2018.02.05 OddMuse Wiki Dockerized

I Dockerized this website yesterday! I had already built a cpanfile that declares the Perl5 dependencies of OddMuse, which made it easy. I'm also going to run this with the data directory directly bind-mounted.

First the Dockerfile:

FROM perl:latest

# Set up the deploy user
ARG uid=1000
ARG gid=1000
RUN echo groupadd -g $gid deploy
RUN groupadd -g $gid deploy
RUN useradd --create-home -u $uid -g $gid -ms /bin/bash deploy


COPY cpanfile .
RUN cpanm -qn --installdeps .

USER deploy

The bit of fancyness here is the deploy user setup. Since I'm mounting the project directory for data files, I'd like new files and edits to be done by my normal user. On my cloud-server, this is uid 1000, which is easy to set as the default. On my laptop I run as user 1001, so the file is parameterized for this case. When I run locally, I have to build my docker image with `docker build --build-arg uid=$(id -u) --build-arg gid=$(id -g)`. Not as much fun.

Otherwise, this starts with the Perl5 base image and installs the CPAN dependencies.

Next, the docker-compose.yml

version: '3'


    build: .
    command: starman --workers=10 --max-requests=1 --access-log starman-access.log --error-log starman-error.log oddmuse.psgi
      - ".:/app"
      - "5000" # For running locally

    image: danieldent/nginx-ssl-proxy
    restart: always
      UPSTREAM: web:5000
      - "80:80"
      - "443:443"
      - "/etc/letsencrypt"
      - web

The first service runs Starman (this is similar to Unicorn for you Ruby folk). It mounts the project directory as /app, and runs oddmuse.psgi. We declare port 5000 anyway for local debugging -- we can then run only this service and it'll come up on a randomly assigned port that connects to port 5000. Other services on this network can connect to "web:5000" even without this declaration.

Which brings us to the second fancy bit. The danieldent/nginx-ssl-proxy image is a super cool image that gives an nginx proxy with automatic letsencrypt setup! You declare the domain name and the proxy destination (web:5000 is our Starman), and assuming that domain really is pointing here, it will work with letsencrypt to verify ownership and make certificates. The certs are stored in a docker-managed volume, and are periodically renewed. This takes less than a minute, so even if the volume gets accidentally deleted we can easily get a new cert.

Now running "docker-compose up -d" starts nginx and starman running in the background. All that remains is getting this running on boot. Since the startup command can be run over and over, worst case you can put it in a cronjob that runs frequently :)

Comments on TLT - 2018.02.05 - OddMuse Wiki Dockerized

1 Comment.

This is perfect timing for me !

I did something close with mine using apache a few months ago but I am not satisfied with it.
I run it onto my SAN Synology box.

See Oddmuse page for details on my recipe and see if we can make it better.

-- XavierMaillard 2018-05-10 07:57 UTC

Add Comment

2017.07.08 Lignting Talk on Rakudo Colons

I gave a lightning talk at The Perl Conference about my collection of Perl6 Colons. Looks like Geoff gave me 34 extra seconds... not sure that I approve :)


Add Comment

2017.05.21 Core Logic

There are many tools in my programming toolbox, but one that I've felt is missing is constraint and logic programming. I've done a spot of Prolog and played with some inference systems of various types ... but even when I run into something where I think it's the right hammer... I don't have a go-to tool.

I got The Reasoned Schemer a while back, hoping to use it to learn clojure's core.logic or similar, but the writing still KILLS me. Hate it so much. It is like the worst extreme sort of Socratic Method that I can imagine, literally everything has two columns of question and answer. But the QUESTIONS are obtuse! Working through it that way is not the sort of enlightenment that I'm going for ... I don't want to apply a unification algorithm on my understanding of logic programming with the contents of the book! The programming system might be "backwards" that way, but my way of learning isn't.

Anyway. One dumb thing that I had a hard time getting over was things ending in -o, like conso and emptyo. But tonight I had a breakthrough! See those 'o' things, according to the internets, are supposed to be sort of like question-marks except describing a goal. So now if I read the 'o' as '-objective' (as in, "goal") then they sound much better. cons-objective, empty-objective. Declaring the goal of the statement.

I guess I should go back and try reading The Reasoned Schemer with that in mind, and see if it makes me less angry :)

Add Comment

2017.04.10 VimWiki Gateway

I've been having lots of fun with lately! I've mixed in a bit of encryptfs to have a private directory of notes. Sometime during boot, I set it up with:

sudo mount -t ecryptfs \
  -o key=passphrase,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_passthrough=no,ecryptfs_enable_filename_crypto=yes,ecryptfs_fnek_sig=1a9380706fdf5bce \
  ~/docs/private/vimwiki ~/notes

I haven't done much customization yet. But one thing I'm playing with now is making it easy to post notes from VimWiki directly onto my website.

Add Comment

2017.01.11 Slack Hash Store

Last night at the DC Perl Mongers meetup we collaboratively built a proof-of-concept for storing key/value pairs as messages in a slack channel, This was made straightforward by great Slack API docs and WebService::Slack::WebApi. Example usage:

# writes "hello=world" into the #globalhash channel
$ globalhash set hello world

# reads the #globalhash channel for the most
# recent value of hello and prints it
$ globalhash get hello

There are of course a TON of things you could do from here. Some ideas:

  • More features: list of keys, delete, complex values, binary values, value history
  • Clean implementation and better usage/error messaging, docs
  • Port to other languages -- perl6 and still using the perl5 module would be fun
  • Register as a slack app that anyone can use, fix up OAuth or whatever

Add Comment


META INFORMATION: This is the technical blog and wiki of Brock Wilcox (awwaiid). Entries focus on my current projects, interests, and sometimes life events. If you'd like you can check out the list of All Entries or the RSS Feed. I also have a LiveJournal syndication feed for LJ friends.


Blog Blog RSS Feed






Toots (Mastodon)




Follow @awwaiid

Wiki Edits Wiki RSS Feed

... more changes