Production Installation

Note: The most tested way of deploying the ctf-scoreboard is using Heroku, or if you want to use your own server then using https://github.com/dokku/dokku. Don't deploy this in production without a proper and secure reverse proxy.

Docker

These steps are for production deployments using docker-compose.

Prerequisites

• If you have not already, follow the steps to install docker-compose.

Installation

• Generate credentials: ./setup-docker-secrets.sh
• Run scoreboard database setup: docker-compose run web rails db:initial_setup
• Add appropriate Application Environment Variables in your .env-prod file for your environment
• Add NGINX_HOST=your-scoreboard-domain.com to the .env file for your environment
• Start the container: docker-compose up -d

Dokku

These steps are for production deployments using Dokku.

Prerequisites

• If you have not already installed Dokku, follow the steps to install Dokku.
• Ensure you have the Dokku Postgres plugin installed
• Ensure you either have the LetsEncrypt plugin installed or manual management of your SSL certificates. The app will not work without some sort of SSL certificate generated.

Installation

• Create a new application on your dokku server: dokku apps:create ctf-scoreboard
• Create a new postgres database on your dokku server: dokku postgres:create scoreboard-db
• Link the database to the application on your dokku server: dokku postgres:link scoreboard-db ctf-scoreboard
• Set the application to use the Heroku Ruby buildpack (since this repository has a Dockerfile it tries to default to building off the Dockerfile, however the Heroku Ruby buildpack provides a smoother experience): dokku config:set ctf-scoreboard BUILDPACK_URL=https://github.com/heroku/heroku-buildpack-ruby.git#v230
• (Optional) Setup the proxy for your application: dokku --app ctf-scoreboard config:set HTTP_PROXY=http://<proxy-server>, dokku --app ctf-scoreboard config:set HTTPS_PROXY=http://<proxy-server>
• Add your dokku server as a git remote on your local machine for the application
  • Clone the scoreboard locally using the clone button on the main page.
  • Add the remote by running git remote add ctf-dokku dokku@<address>:ctf-scoreboard
• Push the code to dokku in order to create an initial copy of the project on your server, from within your local git copy: git push ctf-dokku master.
  • Note: If you would like to deploy a branch other than master to dokku you can run git push ctf-dokku otherbranch:master.
• The application is setup to automatically run migrations during a code push, however this causes problems during the initial deploy. In order to get a clean initial deployment, run the following commands on your Dokku
  • Set the rails environment dokku --app ctf-scoreboard run rails db:environment:set RAILS_ENV=production
  • Drop and recreate the database by running dokku --app ctf-scoreboard run rake db:drop db:create db:schema:load DISABLE_DATABASE_ENVIRONMENT_CHECK=1
• Push the code to dokku again using either git push ctf-dokku master or git push ctf-dokku otherbranch:master. This time the build will pass and your application will be deployed.
• Add a domain to access your application by running dokku --app ctf-scoreboard domains:add <yourdomain>.
• Setup your certificates by either using LetsEncrypt or dokku certs:generate ctf-scoreboard <yourdomain>.
• Your app should now be accessible in the browser. Browse to in order to complete setup of your game and challenges.

Troubleshooting

Unable to access the Scoreboard

If you are unable to access the scoreboard after deploying with Dokku, it is worthwhile to check the port mappings by running dokku proxy:ports ctf-scoreboard. The output of this command should at least show port 80 and 443 mapped to the container as follows:

-----> Port mappings for ctf-scoreboard
    -----> scheme  host port  container port
    http           80         5000
    https          443        5000

If this is not the case, try running the following commands:

dokku proxy:ports-clear ctf-scoreboard
dokku proxy:ports-add ctf-scoreboard http:80:5000
dokku proxy:ports-add ctf-scoreboard https:443:5000

Clearing the incorrect Buildpack

If you deployed without setting the Ruby Buildpack originally, you may run into some errors involving the environment variables set by the Docker build. You can verify this by running dokku config:show ctf-scoreboard. Check for the following lines:

DOKKU_DOCKERFILE_PORTS:  3000
DOKKU_PROXY_PORT_MAP:    http:3000:3000

If they exist, run dokku config:unset ctf-scoreboard DOKKU_DOCKERFILE_PORTS DOKKU_PROXY_PORT_MAP which will reset the bad port mappings and restart the application.

Generic Deployment Instructions

• Install ruby (using a ruby version manager like rvm is recommended).
• In your terminal run gem install bundler
• Install postgres to your system (and create a role with your system username sudo -u postgres -i then createuser --interactive).
• Setup Recaptcha. This can be done by getting a site key from here and then setting the RECAPTCHA_SITE_KEY and RECAPTCHA_SECRET_KEY environment variables for the application. The steps for this will vary based on your hosting platform.
• Run bundle install to install dependencies
• Run bundle exec rake db:create to create the database
• Run bundle exec rake db:schema:load to load the database schema
• Run bundle exec rake db:create_admin to launch an interactive session to create an administrator
• Run bundle exec rails s -e production to launch the server in production mode
• Open the webpage shown in your terminal from the last command in your browser.
• Login to the registration app http://localhost:3000 as the admin user you created.
• Access the administration panel at http://localhost:3000/admin to configure the application.

Environment Configuration

Configure SMTP:

• enabled: (ENV: SCOREBOARD_ENABLE_SMTP)
• settings:
  • address: Allows for a remote mail server (ENV: SCOREBOARD_SMTP_ADDRESS)
  • port: Port for your mail server to run off of (ENV: SCOREBOARD_SMTP_PORT)
  • domain: For specification of a HELO domain (ENV: SCOREBOARD_SMTP_DOMAIN)
  • authentication: For specification of authentication type if the mail server requires it (ENV: SCOREBOARD_SMTP_AUTHENTICATION)
  • tls: Enables SMTP to connect with SMTP/TLS (ENV: SCOREBOARD_SMTP_TLS)
  • openssl_verify_mode: For specifying how OpenSSL checks certificates (ENV: SCOREBOARD_SMTP_OPENSSL_VERIFY_MODE)
  • enable_starttls_auto: Checks if SMTP has STARTTLS enabled and starts to use it (ENV: SCOREBOARD_SMTP_ENABLE_STARTTLS_AUTO)
  • user_name: For mail server authentication (ENV: SCOREBOARD_SMTP_SERVER_USERNAME)
  • password: For mail server authentication (ENV: SCOREBOARD_SMTP_SERVER_PASSWORD)

Configure Local Login

• email_confirmation: Turns on email confirmation for local registration. (ENV: SCOREBOARD_ENABLE_EMAIL_CONFIRMATION)(default: false)