Now with comments, more playing with DockerBy Forest Johnson On
I didn't want to launch the blog without comments, but I did it anyway, because I'd started working on a DIY self-hosted solution and didn't want to use disqus or any of the other paid / ad-driven / data mined offerings.
Discourse looked awesome, but proved overly complex for my needs and difficult to set up.
It was a fun project, done very simply. I suppose it is not truely self-hosted because it depends on google's Captcha and Gmail, but hey, it works, and since the data is all public anyway, I don't mind using those services.
If you are curious, the email address that you type in will not be stored on my server, it is simply hashed and discarded. Yes, yes, I know, the MD5 used by gravatar is incredibly weak. But, email isn't required to post anyway. You could still get a consistent identity by typing in a short password instead if you wish.
In the future I will probably clean up the project and fully open source it. For now, a lot of stuff is hard-coded and unclean. It was a hack mostly developed in a few days. The source code is here: http://git.sequentialread.com/forest/sequentialread-comments
The comments api can be run via docker, with the provided Dockerfile. I run it together with the rest of my services using docker-compose.
The relevant part of my
docker-compose.yml file looks like this:
nginx: image: jwilder/nginx-proxy ports: - "80:80" volumes: - /var/run/docker.sock:/tmp/docker.sock:ro comments: image: forestj/sequentialread-comments volumes: - /dockerdata/comments/data:/usr/src/app/data expose: - "2369" environment: VIRTUAL_HOST: comments.sequentialread.com VIRTUAL_PORT: 2369 RECAPTCHA_SECRET_KEY: xxxxxxxxxxxxxxxxxxx GMAIL_USER: xxxxxxxxxxxxxxxxxxx GMAIL_PASSWORD: xxxxxxxxxxxxxxxxxxx EMAIL_NOTIFICATION_TARGET: xxxxxxxxxxxxxxxxxxx
jwilder/nginx-proxy will ask docker for information about containers, looking for
VIRTUAL_PORT environment variables, and then configure its own internal nginx instance with virtual hosts for each container.
So nginx acts as a reverse proxy and only allows connections on port 80. Each container still gets its own port internally via expose, but externally, its all port 80 (and 443 once I get my SSL cert set up!).
forestj/sequentialread-comments is a docker image I built from the Dockerfile. The
volumes here mean that a folder inside the container is treated like a mounted disk, but it is "mounted" to a folder outside of the container. That means that I can nuke the container and re-create it without deleting all of my blog comments.