Install Wekan on Ubuntu 18.04 with Apache
Wekan is a great, open-source, self-hosted alternative to Trello. It can easily be installed on Ubuntu, the trickiest part is configuring the Apache reverse proxy. This is needed since it runs on Node.js.
There are two ways to install it: you can manually install NodeJS / MongoDB / Wekan SystemD service, or you can use "snap" which is basically a containerized package of all of these components. Snap is probably less performant and requires more resources than the manual installation, however, it is easier to install, work with, and to update. If you prefer the manual route there's a good tutorial on it here. In this tutorial we will install it using snap. Our configuration assumes that:
- You will run wekan on a subdomain
- It will be accessible through apache
sudo apt install snap
sudo apt install snapd
sudo snap install wekan
sudo snap set wekan root-url="https://wekan.yoursite.com"
sudo snap set wekan port='3333'
sudo systemctl restart snap.wekan.mongodb
sudo systemctl restart snap.wekan.wekan
# Make sure that node is listening on your custom port:
ss -tunelp | grep 3333
tcp LISTEN 0 511 0.0.0.0:3333 0.0.0.0:* users:(("node",pid=12597,fd=15)) ino:581605 sk:27 <->
# You can also check the status of the wekan service:
systemctl status snap.wekan.wekan
● snap.wekan.wekan.service - Service for snap application wekan.wekan
Loaded: loaded (/etc/systemd/system/snap.wekan.wekan.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2019-11-01 20:37:07 UTC; 43min ago
Main PID: 11244 (wekan-control)
Tasks: 11 (limit: 4704)
CGroup: /system.slice/snap.wekan.wekan.service
├─11244 /bin/bash /snap/wekan/647/bin/wekan-control
└─12597 /snap/wekan/647/bin/node main.js
# Set up Snap auto-updates:
snap set core refresh.schedule=01:00-02:00
# Manually refresh:
sudo snap refresh
Adding the Admin User
You must sign up at https://wekan.yourdomain.com/sign-up. The first user who signs up will become the administrator, subsequent users will be regular users. During sign up it will show an error because email isn't configured, ignore it. You can then navigate to https://wekan.yourdomain.com and log in.
Configuring Apache
This is documented in detail on the Wekan Wiki.
Upload your virtual host file to /etc/apache2/sites-available
:
<VirtualHost *:443>
ServerName example.com
SSLEngine On
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
ServerSignature Off
<Location />
require all granted
</Location>
ProxyPassMatch "^/(sockjs\/.*\/websocket)$" "ws://127.0.0.1:3001/$1"
ProxyPass "/" "http://127.0.0.1:3001/"
ProxyPassReverse "/" "http://127.0.0.1:3001/"
</VirtualHost>
Follow Certbot instructions to obtain an SSL certificate (basically install certbot and run certbot --apache
)
Continue configuring apache:
sudo a2enmod proxy proxy_http proxy_wstunnel
sudo systemctl restart apache2
sudo a2ensite example.com
sudo systemctl restart apache2
Working with Wekan
# Disable/enable the service:
sudo snap disable wekan
sudo snap enable wekan
# Restart wekan:
sudo systemctl restart snap.wekan.wekan
You can access MongoDB after installing mongodb-org-tools, see Install MongoDB Community Edition on Ubuntu
Getting/setting parameters
# Retrieve your configuration values:
sudo snap get wekan
sudo snap get wekan mail-url
sudo snap set wekan port='1234'
Error trying to send email: Hostname/IP doesn't match certificate's altnames
This can occur if your email server's certificate doesn't include the server's domain name; for example if you are on a shared host. The answer can be found in the wekan wiki page Troubleshooting Email. Set you email configuration as follows in the The key is to add rejectUnauthorized:false
to the SMTP host address. Wekan admin panel:
SMTP Host: mail.example.com:587/?ignoreTLS=true&tls={rejectUnauthorized:false}&secure=false
SMTP Port: 587
Username: support%40example.com
Password: password
TLS support: [_] <== not checked