Web Infrastructure: Difference between revisions
Jump to navigation
Jump to search
(→ToDos) |
(→ToDos) |
||
| Line 169: | Line 169: | ||
* containerize wiki (build on gitlab) and migrate to saturn as staging wiki | * containerize wiki (build on gitlab) and migrate to saturn as staging wiki | ||
*update wiki | *update wiki | ||
| | |open | ||
| | | | ||
|- | |- | ||
| Line 181: | Line 181: | ||
|Migrate Node Red | |Migrate Node Red | ||
|Migrate to saturn | |Migrate to saturn | ||
| | |open | ||
| | | | ||
|- | |- | ||
| Line 198: | Line 198: | ||
* change FQDN to saturn and test => TODO | * change FQDN to saturn and test => TODO | ||
* check remaining stuff in the lab, if something depends on old ports: [[MuMaBus]] | * check remaining stuff in the lab, if something depends on old ports: [[MuMaBus]] | ||
| | |Mili | ||
| | | | ||
|- | |- | ||
| Line 206: | Line 206: | ||
* Setup on saturn with Mailman 3 | * Setup on saturn with Mailman 3 | ||
* Migrate existing stuff | * Migrate existing stuff | ||
| | |open | ||
| | | | ||
|- | |- | ||
|Migrate Ticket System | |Migrate Ticket System | ||
|Replace external https://tickets.mumalab.org/courses/ with Pretix instance on our server with ticket.munichmakerlab.de | |Replace external https://tickets.mumalab.org/courses/ with Pretix instance on our server with ticket.munichmakerlab.de | ||
| | |open | ||
|Setup new, without migration | |Setup new, without migration | ||
|- | |- | ||
| Line 218: | Line 218: | ||
Migrate existing token from TBD | Migrate existing token from TBD | ||
Adjust Lasercutter and door(?) to this DB | Adjust Lasercutter and door(?) to this DB | ||
| | |open | ||
|Contact German for old DB setup | |Contact German for old DB setup | ||
|- | |- | ||
| Line 228: | Line 228: | ||
* Replace google calender with next cloud calender | * Replace google calender with next cloud calender | ||
* integrate new calender on homepage, kreativquartier, ticket system etc. | * integrate new calender on homepage, kreativquartier, ticket system etc. | ||
| | |open | ||
| | | | ||
|- | |- | ||
| Line 250: | Line 250: | ||
|Local https://www.home-assistant.io/ setup to have a plattform for additional functions like power monitoring or controlling of the devices in the lab | |Local https://www.home-assistant.io/ setup to have a plattform for additional functions like power monitoring or controlling of the devices in the lab | ||
|Adrian | |Adrian | ||
| | |||
|- | |||
|Cleanup | |||
|Check MQTT and other IT devices. Which are still up to date, which can be fixed and which are not existent anymore. | |||
Compare [[Network]] and [[MuMaBus]] | |||
|open | |||
| | | | ||
|} | |} | ||
Revision as of 18:57, 14 November 2024
Some documentation on MuMaLab's web infrastructure stuff.
Hosts
We currently have 3 VMs at Hetzner:
- mars.munichmakerlab.de (Mars)
- jupiter.munichmakerlab.de
- saturn.munichmakerlab.de
Saturn
- docker containers are started via systemd
- cronjob added for cleanup of old docker images
- Firewall: ufw => check via sudo ufw status verbose
Services
| Service Name | Hostname | Server | native/docker | status | Source |
|---|---|---|---|---|---|
| Website | www.munichmakerlab.de | saturn | docker | productive | |
| Wiki | wiki.munichmakerlab.de | jupiter | native | productive | Github Website |
| Nodered | nodered.munichmakerlab.de | jupiter | docker | productive | |
| Log | log.munichmakerlab.de | Tumblr | - | productive | |
| Etherpad | pad.munichmakerlab.de | saturn | docker | productive | Latest version: ether/etherpad-lite |
| Mailinglisten | lists.munichmakerlab.de | mars | native | productive | |
| Roombooking | rooms.munichmakerlab.de | jupiter | docker | deactivated | BookedSchedular |
| Slack Inviter | slack.munichmakerlab.de | saturn | docker | productive | rauchg/slackin |
| Space Status | status.munichmakerlab.de | saturn | docker | productive | Github Spacestatus |
| Eclipse Mosquitto (MQTT) | mqtt.munichmakerlab.de | jupiter | native | productive | |
| Nextcloud | nextcloud.munichmakerlab.de | saturn | docker | experimental | |
| Traefik Reverseproxy | saturn.munichmakerlab.de/dashboard/ (might be disabled) |
saturn | docker | productive |
Website
Static website at https://munichmakerlab.de
Wiki
MediaWiki at https://wiki.munichmakerlab.de/
- Create your own account, needs to be confirmed by an admin
Maintenance
We currently have a bit of a spam problem, easiest way to fix it currently is to clean them up in the database directly.
