Web Infrastructure
Some documentation on MuMaLab's web infrastructure stuff.
Current Tasks
Checkout: Working Group IT
Hosts
We currently have 3 VMs at Hetzner:
- mars.munichmakerlab.de (Mars)
- jupiter.munichmakerlab.de
- saturn.munichmakerlab.de
Saturn
- docker containers are started via systemd or via docker compose (configs in /data/ path)
- cronjob added for cleanup of old docker images
- docker deamon resource limit via systemd slice (/etc/systemd/system/docker.slice)
- Firewall: ufw => check via sudo ufw status verbose
Services
| Service Name | Hostname | Functionality | Server | native/docker | status | Source |
|---|---|---|---|---|---|---|
| Website | www.munichmakerlab.de | Just Website, compare Github for details | saturn | docker | productive | Github Website |
| Wiki | wiki.munichmakerlab.de | Media wiki for knowledge sharing and documentation | saturn | docker | productive | |
| Nodered | nodered.munichmakerlab.deAdmin: https://nodered.munichmakerlab.de/admin/ | Automation like spacestatus, Slack Bots etc. | satrun | docker | productive | Node-RED |
| Log | log.munichmakerlab.de | Blog | Tumblr | - | productive | |
| Etherpad | pad.munichmakerlab.de | Colaboration text tool | saturn | docker | productive | Latest version: ether/etherpad-lite |
| Mailinglisten | lists.munichmakerlab.de | Mailman 2 | mars | native | productive | |
| @munichmakerlab.de | Mailserver
Details: Mars Version postfix: 3.4.23 |
mars | native | productive | ||
| Roombooking | rooms.munichmakerlab.de | Original for reserving rooms during covid | jupiter | docker | deactivated | BookedSchedular |
| Slack Inviter | slack.munichmakerlab.de | Self invite capability for our slack | saturn | docker | productive | rauchg/slackin |
| Space Status | status.munichmakerlab.de | Button in the lab to mark space as open/closed on slack/homepage | saturn | docker | productive | Github Spacestatus |
| Eclipse Mosquitto (MQTT) | mqtt.munichmakerlab.de | MQTT to use for other servicesservices like status etc. Compare MuMaBus | saturn | docker | productive | Eclipse Mosquitto |
| Nextcloud | nextcloud.munichmakerlab.de | Document sharing, calendar | saturn | docker | experimental | |
| Traefik Reverseproxy | saturn.munichmakerlab.de/dashboard/ (might be disabled) |
Reverse proxy for other services | saturn | docker | productive | |
| Authentik SSO | sso.munichmakerlab.de | SSO for other services | saturn | docker | experimental | https://github.com/goauthentik/authentik |
| Tickets (old) | tickets.mumalab.org | Ticket system for workshops and events | German | - | productive | https://github.com/pretix/pretix |
| Tickets | tickets.munichmakerlab.de | Ticket system for workshops and events | saturn | docker | experimental | https://github.com/pretix/pretix |
| Wiki Staging | wiki-staging.munichmakerlab.de | Wiki for testing (temporary) | saturn | docker | Todo | |
| Influx DB | influxdb.munichmakerlab.de | DB for particles sensor (temporary) | saturn | docker | experimental | https://hub.docker.com/_/influxdb |
| Grafana & Prometheus | monitoring.munichmakerlab.de | Grafana Dashboard | saturn | docker | experimental | |
| Grafana Loki?
|
logging.munichmakerlab.de | Grafana Loki | saturn | docker | Todo |
SSO
Single Sign on with Authentik
Groups:
!to be done
| Group | Access to | Details |
|---|---|---|
| Member | ||
| IT | ||
Influxdbv2
For storing data from sensors. Mostly for fun and testing purpose.
Data come from:
| Source | Bucket | User | Tags |
|---|---|---|---|
| Airrohr-NG | lab-environment-data | airrohr-service-user | |
Website
Static website at https://munichmakerlab.de
Wiki
MediaWiki at https://wiki.munichmakerlab.de/
- Create your own account, needs to be confirmed by an admin
Maintenance
We currently have a bit of a spam problem, easiest way to fix it currently is to clean them up in the database directly.
update mw_account_requests set acr_rejected = DATE_FORMAT(NOW(),"%Y%m%d%H%i%S"), acr_user = 1, acr_comment = "Spam, no confirmed mail address", acr_deleted = 1 where acr_email_authenticated is null and acr_rejected is null and acr_registration < now() - interval 7 day; update mw_account_requests set acr_rejected = DATE_FORMAT(NOW(),"%Y%m%d%H%i%S"), acr_user = 1, acr_comment = "Spam", acr_deleted = 1 where acr_rejected is null and acr_registration < now() - interval 7 day; update mw_account_requests set acr_rejected = DATE_FORMAT(NOW(),"%Y%m%d%H%i%S"), acr_user = 1, acr_comment = "Spam", acr_deleted = 1 where acr_rejected is null;
Status
Space status at https://status.munichmakerlab.de
- Details at StartYourEngines
MuMaBus
Space Automation, see MuMaBus for details
- MQTT at saturn.munichmakerlab.de
Slack
Chat, with bridge to IRC
- Application in itself is SaaS. Talk to tarwin or tiefpunkt
- IRC bridge is powered by RelayBot, hosted on ???
Additional Services
- Calendar as iCal
- ical2email. Sends reminder emails for events to mailing list, using the wordpress calendar. Python script running daily on vps02.thearrow.de
Access
The following people currently have admin access to the infrastructure:
