Installation process for On-Premise: Front-End

Download sources

The Toucan Toco front-end sources are a basic tar.gz archive file which is downloadable by contacting the Toucan Toco team or via https://get-package.toucantoco.com/tucana/ if you have an account.

The latest version of the sources is available via onpremise_frontend-latest.tar.gz.

Note

There is a sha1 file for each generated archive to let you check the integrity of the Toucan Toco package. Just add .sha1 to the package URL to download the associated sha1 fingerprint. The sha1 fingerprint of the latest version of the package is downloadable via onpremise_frontend-master-latest.tar.gz.sha1.

Configuration

In www/scripts/tc-params.js you should specify:

  • API_BASEROUTE which is the URL of your Toucan Toco back-end instance
  • GOOGLE_ANALYTICS_ID let you specify your Google Analytics ID. Leave it empty if you don’t need to enable the Google Analytics tracking
  • DIALOGFLOW_ID let you specify your dialogflow ID. Leave it empty if you don’t need to enable dialogflow conversational experiences
  • USERNAME and PASSWORD let you specify bundled credentials for the app (useful for public apps or when the app is distributed in a private store). Beware to always embed viewers credentials, not conceptor nor admin ones!

So finally, your www/scripts/tc-params.js could look like:

window.TC_PARAMS = {
  GOOGLE_ANALYTICS_ID: "",
  API_BASEROUTE: "https://api-toucan.mydomain.com"
};

Installation

The installation is quite simple because all files are static.

All you need is to copy the content of the www/ in the docroot of your favorite webserver (please see in the next section a typical configuration for nginx).

Then you can check everything is fine with the following curls:

curl https://$vhost_server_name/

curl https://$vhost_server_name/tucana-version.txt

Typical Nginx vhost configuration

The following virtual host configuration for nginx could be copy/paste in your as /etc/nginx/sites-enabled/toucan.

You just need to modify/adapt the configuration according to your environment.

And of course don’t forget to reload your nginx daemon with the usual service nginx reload command.

server {

  # This virtual host will redirect all HTTP hits
  # to the HTTPS virtual host

  listen 80;
  server_name toucan-frontend.mydomain.com;                      >>>>>>> Change the domain by your own
  return 301 https://$server_name$request_uri;
}

server {

  server_name toucan-frontend.mydomain.com;                      >>>>>>> Change the domain by your own

  listen 443 ssl;

  ssl                 on;
  ssl_certificate     /etc/ssl/toucan-frontend.mydomain.com.crt; >>>>>>> Change this path by the absolute path to the SSL certificat for your domain
  ssl_certificate_key /etc/ssl/toucan-frontend.mydomain.com.key; >>>>>>> Change this path by the absolute path to the SSL key for your domain

  error_log  /var/log/nginx/toucan-frontend-error.log;
  access_log /var/log/nginx/toucan-frontend-access.log;

  root /path/to/toucan-frontend/www;                             >>>>>>> Change this path by the absolute path to the Toucan Toco frontend's sources

  location / {
      add_header Cache-Control no-cache;
      try_files $uri $uri/ /index.html;
  }
}

Typical Docker approach configuration

If you prefer, you can serve the Toucan Toco’s frontend files with a Docker container.

First you need to create a basic vhost configuration file:

server {
   listen       80;

   root /usr/share/nginx/html;

   location / {
      add_header Cache-Control no-cache;
      try_files  $uri $uri/ /index.html;
   }
}

And finally launch the container with the right options:

docker run  -d \
        -v /PATH/TO/vhost_nginx.conf:/etc/nginx/conf.d/default.conf:ro \
        -v /PATH/TO/onpremise_frontend-latest/www/:/usr/share/nginx/html:ro \
        -p 80:80 \
        --name toucantoco-frontend \
        nginx:stable-alpine

For a production use, you will need to use an HTTPS reverse proxy in front of the Toucan Toco container.

You should only expose the HTTP port of the container to your reverse proxy according to your rules and your security policies.