oxeo0/selfhosting-blogposts
1
0
Fork 0
mirror of http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/selfhosting-blogposts.git synced 2025-05-16 12:16:59 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
selfhosting-blogposts/sharelatex/index.md

341 lines
15 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
search:
exclude: true
---
# ShareLaTeX / Overleaf
![](0.png)
Today we're going to setup an Open-source real-time collaborative LaTeX editor.
## **Initial Setup**
Setup Docker to get started
root@home:~# apt install docker.io -y
Once it's installed, you can look for sharelatex's containers:
root@docker0:~# docker search sharelatex
root@docker0:~/sharelatex# docker search sharelatex
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
sharelatex/sharelatex The official ShareLaTeX Community Edition do… 67
tiagoboldt/sharelatex-docker 21 [OK]
xuio/sharelatex-docker-image-full Sharelatex docker image with scheme-full 4 [OK]
sharelatex/sharelatex-base ShareLaTeX base-image 3
dennis1f/sharelatex-texlive2018 sharelatex with texlive 2018 2 [OK]
braindoctor/sharelatex Official Sharelatex image, but with full tex… 2 [OK]
jrandall/sharelatex 1 [OK]
rigon/sharelatex-full ShareLatex with all Latex packages installed… 1 [OK]
flodointhecloud/sharelatex-texlive2019 ShareLaTeX docker image with full TeX Live … 1
jonasbareiss/sharelatex 0
shimmyjimi/sharelatex Build of sharelatex / overleaf comunity to g… 0
sharelatex/copybara Our build of google/copybara 0
jperon/sharelatex-music ShareLaTeX with Gregorio and LilyPond. 0 [OK]
dpantele/sharelatex Automated build of custom sharelatex image 0 [OK]
sharelatex/acceptance-test-runner 0
yousiki/sharelatex 0
iiet/sharelatex-docker-image Sharelatex custom build 0 [OK]
sharelatex/acceptance-test-runner-postgres 0
sharelatex/node-aspell 0
jonathanverner/sharelatex ShareLaTeX Community Edition (with tweaks) 0
sleyai/sharelatex 0
marijnhollander/sharelatex Sharelatex image with tlmgr scheme-full, Pyg… 0
459below/sharelatex Standard Sharelatex container to include the… 0 [OK]
mwohlert/sharelatex-full https://github.com/mwohlert/sharelatex-full 0
thielepaul/sharelatex-full 0
root@docker0:~/sharelatex#
You can pull sharelatex and mongodb, setting it all up manually, or you can just have the official docker-compose image:
root@docker0:~# ls -lsh
total 16K
4.0K drwxr-xr-x 2 root root 4.0K Apr 18 19:16 codimd
4.0K drwxr-xr-x 11 root root 4.0K Apr 18 08:03 dillinger
4.0K drwxr-xr-x 7 root root 4.0K Apr 18 08:03 kutt
4.0K drwxr-xr-x 2 root root 4.0K Apr 18 08:56 neko
root@docker0:~# mkdir sharelatex
root@docker0:~# cd sharelatex/
root@docker0:~/sharelatex# wget https://raw.githubusercontent.com/overleaf/overleaf/master/docker-compose.yml
--2021-04-18 20:28:44-- https://raw.githubusercontent.com/overleaf/overleaf/master/docker-compose.yml
Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 185.199.109.133, 185.199.110.133, 185.199.108.133, ...
Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|185.199.109.133|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 5639 (5.5K) [text/plain]
Saving to: docker-compose.yml
docker-compose.yml 100%[============================================================================>] 5.51K --.-KB/s in 0.001s
2021-04-18 20:28:44 (4.02 MB/s) - docker-compose.yml saved [5639/5639]
root@docker0:~/sharelatex# vim docker-compose.yml
Yes this docker-compose.yml is relatively big compared to what we previously did, but that's life. For now we're going to test it locally, so we won't bother with the domain names and reverse proxy:
version: '2.2'
services:
sharelatex:
restart: always
image: sharelatex/sharelatex
container_name: sharelatex
depends_on:
mongo:
condition: service_healthy
redis:
condition: service_started
ports:
- 8090:80
links:
- mongo
- redis
volumes:
- ~/sharelatex_data:/var/lib/sharelatex
environment:
SHARELATEX_APP_NAME: Overleaf Community Edition
SHARELATEX_MONGO_URL: mongodb://mongo/sharelatex
# Same property, unfortunately with different names in
# different locations
SHARELATEX_REDIS_HOST: redis
REDIS_HOST: redis
ENABLED_LINKED_FILE_TYPES: 'url,project_file'
# Enables Thumbnail generation using ImageMagick
ENABLE_CONVERSIONS: 'true'
# Disables email confirmation requirement
EMAIL_CONFIRMATION_DISABLED: 'true'
# temporary fix for LuaLaTex compiles
# see https://github.com/overleaf/overleaf/issues/695
TEXMFVAR: /var/lib/sharelatex/tmp/texmf-var
## Set for SSL via nginx-proxy
#VIRTUAL_HOST: 103.112.212.22
# SHARELATEX_SITE_URL: http://sharelatex.mydomain.com
# SHARELATEX_NAV_TITLE: Our ShareLaTeX Instance
# SHARELATEX_HEADER_IMAGE_URL: http://somewhere.com/mylogo.png
# SHARELATEX_ADMIN_EMAIL: support@it.com
# SHARELATEX_LEFT_FOOTER: '[{"text": "Powered by [ShareLaTeX](\\"https://www.sharelatex.com\\") 2016"},{"text": "Another page I want to link to can be found [here](\\"here\\")"} ]'
# SHARELATEX_RIGHT_FOOTER: '[{"text": "Hello I am on the Right"} ]'
# SHARELATEX_EMAIL_FROM_ADDRESS: "team@sharelatex.com"
# SHARELATEX_EMAIL_AWS_SES_ACCESS_KEY_ID:
# SHARELATEX_EMAIL_AWS_SES_SECRET_KEY:
# SHARELATEX_EMAIL_SMTP_HOST: smtp.mydomain.com
# SHARELATEX_EMAIL_SMTP_PORT: 587
# SHARELATEX_EMAIL_SMTP_SECURE: false
# SHARELATEX_EMAIL_SMTP_USER:
# SHARELATEX_EMAIL_SMTP_PASS:
# SHARELATEX_EMAIL_SMTP_TLS_REJECT_UNAUTH: true
# SHARELATEX_EMAIL_SMTP_IGNORE_TLS: false
# SHARELATEX_EMAIL_SMTP_NAME: '127.0.0.1'
# SHARELATEX_EMAIL_SMTP_LOGGER: true
# SHARELATEX_CUSTOM_EMAIL_FOOTER: "This system is run by department x"
mongo:
restart: always
image: mongo:4.0
container_name: mongo
expose:
- 27017
volumes:
- ~/mongo_data:/data/db
healthcheck:
test: echo 'db.stats().ok' | mongo localhost:27017/test --quiet
interval: 10s
timeout: 10s
retries: 5
redis:
restart: always
image: redis:5
container_name: redis
expose:
- 6379
volumes:
- ~/redis_data:/data
The only thing in here that i changed is the port (from 80:80 to 8090:80) because my port 80 is used by another container. Once you're done editing it, hit **:wq** to save and quit out of vim, then use docker-compose to build the container from the yml file:
root@docker0:~/sharelatex# ls -lash
total 12K
4.0K drwxr-xr-x 2 root root 4.0K Apr 18 20:34 .
4.0K drwx------ 12 root root 4.0K Apr 18 20:34 ..
4.0K -rw-r--r-- 1 root root 3.0K Apr 18 20:34 docker-compose.yml
root@docker0:~/sharelatex# docker-compose up -d
Creating network "sharelatex_default" with the default driver
Pulling mongo (mongo:4.0)...
4.0: Pulling from library/mongo
[...]
