Forem Creators and Builders

Cover image for Forem DigitalOcean Setup on MacOS
Christina Gorton for Forem Core Team

Posted on • Updated on

Forem DigitalOcean Setup on MacOS

Introduction

In this guide you will learn how to set up your Forem self-host instance on DigitalOcean.
You will also set up DNS for your domain and restart Forem Traefik service to generate a TLS cert.

Prerequisites

Step 1- Installing DigitalOcean Ansible Collection

In this step you will install the necessary collection for DigitalOcean.
In your terminal make sure you are in the selfhost directory with:

cd selfhost
Enter fullscreen mode Exit fullscreen mode

Install the DigitalOcean Ansible collection with:

ansible-galaxy collection install community.digitalocean
Enter fullscreen mode Exit fullscreen mode

Alternatively you can install all the cloud provider collections with:

ansible-galaxy collection install -r requirements.yml
Enter fullscreen mode Exit fullscreen mode

This is useful if you want to try other cloud providers.

Step 2- Installing doctl

In this step you will install DigitalOcean's CLI doctl to set up preset variables.

You can install doctl with Homebrew.
In your terminal type

brew install doctl
Enter fullscreen mode Exit fullscreen mode

Step 3- Generating a DigitalOcean Auth Token

In this step you will generate an Auth Token in DigitalOcean’s Control Panel.

Log in to the DigitalOcean Control Panel. If you see a Welcome page click the Explore our control panel link
DigitalOcean Control Panel

Click the API link in the main navigation to go to the Applications & API page.
Go to Applications & API page

In the Tokens/Keys tab click the Generate New Token button.
Click Generate New Token button

Enter a name for your Token.

Check the Write box then click the Generate Token button.
generate token

Save your generated token.

In your terminal run

doctl auth init
Enter fullscreen mode Exit fullscreen mode

and pass in the API token you generated.

If you have set it up correctly you should see the following message in your terminal:

Validating token... OK
Enter fullscreen mode Exit fullscreen mode

Note: If you have an old API token set up for DigitalOcean already you can update it with the following command:

doctl auth init --access-token <your-new-key>
Enter fullscreen mode Exit fullscreen mode

Verify that you can authenticate to the DigitalOCean API with the following command:

doctl account get
Enter fullscreen mode Exit fullscreen mode

Step 4- Provisioning the Playbook

In this step you will provision the DigitalOcean provider playbook to set up your Forem.

In your terminal type:

ansible-playbook -i inventory/forem/setup.yml playbooks/providers/digitalocean.yml
Enter fullscreen mode Exit fullscreen mode

Once you run the command, you should see an output in your terminal similar to the code below with your community's domain name and IP address.

ok: [forem] => 
  msg:
  - The public IPv4 IP Address for www.creativecommunity.club is 54.221.141.133
  - Please add an A entry for www.creativecommunity.club that points to 54.221.141.133
  - 'Example:'
  - '    www.creativecommunity.club IN A 54.221.141.133'
  - 'Once you have DNS resolving to this EC2 instance please read the Forem Admin Docs: https://forem-admin.netlify.app/'
Enter fullscreen mode Exit fullscreen mode

Note: DigitalOcean does not have support for Fedora CoreOS. We have to upload a custom image to your account via Ansible. If the "Wait for fcos-{{ fcos_download_release }} to be created" task times out. please check the Custom Images section on your DigitalOcean account to see if your image is still in a pending state. Wait for it to finish processing and re-run the DigitalOcean provider playbook.

Now you can set up an A record and point it to your public IPv4 IP Address

Step 5- Setting up DNS

In this step you will see an example of creating an A record in NameCheap and pointing it to the IP address that was outputted in the previous step. If you are not using NameCheap please refer to your own domain provider for how to set up DNS.

In the Advanced DNS section add an A record for your domain and subdomain.

Set the value to the IP address that was outputted after provisioning.

