Focalboard is an open-source and self-hosted project management tool. It is multilingual and an alternative to Asana, Trello, and Notion that can be used by developers to track and manage work across teams. It is based on kanban and is available for desktops and servers. It can be used as a stand-alone personal server for testing and development. Focalboard helps developers stay aligned to complete tasks, reach milestones, and achieve their goals.
In this post, we will show you how to install Focalboard with Nginx as a reverse proxy on Ubuntu 22.04.
Prerequisites
- A server running Ubuntu 22.04.
- A valid domain name pointed with your server IP.
- A root password is configured on the server.
Install and Configure PostgreSQL
Focalboard uses PostgreSQL to store its data. So the PostgreSQL database server must be installed on your system.
If not installed, you can install it with other packages using the following command:
apt-get install curl wget gnupg2 -y
apt-get install postgresql postgresql-contrib -y
After installing PostgreSQL, connect to the PostgreSQL using the following command:
su - postgres
psql
Next, create a database and user for PostgreSQL with the following command:
CREATE DATABASE focaldb;
CREATE USER focaluser WITH PASSWORD 'password';
Next, exit from the PostgreSQL shell with the following command:
\\q
exit
Once you are finished, you can proceed to the next step.
Install and Configure Focalboard
First, visit the Focalboard Git Hub download page and download the latest version of Focalboard using the following command:
VER=$(curl -s <https://api.github.com/repos/mattermost/focalboard/releases/latest|grep> tag_name | cut -d '"' -f 4)
wget <https://github.com/mattermost/focalboard/releases/download/${VER}/focalboard-server-linux-amd64.tar.gz>
Once the download is complete, extract the downloaded file with the following command:
tar -xvzf focalboard-server-linux-amd64.tar.gz
Next, move the focalboard to the /opt directory using the following command:
mv focalboard /opt
Next, edit the Focalboard configuration file:
nano /opt/focalboard/config.json
change the following lines that match with your database as shown below:
"dbtype": "postgres",
"dbconfig": "postgres://focaluser:password@localhost/focaldb?sslmode=disable&connect_timeout=10",
Save and close the file when you are finished.
Create a Systemd Service File for Focalboard
It is a good idea to start and manage Focalboard with systemd. To do so, you will need to create a systemd service file for Focalboard:
nano /lib/systemd/system/focalboard.service
Add the following lines:
[Unit]
Description=Focalboard server
[Service]
Type=simple
Restart=always
RestartSec=5s
ExecStart=/opt/focalboard/bin/focalboard-server
WorkingDirectory=/opt/focalboard
[Install]
WantedBy=multi-user.target
Save and close the file, then reload the systemd daemon to apply the changes:
systemctl daemon-reload
Next, start and enable the Focalboard service with the following command:
systemctl start focalboard
systemctl enable focalboard
You can now check the status of the Focalboard with the following command:
systemctl status focalboard
You will get the following output:
? focalboard.service - Focalboard server
Loaded: loaded (/lib/systemd/system/focalboard.service; disabled; vendor preset: enabled)
Active: active (running) since Sun 2022-08-21 11:22:22 UTC; 8s ago
Main PID: 4347 (focalboard-serv)
Tasks: 4 (limit: 2242)
Memory: 18.1M
CPU: 1.977s
CGroup: /system.slice/focalboard.service
??4347 /opt/focalboard/bin/focalboard-server
Aug 21 11:22:23 ubuntu2204 focalboard-server[4347]: debug [2022-08-21 11:22:23.507 Z] listener(s) for blockID caller="ws/ser>
Aug 21 11:22:23 ubuntu2204 focalboard-server[4347]: debug [2022-08-21 11:22:23.507 Z] listener(s) for blockID caller="ws/ser>
Aug 21 11:22:23 ubuntu2204 focalboard-server[4347]: debug [2022-08-21 11:22:23.510 Z] listener(s) for workspaceID caller="ws/ser>
Aug 21 11:22:23 ubuntu2204 focalboard-server[4347]: debug [2022-08-21 11:22:23.510 Z] listener(s) for blockID caller="ws/ser>
Aug 21 11:22:23 ubuntu2204 focalboard-server[4347]: debug [2022-08-21 11:22:23.510 Z] listener(s) for blockID caller="ws/ser>
Aug 21 11:22:24 ubuntu2204 focalboard-server[4347]: debug [2022-08-21 11:22:24.928 Z] import archive - done caller="app/im>
Aug 21 11:22:24 ubuntu2204 focalboard-server[4347]: info [2022-08-21 11:22:24.937 Z] initialized workspace caller="app/wo>
Aug 21 11:22:24 ubuntu2204 focalboard-server[4347]: info [2022-08-21 11:22:24.941 Z] Server.Start caller="server>
Aug 21 11:22:24 ubuntu2204 focalboard-server[4347]: info [2022-08-21 11:22:24.941 Z] http server started caller="web/we>
Aug 21 11:22:24 ubuntu2204 focalboard-server[4347]: info [2022-08-21 11:22:24.947 Z] Starting unix socket server caller="server>
At this point, Focalboard is started and listening on port 8000. You can check its listening ports using the following command:
ss -antpl | grep focalboard
You will get the following output:
LISTEN 0 4096 *:8000 *:* users:(("focalboard-serv",pid=4347,fd=9))
LISTEN 0 4096 *:9092 *:* users:(("focalboard-serv",pid=4347,fd=8))
Once you are finished, you can proceed to the next step.
