Web Infrastructure: Difference between revisions

From The Munich Maker Lab's Wiki
Jump to navigation Jump to search
No edit summary
(update todos)
Line 32: Line 32:
|-
|-
| Etherpad || [https://pad.munichmakerlab.de pad.munichmakerlab.de] || saturn||docker||productive
| Etherpad || [https://pad.munichmakerlab.de pad.munichmakerlab.de] || saturn||docker||productive
|Current version with plugins: [https://github.com/orgs/munichmakerlab/packages/container/package/etherpad 1.9.4-adapted]
|Latest version: [https://github.com/ether/etherpad-lite ether/etherpad-lite]
Latest version: [https://github.com/ether/etherpad-lite ether/etherpad-lite]
|-
|-
| Mailinglisten||[https://lists.munichmakerlab.de lists.munichmakerlab.de]||mars||native||productive
| Mailinglisten||[https://lists.munichmakerlab.de lists.munichmakerlab.de]||mars||native||productive
Line 102: Line 101:
We're planning to consolidate services into a standard deployment model, consolidate external services, and maybe add some new ones.
We're planning to consolidate services into a standard deployment model, consolidate external services, and maybe add some new ones.


 
=== Ideas ===
Consolidate:
Consolidate:


Line 121: Line 120:
*InfoBeamer
*InfoBeamer


===SSO ===
==== SSO ====




Line 161: Line 160:
|
|
|-
|-
|Update Apps
|Migrate Node Red
| e.g. Etherpad
|Migrate to saturn
|
|
|-
|MQTT
|Migrate to saturn
|
|
|-
|Migrate Mailsetup
|
* Old setup is on Mailman 2, prevents Debian update
* Setup on saturn with Mailman 3
* Migrate existing stuff
|
|
|-
|Migrate Ticket System
|Replace external https://tickets.mumalab.org/courses/ with Pretix instance on our server with ticket.munichmakerlab.de
|
|Setup new, without migration
|-
|Migrate Token DB
|Deploy [https://tooljet.yt.gl/ ToolJet] (OpenUnitState) on our server
Migrate existing token from TBD
Adjust Lasercutter and door(?) to this DB
|
|Contact German for old DB setup
|-
|Setup Nextcloud
|
* Setup nextcloud
* Create shared folders e.g. for password safe
* Create calender
* Replace google calender with next cloud calender
* integrate new calender on homepage, kreativquartier, ticket system etc.
|
|
|
|
Line 170: Line 204:
*Setup Firewall
*Setup Firewall
*update docker networks for better separation?
*update docker networks for better separation?
|
|Milian
|
|
|-
|-
Line 178: Line 212:
*Playbook for Server
*Playbook for Server
*Playbook for Docker
*Playbook for Docker
|Milian
|
|-
|IoT Setup Lab
|Local https://www.home-assistant.io/ setup to have a plattform for additional functions like power monitoring or controlling of the devices in the lab
|Adrian
|
|
|}
=== DONE ===
{| class="wikitable"
!Topic
!Tasks
!Who is on it/wants to do it?
!Notes
|-
|Update Apps
| e.g. Etherpad
|Severin
|Done
|}
|}
[[Category:Infrastructure]]
[[Category:Infrastructure]]

Revision as of 15:47, 22 October 2024

Some documentation on MuMaLab's web infrastructure stuff.

Hosts

We currently have 3 VMs at Hetzner:

  • mars.munichmakerlab.de (Mars)
  • jupiter.munichmakerlab.de
  • saturn.munichmakerlab.de

Saturn

  • docker containers are started via systemd
  • cronjob added for cleanup of old docker images

Services

Service Name Hostname Server native/docker status Source
Website www.munichmakerlab.de saturn docker productive
Wiki wiki.munichmakerlab.de jupiter native productive Github Website
Nodered nodered.munichmakerlab.de jupiter docker productive
Log log.munichmakerlab.de Tumblr - productive
Etherpad pad.munichmakerlab.de saturn docker productive Latest version: ether/etherpad-lite
Mailinglisten lists.munichmakerlab.de mars native productive
Roombooking rooms.munichmakerlab.de jupiter docker deactivated BookedSchedular
Slack Inviter slack.munichmakerlab.de saturn docker productive rauchg/slackin
Space Status status.munichmakerlab.de saturn docker productive Github Spacestatus
MQTT mqtt.munichmakerlab.de jupiter native productive
Nextcloud nextcloud.munichmakerlab.de saturn docker experimental
Traefik Reverseproxy saturn.munichmakerlab.de/dashboard/
(might be disabled)		 saturn docker productive

