Today, I had a really constructive meeting with Ada, we made a bunch of decisions about setting up this server.
The first question was whether we install apps in containers or "on metal". We have decided to run everything through docker: this basically creates a small container for each app with its own dependencies. This might come at a small performance tax but the computer is fast enough, one of the fastest SBCs you can get. But this allows us to easily install and uninstall apps for testing, without worrying that any of their dependencies might conflict or whatever. This will make it much easier to let someone else take over the system in the end, since everything is more or less plug and play.
We will run everything in a virtual network (called docker network), which we run through a reverse proxy. This is similar to what a web server does. This way we only have to expose ports 80 and 443 to the world, and will re rout things from there. Normally you might run every service on its own machine but we do it all on one.
We have also decided that we will run everything on Alpine Linux. This is a really small OS that loads into RAM on boot and runs from there. It takes up like 150MB from our RAM but we have 16GB, and this will be super fast.
We also tested a bit. Using Ventoy we created a bootable USB stick, on which we can just throw ISOs of Linux distros, and when it's plugged in, on boot, we can run them for testing (In the case of Alpine Linux this could even be enough, since after it gets just loaded into memory, so doesn't really matter where it's installed). We checked our Alpine a bit and Ubuntu Studio, a linux distribution tailored to creatives, with a lot of open source apps preinstalled for creatives!
Then we started testing docker. We apt installed docker, following the official instructions (had to add some custom directories to apt),following these instructions. Then it gets more exciting:
Using docker is super easy. There is a great website, https://www.linuxserver.io/, of a community that maintains these containerized installs of a lot of different (cool) apps. Basically you make a compose file, which you can mostly copy paste. It's a yaml file, for example:
---
version: "2.1"
services:
openvscode-server:
image: lscr.io/linuxserver/openvscode-server
container_name: openvscode-server
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/London
- CONNECTION_TOKEN= #optional
- CONNECTION_SECRET= #optional
- SUDO_PASSWORD=password #optional
- SUDO_PASSWORD_HASH= #optional
volumes:
- /path/to/appdata/config:/config
ports:
- 3000:3000
restart: unless-stopped
In this you just replace a few of the variables depending on what you want, and docker does the rest. That's it. If we want to change something, we can just turn it off again, and everything else is unaffacted. We installed Visual Studio Code like this. This runs on port 3000 now, and it basically replaces the terminal as our main tool to interact with all the docker installation. It's sandboxed, won't let us fuck with the system itself, but can even start and stop docker, install new docker files etc.
This will eventually be exposed to the web, which is really cool, so we can edit the configuration of the server with the graphic user interface of vscode from everywhere in the world, using whatever computer we want. In order to do this we also installed a VPN, wireguard. I still have to figure out how exactly this works, but this will ensure that vscode is not just exposed to the web.