#2911 closed task (fixed)

Installation of engelsystem for FOSS4G 2023

Reported by: astrid_emde Owned by: sac@…
Priority: normal Milestone: Sysadmin Contract 2023-I
Component: SysAdmin Keywords:
Cc:

Description

  • https://engelsystem.de/en
  • could you please install engelsystem (a platform to coordinate the help team at the conference and create shifts)
  • we would like to try it for FOSS4G 2023
  • for every conference we would need a new installation of the system (or a new fresh database)
  • link could be something like https://2023-engel.foss4g.org or https://2023.engelsystem.org or as you like
  • please provide the credentials to me. I will configure the system and share it with the FOSS4G team

Change History (12)

comment:1 by robe, 21 months ago

Milestone: UnplannedSysadmin Contract 2023-I

Okay will take a look at this today and if no issues try to get up this week.

comment:2 by astrid_emde, 21 months ago

thanks a lot :)

comment:3 by robe, 21 months ago

I have the docker built on staging, but still trying to work out the proxying cause the assets are all being served via http instead of https, which is causing things like css not to load. It's supposed to be the TRUSTED_PROXIES but that all looks okay to me, though I think it's not reading it.

https://engelsystem.staging.osgeo.org/

once I have that sorted out, I'll deploy it on the pretalx server and call it https://2023-engel.foss4g.org

I currently have the docker build based on the main branch, but perhaps I should go with a tagged one - https://github.com/engelsystem/engelsystem/releases/tag/v3.3.0 which is Dec 2021.

astride you know which is the best to go with?

comment:4 by robe, 21 months ago

I think I have the proxy issue sorted out, needed to define an APP_URL in the docker/deployment.env which has https:// in it.

Also had to revise the docker/nginx.conf to have remote_ip_from

    set_real_ip_from 127.0.0.1;
    set_real_ip_from 10.0.0.0/8;
    #set_real_if_from nginx.lxd;
    real_ip_recursive on;

for it to return the real ips. Not sure why the TRUSTED_PROXIES I defined is not used.

Also had to add to the Dockerfile, a restart: always as it wasn't restarting on server reboot.

https://forums.docker.com/t/how-to-handle-server-reboot-when-using-docker-compose/26374/3

astride - I just emailed you the login. Can you test out and see if it is good enough to deploy or if any changes needed. I'm using the main branch rather than a tagged version.

comment:5 by astrid_emde, 21 months ago

HI @robe, thanks for the access. It works fine. Thequestio from the FOSS4G team is whether they could get root access for the production server to have access to the logs and database.

If this is not possible they could install it independently on theier servers. Looks like it would not be a problem.

in reply to:  5 comment:6 by robe, 21 months ago

Replying to astrid_emde:

HI @robe, thanks for the access. It works fine. Thequestio from the FOSS4G team is whether they could get root access for the production server to have access to the logs and database.

If this is not possible they could install it independently on theier servers. Looks like it would not be a problem.

No issue with giving them access. They just need an OSGeo account and then I can give them shell access and give them sudo rights to that server.

To be safe, I should probably put it on a different server from pretalx that way if they need to reboot or anything it will only be affecting this server. I assume that is okay?

comment:7 by robe, 21 months ago

I've copied it over to osgeo8 host and have a dedicated instance for it. If you give me their osgeo user names, I can give them root access to it.

The production url is:

https://2023-engel.foss4g.org

Same admin and password as I sent you.

comment:8 by astrid_emde, 21 months ago

Thanks a lot again. I will ask for their OSGeo-Ids

comment:9 by DLange, 21 months ago

Could you please create login users on osgeo8-engelsystem for

  • DLange
  • Enkelenaflossk

and give us sudo rights as well?

Thank you.

comment:10 by robe, 21 months ago

I've given both accounts sudo rights:

To use, make sure you have your public key registered on your accounts:

https://id.staging.osgeo.org/ldap/edit

and then you should be able to follow rules here:

https://wiki.osgeo.org/wiki/SAC_Service_Status#Logging_into_LXD_Containers_and_VMs

So doing the below should get you in (replacing robe with your user name) and once in you should be able to do sudo whatever

ssh robe@osgeo8-engelsystem

Let me know if you need any help.

comment:11 by robe, 21 months ago

One slight note, you will get a password prompt for second, (since the first pass is for the jump host). You can add your key manually once you are in to avoid the password prompt in future.

comment:12 by robe, 19 months ago

Resolution: fixed
Status: newclosed

I've reset a fresh ubuntu 22.04 from osgeo-ldap template and moved it to osgeo9 DLange has resetup englesystem on bare system and provided me with his instructions for future maintenance or if we want to use it for other conferences. I've logged these on the osgeo9 https://git.osgeo.org/gitea/sac/osgeo9/wiki/engelsystem.

I also setup a engelsystem@… alias in PairsDomain with Daniel and Enkelenaflossk which DLange is using for sending and receiving emails from the engelsystem.

Backup is set to go to osgeo4 as well.

That said I think this is done.

Note: See TracTickets for help on using tickets.