KotLink.org

Logo

An implementation of Go-Links, written in Kotlin

View the Project on GitHub ilya40umov/KotLink

KotLink - Deployment Guide

Prerequisites

Configuration

All of the settings that will be mentioned below (e.g. SPRING_DATASOURCE_URL) should be provided to KotLink app as environment variables. For example with Docker this can be achieved with running the container with multiple -e flags.

Connect To Database

Obtain OAuth2 Client ID

  1. Go to Credentials in your Google API Console
  2. Click on Create credentials button, choose OAuth client ID, and then select Web application.
  3. On the next page, enter any name you see fit, and add the following URL http://${YOUR_KOTLINK_SERVER_ADDRESS}/login under Authorized redirect URLs, where ${YOUR_KOTLINK_SERVER_ADDRESS} should be replaced with the domain name / the external ip address of your KotLink server. E.g. The OAuth2 Client ID for local development has http://localhost:8080/login added to Authorized redirect URLs.
  4. Save the generated client ID and client secret for the next step.

Set Up OAuth2

Limit Who Can Access Your Server

Please, note that KOTLINK_SECURITY_OAUTH_ALLOWED_EMAILS and KOTLINK_SECURITY_OAUTH_ALLOWED_EMAIL_REGEX checks are combined using OR, and thus if you want to allow only a set of specific users to access the server, you should set the regex to ^$ (which matches nothing) and emails array to whatever your users’ addresses look like.

Tune Tomcat If Behind ELB / Reverse Proxy

Most likely you will be running KotLink behind ELB or some other reverse proxy, and in this case you will want to set the following properties to make sure Tomcat is handing X-Forwarded- headers correctly:

Use Redis As Cache And Session Storage

To enable using Redis as a backing store for cache (by default lives in memory) and for session information (by default is stored in Postgres), which in turn will help improving performance and availability (e.g. without a stand-alone cache you can only have a single-node deployment of KotLink server, as local caches on each node will quickly become stale and cause issues), you can tweak the following properties:

Monitoring

KotLink server also exposes a few endpoints that help with monitoring its status:

To access protected endpoint, KotLink has a special user with name kotlinkactuator password kotlinkpass. This user can’t access anything other than /actuator/* and can be changed to have a different name / password via the following two properties:

Note: Redis should also further be configured due to spring-session/issues/124. Make sure to set notify-keyspace-events to eA.