Now with comments, more playing with Docker

I didn't want to launch the blog without comments, but I did it anyway, because I'd started working on a DIY self-hosted solution and didn't want to use disqus or any of the other paid / ad-driven / data mined offerings.

Discourse looked awesome, but proved overly complex for my needs and difficult to set up.

It was a fun project, done very simply. I suppose it is not truely self-hosted because it depends on google's Captcha and Gmail, but hey, it works, and since the data is all public anyway, I don't mind using those services.

If you are curious, the email address that you type in will not be stored on my server, it is simply hashed and discarded. Yes, yes, I know, the MD5 used by gravatar is incredibly weak. But, email isn't required to post anyway. You could still get a consistent identity by typing in a short password instead if you wish.

In the future I will probably clean up the project and fully open source it. For now, a lot of stuff is hard-coded and unclean. It was a hack mostly developed in a few days. The source code is here: http://git.sequentialread.com/forest/sequentialread-comments

The comments api can be run via docker, with the provided Dockerfile. I run it together with the rest of my services using docker-compose.

The relevant part of my docker-compose.yml file looks like this:

nginx:
  image: jwilder/nginx-proxy
  ports:
    - "80:80"
  volumes:
    - /var/run/docker.sock:/tmp/docker.sock:ro
	
comments:
  image: forestj/sequentialread-comments
  volumes:
    - /dockerdata/comments/data:/usr/src/app/data
  expose:
    - "2369"
  environment:
    VIRTUAL_HOST: comments.sequentialread.com
    VIRTUAL_PORT: 2369
    RECAPTCHA_SECRET_KEY: xxxxxxxxxxxxxxxxxxx
    GMAIL_USER: xxxxxxxxxxxxxxxxxxx
    GMAIL_PASSWORD: xxxxxxxxxxxxxxxxxxx
    EMAIL_NOTIFICATION_TARGET: xxxxxxxxxxxxxxxxxxx

jwilder/nginx-proxy will ask docker for information about containers, looking for VIRTUAL_HOST and VIRTUAL_PORT environment variables, and then configure its own internal nginx instance with virtual hosts for each container.

So nginx acts as a reverse proxy and only allows connections on port 80. Each container still gets its own port internally via expose, but externally, its all port 80 (and 443 once I get my SSL cert set up!).

forestj/sequentialread-comments is a docker image I built from the Dockerfile. The volumes here mean that a folder inside the container is treated like a mounted disk, but it is "mounted" to a folder outside of the container. That means that I can nuke the container and re-create it without deleting all of my blog comments.