Redash v8をUbuntu18.04にDockerでセットアップしてみた

最近Redashの構築依頼がぼちぼちあるので、Redash v8をセットアップした時のメモを残しておきます。

環境

手順

1.事前準備

sudo su -
apt-get update
apt-get upgrade

2.Redash初期セットアップ

git clone https://github.com/getredash/setup.git
mkdir -p /opt/redash
sh ./setup/setup.sh

3.Let's EncryptでSSL証明書を更新するための設定

mkdir -p /opt/redash/nginx
mkdir -p /opt/redash/nginx/certs
mkdir -p /opt/redash/nginx/certs-data
cd
vi /opt/redash/nginx/nginx.conf (①)
vi /opt/redash/docker-compose.yml (②)
docker-compose up -d

① nginx.conf

  • 新規作成
upstream redash {
server redash:5000;
}
server {
listen      80;
listen [::]:80;
server_name redash.example.com;
location ^~ /ping {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_pass       http://redash;
}
location / {
rewrite ^ https://$host$request_uri? permanent;
}
location ^~ /.well-known {
allow all;
root  /data/letsencrypt/;
}
}

② docker-compose.yml

  • 更新:nginxセクションの箇所を上書き
  nginx:
image: redash/nginx:latest
ports:
- "80:80"
- "443:443"
depends_on:
- server
links:
- server:redash
volumes:
- /opt/redash/nginx/nginx.conf:/etc/nginx/conf.d/default.conf
- /opt/redash/nginx/certs:/etc/letsencrypt
- /opt/redash/nginx/certs-data:/data/letsencrypt
restart: always

4.Let's Encrypt SSL証明書作成

  • httpで認証するので、一時的にポート80番を解放した後に実行
docker run -it --rm \
-v /opt/redash/nginx/certs:/etc/letsencrypt \
-v /opt/redash/nginx/certs-data:/data/letsencrypt \
deliverous/certbot \
certonly \
--webroot --webroot-path=/data/letsencrypt \
-d redash.example.com

5.RedashのWeb設定

vi /opt/redash/nginx/nginx.conf (③)
docker-compose restart nginx

③ nginx.conf

  • 更新:以下の内容で上書き
upstream redash {
server redash:5000;
}
server {
listen      80;
listen [::]:80;
server_name redash.example.com;
location ^~ /ping {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_pass       http://redash;
}
location / {
rewrite ^ https://$host$request_uri? permanent;
}
location ^~ /.well-known {
allow all;
root  /data/letsencrypt/;
}
}
server {
listen      443           ssl http2;
listen [::]:443           ssl http2;
server_name               redash.example.com;
add_header                Strict-Transport-Security "max-age=31536000" always;
ssl_session_cache         shared:SSL:20m;
ssl_session_timeout       10m;
ssl_protocols             TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers               "ECDH+AESGCM:ECDH+AES256:ECDH+AES128:!ADH:!AECDH:!MD5;";
ssl_stapling              on;
ssl_stapling_verify       on;
resolver                  8.8.8.8 8.8.4.4;
ssl_certificate           /etc/letsencrypt/live/redash.example.com/fullchain.pem;
ssl_certificate_key       /etc/letsencrypt/live/redash.example.com/privkey.pem;
ssl_trusted_certificate   /etc/letsencrypt/live/redash.example.com/chain.pem;
access_log                /dev/stdout;
error_log                 /dev/stderr info;
# other configs
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_pass       http://redash;
}
}

6.Redashの環境設定

  • 必要に応じて追記
  • 以下は、SendGrid・Google SSOで必要な変数を追加する例
vi /opt/redash/env (④)
docker-compose up -d server

④ env

  • 更新:追記
REDASH_MAIL_SERVER=smtp.sendgrid.net
REDASH_MAIL_PORT=587
REDASH_MAIL_USE_TLS=true
REDASH_MAIL_USE_SSL=false
REDASH_MAIL_USERNAME=<SendGridUser>
REDASH_MAIL_PASSWORD=<SendGridPassword>
REDASH_MAIL_DEFAULT_SENDER=no-reply@example.com
REDASH_HOST=https://redash.example.com
REDASH_GOOGLE_CLIENT_ID=<GoogleClientID>
REDASH_GOOGLE_CLIENT_SECRET=<GoogleClientSecret>

ここにたどり着くまでは2日ぐらいかかってしまいましたが、すべてスムーズに進めば1時間ぐらいで構築完了します。

参考URL

タイトルとURLをコピーしました