Do2 is a Digital Ocean Droplet (virtual machine) hosted in Singapore that runs some of HSBNE's external facing services.

It is an ubuntu 17.10 installation that runs the services in separate Docker containers.

Currently, it's running the following services/containers and it is maintained by nog3.

The discourse forum runs based on the official Discourse installation instructions.

Changes from the default config file:

There are a few extra lines added to the env: directive in the app.yml file, namely:

  • VIRTUAL_HOST: forum.hsbne.org
  • LETSENCRYPT_HOST: forum.hsbne.org
  • LETSENCRYPT_EMAIL: executive@hsbne.org

The SMTP settings are directed to our sendgrid account (hsbne).

The wiki is Dokuwiki Release 2018-04-22b “Greebo”. It is run using the container's default instructions at https://github.com/crazy-max/docker-dokuwiki, but with env vars VIRTUAL_HOST and LETSENCRYPT_HOST defined as wiki.hsbne.org which allows nginx-proxy and the ssl letsencrypt companion to manage ssl for it.

The data for the wiki is deployed in /var/hsbnewiki, so the container must be run from /var/hsbnewiki for the data volume to map correctly. All data is now persisted OUTSIDE the container. Oorah!

Old details: The dockerfile installs the oauth plugin but generates the container in such a way that it stores the content of the wiki within the container. There's also the bootstrap3 theme and a few other plugins added manually after the fact.

Long term, I would like to fix this.

This docker container runs a copy of nginx inside it and ties together the wiki and discourse containers.

It listens on port 80 and redirects traffic for the wiki and the forum to the right internal ports exposed by the docker containers.

To know what Docker container to redirect traffic to, it checks an ENV variable on the container, VIRTUAL_HOST.

letsencrypt-nginx-proxy-companion is a lightweight companion container for nginx-proxy. It allows the creation/renewal of Let's Encrypt certificates automatically.

It uses the Let's Encrypt service to automatically create/renew a valid SSL certificate for virtual host(s) in a shared volume that nginx-proxy can serve up.

It requires the following environment variables to enable Let's Encrypt support for a container being proxied. This environment variables need to be declared in each to-be-proxied application containers.

  • LETSENCRYPT_HOST
  • LETSENCRYPT_EMAIL

The LETSENCRYPT_HOST variable needs to be the same as the VIRTUAL_HOST variable and must be publicly reachable domains.

Trellobot exists to push notifications from trello into Discord #infra-notifications.

It is a copy of https://github.com/cuongtransc/trellobot stored in /var/trellobot, built from the folder with a custom config that defines which trello boards to watch and what channel to post into.

It tracks the following trello events:

  • cardCreated
  • checklistItemMarkedComplete
  • commentAdded
  • cardArchived
  • checklistAddedToCard

This container is an asset management software we're evaluating. Its conf folder is exposed at /var/snipe/conf/ on the docker host. It has an mysql db container linked which exposes the mysql db files to /var/snipe/mysql for backup.

This was set up following modified instructions from https://blog.networkprofile.org/quick-and-easy-snipe-it-docker-deployment/

  • infrastructure/do2
  • Last modified: 7 months ago
  • (external edit)