Set TTL to 1minute.
Advanced DNS in namecheap.com

Step 6- Restarting Forem Traefik Service

In this step you will reset Forem Traefik Service via SSH to generate a TLS cert.

In your terminal type:

ssh core@<SERVER IP ADDRESS>
Enter fullscreen mode Exit fullscreen mode

replacing with your community name.

Here is an example using a community name:
ssh core@ example

If prompted to continue, type yes into your terminal.

Once you have connected to your Forem server, type the following command:

sudo systemctl restart forem-traefik.service
Enter fullscreen mode Exit fullscreen mode

systemctl restart command in terminal

Now, you can navigate to your community domain. You should see a "Let's Start your Forem Journey" page.
You may need to wait a few minutes after running the Forem Traefik command.
Let's Start your Forem Journey page

Conclusion

Congratulations on setting up your first Forem!🎉

For next steps on how to configure your Forem please visit our Forem Admin Docs

Discussion (8)

Collapse
ce7in profile image
Muhammed Cetin • Edited

Everything is OK for now. I've solved the problem. I've followed the Quick Start in Depth tutorial first, then I tried to install Forem on DO. Since I've already generated Ansible secrets, when I was trying to run ansible-playbook command, it threw the error.

After the installation has been done, I wasn't able to run sudo systemctl restart forem-traefik.service properly. When I was trying to run it, it stucked. However, after restarting the machine completely, I was able to run the restarting command.

Whether I would face a problem or a feedback, I'll try to share it with you here.

Thanks a lot everybody.

Collapse
ce7in profile image
Muhammed Cetin

Now, imgproxy.servide doesn't work properly. That's why I cannot show my uploaded images as you can see here: answr.to

SS: i.imgur.com/NEmQnwa.png

Collapse
coffeecraftcode profile image
Christina Gorton Author

Thank you for sharing the problems you have encountered so far @ce7in !
Our systems team asked if you could run:

sudo journalctl -u forem-imgproxy.service -n 200 --no-pager
Enter fullscreen mode Exit fullscreen mode

to get more logs for them so we could help debug the issue.

Here is more info on journalctl if you haven't used it before.
digitalocean.com/community/tutoria...

Collapse
supernova profile image
Prdpt

The Digital Ocean Ansible collection was installed fine but I still I am getting this error:

fatal: [forem]: FAILED! => changed=false 
  assertion: false
  evaluated_to: false
  msg: 'You are missing some of the required Python 3 packages: [''ansible'', ''boto'', ''boto3'', ''botocore'', ''google-auth'', ''jmespath'', ''netaddr'', ''requests''] Run pip3 install -r requirements.txt'
Enter fullscreen mode Exit fullscreen mode

Anyone else having the same issue or know what may be going on here?

Collapse
supernova profile image
Prdpt

Upgrading pip3 and redoing all the steps solved the issue.

Collapse
ce7in profile image
Muhammed Cetin • Edited

I was able to install Forem Selfhost on DigitalOcean before without any problem. However, I cannot restart forem-traefik.service for 2 days. It sticks and the ssh connection time outs. What might be the problem? Any idea?

forem.dev/remoteimages/uploads/art...

Collapse
ce7in profile image
Muhammed Cetin

I've fixed it again but I don't know what is the reason.

My solution:

After the installation has been done, I run the command "sudo foremctl deploy" before restarting forem-traefik.service. Then I restarted forem by running this: "sudo foremctl restart". Lastly, I tried to restart forem-traefik.service. That's all.

However, I have one more problem now. Even if I've added sendgrid api key and api key id as ecrypted vault keys, I cannot receive a confirmation email. What might be the problem? I've used the command below to encrypt my api key and api key id:

echo -n myApiKey | ansible-vault encrypt_string --stdin-name vault_sendgrid_api_key

Collapse
kristoff profile image
Loris Cro

Is the VM backup feature offered by DO viable to have backups of an instance?