How to Install Taiga Project Management Tool on CentOS 7

Using a Different System?

  • How to Install Taiga Project Management Tool on Ubuntu 16.04

Are we missing a guide for your target system? Request one, or submit your own!

Taiga is a free and open source application for project management. Unlike other project management tools, Taiga uses an incremental agile approach to manage the development of the project. Taiga is a very powerful and entirely customizable application. The backend of Taiga is written in Python using the Django framework. The frontend is written in JavaScript using CoffeeScript and AngularJS frameworks. Taiga includes features such as project collaboration, Kanban board, bug tracking, reporting, time tracking, backlogs, wiki and more.


  • A Vultr CentOS 7 server instance with at least 1GB RAM.
  • A sudo user.

In this tutorial, we will use as the domain name pointed to the server. Replace all occurrences of with your actual domain name.

Update your base system using the guide How to Update CentOS 7. Once your system has been updated, proceed to install PostgreSQL.

Install PostgreSQL

PostgreSQL is an object-relational database system known for its stability and speed. Taiga uses PostgreSQL to store its database. Add the PostgreSQL repository into the system.

sudo yum -y install

Install the PostgreSQL database server.

sudo yum -y install postgresql10-server postgresql10-contrib postgresql10 

Initialize the database.

sudo /usr/pgsql-10/bin/postgresql-10-setup initdb

Start the PostgreSQL server and enable it to start automatically at boot time.

sudo systemctl start postgresql-10sudo systemctl enable postgresql-10

Change the password for the default PostgreSQL user.

sudo passwd postgres

Log in as the PostgreSQL user.

sudo su - postgres

Create a new PostgreSQL user for Taiga.

createuser taiga 

PostgreSQL provides the psql shell to run queries on the database. Switch to the PostgreSQL shell.


Set a password for the newly created user for Taiga database.

ALTER USER taiga WITH ENCRYPTED password 'DBPassword';

Replace DBPassword with a secure password. Create a new database for Taiga installation.


Exit from the psql shell.


Switch to the sudo user.


Install Python 3

Python 2.7 comes pre-installed on a CentOS 7 server, but Taiga requires Python version 3.4 or later.

We will install Python version 3.6 from source. Install the required build tools and compiler.

sudo yum -y install gcc autoconf flex bison libjpeg-turbo-devel freetype-devel zlib-devel zeromq3-devel gdbm-devel ncurses-devel automake libtool libffi-devel curl git tmux libxml2-devel libxslt-devel openssl-devel gcc-c++

Download the Python source code.


Extract and configure Python installation.

tar xf Python-3.6.3.tar.xzcd Python-3.6.3./configure --enable-optimizations --prefix=/usr

Make an alternative install.

sudo make altinstall

Note: Alternative installations install Python 3.6 without replacing the default version of Python. If you replace the default Python in CentOS 7, it may break the YUM repository manager.

You will now be able to check its version.

python3.6 -V

You should see the following.

[user@vultr Python-3.6.3]$ python3.6 -VPython 3.6.3

Install Python Virtual Environment using pip.

sudo pip3.6 install virtualenv virtualenvwrappersudo pip3.6 install --upgrade setuptools pip 

Python virtual environment is used to create an isolated virtual environment for a Python project. A virtual environment contains its own installation directories and doesn’t share libraries with global and other virtual environments.

Install RabbitMQ

Taiga uses RabbitMQ to process the message queue. RabbitMQ requires Erlang libraries to work. Install Erlang.

sudo yum -y install erlang

Import RabbitMQ GPG signing key.

sudo rpm --import

Install RabbitMQ.

sudo yum -y install

Start and enable the RabbitMQ server.

sudo systemctl start rabbitmq-serversudo systemctl enable rabbitmq-server

Add RabbitMQ user and vhost. Also, provide permission to the user over the host.

sudo rabbitmqctl add_user taiga StrongMQPasswordsudo rabbitmqctl add_vhost taigasudo rabbitmqctl set_permissions -p taiga taiga ".*" ".*" ".*"

Make sure to replace StrongMQPassword with a secure password.

Install Nodejs

Node.js version 7 or later is required to compile the frontend of the Taiga. Add the Node.js version 8 repository.

curl -sL | sudo -E bash -

Install Node.js and the pwgen utility.

sudo yum install -y nodejs pwgen

pwgen will be used later to generate a strong secret string. Install CoffeeScript, as it will be used to compile Taiga files written with the CoffeeScript framework.

sudo npm install -g coffee-script gulp

Install Taiga Backend

Add a new system user for Taiga to ensure that Taiga processes are running as an unprivileged user.

sudo useradd -s /bin/bash taigasudo su - taiga

Note: From now on, all the commands needs to be run as the unprivileged user taiga until you are asked to switch back to sudo user.

