HSBNE Digital Ocean/Docker Host (do2.hsbne.org)

Do2 is a Digital Ocean Droplet (virtual machine) hosted in Singapore that runs some of HSBNE's external facing services.

It is an ubuntu 15.10 installation that runs the services in separate Docker containers.

Currently, it's running the following services/containers and it is maintained by nog3.

Forum: Discourse (local_discourse/app)

The discourse forum runs based on the official Discourse installation instructions.

Changes from the default config file:

There are a few extra lines added to the env: directive in the app.yml file, namely:

  • VIRTUAL_HOST: forum.hsbne.org
  • LETSENCRYPT_HOST: forum.hsbne.org
  • LETSENCRYPT_EMAIL: executive@hsbne.org

The SMTP settings are directed to our sendgrid account (hsbne).

Wiki: Dokuwiki (nog3/hsbne-dokuwiki)

The wiki is Dokuwiki Release 2016-06-26b “Elenor of Tsort” in a custom docker container. It is run with an env variable from the docker run command of VIRTUAL_HOST:wiki.hsbne.org

It is automatically built from a customized Dockerfile in https://github.com/nog3/HSBNE-dokuwiki on Docker Hub's automatic building service.

The dockerfile installs the oauth plugin but generates the container in such a way that it stores the content of the wiki within the container. There's also the bootstrap3 theme and a few other plugins added manually after the fact.

Long term, I would like to fix this.

HTTP Proxying (jwilder/nginx-proxy)

This docker container runs a copy of nginx inside it and ties together the wiki and discourse containers.

It listens on port 80 and redirects traffic for the wiki and the forum to the right internal ports exposed by the docker containers.

To know what Docker container to redirect traffic to, it checks an ENV variable on the container, VIRTUAL_HOST.

SSL Management (jrcs/letsencrypt-nginx-proxy-companion)

letsencrypt-nginx-proxy-companion is a lightweight companion container for nginx-proxy. It allows the creation/renewal of Let's Encrypt certificates automatically.

It uses the Let's Encrypt service to automatically create/renew a valid SSL certificate for virtual host(s) in a shared volume that nginx-proxy can serve up.

It requires the following environment variables to enable Let's Encrypt support for a container being proxied. This environment variables need to be declared in each to-be-proxied application containers.


The LETSENCRYPT_HOST variable most likely needs to be the same as the VIRTUAL_HOST variable and must be publicly reachable domains