Install Leantime on Ubuntu 20.04

Leantime is a free and open source project management tool. If you have a pool of users and team(s), Leantime is a great way to start managing the resources efficiently. In this article we are going to install Leantime on Ubuntu 20.04 LTS with ssl certificate from Let’s encrypt.

What Leantime offer:

  • Idea Management
  • Strategy Development
  • Roadmap Planning
  • Task Management(Kanban)
  • Milestones
  • Reports

What we will need for this setup:

  • Ubuntu 20.04(1GB RAM, 20GB)
  • Web server
  • SSL certificate(point your domain to the server IP)
  • Use /var/www/html as web root

Web server installation and setup

We will install PHP, MariaDB, Apache etc and enable some required Apache modules to start with.

sudo apt install vim apache2 mariadb-server libapache2-mod-php php php-gmp php-bcmath php-gd php-json php-mysql php-curl php-mbstring php-intl php-imagick php-xml php-zip bzip2 zip unzip imagemagick php-fpm  php-fileinfo
sudo a2enmod ssl rewrite headers deflate cache http2 proxy_fcgi env expires
sudo systemctl start apache2
sudo systemctl enable apache2

Install certbot via snap:

snap install certbot --classic

To read more about configuration and optimization check out the article below.

Database

Secure your database with:

/usr/bin/mysql_secure_installation

After that login to the database server as root and create a leantime database. Change PASSWORD to an actual strong password.

mysql -u root -p

create database leantime CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;

grant all on leantime.* to 'leanuser'@'localhost' identified by 'PASSWORD';

flush privileges;
exit

Download and install Leantime

At this point you will have a working setup with Apache. Checkout the release page for latest builds of Leantime.

cd /var/www
mkdir leantime && cd leantime

wget https://github.com/Leantime/leantime/releases/download/v2.1.8/Leantime-v2.1.8.zip

unzip Leantime-v2.1.8.zip
rm Leantime-v2.1.8.zip

rm -r /var/www/html/*
shopt -s dotglob
cd ..
mv leantime/* html/
chown -R www-data:www-data /var/www/html

Create a virtualhost in /etc/apache2/sites-available.

cd /etc/apache2/sites-available
vim leantime.conf

Paste the following in it, change text in bold.

<VirtualHost *:80>
	ServerName DOMAIN.COM
	ServerAlias DOMAIN.COM
	DocumentRoot /var/www/html

	<Directory "/var/www/html">
		AllowOverride All
		Options -Indexes +FollowSymLinks
	</Directory>

	ErrorLog /var/log/apache2/DOMAIN.COM-error.log
	CustomLog /var/log/apache2/DOMAIN.COM-requests.log combined
</VirtualHost>

Save and enable the configuration.

a2ensite leantime.conf
a2dissite 000-default.conf
systemctl restart apache2

Now open configuration.php and edit where necessary including the database part.

cd /var/www/html
mv config/configuration.sample.php config/configuration.php
vim config/configuration.php

Go to the browser and install Leantime. http://DOMAIN.COM/install

SSL certificate and Apache configuration

We have already installed certbot via snap above. If your domain is already pointed to the server IP. You can get a certificate now.

certbot certonly --webroot -w /var/www/html -d DOAMIN.COM

To renew and see other other options click the button below.

Here is the final configuration for 443 vhost including http redirection. You can delete the current lines from /etc/apache2/sites/available/leantime.conf or just add whatever is new in port 80 vhost.

<VirtualHost *:80>
	ServerName DOMIAN.COM
	ServerAlias DOMIAN.COM
	DocumentRoot /var/www/html
	RewriteEngine On
	RewriteCond %{HTTPS} off
	RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

	<Directory "/var/www/html">
		AllowOverride All
		Options -Indexes +FollowSymLinks
	</Directory>

	ErrorLog /var/log/apache2/DOMIAN.COM-error.log
	CustomLog /var/log/apache2/DOMIAN.COM-requests.log combined
</VirtualHost>

<VirtualHost *:443>
	ServerName DOMIAN.COM
	ServerAlias DOMIAN.COM
	DocumentRoot /var/www/html

	SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4
	SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
	SSLHonorCipherOrder On
	Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
	Header always set X-Frame-Options DENY
	Header always set X-Content-Type-Options nosniff

	<Directory "/var/www/html">
		AllowOverride All
		Options -Indexes +FollowSymLinks
	</Directory>

	ErrorLog /var/log/apache2/DOMIAN.COM-error.log
	CustomLog /var/log/apache2/DOMIAN.COM-requests.log combined

	SSLEngine on
	SSLCertificateKeyFile /etc/letsencrypt/live/DOMIAN.COM/privkey.pem
	SSLCertificateFile /etc/letsencrypt/live/DOMIAN.COM/fullchain.pem
</VirtualHost>
systemctl restart apache2

That’s pretty much it. If everything is setup properly, Leantime is now installed and running on https.

leantime-login-page
Login page

Troubleshooting

1- I cannot upload files

If you have set the owner of html dir www-data, you should be able to upload files. Check above if you have missed this step when setting it up. That’s an important step to be not missed for many reasons.

2- I still see and can access installation path

Right now I did not find any solution to disable install script properly. To disable it, open public/.htaccess file and comment out the following lines(using # in front of it).

RewriteRule ^install$ index.php?install=true
RewriteRule ^install/([^/\.]+)/?$ index.php?install=true

One comment

Leave a Reply