Create a new directory to store the log files.

mkdir -p ~/logs

Clone the Taiga backend repository from GitHub and checkout the latest stable branch.

git clone taiga-backcd taiga-backgit checkout stable

Configure virtualenvwrapper to use Python 3.6 instead of the default Python.

echo "VIRTUALENVWRAPPER_PYTHON='/bin/python3.6'" >> ~/.bashrcecho "source /usr/bin/" >> ~/.bashrc

Finally, source the ~/.bashrc file.

source ~/.bashrc

Now make a new virtual environment for Taiga using Python 3.6.

mkvirtualenv -p /bin/python3.6 taigapip3.6 install --upgrade setuptools

Install the required Python dependencies using pip.

pip3.6 install -r requirements.txt

Populate the database with necessary initial data.

python3.6 migrate --noinputpython3.6 loaddata initial_userpython3.6 loaddata initial_project_templatespython3.6 compilemessagespython3.6 collectstatic --noinput

The above commands will write data into the PostgreSQL database. Taiga also ships some demo or sample data which can be useful for evaluating the product. If you wish to install the sample data, run the following.

python3.6 sample_data

Note: Installing sample data is optional and intended only to evaluate the product.

Before we proceed to create the configuration file for the Taiga backend, we need to generate a secret string. This string will be used to encrypt the session data.

Generate a random string of 64 characters.

pwgen -s -1 64

You should see the output as a random string.

(taiga) [taiga@vultr taiga-back]$ pwgen -s -1 64CZfjWjHctPwnLZsDysWqaZcYfRCviHbI4fVRwfhpbtAHPNBtmkcegpwpYjTtEziJ

Create a new configuration file for the Taiga Backend.

nano ~/taiga-back/settings/

Populate the file with the following code.

from .common import *MEDIA_URL = ""STATIC_URL = ""SITES["front"]["scheme"] = "https"SITES["front"]["domain"] = ""SECRET_KEY = "Generated_Secret_Key"DEBUG = FalsePUBLIC_REGISTER_ENABLED = TrueDEFAULT_FROM_EMAIL = ""SERVER_EMAIL = DEFAULT_FROM_EMAIL#CELERY_ENABLED = TrueEVENTS_PUSH_BACKEND = ""EVENTS_PUSH_BACKEND_OPTIONS = {"url": "amqp://taiga:StrongMQPassword@localhost:5672/taiga"}# Uncomment and populate with proper connection parameters# for enable email sending. EMAIL_HOST_USER should end by @domain.tld#EMAIL_BACKEND = "django.core.mail.backends.smtp.EmailBackend"#EMAIL_USE_TLS = False#EMAIL_HOST = ""#EMAIL_HOST_USER = ""#EMAIL_HOST_PASSWORD = "SMTPPassword"#EMAIL_PORT = 25# Uncomment and populate with proper connection parameters# for enable github login/singin.#GITHUB_API_CLIENT_ID = "yourgithubclientid"#GITHUB_API_CLIENT_SECRET = "yourgithubclientsecret"

Make sure to replace the example domain name with the actual one in the above code. Also, replace Generated_Secret_Key with the actual secret key and StrongMQPassword with the actual password for the Taiga message queue user. If you have an SMTP server ready and you wish to use email sending features immediately, you can uncomment the email options and set the appropriate values. If you do not have a mail server ready, you can skip setting up the email feature for now and set it later in this configuration file.

If you wish to enable GitHub login, create an application in GitHub and provide the API client ID and client secret.

To immediately check if the Taiga backend can be started, run the built-in Django server.

workon taigapython runserver

You will see the following output if the server has started successfully.

(taiga) [taiga@vultr taiga-back]$ workon taiga(taiga) [taiga@vultr taiga-back]$ python runserverTrying import settings...Trying import settings...Performing system checks...System check identified no issues (0 silenced).October 25, 2017 - 07:07:28Django version 1.10.6, using settings 'settings'Starting development server at the server with CONTROL-C.

To verify if the API can be accessed, open another terminal session and run the following.


You will see a similar output returned by the API call.

[user@vultr ~]$ curl{"locales": "", "auth": "", "users": "", "roles": "", "user-storage": "", "notify-policies": "", "projects": "", "projects/(?P<resource_id>//d+)/fans": "<resource_id>//d+)/fans", "projects/(?P<resource_id>//d+)/watchers": "<resource_id>//d+)/watchers", "project-templates": "",

Stop the Taiga backend server by pressing “Ctrl + C” and deactivate the virtual environment.


Install Frontend

The Taiga frontend is the component of Taiga which serves the Web user interface. Clone the Taiga frontend repository from Github and checkout the latest stable branch.

cd ~git clone taiga-front-distcd taiga-front-distgit checkout stable

Create a new configuration file for the Taiga frontend.

nano ~/taiga-front-dist/dist/conf.json

Populate the file with this.

