Web Infrastructure: Difference between revisions

From The Munich Maker Lab's Wiki
Jump to navigation Jump to search
mNo edit summary
mNo edit summary
Line 31: Line 31:
|
|
|-
|-
| Etherpad || [https://pad.munichmakerlab.de pad.munichmakerlab.de] || mars || docker || productive
| Etherpad || [https://pad.munichmakerlab.de pad.munichmakerlab.de] || jupiter || docker || productive
|[https://github.com/ether/etherpad-lite ether/etherpad-lite]
|Current version: 1.9.4
Latest version: [https://github.com/ether/etherpad-lite ether/etherpad-lite]
|-
|-
| Mailinglisten || [https://lists.munichmakerlab.de lists.munichmakerlab.de] || mars || native || productive
| Mailinglisten || [https://lists.munichmakerlab.de lists.munichmakerlab.de] || mars || native || productive
|
|
|-
|-
| Roombooking || [https://rooms.munichmakerlab.de rooms.munichmakerlab.de] || jupiter || docker || productive
| Roombooking || [https://rooms.munichmakerlab.de rooms.munichmakerlab.de] || jupiter || docker || deactivated
|[https://github.com/LibreBooking/app BookedSchedular]
|[https://github.com/LibreBooking/app BookedSchedular]
|-
|-

Revision as of 13:50, 15 October 2024

Some documentation on MuMaLab's web infrastructure stuff.

Hosts

We currently have 3 VMs at Hetzner:

  • mars.munichmakerlab.de (Mars)
  • jupiter.munichmakerlab.de
  • saturn.munichmakerlab.de

Saturn

  • docker containers are started via systemd
  • cronjob added for cleanup of old docker images

Services

Service Name Hostname Server native/docker status Source
Website www.munichmakerlab.de saturn docker productive
Wiki wiki.munichmakerlab.de jupiter native productive Github Website
Nodered nodered.munichmakerlab.de jupiter docker productive
Log log.munichmakerlab.de Tumblr - productive
Etherpad pad.munichmakerlab.de jupiter docker productive Current version: 1.9.4

Latest version: ether/etherpad-lite

Mailinglisten lists.munichmakerlab.de mars native productive
Roombooking rooms.munichmakerlab.de jupiter docker deactivated BookedSchedular
Slack Inviter slack.munichmakerlab.de saturn docker productive rauchg/slackin
Space Status status.munichmakerlab.de saturn docker productive Github Spacestatus
MQTT mqtt.munichmakerlab.de jupiter native productive
Nextcloud nextcloud.munichmakerlab.de saturn docker experimental
Traefik Reverseproxy saturn.munichmakerlab.de/dashboard/
(might be disabled)
saturn docker productive

Website

Static website at https://munichmakerlab.de

Wiki

MediaWiki at https://wiki.munichmakerlab.de/

  • Create your own account, needs to be confirmed by an admin

Maintenance

We currently have a bit of a spam problem, easiest way to fix it currently is to clean them up in the database directly.

update mw_account_requests set acr_rejected = DATE_FORMAT(NOW(),"%Y%m%d%H%i%S"), acr_user = 1, acr_comment = "Spam, no confirmed mail address", acr_deleted = 1 where acr_email_authenticated is null and acr_rejected is null and acr_registration < now() - interval 7 day;

update mw_account_requests set acr_rejected = DATE_FORMAT(NOW(),"%Y%m%d%H%i%S"), acr_user = 1, acr_comment = "Spam", acr_deleted = 1 where acr_rejected is null and acr_registration < now() - interval 7 day;

update mw_account_requests set acr_rejected = DATE_FORMAT(NOW(),"%Y%m%d%H%i%S"), acr_user = 1, acr_comment = "Spam", acr_deleted = 1 where acr_rejected is null;

Status

Space status at https://status.munichmakerlab.de

MuMaBus

Space Automation, see MuMaBus for details

  • MQTT at jupiter.munichmakerlab.de

Slack

Chat, with bridge to IRC

Additional Services

  • Calendar as iCal
  • ical2email. Sends reminder emails for events to mailing list, using the wordpress calendar. Python script running daily on vps02.thearrow.de

Access

The following people currently have admin access to the infrastructure:

Migration and Optimization 2024

We're planning to consolidate services into a standard deployment model, consolidate external services, and maybe add some new ones.


Consolidate:

  • Wiki: Containerize => Challenges: php modules; updating php/wiki; ggf. make it easier to include the plugins (maybe php compose module handling)
  • Mailsystem: ??

Externally hosted, and to be transfered into MuMaLab Infrastructure

Planned Services

  • NextCloud
  • evtl Ticket System
  • Single Sign On: e.g. login to wiki either locally or via SSO. Later only SSO. Can be used e.g. for nextcloud or other services as well

Details unclear

  • InfoBeamer

SSO

IDPs

  1. Option: Authentik
  2. Option: https://git.cccv.de/uffd/uffd
  3. Option: ...?

Auth:

Complete guide to Nextcloud OIDC authentication with Authentik

Integrate Authentik and Nextcloud

Wiki Plugins for OIDC etc.: Plugable Auth

Next Steps

  • test authentik on saturn
  • test connecting authentik and nextcloud
  • migrate etherpad, rooms to saturn
  • containerize wiki (build on gitlab) and migrate to saturn
  • update wiki
  • test connecting wiki to authentik
  • move systemd config to git and improve e.g. traefik or docker configs (e.g. via ansible/docker compose)
  • install ufw firewall on saturn server
  • setup different networks for docker, e.g. etherpad with db etc.
  • update apps? e.g. etherpad