Dokku server administration¶
This page has information for those who have to set up and maintain a Dokku server. If you’re just using one, you can ignore this.
Initial install¶
The Dokku docs recommend setting up a new OS install of a supported operating system, then running the Dokku install script.
Experience suggests that that approach is more likely to work than trying to install Dokku on a system that has already had some configuration done for other things.
Simple hostnames¶
The simple way to set up hostnames is:
Pick a hostname you can control, e.g.
dokku.me
.During initial setup of Dokku, configure that as the server’s name.
Create a DNS A record pointing
dokku.me
at the server’s IP address.Add a wildcard entry for
*.dokku.me
at the same address.For each app you put on that server, give the app the same name you want to use for its subdomain. For example, an app named
foo
would be accessible on the internet atfoo.dokku.me
, without having to make any more changes to your DNS settings.
Managing users¶
In other words, who can mess with the apps on a dokku server?
The way this currently works
is that everybody ends up sshing to the server
as the dokku
user to do things. To let them do that, we want to add a
public key for them to the dokku config, by doing this (from any system):
$ cat /path/to/ssh_keyfile.pub | ssh dokku ssh-keys:add <KEYNAME>
The <KEYNAME> is just to identify the different keys. I suggest using the person’s typical username. Just remember there will not be a user of that name on the dokku server.
When it’s time to revoke someone’s access:
$ ssh dokku ssh_keys:remove <KEYNAME>
and now you see why the <KEYNAME> is useful.
For now, there’s not a simple way to limit particular users to particular apps or commands.