{    "api": "",    "eventsUrl": "wss://",    "eventsMaxMissedHeartbeats": 5,    "eventsHeartbeatIntervalTime": 60000,    "eventsReconnectTryInterval": 10000,    "debug": true,    "debugInfo": false,    "defaultLanguage": "en",    "themes": ["taiga"],    "defaultTheme": "taiga",    "publicRegisterEnabled": true,    "feedbackEnabled": true,    "privacyPolicyUrl": null,    "termsOfServiceUrl": null,    "maxUploadFileSize": null,    "contribPlugins": [],    "tribeHost": null,    "importers": [],    "gravatar": true}

Make sure to replace the example domain with the actual domain. You can also change the default language and other parameters in the above configuration.

Install Taiga Events

Apart from the frontend and backend, we also need to install Taiga events. Taiga events is a web socket server, and it enables the Taiga frontend to show real-time changes in modules such as backlog, Kanban and more. It uses the RabbitMQ server for message processing.

Clone the Taiga events repository from Github.

cd ~git clone taiga-eventscd taiga-events

Install the Node.js dependencies using npm.

npm install

Create a new configuration file for Taiga events.

nano ~/taiga-events/config.json

Populate the file with the following.

{    "url": "amqp://taiga:StrongMQPassword@localhost:5672/taiga",    "secret": "Generated_Secret_Key",    "webSocketServer": {        "port": 8888    }}

Replace Generated_Secret_Key with the actual 64 characters long secret key which you have generated in the past. The secret key should be exactly the same as the key you provided in the Taiga backend configuration file. Also, update the StrongMQPassword with the actual password for Taiga message queue user.

Configure Circus

Circus is a process manager for Python applications. We will use Circus to run Taiga backend and events.

Switch back to the sudo user.


Note: From now you will need to run the commands using sudo user.

Install Circus using pip.

sudo pip3.6 install circus

Create new directories to store Circus configurations.

sudo mkdir /etc/circussudo mkdir /etc/circus/conf.d

Create the default configuration file for Circus.

sudo nano /etc/circus/circus.ini

Populate the file with the following configuration.

[circus]check_delay = 5endpoint = tcp:// = tcp:// = /etc/circus/conf.d/*.ini

Create a new Circus configuration file for running the Taiga backend.

sudo nano /etc/circus/conf.d/taiga.ini

Populate the file with the following.

[watcher:taiga]working_dir = /home/taiga/taiga-backcmd = gunicornargs = -w 3 -t 60 --pythonpath=. -b taiga.wsgiuid = taiganumprocesses = 1autostart = truesend_hup = truestdout_stream.class = FileStreamstdout_stream.filename = /home/taiga/logs/gunicorn.stdout.logstdout_stream.max_bytes = 10485760stdout_stream.backup_count = 4stderr_stream.class = FileStreamstderr_stream.filename = /home/taiga/logs/gunicorn.stderr.logstderr_stream.max_bytes = 10485760stderr_stream.backup_count = 4[env:taiga]PATH = /home/taiga/.virtualenvs/taiga/bin:$PATHTERM=rxvt-256colorSHELL=/bin/bashUSER=taigaLANG=en_US.UTF-8HOME=/home/taigaPYTHONPATH=/home/taiga/.virtualenvs/taiga/lib/python3.6/site-packages

Create a new Circus configuration for running Taiga Events.

sudo nano /etc/circus/conf.d/taiga-events.ini

Populate the file with the following.

[watcher:taiga-events]working_dir = /home/taiga/taiga-eventscmd = /usr/bin/coffeeargs = index.coffeeuid = taiganumprocesses = 1autostart = truesend_hup = truestdout_stream.class = FileStreamstdout_stream.filename = /home/taiga/logs/taigaevents.stdout.logstdout_stream.max_bytes = 10485760stdout_stream.backup_count = 12stderr_stream.class = FileStreamstderr_stream.filename = /home/taiga/logs/taigaevents.stderr.logstderr_stream.max_bytes = 10485760stderr_stream.backup_count = 12

Now we will need to create a systemd service file to run Circus. Using systemd will ensure that Circus is automatically started during reboot and failures.

sudo nano /etc/systemd/system/circus.service

Populate the file.

[Unit]Description=Circus process[Service]Type=simpleExecReload=/usr/bin/circusctl reloadExecStart=/usr/bin/circusd /etc/circus/circus.iniRestart=alwaysRestartSec=5[Install]

Start Circus and enable to start at boot time automatically.

sudo systemctl start circussudo systemctl enable circus

Check the status of Circus.

circusctl status

You will see following output.

[user@vultr ~]$ circusctl statustaiga: activetaiga-events: active

Now, we have Taiga successfully installed and running. Before we can use it, we need to expose the installation using any production web server.

