Snippets Groups Projects

This is an archived project. Repository and other project resources are read-only.

Fix for https://github.com/cotech/website/issues/45

Chris Croome authored 7 years ago

d2a6ec02

d2a6ec02 7 years ago

Name	Last commit	Last update
roles
.gitattributes
README.md
discourse.yml
discourse_api.yml
live2dev.yml

Co-operative Technologists Ansible Playbooks

These Playbooks are designed to be used on Debian Stretch virtual servers.

live2dev

Ansible playbook to update the dev site from the live site.

export SERVERNAME="webarch1.co.uk"
ansible-playbook live2dev.yml -i "${SERVERNAME}," -e "hostname=${SERVERNAME}"

See also the wiki documentation and the GitHub project.

Discourse

Ansible Playbooks to install Docker and Discourse on a Debian Stretch virtual server and to configure the virtual server to use Postfix for incoming and outgoing emails (there is also a not-quite-working and, for now, abandoned exim branch).

The email setup is based on the mail-reciever Docker container plus this pull request (which is now merged) and the Postfix notes for using the host for outgoing email, with an additional Ruby script.

Before running these Playbooks, create a virtual server, runnng Debian Stretch then login to the virtual server's console, install python, enable root ssh access using keys by adding your keys to /root/.ssh/authorized_keys, edit /etc/sshd/sshd_config to set PermitRootLogin prohibit-password, run service ssh restart and then run the first Playbook:

export SERVERNAME="community.coops.tech"
ansible-playbook -u root discourse.yml -i "${SERVERNAME}," -e "hostname=${SERVERNAME}"

Then login to the site, get the API key from https://$SERVERNAME/admin/api/keys and run the second Playbook, adding the API key when prompted:

export SERVERNAME="community.coops.tech"
ansible-playbook -u root discourse_api.yml -i "${SERVERNAME}," -e "hostname=${SERVERNAME}"

Then check these settings for email:

Required : notification email set this to discourse@$SERVERNAME (use the actual domain name not $SERVERNAME)
Email : reply by email enabled tick "Enable replying to topics via email."
Email : reply by email address set this to discourse+%{reply_key}@$SERVERNAME (use the actual domain name not $SERVERNAME)
Email : manual polling enabled rick "Push emails using the API for email replies."

Then tighten some security settings:

Security : force https tick "Force your site to use HTTPS only. WARNING: do NOT enable this until you verify HTTPS is fully set up and working absolutely everywhere! Did you check your CDN, all social logins, and any external logos / dependencies to make sure they are all HTTPS compatible, too?"

If you are using this Playbook somewhere other than on a Webarchitects virtual server in Sheffield then the iptables and munin-node roles will, as a minimum, need editing and might be best omitted. Also note that these Playbooks are based on using mx.webarch.net for incoming email -- this is an anti-spam gateway, if this wasn't used then SpamAssassin should probably be added to the mix.

CoTech Community Discourse Settings

Initial settings used for community.coops.tech when it was created:

title: Cooperative Technologists Community
site description: The intersection of co-operation and digtal technology, the CoTech community forum.
contact email: community@coops.tech
contact url: https://www.coops.tech/
notification email: discourse@community.coops.tech
site contact username: system
logo url: https://wiki.coops.tech/wiki/File:Cotech-blue.png
logo small url: https://wiki.coops.tech/wiki/File:Cotech-blue-text.png
company short name: CoTech
company full name: Cooperative Technologists
company domain: coops.tech

On the Email settings admin page:

email subject:[cotech-community] %{optional_pm}%{optional_cat}%{topic_title}
reply by email enabled
reply by email address: discourse+%{reply_key}@community.coops.tech
manual polling enabled
email prefix: cotech-community
email site title: CoTech Community

On the Security page:

force https

On the User Preferences page:

default email digest frequency: every hour
default include tl0 in digests
default email mailing list mode
default email mailing list mode frequency: Send an email for every new post
default email always

The first post text:

Welcome to the Cooperative Technologists Community, we are a network of technology focused digital cooperatives, CoTech, who are "building a tech industry that's better for its workers and customers through co-operation, democracy and worker ownership." This is our open community discussion forum, you don't have to be a member of a coop to join this community but you do need to support the cooperative values and principles and have an interest in technology, you can find out more about us, read our manifesto, see who we are and who we have worked for and watch a video made at our first gathering on www.coops.tech. We also have a wiki and a decision making group on Loomio, Slack channels and (for now, we might close it and use Discourse) a public email list.

Please read our community guidelines before signing up for an account here.

Webarchitects | Forum | Status | SSH Fingerprints