Install and Secure Wekan Server on AlmaLinux 9: Best Kanban Board

This tutorial aims to guide you through the process of how to Install and Secure Wekan Server on AlmaLinux 9. Wekan is an open-source kanban board application, a powerful tool that empowers you to manage your daily tasks effectively using virtual cards.

With Wekan, you can create boards and cards, seamlessly moving them between columns as you progress on each task. Collaboration is made easy by adding team members to specific tasks on the board. Similar to other Kanban tools, Wekan also supports the use of colored labels on cards, which facilitates grouping, filtering, and assigning tasks to individuals.

Being open-source and distributed under the MIT License, Wekan is highly customizable and easy to use. Let’s dive into the steps required to Install and Secure Wekan Server on AlmaLinux 9, as detailed below.

Before we begin the installation and securing of your Wekan Kanban Board, ensure you meet the following prerequisites.

1. Requirements for Wekan Kanban Board

Firstly, you must log in to your server as a non-root user with sudo privileges and set up a basic firewall. You can follow the guide on Initial Server Setup with AlmaLinux 9.

Secondly, you need to have the LEMP stack installed on your server. Follow the steps in the article on How To Install LEMP stack on AlmaLinux 9.

Finally, you need a domain name that points to your server’s IP address.

Once you’ve met these requirements, proceed with the following steps to Install and Secure Wekan Server on AlmaLinux 9.

2. Install snapd on AlmaLinux 9

In this guide, we will utilize the Snap package management system to install the Wekan server. To install and enable the snapd tool, execute the following commands:

# sudo dnf install epel-release -y
# sudo dnf install snapd -y
# sudo systemctl enable --now snapd.socket
# sudo ln -s /var/lib/snapd/snap /snap

Next, you need to install SSL to secure your server.

3. Install SSL on AlmaLinux 9

At this point, obtaining an SSL certificate for your domain is essential.

First, install the mod_ssl package on AlmaLinux 9 using the following command:

sudo dnf install mod_ssl -y

Then, install the certbot client, which is used to create Let’s Encrypt certificates:

sudo dnf install python3-certbot-nginx -y

4. Configure Nginx Reverse Proxy for Wekan Kanban Board

Now, you need to make adjustments to the Nginx configuration file for Wekan on AlmaLinux 9.

Open the file with your preferred text editor (e.g., the vi editor):

sudo vi /etc/nginx/nginx.conf

Delete the existing lines in the file and add the following content:

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/nginx/modules/*.conf;
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                  '$status $body_bytes_sent "$http_referer" '
                  '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;
}

Save and close the file.

Create an Nginx configuration file for your domain:

sudo vi /etc/nginx/conf.d/wm.conf

Add the following content to the file, replacing <server-ip> and <your-domain> with the appropriate values:

upstream app {
    server <server-ip>:3001;
}

server {
    listen 80 default_server;
    server_name <your-domain>;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl; # managed by Certbot
    # The host name to respond to
    server_name <your-domain>;

    ssl_certificate /etc/letsencrypt/live/<your-domain>/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/<your-domain>/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    location / {
        proxy_pass http://app;
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $host;
        proxy_set_header X-Real-Port $server_port;
        proxy_set_header X-Real-Scheme $scheme;
    }
}

Save and close the file.

Restart Nginx and check its status:

# sudo systemctl restart nginx
# sudo systemctl status nginx

Example Output:

● nginx.service - The nginx HTTP and reverse proxy server
     Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
    Drop-In: /usr/lib/systemd/system/nginx.service.d
             └─php-fpm.conf
     Active: active (running) since Tue 2023-02-28 04:55:41 EST; 4s ago
    Process: 74901 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
    Process: 74904 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
    Process: 74905 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
   Main PID: 74906 (nginx)
      Tasks: 3 (limit: 23609)
     Memory: 3.7M
        CPU: 48ms
...

Run certbot to obtain your SSL certificates, replacing <your-email> and <your-domain> with the appropriate values:

certbot --nginx --agree-tos --redirect --hsts --staple-ocsp --email <your-email> -d <your-domain>

5. Configure Firewall For Wekan Server

Enable HTTP, HTTPS, and port 3001 for Wekan through the AlmaLinux firewall:

# sudo firewall-cmd --zone=public --permanent --add-port 80/tcp
# sudo firewall-cmd --zone=public --permanent --add-port 443/tcp
# sudo firewall-cmd --zone=public --permanent --add-port 3001/tcp
# sudo firewall-cmd --reload

6. Install Wekan Server on AlmaLinux 9

Install the Wekan kanban board on your server using the snap command:

snap install wekan

Example Output:

wekan 6.09 from Lauri Ojansivu (xet7) installed

Set the root URL for Wekan:

snap set wekan root-url="https://<your-domain>"

Set the port number for Wekan:

snap set wekan port='3001'

Finally, restart MongoDB and Wekan:

# systemctl restart snap.wekan.mongodb
# systemctl restart snap.wekan.wekan

7. Access the Wekan Web Interface

Access the Wekan web interface by typing your domain name or server’s IP address in your web browser:

https://<your-domain-or-IP>/sign-in

You will be presented with the Wekan server login screen. If you don’t have an account, click Register.

