Web Infrastructure
Jump to navigation
Jump to search
Some documentation on MuMaLab's web infrastructure stuff.
Current Tasks
Checkout: Working Group IT
Hosts
We currently have 3 VMs at Hetzner:
- mars.munichmakerlab.de (Mars)
- jupiter.munichmakerlab.de
- saturn.munichmakerlab.de
Saturn
- docker containers are started via systemd or via docker compose (configs in /data/ path) => target everything with docker compose with separated /data/ and /config/ folder.
- cronjob added for cleanup of old docker images
- docker deamon resource limit via systemd slice (/etc/systemd/system/docker.slice)
- Firewall: ufw => check via sudo ufw status verbose (does not include docker. This would need addtional hacks like this, but it had no benefits so far with the reverse proxy we already use)
Services
| Service Name | Hostname | Functionality | Server | native/docker | status | Source |
|---|---|---|---|---|---|---|
| Website | www.munichmakerlab.de | Just Website, compare Github for details | saturn | docker | productive | Github Website |
| Wiki | wiki.munichmakerlab.de | Media wiki for knowledge sharing and documentation | saturn | docker | productive | |
| Nodered | nodered.munichmakerlab.deAdmin: https://nodered.munichmakerlab.de/admin/ | Automation like spacestatus, Slack Bots etc. | satrun | docker | productive | Node-RED |
| Log | log.munichmakerlab.de | Blog | Tumblr | - | productive | |
| Etherpad | pad.munichmakerlab.de | Colaboration text tool | saturn | docker | productive | Latest version: ether/etherpad-lite |
| Mailinglisten | lists.munichmakerlab.de | Mailman 2 | mars | native | productive | |
| @munichmakerlab.de | Mailserver
Details: Mars Version postfix: 3.4.23 |
mars | native | productive | ||
| Roombooking | rooms.munichmakerlab.de | Original for reserving rooms during covid | jupiter | docker | deactivated | BookedSchedular |
| Slack Inviter | slack.munichmakerlab.de | Self invite capability for our slack | saturn | docker | productive | rauchg/slackin |
| Space Status | status.munichmakerlab.de | Button in the lab to mark space as open/closed on slack/homepage | saturn | docker | productive | Github Spacestatus |
| Eclipse Mosquitto (MQTT) | mqtt.munichmakerlab.de | MQTT to use for other servicesservices like status etc. Compare MuMaBus | saturn | docker | productive | Eclipse Mosquitto |
| Nextcloud | nextcloud.munichmakerlab.de | Document sharing, calendar | saturn | docker | experimental | |
| Traefik Reverseproxy | saturn.munichmakerlab.de/dashboard/ (might be disabled) |
Reverse proxy for other services | saturn | docker | productive | |
| Authentik SSO | sso.munichmakerlab.de | SSO for other services | saturn | docker | experimental | https://github.com/goauthentik/authentik |
| Tickets (old) | tickets.mumalab.org | Ticket system for workshops and events | German | - | productive | https://github.com/pretix/pretix |
| Tickets | tickets.munichmakerlab.de | Ticket system for workshops and events | saturn | docker | experimental | https://github.com/pretix/pretix |
| Wiki Staging | wiki-staging.munichmakerlab.de | Wiki for testing (temporary) | saturn | docker | Todo | |
| Influx DB | influxdb.munichmakerlab.de | DB for particles sensor (temporary) | saturn | docker | experimental | https://hub.docker.com/_/influxdb |
| Grafana & Prometheus | monitoring.munichmakerlab.de | Grafana Dashboard | saturn | docker | experimental | |
| Grafana Loki?
|
logging.munichmakerlab.de | Grafana Loki | saturn | docker | Todo |
SSO
Single Sign on with Authentik
Groups:
!to be done
| Group | Access to | Details |
|---|---|---|
| Member | ||
| IT | ||
Influxdbv2
For storing data from sensors. Mostly for fun and testing purpose.
Data come from:
| Source | Bucket | User | Tags |
|---|---|---|---|
| Airrohr-NG | lab-environment-data | airrohr-service-user | |
Website
Static website at https://munichmakerlab.de
Wiki
MediaWiki at https://wiki.munichmakerlab.de/
- Create your own account, needs to be confirmed by an admin
Maintenance
We currently have a bit of a spam problem, easiest way to fix it currently is to clean them up in the database directly.
update mw_account_requests set acr_rejected = DATE_FORMAT(NOW(),"%Y%m%d%H%i%S"), acr_user = 1, acr_comment = "Spam, no confirmed mail address", acr_deleted = 1 where acr_email_authenticated is null and acr_rejected is null and acr_registration < now() - interval 7 day; update mw_account_requests set acr_rejected = DATE_FORMAT(NOW(),"%Y%m%d%H%i%S"), acr_user = 1, acr_comment = "Spam", acr_deleted = 1 where acr_rejected is null and acr_registration < now() - interval 7 day; update mw_account_requests set acr_rejected = DATE_FORMAT(NOW(),"%Y%m%d%H%i%S"), acr_user = 1, acr_comment = "Spam", acr_deleted = 1 where acr_rejected is null;
Status
Space status at https://status.munichmakerlab.de
- Details at StartYourEngines
MuMaBus
Space Automation, see MuMaBus for details
- MQTT at saturn.munichmakerlab.de
Slack
Chat, with bridge to IRC
- Application in itself is SaaS. Talk to tarwin or tiefpunkt
- IRC bridge is powered by RelayBot, hosted on ???
Additional Services
- Calendar as iCal
- ical2email. Sends reminder emails for events to mailing list, using the wordpress calendar. Python script running daily on vps02.thearrow.de
