-
In this guide, I will detail how to install Outline. If you’re struggling with a particular section, then you can use the table of contents below to go to that section:
Table of contents
- Downloading Outline
- Configuring Authentik
- Database
- Resolving Database Issues
- Running your new instance
- Updating
Downloading Outline
preface: This guide assumes that you have already installed and configured an authentication provider such as Authentik. For the purpose of this guide, we will be using Authentik as our authentication provider.
This guide assumes that you will be downloading and installing Outline using Docker.
First, on your virtual machine create a folder that you will use to store the Outline files. Personally, I have created
~/Docker/OutlineNext, create a new file called
docker.envusing the sample file located here: https://github.com/outline/outline/blob/main/.env.sampleNote: You MUST include at least one authentication provider - I have personally used Authentik for this purpose.
Next, create a new Docker Compose yml file to manage your containers. For this, I will navigate into my Docker directory, and then create a new file called
docker-compose.ymlversion: "3" services: outline: image: docker.getoutline.com/outlinewiki/outline:latest env_file: ./docker.env ports: - "3000:3000" depends_on: - postgres - redis - storage redis: image: redis env_file: ./docker.env ports: - "6379:6379" volumes: - ./redis.conf:/redis.conf command: ["redis-server", "/redis.conf"] healthcheck: test: ["CMD", "redis-cli", "ping"] interval: 10s timeout: 30s retries: 3 postgres: image: postgres env_file: ./docker.env ports: - "5432:5432" volumes: - database-data:/var/lib/postgresql/data healthcheck: test: ["CMD", "pg_isready"] interval: 30s timeout: 20s retries: 3 environment: POSTGRES_USER: 'user' POSTGRES_PASSWORD: 'pass' POSTGRES_DB: 'outline' storage: image: minio/minio env_file: ./docker.env ports: - "9000:9000" entrypoint: sh command: -c 'minio server' deploy: restart_policy: condition: on-failure volumes: - storage-data:/data healthcheck: test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"] interval: 30s timeout: 20s retries: 3 https-portal: image: steveltn/https-portal env_file: ./docker.env ports: - '80:80' - '443:443' links: - outline - storage restart: always volumes: - https-portal-data:/var/lib/https-portal healthcheck: test: ["CMD", "service", "nginx", "status"] interval: 30s timeout: 20s retries: 3 environment: DOMAINS: 'docs.mycompany.com -> http://outline:3000' STAGE: 'production' WEBSOCKET: 'true' volumes: https-portal-data: storage-data: database-data:Configuring Authentik as an authentication method
-
Login to your Authentik instance as an administrator
-
Navigate to Providers and click Create
-
Create a new
Authentication Provider. I have called mineOutline-OIDfor easy identification.
a. Your configuration should use a redirect of
https://yourdomain.tld/auth/oidc.callback
b. You must make a note of yourClient IDandSecretto use for yourdocker.envfile
c. UnderAdvanced Protocol Settingsensure that you selectopenIDandEmail
d. TheSubject Modecan be set toBased on the user’s Email.
-
Navigate to
Applicationsand selectCreate -
Create a new Application. I have called mine
Outlinefor easier identification. -
The Provider will be the newly created one
(Outline-OID in my case)
-
On your server, navigate to your
docker.envfile -
Scroll down the
Authenticationsection until you reachOIDC
a. Configure your OIDC Client ID and Secret that you took during Step 3a.
b. YourAuth_URIwill behttps://yourdomain.tld/application/o/authorize
c. YourToken_URIwill behttps://yourdomain.tld/application/o/token
d. YourUSERINFO_URIwill behttps://yourdomain.tld/application/o/userinfo
Database
Create the database with the following command:
docker-compose run --rm outline yarn db:create --env=production-ssl-disabledMigrate the new database to add needed tables, indexes, etc:
docker-compose run --rm outline yarn db:migrate --env=production-ssl-disabledIf you get an error
In some instances, you may encounter an error that you are unable to connect to the Postgres database. This appears to be related to the configuration being incorrect - Please adjust your docker.env file as below:
# For production point these at your databases, in development the default # should work out of the box. DATABASE_URL=postgres://user:pass@postgres:5432/outline DATABASE_URL_TEST=postgres://user:pass@postgres:5432/outline-test DATABASE_CONNECTION_POOL_MIN= DATABASE_CONNECTION_POOL_MAX= # Uncomment this to disable SSL for connecting to Postgres PGSSLMODE=disable # For redis you can either specify an ioredis compatible url like this REDIS_URL=redis://redis:6379Note that the Database URL is adjusted to
@postgresRunning your new instance
Now that your instance is configured, it’s time to run it!