Website

Static website at https://munichmakerlab.de

Wiki

MediaWiki at https://wiki.munichmakerlab.de/

  • Create your own account, needs to be confirmed by an admin

Maintenance

We currently have a bit of a spam problem, easiest way to fix it currently is to clean them up in the database directly. 

update mw_account_requests set acr_rejected = DATE_FORMAT(NOW(),"%Y%m%d%H%i%S"), acr_user = 1, acr_comment = "Spam, no confirmed mail address", acr_deleted = 1 where acr_email_authenticated is null and acr_rejected is null and acr_registration < now() - interval 7 day;

update mw_account_requests set acr_rejected = DATE_FORMAT(NOW(),"%Y%m%d%H%i%S"), acr_user = 1, acr_comment = "Spam", acr_deleted = 1 where acr_rejected is null and acr_registration < now() - interval 7 day;

update mw_account_requests set acr_rejected = DATE_FORMAT(NOW(),"%Y%m%d%H%i%S"), acr_user = 1, acr_comment = "Spam", acr_deleted = 1 where acr_rejected is null;

Status

Space status at https://status.munichmakerlab.de

MuMaBus

Space Automation, see MuMaBus for details

  • MQTT at jupiter.munichmakerlab.de

Slack

Chat, with bridge to IRC

Additional Services

  • Calendar as iCal
  • ical2email. Sends reminder emails for events to mailing list, using the wordpress calendar. Python script running daily on vps02.thearrow.de

Access

The following people currently have admin access to the infrastructure:

Migration and Optimization 2024

We're planning to consolidate services into a standard deployment model, consolidate external services, and maybe add some new ones.

Ideas

Consolidate:

  • Wiki: Containerize => Challenges: php modules; updating php/wiki; ggf. make it easier to include the plugins (maybe php compose module handling)
  • Mailsystem: ??

Externally hosted, and to be transfered into MuMaLab Infrastructure

Planned Services

  • NextCloud
  • evtl Ticket System
  • Single Sign On: e.g. login to wiki either locally or via SSO. Later only SSO. Can be used e.g. for nextcloud or other services as well

Details unclear

  • InfoBeamer

SSO

IDPs

  1. Option: Authentik
  2. Option: https://git.cccv.de/uffd/uffd
  3. Option: ...?

Auth:

Complete guide to Nextcloud OIDC authentication with Authentik

Integrate Authentik and Nextcloud

Wiki Plugins for OIDC etc.: Plugable Auth

ToDos

Topic Tasks Who is on it/wants to do it? Notes
SSO
  • test authentik on saturn
  • test connecting authentik and nextcloud
  • test connecting wiki to authentik
 Phier
Wiki
  • containerize wiki (build on gitlab) and migrate to saturn as staging wiki
  • update wiki
Migrate Node Red Migrate to saturn
MQTT Migrate to saturn
Migrate Mailsetup
  • Old setup is on Mailman 2, prevents Debian update
  • Setup on saturn with Mailman 3
  • Migrate existing stuff
Migrate Ticket System Replace external https://tickets.mumalab.org/courses/ with Pretix instance on our server with ticket.munichmakerlab.de Setup new, without migration
Migrate Token DB Deploy ToolJet (OpenUnitState) on our server

Migrate existing token from TBD Adjust Lasercutter and door(?) to this DB

Contact German for old DB setup
Setup Nextcloud
  • Setup nextcloud
  • Create shared folders e.g. for password safe
  • Create calender
  • Replace google calender with next cloud calender
  • integrate new calender on homepage, kreativquartier, ticket system etc.
Security
  • Setup Firewall
  • update docker networks for better separation?
 Milian
IaC
  • Setup Ansible in Repo
  • Playbook for Server
  • Playbook for Docker
 Milian
IoT Setup Lab Local https://www.home-assistant.io/ setup to have a plattform for additional functions like power monitoring or controlling of the devices in the lab Adrian

DONE

Topic Tasks Who is on it/wants to do it? Notes
Update Apps e.g. Etherpad Severin Done
Retrieved from "https://wiki.munichmakerlab.de/index.php?title=Web_Infrastructure&oldid=7491"