Configure Nginx as a Reverse Proxy
Next, it is a good idea to install and configure Nginx as a reverse proxy to access the Focalboard via port 80. First, install the Nginx server with the following command:
apt-get install nginx -y
Once the Nginx server is installed, create an Nginx virtual host configuration file:
nano /etc/nginx/conf.d/focalboard.conf
Add the following lines:
upstream focalboard {
server localhost:8000;
keepalive 32;
}
server {
listen 80;
server_name focalboard.example.com;
location ~ /ws/* {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
client_max_body_size 50M;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_buffers 256 16k;
proxy_buffer_size 16k;
client_body_timeout 60;
send_timeout 300;
lingering_timeout 5;
proxy_connect_timeout 1d;
proxy_send_timeout 1d;
proxy_read_timeout 1d;
proxy_pass <http://focalboard>;
}
location / {
client_max_body_size 50M;
proxy_set_header Connection "";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_buffers 256 16k;
proxy_buffer_size 16k;
proxy_read_timeout 600s;
proxy_cache_revalidate on;
proxy_cache_min_uses 2;
proxy_cache_use_stale timeout;
proxy_cache_lock on;
proxy_http_version 1.1;
proxy_pass <http://focalboard>;
}
}
Save and close the file when you are finished, then verify the Nginx for any syntax configuration error with the following command:
nginx -t
You will get the following output:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Next, restart the Nginx service to apply the configuration changes:
systemctl restart nginx
You can also check the Nginx status using the following command:
systemctl status nginx
You should see the following output:
? nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2022-08-21 11:24:08 UTC; 7s ago
Docs: man:nginx(8)
Process: 5017 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 5018 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Main PID: 5019 (nginx)
Tasks: 2 (limit: 2242)
Memory: 2.6M
CPU: 35ms
CGroup: /system.slice/nginx.service
??5019 "nginx: master process /usr/sbin/nginx -g daemon on; master_process on;"
??5020 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
Aug 21 11:24:08 ubuntu2204 systemd[1]: Starting A high performance web server and a reverse proxy server...
Aug 21 11:24:08 ubuntu2204 systemd[1]: Started A high performance web server and a reverse proxy server.
Access Focalboard Web Interface
Now, open your web browser and type the URL http://focalboard.example.com/login to access the Focalboard. You will be redirected to the Focalboard login page:
Click on the create an account button. You should see the Focalboard account creation page:
Provide your email address, admin username, password, and click on the Register button. You should see the Focalboard dashboard on the following page:
Enable SSL on Focalboard
For security reasons, it is a good idea to secure Focalboard with Let’s Encrypt SSL. Next, you will need to install the Certbot client package to install and manage the Let’s Encrypt SSL.
First, install the Certbot with the following command:
apt-get install python3-certbot-nginx -y
Once the installation is finished, run the following command to install the Let’s Encrypt SSL on your website:
certbot --nginx -d focalboard.example.com
You will be asked to provide a valid email address and accept the term of service as shown below:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): hitjethva@gmail.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
<https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf>. You must
agree in order to register with the ACME server at
<https://acme-v02.api.letsencrypt.org/directory>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for focalboard.example.com
Waiting for verification...
Cleaning up challenges
Deploying Certificate to VirtualHost /etc/nginx/conf.d/focalboard.conf
Next, choose whether or not to redirect HTTP traffic to HTTPS as shown below:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Type 2 and hit Enter to finish the installation. You should see the following output:
Redirecting all traffic on port 80 to ssl in /etc/nginx/conf.d/focalboard.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Congratulations! You have successfully enabled <https://focalboard.example.com>
You should test your configuration at:
<https://www.ssllabs.com/ssltest/analyze.html?d=focalboard.example.com>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/focalboard.example.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/focalboard.example.com/privkey.pem
Your cert will expire on 2022-11-21. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: <https://letsencrypt.org/donate>
Donating to EFF: <https://eff.org/donate-le>
- We were unable to subscribe you the EFF mailing list because your
e-mail address appears to be invalid. You can try again later by
visiting <https://act.eff.org>.
Conclusion
Congratulations! you have successfully installed Focalboard with Nginx as a reverse proxy on Ubuntu 22.04. You can now deploy Focalboard in your organization and start managing and tracking your projects easily from the web browser. Feel free to ask me if you have any questions.