Navigate to your directory (in my case~/Docker/Outline) and run the commanddocker-compose up -dUpdating
To update Outline, follow these steps:
- Backup your database
- Update to the latest image
- Use docker pull docker.getoutline.com/outlinewiki/outline:latest to download the image or
If you are using docker-compose then you’d need to update the docker-compose.yml file to point to the latest version. - Run the container
-
K katos moved this topic from Support on
-
K katos marked this topic as a regular topic on
-
I am trying this and still getting the ERROR: connect ECONNREFUSED as with every other attempt i tried.
here are my notes
server is open to the public only on ports 80, 443. It is accessible internally from everywhere.
i have authentik setup exactly as it says here. There were some options not mentioned that I don't know if I did right, like the required field for authorization flow which i set to explicit.
docker-compose as shown gives a ton of errors
docker compose works better it seems but i get the error above alwayshere are my configs
docker-compose.yml
docker.env
-
@Buhaina-Buhaina I don't see a postgres container in your
docker-compse.ymlfile. Is this on purpose? -
tankerkiller125 No sorry, I don't know how that happened. the compose file i am using is literally exactly the same as yours.
-
i don't understand any of this. If i use the command as written "docker-compose" i get all these errors:
But if i use "docker compose" it doesn't give all those errors, just the one i mentioned above. but always.
-
@Buhaina-Buhaina docker-compose is no longer considered the correct version of the command. They've massively updated and overhauled the compose command (hence why
docker composeworks). As for the connection issue I'm not entirely sure what's going on there. Maybe katos can assist once he's around later in the morning his time zone. -
@Buhaina-Buhaina
It looks like your database isn’t starting before your app.
Let me review the thread properly but I still am not seeing your Postgres in docker-compose.yml — can you paste your entire content of docker-compose.yml into pastebin or something please? (Feel free to redact your site URL)
-
I can paste the files if you still need it. But now, i tried again, and I went ahead and ran the second command for migrate, and it looked like it succeeded. I then went to the address, and it was working! So i clicked on use openid, and I get an error. So this is good progress! I looked at the address of the error and it redirected me to localhost rather than the domain address, so something must be misconfigured somewhere.
-
@Buhaina-Buhaina Change the URL config to be the domain your accessing Outline from. Do not change anything else, and you should be good to go from there.
-
which URL config do you mean? I am a little confused as I have two separate domains: one for authentik, and another for outline like this:
auth.domain1.com
outline.domain2.comwhich of these goes where? For the ODIC section, I am using the auth urls. I will pastebin my configs here soon.
-
@Buhaina-Buhaina said in How to install Outline:
which URL config do you mean? I am a little confused as I have two separate domains: one for authentik, and another for outline like this:
auth.domain1.com
outline.domain2.comwhich of these goes where? For the ODIC section, I am using the auth urls. I will pastebin my configs here soon.
You’re very nearly there!
You just need to add your outline.domain2.com address to your docker.env fileURL should point to the fully qualified, publicly accessible URL. If using a # proxy the port in URL and PORT may be different. URL=http://localhost:3000 PORT=3000Change localhost:300 to your domain
-
thanks, yes that gets me closer. Now, I login, and then it redirects me back to outline with this error:
-
here are the two configs:
-
authentik
-
@Buhaina-Buhaina said in How to install Outline:
authentik
Looks like your redirect URI might be wrong.
On Authentik, navigate to Providers and select your Outline provider. Scroll down and choose Protocol Settings.In here configure your Redirect URI to:
https://yourdomain.tld/auth/oidc.callback -
isn't that what I already have there? I think it is exactly the same. the domain is outline.domain2.com
https://outline.domain2.com/auth/oidc.callback -
@Buhaina-Buhaina could it be because of the account you’re logging in with perhaps?
On Authentik go to the Outline application in the admin panel and use Check Access?
If you want you can also DM me your site URL and a test user and I can try it for you?
-
for authentik, does it need a fully qualified domain, or can it work with internal ip addresses?
-
@Buhaina-Buhaina Please accept my apologies for the delays on this one. Work has been manic!
Regardless, I believe that the FQDN is required for Outline but not necessarily for Authentik.
With your error, it seems more likely that the Authentik configuration isn't quite right on the docker.envPlease can you DM me with a pastebin link of your full docker.env (you can of course redact passwords) and I will review your configuration for you.
