INSTALLATION GUIDE

Fiona 8 is our powerful content management solution for enterprises looking for a professional yet easy-to-use CMS that can be installed and maintained in private clouds or on premise.

Fiona 8 is made available as Docker images. Docker is a tool for creating, deploying, managing and running applications using containers. Containers facilitate scaling your web application, they packages up code and all its dependencies so the application runs quickly and reliably from one computing environment to another.

Requirements

The following minimal system requirements apply. They are subject to change.
  • Operating systemThe OS of the target machine needs to support Docker and Docker Compose.
  • CPUFour physical cores.
  • File systemThe file system should be large enough to hold all editorial content: text, binaries such as images and PDF files, etc. Reserve some additional space for internal management purposes. Reserve space for search indexes. It is possible to connect a NAS.
  • RAM32 GB or more.

OVERVIEW
OF FIONA 8’S
DOCKER SERVICES

  • backendThe backend defines server-side API endpoints that are consumed by the Scrivito SDK, e.g. for fetching content.
  • nginxA reverse proxy in front of the backend. It exposes port 8080 for accepting requests from website visitors and editors.
  • mysql/mariadbThis database stores structural information about working copies, CMS objects, etc. It exposes port 3306 for maintenance purposes.
  • minioThis S3 compatible storage is used for storing all CMS content such as text, images, PDF files, etc. It exposes port 9000 for accepting requests for downloading and uploading website content.
  • binaryserviceOptimizes (resizes) images based on the web clients’ display dimensions to minimize loading times. It also extracts PDF and image metadata.
  • elasticsearchSearch engine for finding content.
  • background_worker and background_schedulerServices for handling background jobs.
  • redisThe job queue for the above-mentioned background jobs.
  • memcachedMemory-based caching system for improving the overall performance of Fiona 8.
  • cache_cleanerCleans up file system caches from time to time.

INSTALLATION
PROCEDURE

Running Fiona 8 requires a license from Infopark. You will receive a Fiona 8 docker-compose.yml file from our customer support. Please proceed as follows to install Fiona 8:

1. Install Docker and Docker Compose

Make sure that your OS supports Docker, then install Docker/Compose for your host operating system. If you are new to Docker, we recommend following the Docker installation guides. Likewise for Docker Compose.

2. Prepare to download the Fiona 8 Docker images

The images are hosted on AWS ECR. Please proceed as follows.

Install the AWS command line client:

$ sudo apt-get install awscli

Get your AWS Access Key ID and Secret Access Key from our Customer SupportConfigure a local AWS profile:

$ aws configure --profile fiona8
AWS Access Key ID [None]: YOUR_ACCESS_KEY_ID
AWS Secret Access Key [None]: YOUR_SECRET_ACCESS_KEY
Default region name [None]: eu-central-1
Default output format [None]:

If you are using AWS CLI version 1, execute:

$ sudo $(aws ecr get-login --no-include-email --profile fiona8)

Alternatively, if you are using AWS CLI version 2, execute:

$ sudo aws --profile fiona8 --region eu-central-1 ecr get-login-password | \
  sudo docker login --password-stdin --username AWS 885257367759.dkr.ecr.eu-central-1.amazonaws.com

3. Set up two HTTPS terminators

Both terminators need to be reachable from the internet/intranet (HTTP won't do as the Scrivito SDK only connects via HTTPS and only if the certificate validates):

  • https://your-fiona8-backend.com (replace this with your Fiona 8 URL). This URL should be connected using port 8080 (nginx). This corresponds to Scrivito's https://api.scrivito.com/.
  • https://your-cdn.com (replace this with your Fiona 8 blob storage URL). This URL should be connected via port 9000 (minio). This corresponds to Scrivito's https://cdn.scrvt.com/.

4. Prepare your OS for Elasticsearch

Run the following shell commands:

$ sudo sh -c 'echo vm.max_map_count=262144 > /etc/sysctl.d/99-fiona8.conf'
$ sudo sysctl -p /etc/sysctl.d/99-fiona8.conf

5. Configure Docker

Edit the config section in the docker-compose.yml file. See the comments in this file for explanations.

Some configuration settings, e.g. secrets or the license, need to be changed:

x-minio-environment: &minio-environment   
MINIO_ACCESS_KEY: &minio-access-key dummy_access_key # Access key should be at least 3 characters.   
MINIO_SECRET_KEY: &minio-secret-key dummy_secret_key # Secret key should be in between 8 and 40 characters.  


x-mysql-environment: &mysql-environment   
MYSQL_ROOT_PASSWORD: &mysql-root-password root  


x-backend-environment: &backend-environment   
# Adjust these settings.   
INFOPARK_LICENSE: dummy_license   
BLOB_VERSION_SECRET: dummy_random_secret # head -c 2048 /dev/urandom | sha512sum -b | awk '{print $1}'   
CDN_URL: &cdn-url https://your-cdn.com   
SESSION_TOKEN_SECRET: dummy_random_secret # head -c 2048 /dev/urandom | sha512sum -b | awk '{print $1}'

Some entries are already preconfigured with sensible values:

# Adjust these settings if you use your own backends (ES, MySQL, Redis, Memcached, Minio).
  ACTIVE_RECORD_DATABASE: fiona8db
  ACTIVE_RECORD_HOST: mysql
  ACTIVE_RECORD_PASSWORD: *mysql-root-password
  ACTIVE_RECORD_USERNAME: root
  ELASTICSEARCH_ENDPOINTS_0: "http://es:9200?config_version=v16_booleans"
  MEMCACHED_SERVERS: memcached:11211
  MEMCACHED_SOCKET_TIMEOUT: 0.02
  MINIO_ACCESS_KEY_ID: *minio-access-key
  MINIO_ENDPOINT: http://minio:9000
  MINIO_SECRET_ACCESS_KEY: *minio-secret-key
  REDIS_URL: redis://redis:6379

We recommend to mount external volumes into the Docker environment, like so. You need to uncomment the commented out sections first:

# Optionally map volumes to specific paths on your host FS.
volumes:
  minio-data:
    driver: local
    # driver_opts:
    #   type: 'none'
    #   o: 'bind'
    #   device: '/var/lib/fiona/minio/data'
  minio-config:
    driver: local
    # driver_opts:

If you follow this approach make sure to create these directories if necessary:

$ sudo mkdir -p /var/lib/fiona/{minio/data,minio/config,mysql/data,redis/data,es/data,backend/cache,certs}

6. Start Docker Compose

On the first start, missing Docker images will be downloaded automatically, including those on Fiona's AWS ECR:

$ sudo docker-compose up -d

7. Check the Docker services

Make sure that all services are running:

$ sudo docker-compose ps

8. Set up database and search engine

Execute sudo docker-compose run --rm backend bash, then, in the shell:

$ bin/rake db:create
$ bin/rake db:schema:load
$ bin/rails runner Rails.application.dict_storage_backend.setup_bucket
$ bin/rails runner Rails.application.blob_storage_backend.setup_bucket
$ bin/rails runner 'ESU.init(url: ENV.fetch("ELASTICSEARCH_ENDPOINTS_0"))'

9. Create your CMS tenant

Execute sudo docker-compose run --rm backend bash, then, in the shell:

$ bin/rails runner 'F8.create_tenant(id: "mytenant", api_key: "myapikey")'

10. Configure your project app for connecting to Fiona 8

Each version of Fiona 8 is geared to a specific version of the Scrivito SDK, the maximum version it supports. The current version of Fiona 8 is aligned to the Scrivito SDK 1.20. Previous SDK versions may work as well but have not been tested for compatibility with Fiona 8. Do not update the Scrivito SDK to a later version than the one your Fiona 8 version relies on as this may cause subtle errors that cannot be worked around easily.

For a Rails app, edit config/initializers/scrivito.rb:

config.endpoint = "https://your-fiona8-backend.com"
For a JavaScript app, edit src/config/scrivito.js
const config = { tenant: process.env.SCRIVITO_TENANT, endpoint: 'https://your-fiona8-backend.com' };

TROUBLESHOOTING

Fiona 8 redirects every request to the same URL

Most probably, this is a redirect to HTTPS, even though the URL already uses HTTPS. Since Fiona 8 doesn’t seem to know about that, make sure to add an X-Forwarded-Proto header to your HTTPS terminator, e.g. in your Apache web server: RequestHeader add X-Forwarded-Proto "https"