Hi! GREEETINGS!

Recommended Infrastructure

🍿

KVM (for Kernel-based Virtual Machine):

   https://my.racknerd.com/index.php?rp=/store/special-promos
   LARGE STORAGE - 8GB KVM
   4x vCPU Core
   200 GB SSD Cached RAID-10 Storage
   8 GB RAM
   8000GB Monthly Premium Bandwidth
   1Gbps Public Network Port
   Full Root Admin Access
   2 Dedicated IPv4 Addresses
   KVM / SolusVM Control Panel - Reboot, Reinstall, Manage rDNS, & much more
   SERVER LOCATION - Los Angeles
   JUST $135/YEAR - WOW!!

Software Management / System Administration:

• 🫙Container Management:
  • Docker ( https://www.docker.com/why-docker/ ) utilizing docker-compose.yml files

Required Containers:

• https://github.com/nginx-proxy/acme-companion - handles the automated creation, renewal and use of SSL certificates for proxied Docker containers through the ACME protocol (aka Lets Encrypt).

   VIRTUAL_HOST=bb.bikelover.org,en.bikelover.org,en.bb.bikelover.org,es.bb.bikelover.org,fr.bb.bikelover.org
   LETSENCRYPT_HOST=bb.bikelover.org,en.bikelover.org,en.bb.bikelover.org,es.bb.bikelover.org,fr.bb.bikelover.org
   LETSENCRYPT_EMAIL=bike@bikelover.org
   VIRTUAL_PORT=3000

• • ??? just automates the whole process, it is wonderful

• https://github.com/djmaze/resticker/ - Run automatic restic ( https://restic.net/ ) backups via a Docker container to a cloud backup service (see below).
• it's what people are now moving to

Cloud Backup Service:

• Backblaze - https://www.backblaze.com/b2/cloud-storage.html - low cost Cloud Storage
  • much lower cost, sooo low cost. egress is completely free
  • has their own database servers (better than some sort of blockchain backup thingy)
  • can be used with a CDN as well w/ free egress - https://try.backblaze.com/content-delivery-with-backblaze-and-cloudflare/ (they also work with non-cloudflare CDNs which might be advisable given CloudFlare's politics/policies: https://www.metafilter.com/196349/CloudflareProtectsTerrorists)

Recommended Containers:

)

• Full Stack Mail Server
  • https://github.com/docker-mailserver/docker-mailserver
    • no graphical front end, you just manage it from the command line (there are some that do have a graphical front end)
    • 1400 forks, 1900 stars, 242 contributers
    • includes basics like smtp and imap, plus things like LDAP (could use for unified logins, maybe)
  • this would REPLACE GMAIL YAAAY (you can still connect gmail to it for basic sending/receiving mail)
  • GUI might be advisable for making admin accessible to more people
  • initially could be on the same kvm. should work fine on the same kvm. can revisit if it doesn't.
  • postman was hell to try to manage
  • now all the cool stuff is put together and done for you. easy to manage. they even have a little management program. and if you need a dkim certificate it generates that for you. any capability you need is built into this
  • should also support mass emailing?

• Team Password Manager
  • https://www.passbolt.com/ ( https://hub.docker.com/r/passbolt/passbolt/ )
    • other than poor compatibility with old android devices it has been working wonderfully
    • low cost
    • you never have to know the password, you can just use the thing. like in chrome for instance, there's an extension to fill in the username and password
    • you have a security certificate that you can't lose or you lose access to the passwords and we'd have to generate you a new one

BikeBike Infrastructure:

• GNU Mailman 3 Deployment with Docker - https://github.com/maxking/docker-mailman
  • Migrate DreamHost / bikecollectives.org instance to this new version
  • Would host ThinkTank and other email lists (e.g. bikebike-everywhere) - thinktank is actually hosted on bikecollectives.org
  • Would use the full-stack mailserver (above) so it'll have the same DKIM certificates, etc. (should improve our spamminess ratings)

• MediaWiki - https://hub.docker.com/_/mediawiki
  • Migrate DreamHost instance
  • should be a lot faster unless there's a bug that's causing it to be slow. would also give us more scope for diagnosing bugs than dreamhost

• During the development phase of the new BikeBike server API and GUI Client(s) - Dockerized version of Godwin's BikeBike - https://git.bikeshopi.dev/bike/BikeBikeBike
  • Strategy to update BumbleBerry - Dockerize the current live version of BikeBike.org (frozen code); Docker cron job would update BumbleBerry in this instance, and copy the updates to the live, newer version. [Could also eliminate bumbleberry and use the latest generated static CSS files, since the compatibility issues it addresses are mostly non-issues now. Just copy-paste the blob that it generates when you visit bikebike.org.]
  • Lingua Franca might not be necessary either, or at least it might not need to be run very often.

Migration/planning:

• Godwin's availability for migrating existing e.g. bikecollectives.org services is limited
• initially set up with subdomains or spare domains while setting up and testing
• can easily set up test instances separate from live instances thanks to docker
• benefit to starting right away on the KVM cloud server vs. setting it up on a local machine first for testing? easier to just set it up on the KVM from the beginning.

Sidenotes:

• the "Bike Collectives Workbench" project was meant to be a place where anyone who's given access can contribute translations. It isn't hosted or used anywhere now.
• https://git.bikeshopi.dev/bike/BikeBikeBike/src/branch/master/docker-compose.yml
• Darin is trying to add a captcha or similar to the contact form on bikebike.org to reduce spam and make gmail reject us less. Could do it with this gem (is there anything that must be done when adding a gem to the project?) or maybe do it without a gem. Communication difficulties due to bad network connection; we'll talk about it next time.