Installation notes of eventline on FreeBSD

2022-09-15 - My production setup
Tags: Eventline FreeBSD PostgreSQL

Introduction

Please refer to the official website documentation for an up to date installation guide. This page only lists what I had to do at the time to setup eventline and adapt it to my particular setup.

Preparing the postgresql database

A Postgresql database version 14 or above is the only dependency, let’s install it:

pkg install postgresql14-server postgresql14-contrib
/usr/local/etc/rc.d/postgresql enable
/usr/local/etc/rc.d/postgresql initdb
/usr/local/etc/rc.d/postgresql start

Now let’s provision a database:

su - postgres
createuser -W eventline
createdb -O eventline eventline

Connect to the database and activate the pgcryto extension:

psql -U eventline -W eventline
CREATE EXTENSION pgcrypto;

Eventline

Exograd (the company behind eventline) maintains a FreeBSD repository, let’s use it:

curl -sSfL -o /usr/local/etc/pkg/repos/exograd-public.conf \
     https://pkg.exograd.com/public/freebsd/exograd.conf
pkg update
pkg install eventline

Edit the /usr/local/etc/eventline/eventline.yaml configuration file:

data_directory: "/usr/local/share/eventline"

api_http_server:
  address: "localhost:8085"

web_http_server:
  address: "localhost:8087"

web_http_server_uri: "https://eventline.adyxax.org/"

pg:
  uri:
    "postgres://eventline:XXXXXXXX@localhost:5432/eventline"

# You need to generate a random encryption, for example using OpenSSL:
# openssl rand -base64 32
encryption_key: "YYYYYYYY"

Now start eventline with:

service eventline enable
service eventline start

DNS record

Since all configuration regarding this application is in terraform, so is the dns:

resource "cloudflare_record" "eventline-cname" {
  zone_id = lookup(data.cloudflare_zones.adyxax-org.zones[0], "id")
  name    = "eventline"
  value   = "10.1.2.5"
  type    = "A"
  proxied = false
}

This IP is the wireguard endpoint on the server hosting eventline. Having this hostname is important for the ssl certificate validation, otherwise firefox will complain!

Nginx configuration

This nginx configuration listens on the ip of a wireguard interface:

server {
        listen  10.1.2.5:80;
        server_name  eventline.adyxax.org;
        location / {
                return 308 https://$server_name$request_uri;
        }
}
# webui
server {
        listen  10.1.2.5:443 ssl;
        server_name  eventline.adyxax.org;

        location / {
                proxy_pass  http://127.0.0.1:8087;
                include headers_secure.conf;
        }
        ssl_certificate      adyxax.org.fullchain;
        ssl_certificate_key  adyxax.org.key;
}
# api-server
server {
        listen  10.1.2.5:8085 ssl;
        server_name  eventline.adyxax.org;

        location / {
                proxy_pass  http://127.0.0.1:8085;
                include headers_secure.conf;
        }
        ssl_certificate      adyxax.org.fullchain;
        ssl_certificate_key  adyxax.org.key;
}

Admin account’s password

Go to the domain you configured (https://eventline.adyxax.org/ for me) and login to your new eventline with username admin and password admin. Then go to Account and click Change password.

Backups

Backups are run with borg and stored on yen.adyxax.org. I used my borg ansible role for that. There is only one backup job: a pg_dump of eventline’s postgresql database

Final words

Eventline is very simple but there is always some sysadmin work to do if you want things done well.

Also I cleaned up some of my scripts in a public repository and will detail my eventline jobs implementation in a next article.

I am now toying with eventline to orchestrate migrations and tasks for which I relied on ansible, I feel I can simplify and improve things this way!