These are the container configurations used for the production Intellivoid services. Containers run Alpine Linux and all executables use jemalloc for faster memory allocation.
VerboseAdventure produces a lot of noise and docker saves all output from the containers to a log file, this will consume the entirety of the host's disk space if not cleaned. For security reasons, the Github personal access token is kept as an environment variable in the shell you're working in when using these containers, this requires Docker BuildKit to function properly.
Edit /etc/docker/daemon.json
(create the file if it doesn't exist) and add the following:
{
"log-driver": "json-file",
"log-opts": {
"max-size": "10m",
"max-file": "3"
},
"features": {
"buildkit": true
}
}
Once applied, restart the docker daemon:
sudo systemctl restart docker
Next, you need to generate a github personal access token (PAT) and then in your working shell run:
$ export GIT_API_KEY=ghp_hRrBuCtE1[...]
export
will prevent the shell from saving the command into your command history.
In each folder there is a acm
folder which must be configured with login credentials, database credentials, etc.
It is recommended that you give each container it's own SQL user and password in case one container is compromised.
Each container must be built, each folder is an individual container. You must change directories into each folder to run build commands.
CoffeeHouse is the only container which cannot use BuildKit:
$ DOCKER_BUILDKIT=0 docker build -t "coffeehouse_utils:dockerfile" .
$ docker build -t "journeycommando:dockerfile" --secret id=GIT_API_KEY,env=GIT_API_KEY . --no-cache --progress=plain
$ docker build -t "spamprotection_worker:dockerfile" --secret id=GIT_API_KEY,env=GIT_API_KEY . --no-cache --progress=plain
$ docker build -t "intellivoid_bot:dockerfile" --secret id=GIT_API_KEY,env=GIT_API_KEY . --no-cache --progress=plain
$ docker build -t "intellivoid_webservices:dockerfile" --secret id=GIT_API_KEY,env=GIT_API_KEY . --no-cache --progress=plain
Each container has a different startup process and you must pay attention that they did not have a failure during the build process and there's no failures in the execution process below. Some containers don't restart on their own for some reason when you first run them, if this happens
simply do docker start <container name>
.
On this line, the container IP address for coffeehouse will be 172.17.0.4
but you can change this for the acm
configs.
$ docker run --restart always --name coffeehouse_utils -p 5600:5600 -p 5601:5601 -p 5602:5602 -p 5603:5603 -p 5604:5604 -p 5605:5605 -p 5606:5606 --ip 172.17.0.4 -it coffeehouse_utils:dockerfile
$ docker run --restart always --name journeycommando -it journeycommando:dockerfile
Replace jcrawford
(my user account) with an absolute path for the user images shared between the Intellivoid Bot and Intellivoid Web containers.
$ docker run --restart always -v /home/jcrawford/intellivoid/production/userimages/user_pictures:/etc/user_pictures -v /home/jcrawford/intellivoid/production/userimages/app_icons:/etc/app_icons --name intellivoid_bot --ip 172.17.0.5 -it intellivoid_bot:dockerfile
Replace jcrawford
(my user account) with an absolute path for the user images shared between the Intellivoid Bot and Intellivoid Web containers.
$ docker run --restart always -v /home/jcrawford/intellivoid/production/userimages/user_pictures:/etc/user_pictures -v /home/jcrawford/intellivoid/production/userimages/app_icons:/etc/app_icons -p 8080:80 --name intellivoid_web -it intellivoid_webservices:dockerfile
$ docker run --restart always --name spamprotectionbot --ip 172.17.0.7 -it spamprotection_worker:dockerfile
You must configure a MySQL/MariaDB database server somewhere and import a copy of the production intellivoid database(s). This must be configured with the included mysql configs in the hostconfigs
folder.
You must also configure a host-run nginx server for load balancing using the included configs in the hostconfigs
folder. You will need to configure https with Let's Encrypt or other certificate service if you're not hosting via CloudFlare.
You must also configure a MongoDB server and import a copy of the production intellivoid database(s).