Help Category: Orangescrum On premises

General Settings

General Settings (Site Name, Timezone, Branding, Logo)

Navigate to:

Settings → General Settings

Here you can configure workspace-level preferences:

  • Site Name: Appears in the browser title and email notifications.
  • Default Timezone: Used for project timelines, task deadlines, and reports.

(If you enable role-based timezone editing, only Admins can allow users to modify their own timezone.)

  • Branding & Logo: Upload your company logo and favicon for a white-label experience.
  • Language & Locale: Select default language for global teams.
  • Date Format: Choose DD/MM/YYYY or MM/DD/YYYY as per regional preference.

Recommendation: Set your workspace timezone before inviting users to ensure consistent reporting across global teams.

Admin & Default Account Setup

After installation, you’ll be prompted to complete the initial setup wizard. This creates your first administrator account and connects the application to its database.

Default Login

Field Example
Username / Email admin@example.com
Password admin123
Company / Workspace Name Your Organization Name

You can change the admin credentials immediately after login under:

Admin → My Profile → Change Password

Tip: Use a unique admin email and a strong password. Avoid reusing credentials from other systems.

Post-Install Configuration

Once Orangescrum is installed—whether via Docker, Compose, or a manual LAMP/LEMP stack—the next step is to configure your workspace environment.

This includes setting up admin credentials, branding, SMTP email, SSL/HTTPS, file storage, and database parameters.

Proper configuration ensures a secure, branded, and fully functional Orangescrum environment.

Backup Strategy, Security & Access Planning

Before installation, define how you’ll handle data safety and user access.

Backup Strategy

  • Schedule daily database dumps (pg_dump or mysqldump) to a secure offsite location.
  • Automate weekly full backups (database + /attachments + /logs).
  • Retain at least 7 daily + 4 weekly backup snapshots.
  • Use RAID1 or RAID10 storage for redundancy in production environments.

Security & Access Controls

  • Create a dedicated “orangescrum” Linux user (non-root) for installation and service execution.
  • Assign minimum privileges for database users (read/write, not superuser).
  • Use strong, unique passwords for database, admin, and SMTP configurations.
  • Enable automatic OS and PHP security updates.

Infrastructure Access Planning

  • Define roles for System Admin, Database Admin, and Application Admin.
  • Implement role-based access control (RBAC) within Orangescrum after setup.
  • Integrate with LDAP or Active Directory for centralized user management if needed.
  • Summary

Setting up Orangescrum Self-Hosted begins with the right foundation—hardware sizing, OS selection, and secure network configuration.

Once your infrastructure is ready, you can move to installation methods using Docker, Docker Compose, or manual LAMP/LEMP setup, which we’ll cover next.

Network, SSL, DNS, Ports & Firewall Setup

A stable and secure network is key to a successful self-hosted deployment.

Ports to Open

Purpose Port Protocol
HTTP (Web Access) 80 TCP
HTTPS (SSL Secure Access) 443 TCP
MySQL / PostgreSQL 3306 / 5432 TCP
Docker Internal Services 8080, 9000 TCP
SMTP (Email) 587 / 465 TCP

Tip: Restrict database ports (3306 / 5432) to internal IP ranges only. Use firewall rules or private VPC networks for database isolation.

DNS & SSL Configuration

  • Map your domain (e.g., projects.yourdomain.com) to the server’s IP using an A record.
  • Use Let’s Encrypt or a CA-signed SSL certificate for HTTPS.

For testing environments, generate a self-signed SSL certificate using OpenSSL:

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-keyout /etc/ssl/private/yourdomain.key \
-out /etc/ssl/certs/yourdomain.crt

Configure your web server (Apache/Nginx) for SSL reverse proxying to the backend (usually on port 8080) Orangescrum Enterprise edition

Firewall & Access Rules

  • Allow inbound access only to HTTP/HTTPS ports.
  • Deny root SSH logins; use sudo-based users for administration.
  • Use ufw (Ubuntu) or firewalld (RHEL) for network protection.

Supported OS, Database, Web Server, and PHP

Supported OS, Database, Web Server, and PHP Versions

Orangescrum is compatible with both MySQL/MariaDB and PostgreSQL database stacks, depending on your edition and licensing.

For MySQL/MariaDB Deployments

  • Web Server: Apache 2.4
  • PHP: 8.2
  • MySQL: 8.x
  • WKHTMLTOPDF: 0.12.5 (for reports and PDF exports)
  • cURL: Enabled

For PostgreSQL Deployments

  • PostgreSQL: 15.14 or later (EPAS or Community Edition)
  • pgAdmin: 8.x for monitoring and administration
  • PostGIS Extension: 3.4 (optional, for geospatial modules)
  • psql CLI: 16.x (bundled with server)
  • pg_dump / pg_restore: 16.x for backups and restores
  • libpq: 16.x (PostgreSQL client library)
  • OS Support: RHEL 9 / CentOS Stream 9 / Ubuntu 22.04

Recommendation: Ubuntu Server 22.04 or Debian 12 are ideal for production due to stability and package compatibility.

Ensure that PHP extensions like pdo, mbstring, gd, and zip are installed before running setup.