 8082(port)) in the Appshare Account screen. Follow the steps from the below video.
Node Manager Dashboard
The options ate the top right of the dashboard are:
- Refresh information of the docker runtime
- Show information of the docker daemon
- Log out of the Node Manager
Add Node
Click on the + button to add an Appshare node.
Enter the node information
- Name
- The name of the node which will also be used for the name of the docker container
- Port
- The published port on the host server
- Version
- Image of Appshare local node. Generally you should select the latest published version.
- AIS URLs
- A comma separated list of AIS URLs which will be proxied through the local node. For example: “https://demo.steltix.com,https://jdeais.customer.com”
- HTTP proxy
- When internet access is provided through a proxy server, enter the proxy address
- https PrivateKey (file path on host)
- File location on the host of the private key
- https Certificate (file path on host)
- File location on the host of the certificate chain. This includes the server certificate and intermediate certificates
Update an Appshare node
Switch Back to the Previous Version
Delete Node
Update Node Manager
When accessing the local manager front-end, a notification or ‘bell’ icon will be visible on the right top to inform a new update is available. You just need to click on it to start the update of the local manager front-end