Differences

This shows you the differences between two versions of the page.

Link to this comparison view

infrastructure:do2 [2017/04/08 13:01] (current)
Line 1: Line 1:
 +===== HSBNE Digital Ocean/​Docker Host (do2.hsbne.org) =====
 +
 +Do2 is a Digital Ocean Droplet (virtual machine) hosted in Singapore that runs some of HSBNE'​s external facing services.
 +
 +It is an ubuntu 15.10 installation that runs the services in separate Docker containers.
 +
 +Currently, it's running the following services/​containers and it is maintained by nog3.
 +
 +==== Forum: Discourse (local_discourse/​app) ====
 +
 +The discourse forum runs based on the official Discourse installation instructions. ​
 +
 +Changes from the default config file:
 +
 +There are a few extra lines added to the env: directive in the app.yml file, namely:
 +  * VIRTUAL_HOST:​ forum.hsbne.org
 +  * LETSENCRYPT_HOST:​ forum.hsbne.org
 +  * LETSENCRYPT_EMAIL:​ [email protected]
 +
 +The SMTP settings are directed to our sendgrid account (hsbne).
 +
 +
 +
 +==== Wiki: Dokuwiki (nog3/​hsbne-dokuwiki) ====
 +
 +The wiki is Dokuwiki Release 2016-06-26b “Elenor of Tsort” in a custom docker container. It is run with an env variable from the docker run command of VIRTUAL_HOST:​wiki.hsbne.org
 +
 +It is automatically built from a customized Dockerfile in https://​github.com/​nog3/​HSBNE-dokuwiki on Docker Hub's automatic building service.
 +
 +The dockerfile installs the oauth plugin but generates the container in such a way that it stores the content of the wiki within the container. There'​s also the bootstrap3 theme and a few other plugins added manually after the fact.
 +
 +Long term, I would like to fix this.
 +==== HTTP Proxying (jwilder/​nginx-proxy) ====
 +
 +This docker container runs a copy of nginx inside it and ties together the wiki and discourse containers.
 +
 +It listens on port 80 and redirects traffic for the wiki and the forum to the right internal ports exposed by the docker containers. ​
 +
 +To know what Docker container to redirect traffic to, it checks an ENV variable on the container, VIRTUAL_HOST.
 +
 +==== SSL Management (jrcs/​letsencrypt-nginx-proxy-companion) ====
 +
 +letsencrypt-nginx-proxy-companion is a lightweight companion container for nginx-proxy. It allows the creation/​renewal of Let's Encrypt certificates automatically.
 +
 +It uses the Let's Encrypt service to automatically create/​renew a valid SSL certificate for virtual host(s) in a shared volume that nginx-proxy can serve up.
 +
 +It requires the following environment variables to enable Let's Encrypt support for a container being proxied. This environment variables need to be declared in each to-be-proxied application containers.
 +
 +  * LETSENCRYPT_HOST
 +  * LETSENCRYPT_EMAIL
 +
 +The LETSENCRYPT_HOST variable most likely needs to be the same as the VIRTUAL_HOST variable and must be publicly reachable domains ​
 +
 +
 +
 +