Install Nginx as a Reverse Proxy

We will use the Nginx web server as a reverse proxy to serve the application to the users. We will also obtain and install SSL certificates from Let’s Encrypt.

Install Nginx and Certbot. Certbot is the official certificates issuing client for Let’s Encrypt CA.

sudo yum -y install nginx certbot

Adjust your firewall setting to allow the standard HTTP and HTTPS ports through the firewall as Certbot needs to make an HTTP connection for verifying the domain authority.

sudo firewall-cmd --permanent --zone=public --add-service=httpsudo firewall-cmd --permanent --zone=public --add-service=httpssudo firewall-cmd --reload

Note: To obtain certificates from Let’s Encrypt CA, you must ensure that the domain for which you wish to generate the certificates is pointed towards the server. If not, then make the necessary changes to the DNS records of your domain and wait for the DNS to propagate before making the certificate request again. Certbot checks the domain authority before providing the certificates.

Now use the built-in web server in Certbot to generate the certificates for your domain.

sudo certbot certonly --standalone -d

The generated certificates are likely to be stored in the /etc/letsencrypt/live/ directory. The SSL certificate will be retained as fullchain.pem, and the private key will be saved as privkey.pem.

Let’s Encrypt certificates expire in 90 days, so it is recommended to set up auto-renewal for the certificates using Cron jobs. Cron is a system service which is used to run periodic tasks.

Open the cron job file.

sudo crontab -e

Add the following line.

0 0 * * * /usr/bin/certbot renew --quiet

The above cron job will run daily at midnight. If the certificate is due for expiration, it will automatically renew the certificates.

Generate a strong Diffie-Hellman parameter. It provides an extra layer of security for data exchange between the host and server.

sudo openssl dhparam -out /etc/ssl/dhparam.pem 2048 

Create a new Nginx server block to serve the Taiga frontend.

sudo nano /etc/nginx/conf.d/taiga.conf

Populate the file with the following.

server {    listen 80;    server_name;    return 301 https://$server_name$request_uri;}server {    listen 443 ssl;    server_name;    access_log /home/taiga/logs/nginx.access.log;    error_log /home/taiga/logs/nginx.error.log;    large_client_header_buffers 4 32k;    client_max_body_size 50M;    charset utf-8;    index index.html;    # Frontend    location / {        root /home/taiga/taiga-front-dist/dist/;        try_files $uri $uri/ /index.html;    }    # Backend    location /api {        proxy_set_header Host $http_host;        proxy_set_header X-Real-IP $remote_addr;        proxy_set_header X-Scheme $scheme;        proxy_set_header X-Forwarded-Proto $scheme;        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;        proxy_pass;        proxy_redirect off;    }    location /admin {        proxy_set_header Host $http_host;        proxy_set_header X-Real-IP $remote_addr;        proxy_set_header X-Scheme $scheme;        proxy_set_header X-Forwarded-Proto $scheme;        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;        proxy_pass$request_uri;        proxy_redirect off;    }    # Static files    location /static {        alias /home/taiga/taiga-back/static;    }    # Media files    location /media {        alias /home/taiga/taiga-back/media;    }     location /events {        proxy_pass;        proxy_http_version 1.1;        proxy_set_header Upgrade $http_upgrade;        proxy_set_header Connection "upgrade";        proxy_connect_timeout 7d;        proxy_send_timeout 7d;        proxy_read_timeout 7d;    }    add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";    add_header Public-Key-Pins 'pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="633lt352PKRXbOwf4xSEa1M517scpD3l5f79xMD9r9Q="; max-age=2592000; includeSubDomains';    ssl on;    ssl_certificate /etc/letsencrypt/live/;    ssl_certificate_key /etc/letsencrypt/live/;    ssl_session_timeout 5m;    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;    ssl_prefer_server_ciphers on;    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK';    ssl_session_cache shared:SSL:10m;    ssl_dhparam /etc/ssl/dhparam.pem;    ssl_stapling on;    ssl_stapling_verify on;}

Be sure to change the domain name and the path to the SSL certificates.

Now you can restart the Nginx web server and enable it to start at boot automatically.

sudo systemctl restart nginxsudo systemctl status nginx

Finally, fix the ownership and permission on Taiga files.

sudo chown -R taiga:taiga /home/taiga/sudo chmod o+x /home/taiga/


You can now access the Taiga installation by going to Log in using the initial administrator account with username “admin” and password “123123“. Your installation is now ready for production use. Start by creating a new project or evaluating the product. If you are already managing a project on Github, Jira, or Trello, you can easily import the projects into Taiga using the importers.

Want to contribute?

You could earn up to $300 by adding new articles

Submit your article
Suggest an update
Request an article

No comments

Powered by Blogger.