Skip to content

Loomio

This automated deployment is based on the guide at https://github.com/loomio/loomio-deploy.

Deploying Loomio

Prerequisites

You will need to create a DNS record for a new subdomain on your domain. These steps will be uniquie to your domain registrar, but it should be simple to create an A record with the desired subdomain pointed to your server's IP address.

In this example the we'll choose loomio as the subdomain, so the URL for the server will be loomio.example.org

Single sign-on (SSO)

If you would like to use single sign-on (SSO), you will need to have an IdP solution in place. Otherwise, your users will log in with username and password. Instructions for setting up Loomio with Authentik are provided below.

1. Edit Inventory file

The host group for Loomio is [loomio]. Place the following information under that group.

The standard vaules:

  • The server's IP address.
  • server_tag= - This could be "loomio"
  • ansible_user= - The non-root user
  • ansible_become_pass="{{ nb_become_pass }}" - or change variable to the appropriate value in the Vault.
  • ansible_ssh_private_key_file="~/.ssh/id_ed25519_<server_tag>_<nonroot_user>" - The SSH key used to authenticate onto the server.

Extra values:

  • None.

Example:

[proxy]
203.0.113.73 server_tag=loomio ansible_user=serveradmin ansible_become_pass="{{ loomio_become_pass }}" ansible_ssh_private_key_file="~/.ssh/id_ed25519_loomio_serveradmin"

2. Edit Ansible Vault variables

Edit the Ansible Vault file:

ansible-vault edit group_vars/all/vaulted_vars.yml

Include the following settings:

# Loomio
# If you have a unique credentials for this server.
loomio_become_pass: <sudo password for non-root user>

3. Edit env.txt

The environmental variable for the Loomio deployment must be edited before running the playbook. It is located at lt-server-setup/roles/app_loomio/templates/default_env.txt. Open the file in a text editor and make these edits.

  • Replace all instaces of REPLACE_WITH_HOSTNAME with your Loomio server's hostname (ie. loomio.example.com). In the item with REPLY_HOSTNAME=, edit that to be your organizations email domain since it's more likely that your email domain is simply example.com and not loomio.example.com.

  • Replace all instaces of REPLACE_WITH_CONTACT_EMAIL the email address of the server admin. This is for the LetsEncrypt certificate.

  • Edit your email settings under smtp settings. The deployment won't work without being to send emails. Grab these items from your organization's email provider and plug them in here.

  • POSTGRES_PASSWORD

  • Edit your options for single sign-on. This guide will cover integrating Loomio with Authentik.

4. Run Ansible playbook command

ansible-playbook lt_server_deploy.yml --ask-vault-pass --tags loomio

Post-deployment setup

5. Connect to the Loomio interface

So to access the management interface, simply go to the domain you set for the server. The first user registered should become the Admin user, but if not, follow the steps at https://github.com/loomio/loomio-deploy?tab=readme-ov-file#try-it-out.

When you log in for the first time, you will be prompted to changed your password. Do so and save the credentials in your password manager.

The admin interface is at https://loomio.example.com/admin.

Advanced options

The Advanced guide to self-hosting Netbird provides a path to configuring many other options upfront. These include:

  • Custom identity providers (IdPs) like Keycloak, Authentik, and Zitadel.
  • Using different ports for the Netbird components,
  • Configuration of a reverse proxy.

Updating the containers

ansible-playbook lt_server_deploy.yml --ask-vault-pass --tags loomio-update -vv

Connecting Loomio to Identity Provider - Authentik

Connecting Loomio to Identity Provider - Zitadel