peerbit icon indicating copy to clipboard operation
peerbit copied to clipboard

Published 20 hours ago verified publisher icon dao-xyz

`peerbit-server`: NGINX and Lets Encrypt server without Docker

Open marcus-pousette opened this issue 2 years ago • 3 comments
trafficstars

Remove usage of docker for hosting the server that does NGINX and Lets Encrypt updates

  • Faster installation process (no need for installing docker)
  • Easier to update and keep track of versions
  • Easier to integrate it closer with other services

marcus-pousette avatar Oct 02 '23 17:10 marcus-pousette

To what extent is peerbit-server dockerized? Or is planned to be? Since bootstrapping appears to work with Peerbit, is peerbit-server any different from a libp2p-relay container?

In the case where certs are managed by another container, the following Dockerfile might be a place to start:

FROM node:20-alpine3.18 as builder

ARG NODE_ENV=production
ENV NODE_ENV=${NODE_ENV}

RUN apk --no-cache add make cmake g++ git openssl-dev musl-dev
RUN yarn add @peerbit/server

FROM node:20-alpine3.18

WORKDIR /app
COPY --from=builder node_modules node_modules

COPY . .

CMD ["peerbit", "start"]
EXPOSE 8082

Not sure which ports to expose yet, as the Peerbit documentation could be out of date in this regard. Thoughts?

Azaeres avatar Oct 03 '23 22:10 Azaeres

To what extent is peerbit-server dockerized?

Peerbit is running a Let Encrypt cert bot in a container, which also bundles a NGINX server (jonasal/nginx-certbot)

This enables two things

  • NGINX: A way of doing routing, adding certificates, and adding frontend to your server (e.g. a dashboard)
  • Cert bot: A way of renewing certificates when they expire

The container is started here

This method is invoked from the Server CLI whenever you want to have a domain. See here e.g. when you call

peerbit domain test

you will launch a container with NGINX and Lets encrypt certbot

Since bootstrapping appears to work with Peerbit, is peerbit-server any different from a libp2p-relay container

The difference is about connectivity. A server needs a domain and SSL certificate to be reachable from a browser. So there is a utility for that in the server package. But the problem with that, is that whenever you want to use the server with a domain in a fresh ubuntu env (or any other OS). You need to have docker installed. If you don't need to be reachable from browsers, then you dont need NGINX and a valid SSL Certificate

And the issue now was that for some reason the container randomly shutdown and the logs in the container did not help that much...

apk --no-cache add make cmake g++ git openssl-dev musl-dev yarn add @peerbit/server

It would be cool if yarn add @peerbit/server install all necessary dependencies for running a server with auto renewal of certificates and also installs a NGINX server with some up to date version. Or, an altenrative there would be a clear list of dependencies a user needs to install in order to run their server with NGINX and a Certbot

Aside from that, this Docker file could be a good template if you want to run the whole Peerbit node in a container. Which can be very useful for some usecases!

marcus-pousette avatar Oct 04 '23 10:10 marcus-pousette

Just additional information

  • Official certbot repo (and install info for different envs) https://github.com/certbot/certbot
  • NGINX installation info https://www.nginx.com/resources/wiki/start/topics/tutorials/install/

marcus-pousette avatar Oct 04 '23 10:10 marcus-pousette