Site Overlay

Installing Mayan EDMS on Ubuntu 20.04

The Mayan EDMS documentation offers two ways for the installation on a Ubuntu 20.04 LTS machine: The first one is via Docker, the second one is the direct installation. I went for the second (direct) option on a Raspberry Pi 4 running a Ubuntu 20.04 headless server. For the installation to succeed, you have to do some slight amendments to the installation instructions given in the Mayan EDMS.

Installation error while building Python wheel for gevent (PEP 517)

When I tried to install the Mayan EDMS from PyPi according to step 7 of the documentation I got the following error when the Python Wheel for gevent was built:

The solution to the issue can be found in the github issues section for gevent. For building the Python wheel, we need make, so the simple solution is to install make to your Ubuntu system (sudo apt install make) or to add it to the list of requirements that are installed in step one of the documentation.

Initialization of project

When running the following command in step 10, be aware that it will take some time until you get a response in the command window. I first made the error and thought that the multiline shell command was incomplete. So I hit Crtl-C and ran directly into the trouble the documentation warned of, that I lost my admin user.

If you happen to have the same problem, you have to delete your mayan postgresql database and drop the mayan user and then repeat step 9:

Further questions

How can I access my Mayan?

After successfully installing everything, the main question was: How the heck can I access my Mayan installation? Fact is that the installation does not run on port 80. Using sudo netstat -plunt I found out that port 8000 is listening to the outside world. And that will take your browser to the initial login page.

Is the mayan user set up during installation also the Mayan admin?

The answer is: no. During installation of your mayan system, you set up a couple of users that ran “under the hood”:

  • the mayan system user in the Ubuntu OS (without password and login options; can only be used with sudo -U mayan)
  • the mayan user in your PostgreSQL database (which has a password)
  • the mayan user in your Redis

None of those users is exposed through Mayan’s web UI – the lead user who holds all privileges in the web UI is admin, and you have to set its password when you access Mayan’s web interface for the first time after installation.

Is there no way to run Mayan over HTTPS?

No – at least not directly. Here’s a statement from the Mayan developer:

We don’t include any native way in Mayan to do this because there are many way to configure SSL and that is something best left for deployment tools. We recommend using a reverse proxy.

You can use nginx, apache or Traefik.

Okeydoke – we’ll set up an nginx as a reverse-proxy then. What we need is…

  • Install and setup ddclient to regularly update the DynDNS record for our outside address. (Not shown in this post)
  • Install nginx itself and set it up as a reverse proxy. Outside communication is to be sent through https.
  • Set up a Let’s encrypt certificate to identify and encrypt our site.

Install nginx and setup as reverse proxy

The key challenge is to come up with a configuration file for the nginx reverse proxy and have Certbot produce a certificate for that nginx instance. The way that worked for me was:

  1. Use the nginx default template with just dummy page. Run it under the dyndns domain will later run as the domain for the reverse proxy. All you need is a bare bone nginx server that runs on port 80 with your local network firewall opened for that port. Then run Certbot to produce your certificate.
  2. After you have your certificate, create a new file /etc/nginx/sites-available/ and put the certificate paths as parameters for ssl_certificate and ssl_certificate_key in the server config. My config file finally looked like this:

Save the file into /etc/nginx/sites-available. Then set a symlink into /etc/nginx/sites-enabled/:

Disable the default virtual host: