Skip to main content

Installing Exoframe Server

Installation and Usage

  1. Make sure you have Docker installed and running on your host.
  2. Pull and run Exoframe server using docker:
docker run -d \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -v /path/to/exoframe-folder:/root/.config/exoframe \
  -v /home/user/.ssh/authorized_keys:/root/.ssh/authorized_keys:ro \
  -e EXO_PRIVATE_KEY=your_private_key \
  --label traefik.enable=true \
  --label "traefik.http.routers.exoframe-server.rule=Host(\`exoframe.your-host.com\`)"  \
  --restart always \
  --name exoframe-server \
  exoframe/server

# Explanation for arguments:
# this allows Exoframe to access your docker
-v /var/run/docker.sock:/var/run/docker.sock

# /path/to/exoframe-folder should be path on your server
# to desired folder that'll hold Exoframe configs
-v /path/to/exoframe-folder:/root/.config/exoframe

# /home/user/.ssh/authorized_keys should point to your authorized_keys file
# for SSH that holds allowed public keys
-v /home/user/.ssh/authorized_keys:/root/.ssh/authorized_keys:ro

# this is your private key used for JWT encryption
# you can set this to any string you want (a long random string generated by your password manager is recommended)
-e EXO_PRIVATE_KEY=your_jwt_encryption_key

# this is used to tell traefik that it should be enabled for exoframe-server
--label traefik.enable=true

# this is used to tell traefik on which domain should Exoframe server be listening
# NOTE: it is important, that it is prefixed with "exoframe", or anything really,
#       so that exoframe has its own domain and does not interfere with your
#       application's url config.
--label "traefik.http.routers.exoframe-server.rule=Host(\`exoframe.your-host.com\`)"

# this is used to tell traefik to enable letsencrypt on the exoframe server
# you can safely remove this label if you are no using letsencrypt
--label traefik.http.routers.exoframe-server.tls.certresolver=exoframeChallenge
  1. Edit config file to fit your needs (see Server Configuration section)

Then install Exoframe CLI, point it to your new Exoframe server and use it.

Installation and usage with Letsencrypt

  1. Make sure you have Docker installed and running on your host.
  2. Create exoframe config file and enable letsencrypt in it (see Server Configuration section)
  3. Pull and run Exoframe server using docker:
docker run -d \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -v /path/to/exoframe-folder:/root/.config/exoframe \
  -v /home/user/.ssh/authorized_keys:/root/.ssh/authorized_keys:ro \
  -e EXO_PRIVATE_KEY=your_private_key \
  --label traefik.enable=true \
  --label "traefik.http.routers.exoframe-server.rule=Host(\`exoframe.your-host.com\`)" \
  --label "traefik.http.routers.exoframe-server-web.rule=Host(\`exoframe.your-host.com\`)" \
  --label traefik.http.routers.exoframe-server.tls.certresolver=exoframeChallenge \
  --label traefik.http.middlewares.exoframe-server-redirect.redirectscheme.scheme=https \
  --label traefik.http.routers.exoframe-server-web.entrypoints=web \
  --label traefik.http.routers.exoframe-server-web.middlewares=exoframe-server-redirect@docker \
  --label traefik.http.routers.exoframe-server.entrypoints=websecure \
  --label entryPoints.web.address=:80 \
  --label entryPoints.websecure.address=:443 \
  --restart always \
  --name exoframe-server \
  exoframe/server

# Explanation for new arguments:
# this is used to tell traefik on which domain should Exoframe server be listening
# first line is for http, second one - for https
--label "traefik.http.routers.exoframe-server.rule=Host(\`exoframe.your-host.com\`)"
--label "traefik.http.routers.exoframe-server-web.rule=Host(\`exoframe.your-host.com\`)" \

# this is used to tell traefik to enable letsencrypt on the exoframe server
# you can safely remove this label if you are no using letsencrypt
--label traefik.http.routers.exoframe-server.tls.certresolver=exoframeChallenge

# this labels below set up automatic http -> https redirect
# by defining two entrypoints - web on port 80 and websecure on port 443
# and creating redirect middleware for web endpoint
# for more details see traefik docs
--label traefik.http.middlewares.exoframe-server-redirect.redirectscheme.scheme=https \
--label traefik.http.routers.exoframe-server-web.entrypoints=web \
--label traefik.http.routers.exoframe-server-web.middlewares=exoframe-server-redirect@docker \
--label traefik.http.routers.exoframe-server.entrypoints=websecure \
--label entryPoints.web.address=:80 \
--label entryPoints.websecure.address=:443 \

Note: It is important to enable letsencrypt in Exoframe config before starting Exoframe server.
If that's not done - Exoframe will not create exoframeChallenge resolver for TLS and Traefik will error out.