- A server running Ubuntu 18.04 and above
- Domain name dedicated for Metabase.
Once you have completed your instance or server setup you can proceed to install Java 8.
Execute the following command to install OpenJDK 8.
sudo apt install openjdk-8-jdk
Use the update-alternatives
command to get the installation path of your default Java version.
sudo update-alternatives --config java
Copy the installation path of your default version and add it in the JAVA_HOME
environment variable.
sudo nano /etc/environment
At the end of this file, add the following line with your installation path. The variable will like the one below.
JAVA_HOME="/usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java"
Hit Ctrl+X
followed by Y
and Enter
to save and exit the nano editor.
Now JAVA_HOME
environment variable is set and available for all users.
Reload to apply changes.
source /etc/environment
To verify the environment variable of Java
echo $JAVA_HOME
You will get the installation path you just set.
Now you have installed and configured Java, so we can proceed to install Metabase.
You can get the latest Metabase from the official website. Copy the Metabase download link and download it using wget
command.
wget https://downloads.metabase.com/v0.42.0/metabase.jar
Create a new directory for Metabase and move the downloaded file inside it.
sudo mkdir /opt/metabase
sudo mv metabase.jar /opt/metabase
Now you need to create new user and group specifically to run Metabase.
sudo addgroup --quiet --system metabase
sudo adduser --quiet --system --ingroup metabase --no-create-home --disabled-password metabase
Provide correct permissions and privileges to the user we have created above to run Metabase and also configure the logs.
sudo chown -R metabase:metabase /opt/metabase
sudo touch /var/log/metabase.log
sudo chown metabase:metabase /var/log/metabase.log
sudo touch /etc/default/metabase
sudo chmod 640 /etc/default/metabase
Creating a service is more useful for managing Metabase to start, stop and restart. Follow the below steps to create the service.
sudo nano /etc/systemd/system/metabase.service
Paste the following content inside the file.
[Unit]
Description=Metabase server
After=syslog.target
After=network.target
[Service]
WorkingDirectory=/opt/metabase/
ExecStart=/usr/bin/java -jar /opt/metabase/metabase.jar
EnvironmentFile=/etc/default/metabase
User=metabase
Type=simple
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=metabase
SuccessExitStatus=143
TimeoutStopSec=120
Restart=always
[Install]
WantedBy=multi-user.target
Hit Ctrl+X
followed by Y
and Enter
to save and exit the nano editor.
Now reload the daemon and enable the Metabase service to start Metabase on boot.
sudo systemctl daemon-reload
sudo systemctl enable metabase
Next you need to create a syslog conf to make sure systemd is able to handle the logs properly.
sudo nano /etc/rsyslog.d/metabase.conf
Paste the following inside the file and save it.
if $programname == 'metabase' then /var/log/metabase.log & stop
Now you can start Metabase.
sudo systemctl start metabase
To check the status you can use the following command.
sudo systemctl status metabase
You will get the output similar to the one below which indicates Metabase is running successfully.
● metabase.service - Metabase server
Loaded: loaded (/etc/systemd/system/metabase.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2020-02-20 08:42:59 UTC; 12s ago
Main PID: 20550 (java)
Tasks: 10 (limit: 4395)
CGroup: /system.slice/metabase.service
└─20550 /usr/bin/java -jar /opt/metabase/metabase.jar
By default Metabase runs on port 3000
. Next we can install Nginx and configure reverse proxy to listen on port 3000
.
sudo apt install nginx
Allow ports 80 and 443 if you have configured UFW.
sudo ufw allow 'Nginx Full'
Remove default Nginx configuration.
sudo rm -rf /etc/nginx/sites-available/default
sudo rm -rf /etc/nginx/sites-enabled/default
Create a new configuration file for Metabase.
sudo nano /etc/nginx/sites-available/metabase.conf
Add the following configurations.
server {
listen [::]:80;
listen 80;
server_name metabase.example.com;
location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:3000;
client_max_body_size 100M;
}
}
Hit Ctrl+X
followed by Y
and Enter
to save the file and exit.
To enable this newly created website configuration, symlink the file that you just created into the sites-enabled
directory.
sudo ln -s /etc/nginx/sites-available/metabase.conf /etc/nginx/sites-enabled/metabase.conf
Check your configuration and restart Nginx for the changes to take effect.
sudo nginx -t
sudo service nginx restart
HTTPS is a protocol for secure communication between a server (instance) and a client (web browser). Due to the introduction of Let’s Encrypt, which provides free SSL certificates, HTTPS are adopted by everyone and also provides trust to your audiences.
sudo add-apt-repository ppa:certbot/certbot
sudo apt update
sudo apt install python-certbot-nginx
Now we have installed Certbot by Let’s Encrypt for Ubuntu 18.04, run this command to receive your certificates.
sudo certbot --nginx certonly
Enter your email
and agree to the terms and conditions, then you will receive the list of domains you need to generate SSL certificate.
To select all domains simply hit Enter
The Certbot client will automatically generate the new certificate for your domain. Now we need to update the Nginx config.
Open your site’s Nginx configuration file add replace everything with the following. Replacing the file path with the one you received when obtaining the SSL certificate. The ssl_certificate directive
should point to your fullchain.pem file, and the ssl_certificate_key
directive should point to your privkey.pem file.
server {
listen [::]:80;
listen 80;
server_name metabase.example.com;
return 301 https://metabase.example.com$request_uri;
}
server {
listen [::]:443 ssl;
listen 443 ssl;
server_name metabase.example.com;
ssl_certificate /etc/letsencrypt/live/metabase.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/metabase.example.com/privkey.pem;
location / {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:3000;
client_max_body_size 100M;
}
}
Hit CTRL+X
followed by Y
to save the changes.
Check your configuration and restart Nginx for the changes to take effect.
Certificates provided by Let’s Encrypt are valid for 90 days only, so you need to renew them often. Now you set up a cronjob to check for the certificate which is due to expire in next 30 days and renew it automatically.
sudo crontab -e
Add this line at the end of the file
0 0,12 * * * certbot renew >/dev/null 2>&1
Hit CTRL+X
followed by Y
to save the changes.