Skip to content

OCaml.org Deployment

mtelvers edited this page Nov 4, 2022 · 4 revisions

OCaml.org is a single Docker container which exposes the website on port 8080. Therefore, the simplest deployment is to just run

docker run --rm -it -p 8080:8080 ocurrent/v3.ocaml.org-server:live

This makes the website available at http://127.0.0.1:8080.

To provide HTTPS, a reverse proxy can be used such as Nginx or Caddy. We use Caddy as it has automatic certificate provisioning and renewal.

The Caddyfile lists the expected domain names and the internal name of the Docker container. The complete file is shown below.

v3a.ocaml.org, v3.ocaml.org, ocaml.org, www.ocaml.org {
	reverse_proxy www:8080
}

We deploy both Caddy and the website using a single Docker stack which is deployed using Ansible. The Ansible playbook.yml is given below:

- hosts: v3a.ocaml.org
  name: Configure controller host
  tasks:
    - name: create caddy directory
      file:
        path: /etc/caddy
        state: directory
    - name: configure caddy
      copy:
        src: Caddyfile
        dest: /etc/caddy/Caddyfile
      notify:
        - restart caddy
    - name: set up infrastructure stack
      docker_stack:
        name: infra
        prune: yes
        compose:
          - version: "3.7"
            services:
              caddy:
                image: caddy
                ports:
                  - 80:80
                  - 443:443
                volumes:
                  - /etc/caddy:/etc/caddy:ro
                  - caddy_data:/data
                  - caddy_config:/config
              www:
                image: ocurrent/v3.ocaml.org-server:live
                sysctls:
                  - 'net.ipv4.tcp_keepalive_time=60'
            volumes:
              caddy_data:
              caddy_config:
  handlers:
    - name: restart caddy
      shell:
        cmd: PS=$(docker ps --filter=name=infra_caddy -q) && if [ -n "$PS" ] ; then docker exec -w /etc/caddy $PS caddy reload ; fi