I have about 10-12 services which I'd like to take to production on a single server with docker compose (everything single container for now). Currently they are managed on two single node k8s clusters. These services are divided in 3 high level groups (core, email and wordpress think of these as namespaces in k8s). I have idintified all the base repos on github with docker images available for all of them on github. End result with be an email and website hosing platform.
There are following items of varying importance
a. Using quotafs on base machine and make dockerized httpd that mounts this to achieve per VHost quota (or other suggested mechanism). Documentation regarding user management and managing/viewing/debugging quotas etc
b. Apache James (MTA) will require some reading and automation for automated cert store management(documentation available)
c. Setting up LE acme client in this environment for automated cert renewal (for httpd as well as James)
d. Setting up powerdns and documenting dns entries required to intigrate a new domain on the system (Mail, DNS, TXT, SPF, DKIM I will help as much as I can)
e. CI/CD planning for above (actual CI/CD not planned in this task because of tight budget)
f. Setting up seperage networks and IP:PORT mapping (multiple public IPs will be used)
g. Building docker images with lightest footprint (probably arch linux?)
Solution will be hosted on OVH cloud with 3 HDD in hardware raid. Successful completion in tight budget will improve chances of repeat engagement due to higher probability of my success since you will be bring up my first production server. Basic shell or Flask wrapper around user/quota/vhosts/ftp management is definitely a sweet offering.
Following is the list of the services
- some reverse proxy (nuster/nginx/squid?)
- Apache httpd for laravel app (base application)
- powerdns (authoritative DNS)
- powerdns-webui or some ops mgmt interface
- sql backend for pdns and laravel (mariadb)
- acme-client
- Email transfer agent (Apache james)
- Apache cassandra (persistence db for MTA)
- Openstack swift or other suggested s3 replacement (documented with james)
- Queue management for distributed MTA (rabbitmq)
- Search engine for MTA (elasticsearch)
- Metadata store for attachments (apache tika)
- Apache httpd for dynamic wordpress deployments (with SSL)
- sql back-end for dynamic wordpress deployments (mariadb)
- SFTP for dynamic wordpress deployments