xet7
commented
4 years ago Closed noor-alghamdi closed 4 years ago
xet7
commented
4 years ago 
noor-alghamdi
commented
4 years ago @xet7 according to referance you mentioned , should I have ubunto raspi? I have redhat!
noor-alghamdi
commented
4 years ago @xet7 is it possible to use this:
set MONGO_URL=mongodb://127.0.0.1:27019/wekan
with changing IP address?
xet7
commented
4 years ago @namacoconut
Yes, Wekan works also in redhat.
Yes, you can change IP address.
xet7
commented
4 years ago But originally you wrote, that you would like to change source code for font and logo. Info for that is here https://github.com/wekan/wekan-snap/issues/130#issuecomment-686421620. In that case, you should use that generated bundle. Not Snap, because Snap is only for official Wekan versions, it is write protected in secure sandbox.
noor-alghamdi
commented
4 years ago @xet7 cool I get it , that is a different case , But for mongoDB external connection , can I change it from snap settings?
xet7
commented
4 years ago @namacoconut
Yes, but:
_- and single quotes. For example:
sudo snap set wekan mongo-url='mongodb://88.100.200.300:27017/wekan'You get more Snap setting examples with command:
wekan.help | lessMore info here: https://github.com/wekan/wekan-snap/wiki/Supported-settings-keys
noor-alghamdi
commented
4 years ago Dear mr.lauri, Good morning, I tried this method, wasn't working, in the official documentation I found the command:
sudo snap set wekan mongourl='mongodb://wekan:WekanPassword@127.0.0.1:27017/wekan?authSource=wekan'
my question is the word wekan wekan:WekanPassword here , what does it mean? and also this part wekan?authSource=wekan what does it mean?
thank you.
noor-alghamdi
commented
4 years ago Dear mr.lauri, Good morning, I tried this method, wasn't working, in the official documentation I found the command:
sudo snap set wekan mongourl='mongodb://wekan:WekanPassword@127.0.0.1:27017/wekan?authSource=wekan'
my question is the word wekan wekan:WekanPassword here , what does it mean? and also this part wekan?authSource=wekan what does it mean?
thank you.
mongodb://myDBReader:D1fficultP%40ssw0rd@mongodb0.example.com:27017/?authSource=admin
here is official documentation for mongoDB connection string https://docs.mongodb.com/manual/reference/connection-string/
xet7
commented
4 years ago In username and password, special characters need to be in percent encoding, like created at: https://www.url-encode-decode.com/
For example:
! => %21
@ => %40
So this changes password DifficultP@ssword! to DifficultP%40ssword%21
That 127.0.0.1 is address of database, in this case localhost IP address, same computer where Wekan is running. It could also be MongoDB service provider domain name, like mongoprovider.com.
In that end /wekan?authSource=wekan' you don't need that ?authSource=wekan part at all. You only need /wekan where wekan is database name. One MongoDB server can have many databases with different names, like wekan, test, etc. It is similar how in MySQL to the same server you create new database with command CREATE DATABASE wekan;, but in MongoDB case, you specify database name in mongourl, Wekan creates all other required data.
27017 is port where MongoDB server is running. For example, Wekan Snap server by default runs on port 27019. HTTP is at 80, HTTPS is at 443, etc. Wekan Snap MongoDB is only exposed to localhost, is it not available remotely, there is no open port to outside.
So MongoDB URL would be:
mongodb://myDBReader:DifficultP%40ssword%21@mongodb0.example.com:27017/wekanSometimes I do upgrade MongoDB version. For default Snap install, it works fine with default settings. But, if you change to use external MongoDB database, you are responsible for updating that external MongoDB, and ensuring it has MongoDB version that is compatible with Wekan.
noor-alghamdi
commented
4 years ago Dear mr.lauri,
although I'm using the new connection string with DB Server IP,
it through an error says, connection refused , I'm sure that the port is open between two servers.
I disabled mongo db service in the app server to prevent local DB connection , and i'm running wekan service only,
wekan service is running
still shows local host connection string!!!
by the way I can connect the DB server using mongo "mongodb://10.289.212.12:27017/wekan"
noor-alghamdi
commented
4 years ago @xet7 Dear mr.lauri, any update? :)
thank you.
xet7
commented
4 years ago @namacoconut
Setting MONGO_URL does not currently work in Snap.
It works in Docker and Source versions.
noor-alghamdi
commented
4 years ago @namacoconut
Setting MONGO_URL does not currently work in Snap.
It works in Docker and Source versions.
:( can we expect when it will be available?
noor-alghamdi
commented
4 years ago @xet7 also what is the best version for production? is it snap or docker?
xet7
commented
4 years ago @namacoconut
Snap is best for production. It upgrades code, database etc automatically. You get security updates fast after releasing.
noor-alghamdi
commented
4 years ago good morning mr.lauri, any update on this?
also I want to ask what is the benefit of using snap is it more secure?
thank you.
xet7
commented
4 years ago @namacoconut
There is no update to this. I do not recommend useing external MongoDB with Snap, because:
Yes, Snap is more secure:
/var/snap/wekan/common. If someone exploits Wekan, that only affects Wekan, and not anything else on that server.xet7
commented
4 years ago If you install Wekan manually from source, if someone exploits Wekan, that someone has access to all files that server linux user has access that Wekan is running as. Source installs are not in secure sandbox.
good morning/evening
I am setting snap wekan for production , and I am deploying it following 3tiers architecture, my nginx in one layer, my app and then the DB in separate layer, when I installed wekan on app server it automatically installed loacal mongoDB , I need to change this connection to be connected with external DB ,
should I change following line? if yes what should it be?
MONGO_URL=mongodb://127.0.0.1:27019/wekan
your cooperation is really appreciated .