[Image of Wekan login screen]

Create a Wekan account and click Register.

[Image of Register Wekan account]

You will now see your Wekan server dashboard.

[Image of Wekan dashboard AlmaLinux 9]

Wekan is an excellent tool for project managers who embrace Kanban boards. While it might lack the complex workflows found in Jira, it stands toe-to-toe with Trello in terms of features and is even simpler to use and manage boards.

If you are currently using Trello, consider giving Wekan a try. It even has an import feature, allowing you to quickly get started with your existing projects.

Conclusion

You have successfully learned how to Install and Secure Wekan Server on AlmaLinux 9. With Wekan, managing your Kanban boards becomes a breeze.

Enjoy using Wekan! You might also find these articles helpful:

• How To Install GCC Compiler on AlmaLinux 9
• Install and Use Cockpit on AlmaLinux 9
• Dot NET Core Setup AlmaLinux 9
• Install Thunderbird Mail on AlmaLinux 9
• Install aaPanel on AlmaLinux 9
• Install Elasticsearch AlmaLinux 9
• Install Apache CouchDB on AlmaLinux 9
• Install Skype on AlmaLinux 9

Alternative Solutions to Installing Wekan

While the Snap package method is convenient, here are two alternative approaches to installing Wekan on AlmaLinux 9:

1. Installing Wekan via Docker

Docker provides a containerized environment, making application deployment consistent and isolated. This approach is beneficial for managing dependencies and ensuring compatibility across different environments.

Explanation:

This method involves using Docker to run Wekan within a container. This eliminates the need to install dependencies directly on the host system and simplifies the deployment process. Docker containers are isolated, preventing conflicts with other applications on the server.

Steps:

1. Install Docker and Docker Compose: If you don’t have Docker installed, follow the official Docker documentation for AlmaLinux 9. Similarly, install Docker Compose.

2. Create a docker-compose.yml file: Create a file named docker-compose.yml in a directory where you want to store your Wekan configuration. Add the following content:

version: "3.7"

services:
  wekan:
    image: quay.io/wekan/wekan:latest
    restart: always
    ports:
      - "3001:3001"
    environment:
      - MONGO_URL=mongodb://mongo:27017/wekan
      - ROOT_URL=https://<your-domain>
    depends_on:
      - mongo

  mongo:
    image: mongo:latest
    restart: always
    volumes:
      - wekan-data:/data/db

volumes:
  wekan-data:

Replace <your-domain> with your actual domain.

3. Start the containers: Navigate to the directory containing docker-compose.yml and run the following command:

docker-compose up -d

This command will download the necessary images and start the Wekan and MongoDB containers in detached mode.

4. Configure Nginx Reverse Proxy: Follow the same Nginx reverse proxy configuration steps outlined in the original article, ensuring that the proxy points to localhost:3001.

5. Configure Firewall: Follow the same firewall configuration steps outlined in the original article.

This approach offers portability and simplifies upgrades.

2. Installing Wekan from Source (Advanced)

While significantly more complex, installing from source provides the greatest degree of customization and control. This is generally recommended only for experienced users who understand the underlying technologies.

Explanation:

This method involves cloning the Wekan source code from GitHub, installing the necessary dependencies (Node.js, MongoDB), and building the application manually. This approach gives you complete control over the installation process and allows you to customize Wekan to your specific needs.

Steps (Simplified):

1. Install Node.js and npm: Install a compatible version of Node.js and npm (Node Package Manager). You can use nvm (Node Version Manager) for managing Node.js versions.

2. Install MongoDB: Follow the official MongoDB documentation to install MongoDB on AlmaLinux 9.

3. Clone the Wekan repository:

git clone https://github.com/wekan/wekan.git
cd wekan

4. Install dependencies:

npm install

5. Configure Wekan: Create a settings.json file with the necessary configuration parameters (MongoDB URL, ROOT_URL, etc.).

6. Build and Run Wekan:

npm run build
npm start

7. Configure Nginx Reverse Proxy: Follow the same Nginx reverse proxy configuration steps outlined in the original article, ensuring that the proxy points to the port where Wekan is running (usually 3001).

8. Configure Firewall: Follow the same firewall configuration steps outlined in the original article.

Code Example (settings.json snippet):

{
  "mongo_url": "mongodb://localhost:27017/wekan",
  "root_url": "https://<your-domain>",
  "port": 3001
}

Caution: Installing from source requires careful management of dependencies and configuration. This method is not recommended for beginners. You should also configure a process manager like pm2 to ensure Wekan restarts automatically if it crashes.

These alternative methods offer flexibility in deploying Wekan on AlmaLinux 9, catering to different needs and levels of technical expertise. Choose the method that best suits your requirements and experience.