Docker Services | Description | Domain | IP |
---|---|---|---|
Langara API | API for Langara Data. | api2.langaracs.ca | http://168.138.79.49:5000 |
Langara Course Planner | Langara Course Planner | planner.langaracs.ca | http://168.138.79.49:5001 |
Peregrine | LCSC Discord Bot. | N/A | |
Website | Our official website. | langaracs.ca | http://168.138.79.49:3000 |
Website API | API for the website (not for public use). | api.langaracs.ca | http://168.138.79.49:8000 |
Nginx Proxy Manager | Reverse proxy manager. | nginx.langaracs.ca | http://168.138.79.49:81 |
Watchtower | Automatically updates docker images. | watchtower.langaracs.ca | http://168.138.79.49:8080 |
Plausible | Tracks analytics on our website. | plausible.langaracs.ca | http://168.138.79.49:8001 |
Portainer | Administration tools for docker. | portainer.langaracs.ca | https://168.138.79.49:9443 |
Other Services | Description |
---|---|
Docker | Manages all of our microservices. |
Github Runner | Self-hosted runner for github. |
Welcome to the Langara Computer Science Server Systems and Infrastructure Handbook.
This document covers all of our infrastructure and services.
This handbook is divided into 6 sections:
- Design Philosophy
- Docker and Microservices
- Github
- Server
- Domain and Nginx
- Other
This server exists for multiple reasons:
- To host services such as our website and links to other resources;
- To provide a real-world testing environment to learn from;
- and to increase the reputation of the club.
In order to fulfill those obligations, the server needs to be secure, easily extendible, and should have as little complexity as possible.
In keeping with the design philosophy, we have opted to use the docker / microservices paradigm.
Each service is encapsulated in its own docker image. In short, a docker image is a sandbox for a service that keeps it from interacting with other services. This means that all services are seperated and will not depend on each other.
You can find more information on how docker works at the official docker website.
Github is the central repository for all club projects. All club projects should be hosted on Github.
We use Github Actions to build a fresh docker image on every commit. These images are stored on Github Packages. We combine this with Watchtower to automatically update the docker images on the server.
Watchtower will pull new packages on a 30 minute timer or if its HTTP endpoint is called. It will then pull the new image, take the old one down, and start the new image.
The configuration for Github Actions is stored in .github/workflows
and is relatively simple. Note that while most services build for all platforms, some builds (e.g. our website) will only build for arm due to long compile times.
We also run a self-hosted Github Actions runner on our server due to slow compile times (due to emulation) on Github-provided runners. Unfortunately, there is no native support for running a self-hosted runner in a docker container. In the future, this service should be containerized or otherwise improved.
All services currently run on a single virtual machine on the Oracle Cloud, located in Montreal. This server is free, but is reliant on personal non-club credentials.
A future goal is to move to a server in Vancouver. For patriotic and legal reasons, we are not comfortable with a server in the united states.
Specifications:
- OCPU count: 2 (Ampere A1)
- Memory: 16 GB
- Network bandwidth (Gb/s): 2
- Boot Volume: 47 GB
Right now, we don't see a lot of load on our servers, so memory and cpu usage hover around 20%.
SSH keys are shared to club technical leads during orientation.
After acquiring a domain, make sure that the proper DNS records are set up. This includes:
- A records for hosting subdomains.
- SPF and DKIM records for email.
On the server side, we use Nginx Proxy Manager to manage nginx. Although this is a purely GUI based setup, it saves significant time when setting up new services as writing a nginx configuration from scratch is not required.
Nginx Proxy Manager also makes setting up LetsEncrypt certificates very easy. All services are also still available through the direct ip to the server.
Please make sure that you have a comfortable and efficient editing setup.
I highly reccomend using vscode and its remote development feature.
Recommended server specs: 1 core, 8 GB ram, 10 GB storage
- Ensure docker is installed
- Clone this repository:
git clone https://github.com/langaracpsc/server
- Enter the cloned directory
cd server
- Populate
.env
- Run with
./run.sh
- If needed, stop with
./stop.sh
db_backup.sh
creates a backup of the postgres serverdb_restore.sh
is unimplementedhard_reset.sh
deletes all images, volumes, and networks