81cf86179504: Pull complete
52fbbc31d2bb: Pull complete
Digest: sha256:2b7dd04de6915c427c5ed116d602eb02329466dcf76c4f506284685ba995bcc3
Status: Downloaded newer image for sharelatex/sharelatex:latest
Creating redis ... done
Creating mongo ... done
Creating sharelatex ... done
root@docker0:~/sharelatex#
Once it's done, you can check the containers like so:
root@docker0:~/sharelatex# docker container ls
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
831a57e1a4b6 sharelatex/sharelatex "/sbin/my_init" About a minute ago Up About a minute 0.0.0.0:8090->80/tcp sharelatex
d9f12a3b40f3 mongo:4.0 "docker-entrypoint.s…" About a minute ago Up About a minute (healthy) 27017/tcp mongo
73817b58274a redis:5 "docker-entrypoint.s…" About a minute ago Up About a minute 6379/tcp
Looks good! let's check it out from our browser, and to setup our first admin user account we need to go to **192.168.0.200:8090/launchpad** :
![](1.png) ![](2.png) ![](3.png)
Once the admin account is created, we login and go take a look at the admin panel:
![](4.png)
Above all we can go to the admin panel to register new users, or
![](5.png) ![](6.png) ![](7.png)
And that's it! We have been able to create our first LaTeX document on ShareLaTeX, we could locally share the document, but we would of course prefer to share it publicly. To do so we're going to setup a NGINX reverse proxy to make sure we have HTTPS and a subdomain for this service:
## **Reverse NGINX Proxy**
We're going to setup the reverse nginx proxy on my main debian node (10.0.0.101/16):
[ 10.0.0.10/16 ] [ /dev/pts/6 ] [Github/blog/servers]
→ ssh root@10.0.0.101
root@10.0.0.101's password:
Linux home 4.19.0-16-amd64 #1 SMP Debian 4.19.181-1 (2021-03-19) x86_64
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Sun Apr 18 20:19:25 2021 from 10.0.0.10
root@home:/var/www/void.yt/config# vim /etc/nginx/sites-available/latex.void.yt.conf
upstream latbackend {
server 192.168.0.200:8090;
}
server {
listen 80;
listen [::]:80;
server_name latex.void.yt;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name latex.void.yt;
ssl_certificate /root/.acme.sh/latex.void.yt/fullchain.cer;
ssl_trusted_certificate /root/.acme.sh/latex.void.yt/latex.void.yt.cer;
ssl_certificate_key /root/.acme.sh/latex.void.yt/latex.void.yt.key;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_ciphers 'TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_session_tickets off;
ssl_ecdh_curve auto;
ssl_stapling on;
ssl_stapling_verify on;
resolver 80.67.188.188 80.67.169.40 valid=300s;
resolver_timeout 10s;
add_header X-XSS-Protection "1; mode=block"; #Cross-site scripting
add_header X-Frame-Options "SAMEORIGIN" always; #clickjacking
add_header X-Content-Type-Options nosniff; #MIME-type sniffing
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
location / {
proxy_pass http://latbackend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}
:wq to save and quit out of vim, then enable the website:
root@home:/var/www/void.yt/config# ln -s /etc/nginx/sites-available/latex.void.yt.conf /etc/nginx/sites-enabled/
root@home:/var/www/void.yt/config# nginx -t
nginx: [emerg] BIO_new_file("/root/.acme.sh/latex.void.yt/fullchain.cer") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/root/.acme.sh/latex.void.yt/fullchain.cer','r') error:2006D080:BIO routines:BIO_new_file:no such file)
nginx: configuration file /etc/nginx/nginx.conf test failed
Here you see nginx fail. That's because we need to get the TLS certificates, and we get them from LetsEncrypt thanks to acme.sh:
root@home:/var/www/void.yt/config# systemctl stop nginx
root@home:/var/www/void.yt/config# acme.sh --issue --standalone -d latex.void.yt -k 4096
root@home:/var/www/void.yt/config# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
After getting the TLS certificates, nginx is now fine with our config, so start it again and see the result:
root@home:/var/www/void.yt/config# systemctl start nginx
![](8.png)
Here you can see that the website is now accessible from a public IP and subdomain, which is also securised by LetsEncrypt Certificates. Now let's test sharing the link with guests (make sure you create their accoutns first):
![](9.png)
And that's it! we have been able to send a link to a pre-registered user to collaborate on LaTeX documents.
Reference in a new issue View git blame Copy permalink