Skip to content
Snippets Groups Projects
Select Git revision
  • master default
  • exim
2 results
Compare
Name Last commit Last update
roles
.gitattributes
README.md
discourse.yml
discourse_api.yml
discourse_upgrade.yml
docker_upgrade.yml
live2dev.yml
README.md

Co-operative Technologists Ansible Playbooks

These Playbooks are designed to be used on Debian Stretch virtual servers.

live2dev

Ansible playbook to update the dev site from the live site.

export SERVERNAME="webarch1.co.uk"
ansible-playbook live2dev.yml -i "${SERVERNAME}," -e "hostname=${SERVERNAME}"

See also the wiki documentation and the GitHub project.

Discourse Upgrade

To upgrade Discourse you can use this Playbook:

export SERVERNAME="community.coops.tech"
ansible-playbook -u root discourse_upgrade.yml -i "${SERVERNAME}," -e "hostname=${SERVERNAME}"

Docker Upgrade

At least every 3 months there is a new version of docker-ce released, see the release notes, to upgrade Docker CE use this playbook:

export SERVERNAME="community.coops.tech"
ansible-playbook -u root docker_upgrade.yml -i "${SERVERNAME}," -e "hostname=${SERVERNAME}"

Discourse Install

NOTE: There is a more generic version of these Playbooks at git.coop/webarch.discourse — if you want to copy this repo and amend to suit your need best start there.

Ansible Playbooks to install Docker and Discourse on a Debian Stretch virtual server and to configure the virtual server to use Postfix for incoming and outgoing emails (there is also a not-quite-working and, for now, abandoned exim branch).

The email setup is based on the mail-reciever Docker container plus this pull request (which is now merged) and the Postfix notes for using the host for outgoing email, with an additional Ruby script.

Before running these Playbooks, create a virtual server, runnng Debian Stretch then login to the virtual server's console, install python, enable root ssh access using keys by adding your keys to /root/.ssh/authorized_keys, edit /etc/sshd/sshd_config to set PermitRootLogin prohibit-password, run service ssh restart and then run the first Playbook:

export SERVERNAME="community.coops.tech"
ansible-playbook -u root discourse.yml -i "${SERVERNAME}," -e "hostname=${SERVERNAME}"

Then login to the site, get the API key from https://$SERVERNAME/admin/api/keys and run the second Playbook, adding the API key when prompted:

export SERVERNAME="community.coops.tech"
ansible-playbook -u root discourse_api.yml -i "${SERVERNAME}," -e "hostname=${SERVERNAME}"

Then check these settings for email:

  • Required : notification email set this to discourse@$SERVERNAME (use the actual domain name not $SERVERNAME)
  • Email : reply by email enabled tick "Enable replying to topics via email."
  • Email : reply by email address set this to discourse+%{reply_key}@$SERVERNAME (use the actual domain name not $SERVERNAME)
  • Email : manual polling enabled tick "Push emails using the API for email replies."

Then tighten some security settings:

  • Security : force https tick "Force your site to use HTTPS only. WARNING: do NOT enable this until you verify HTTPS is fully set up and working absolutely everywhere! Did you check your CDN, all social logins, and any external logos / dependencies to make sure they are all HTTPS compatible, too?"

If you are using this Playbook somewhere other than on a Webarchitects virtual server in Sheffield then the iptables and munin-node roles will, as a minimum, need editing and might be best omitted. Also note that these Playbooks are based on using mx.webarch.net for incoming email -- this is an anti-spam gateway, if this wasn't used then SpamAssassin should probably be added to the mix.

CoTech Community Discourse Settings

Initial settings used for community.coops.tech when it was created:

  • title: Cooperative Technologists Community
  • site description: The intersection of co-operation and digtal technology, the CoTech community forum.
  • contact email: community@coops.tech
  • contact url: https://www.coops.tech/
  • notification email: discourse@community.coops.tech
  • site contact username: system
  • logo url: https://wiki.coops.tech/wiki/File:Cotech-blue.png
  • logo small url: https://wiki.coops.tech/wiki/File:Cotech-blue-text.png
  • company short name: CoTech
  • company full name: Cooperative Technologists
  • company domain: coops.tech

On the Email settings admin page:

  • email subject:[cotech-community] %{optional_pm}%{optional_cat}%{topic_title}
  • reply by email enabled
  • reply by email address: discourse+%{reply_key}@community.coops.tech
  • manual polling enabled
  • email prefix: cotech-community
  • email site title: CoTech Community

On the Security page:

  • force https

On the User Preferences page:

  • default email digest frequency: every hour
  • default include tl0 in digests
  • default email mailing list mode
  • default email mailing list mode frequency: Send an email for every new post
  • default email always

The first post text:

Welcome to the Cooperative Technologists Community, we are a network of technology focused digital cooperatives, CoTech, who are "building a tech industry that's better for its workers and customers through co-operation, democracy and worker ownership." This is our open community discussion forum, you don't have to be a member of a coop to join this community but you do need to support the cooperative values and principles and have an interest in technology, you can find out more about us, read our manifesto, see who we are and who we have worked for and watch a video made at our first gathering on www.coops.tech. We also have a wiki and a decision making group on Loomio, Slack channels and (for now, we might close it and use Discourse) a public email list.

Please read our community guidelines before signing up for an account here.

Webarchitects | Forum | Status | SSH Fingerprints