update mw_account_requests set acr_rejected = DATE_FORMAT(NOW(),"%Y%m%d%H%i%S"), acr_user = 1, acr_comment = "Spam, no confirmed mail address", acr_deleted = 1 where acr_email_authenticated is null and acr_rejected is null and acr_registration < now() - interval 7 day; update mw_account_requests set acr_rejected = DATE_FORMAT(NOW(),"%Y%m%d%H%i%S"), acr_user = 1, acr_comment = "Spam", acr_deleted = 1 where acr_rejected is null and acr_registration < now() - interval 7 day; update mw_account_requests set acr_rejected = DATE_FORMAT(NOW(),"%Y%m%d%H%i%S"), acr_user = 1, acr_comment = "Spam", acr_deleted = 1 where acr_rejected is null;
Status
Space status at https://status.munichmakerlab.de
- Details at StartYourEngines
MuMaBus
Space Automation, see MuMaBus for details
- MQTT at jupiter.munichmakerlab.de
Slack
Chat, with bridge to IRC
- Application in itself is SaaS. Talk to tarwin or tiefpunkt
- IRC bridge is powered by RelayBot, hosted on ???
Additional Services
- Calendar as iCal
- ical2email. Sends reminder emails for events to mailing list, using the wordpress calendar. Python script running daily on vps02.thearrow.de
Access
The following people currently have admin access to the infrastructure:
Migration and Optimization 2024
We're planning to consolidate services into a standard deployment model, consolidate external services, and maybe add some new ones.
Ideas
Consolidate:
- Wiki: Containerize => Challenges: php modules; updating php/wiki; ggf. make it easier to include the plugins (maybe php compose module handling)
- Mailsystem: ??
Externally hosted, and to be transfered into MuMaLab Infrastructure
- Tickets (https://tickets.mumalab.org/courses/)
- Calendar -> Google Calendar -> NextCloud
- ToolJet (OpenUnitState)
Planned Services
- NextCloud
- evtl Ticket System
- Single Sign On: e.g. login to wiki either locally or via SSO. Later only SSO. Can be used e.g. for nextcloud or other services as well
Details unclear
- InfoBeamer
Lightburn VM
2. Licence for lightburn is already available. Would be nice to give members the chance to prepare Laser stuff remote and just come to the lab to laser.
Challenges: No Linux support https://forum.lightburnsoftware.com/t/linux-support-to-end-after-v1-7/144605; exposing remote desktop in secure way
Remote Systems?
SSO
IDPs
- Option: Authentik
- Option: https://git.cccv.de/uffd/uffd
- Option: ...?
Auth:
Complete guide to Nextcloud OIDC authentication with Authentik
Integrate Authentik and Nextcloud
Wiki Plugins for OIDC etc.: Plugable Auth
ToDos
| Topic | Tasks | Who is on it/wants to do it? | Notes |
|---|---|---|---|
| SSO |
|
Phier | |
| Wiki |
|
open | |
| Lightburn Remote VM |
|
Phier | |
| Migrate Node Red | Migrate to saturn | open | |
| MQTT | Migrate to saturn and update to latest version.
Connect with Adrian => https://munichmakerlab.slack.com/archives/C79T8NFU7/p1731197933279969
|
Mili | |
| Migrate Mailsetup |
|
open | |
| Migrate Ticket System | Replace external https://tickets.mumalab.org/courses/ with Pretix instance on our server with ticket.munichmakerlab.de | open | Setup new, without migration |
| Migrate Token DB | Deploy ToolJet (OpenUnitState) on our server
Migrate existing token from TBD Adjust Lasercutter and door(?) to this DB |
open | Contact German for old DB setup |
| Setup Nextcloud |
|
open | |
| Security |
|
Milian | |
| IaC |
|
Milian | |
| IoT Setup Lab | Local https://www.home-assistant.io/ setup to have a plattform for additional functions like power monitoring or controlling of the devices in the lab | Adrian | |
| Cleanup | Check MQTT and other IT devices. Which are still up to date, which can be fixed and which are not existent anymore. | open |
DONE
| Topic | Tasks | Who is on it/wants to do it? | Notes |
|---|---|---|---|
| Update Apps | e.g. Etherpad | Severin | Done |
