BraceNet Installation Guide

Overview

The BraceNet platform is ready to use after the initial launch with just a few simple configuration updates for security, email and optionally HA (high availability) failover server. This document describes these steps as well as the commands to start your Bracenet servers.

SSL Certificates

Your BraceNet instance upon launch includes self-signed SSL certificates pre-installed to enable login since BraceNet sites require SSL encryption. Initial login therefore will require you to accept the untrusted certificate browser warnings (such as "Your connection is not private"). While you may continue to use the self-signed certificates, we recommend your certificate be replaced by a certificate issued from a trusted Certificate Authority. Using SSL Certificates issued from a trusted Certificate Authority eliminates scary browser security warnings as well as encourages safe employee Internet behavior since employees do not habitually ignore browser warnings.

If your BraceNet instance will be run under your own corporate domain your SSL certificate must be installed per your certificate authority's instructions. Once installed into their proper locations the haproxy.cfg file is updated to reflect the SSL setup. Instructions for installing your certificate and configuring HAProxy can be found here.

Optionally, BraceNet enables customers to run their site under a BraceNet sub-domain (rather than your own corporate domain as described above). You may email BraceNet Support with your company name, requested sub-domain name and elastic IP to receive the appropriate certificate files for the BraceNet SSL certificate.

Security Group

Security group configuration should restrict web site traffic to SSL access only. Additionally, your server is accessible for maintenance via SSH. We recommend SSH access be restricted to specific source IP addresses within your company. An example of the recommended security group configuration would be:

Type Protocol Port Range Source
SSH TCP 22 xx.xx.xx.xx/24  (replace xx's with your source address(es) -may create additional entries)
HTTPS TCP 443 0.0.0.0/0  (open to all)
Postgresql TCP 5432 xx.xx.xx.xx/32  (replace xx's with AWS elastic IP of HA instance)

The last line above would be included when a hot failover server is used.

Email Configuration

The BraceNet application uses AWS Simple Email Services (SES) when sending automated email. Instructions for email setup are described here.

S3 Setup

The application allows scheduling of automated database backups which are stored in an AWS Simple Storage Service (SES) bucket. To enable backups, create a S3 bucket with the name of your subdomain. For example, if your sub domain is "abcco", create a S3 folder named "abcco.bracenet.com". (If your system runs on your own domain use your domain name as the S3 folder name.) Each database then can be saved to a sub-folder of the abcco.bracenet.com bucket by database name. Instructions for creating S3 folders can be found here.

Starting your servers

An instructional video for starting your servers can be found here

Note: Upon ssh into your new instance, type: "ls". If the file "runfirst" is on your system run the following command before starting your servers: "sudo sh /etc/rc.local".

The BraceNet cloud platform runs two web servers as well as background processes used by each module for background posting and report generation. The admin user profile runs the following commands from the instance ssh console session to start these processes:

Chat Server
Application Server
Login to your accounting platform

Once the server has been started as described in "Application Server" above, via your browser, navigate to the instance external IP address or domain if your domain name has been established in AWS Route 53 (instructions for DNS settings are described here). Be sure to specify https protocol (e.g. https://xxx.xx.xx.xx or https://yourdomain.com - substituting your external IP or domain for "yourdomain.com"). Login to your test database - UserID: "admin" Password: AWS instance-id  Entity: "sampleco" - quotation marks are not input. (NOTE: The AWS instance-id can be found in the EC2 Console under the Description tab of your instance. You will be required to change the admin password upon first login.) Once logged into the test company sampleco as admin you can create your new client databases via the "Administration->Global" menu option.

Background Processes

BraceNet utilizes background processes to handle posting and reporting jobs submitted by users. Each entity (database) has its own set of background processes. The background jobs are started via the following command:

strposters.sh database_name (enter)

Substitute the appropriate "database_name" for the database to be started. Invoke this command for each database to permit background posting and report generation for an entity.

We hope you enjoy your new BraceNet accounting platform. Please contact support if you experience installation issues.