Forem Creators and Builders 🌱

Discussion on: self-host on cloud other than gcp,aws,digitalocean

Collapse
 
jamie profile image
Jamie Gaskins

The only self-host solution we support and recommend is our selfhost repo. We don't currently offer any guarantees, recommendations, or official support of any kind for any other deployment environment. Since we're a small team, we have to keep our official support narrow. It's awesome if you want to self-host using a platform that is not our selfhost repo, but if you do that, you're blazing your own trail and we can't offer any official guidance.


That said, unofficially speaking, it's definitely possible to run anywhere you can run a Rails app, especially in containers. For example, DEV runs on Heroku and I've also gotten Forem instances running on Kubernetes. The most important things are to set up the following:

  • Postgres (point to it with the DATABASE_URL env var)
  • Redis (point to it with the REDIS_URL env var)
  • Cloud storage (set the AWS_ID, AWS_SECRET, AWS_BUCKET_NAME, and AWS_UPLOAD_REGION env vars)
  • A few other env vars to make Rails happy (RAILS_ENV, SECRET_KEY_BASE, RAILS_SERVE_STATIC_FILES, RAILS_MAX_THREADS, and WEB_CONCURRENCY)

And it should work. In my spare time, partly for a conference presentation and partly for my own self-interests, I've been working on a Kubernetes operator to transform a Heroku-like app configuration into Kubernetes resources and Forem is the example I'm using (since we already offer containers and it's not a "hello world" app). I've gotten a Forem running with it using roughly this container configuration for both the web server and the Sidekiq processes:

image: quay.io/forem/forem:latest
imagePullPolicy: Always
env:
  # Rails-specific stuff
  - name: RAILS_ENV
    value: "production"
  - name: DATABASE_URL
    value: # TODO: Point this to your database
  - name: REDIS_URL
    value: # TODO: Point this to your Redis
  - name: SECRET_KEY_BASE
    value: # TODO: fill this out using `rails secret`
  - name: RAILS_SERVE_STATIC_FILES
    value: "true"
  - name: RAILS_LOG_TO_STDOUT
    value: "true"
  - name: RAILS_MAX_THREADS
    value: "10"
  - name: LOG_LEVEL
    value: "info"
  - name: WEB_CONCURRENCY
    value: "0"

  # Forem-specific stuff
  - name: APP_PROTOCOL
    value: "https://"
  - name: APP_DOMAIN
    value: # TODO: fill this out
  - name: COMMUNITY_NAME
    value: # TODO: fill this out
  - name: FOREM_CREATOR_SECRET
    value: # TODO: fill this out
  - name: AWS_ID
    value: # TODO: fill this out
  - name: AWS_SECRET
    value: # TODO: fill this out
  - name: AWS_BUCKET_NAME
    value: # TODO: fill this out
  - name: AWS_UPLOAD_REGION
    value: # TODO: fill this out
Enter fullscreen mode Exit fullscreen mode

Disclaimer

Please remember that, despite my affiliation with Forem, this is not official advice on how to deploy a Forem and is only offered for informational purposes for folks feeling adventurous.

Collapse
 
pandeybk profile image
Balkrishna Pandey

@jamie It is feasible to share the Kubernetes code base. Please let me know if you wish to opensource it or even publish in selfhost repo. We can create a helm chart or a kustomization template, this will allow others, including myself, to contribute to the project.

Collapse
 
jamie profile image
Jamie Gaskins

Sorry, I thought I'd responded to this but it looks like I forgot to hit send. I think it'd be awesome to publish it, but it probably won't make it into any of the Forem-owned repos. Last I heard Kubernetes wasn't one of the platforms we'll be offering first-class support for. And that makes sense, since Kubernetes isn't many people's first choice for self-hosting their personal projects.

So if I do publish it, it'll probably be on my own GitHub account.

Collapse
 
pandeybk profile image
Balkrishna Pandey

By the way there is helm chart someone (komljen) created 3 years back (github.com/komljen/helm-charts/tre...). Not sure the status of this project at the moment. But this can be a good starting point.

Collapse
 
jamie profile image
Jamie Gaskins

A Helm chart was actually where I started down that road. I was using Helmfile to define the stack all in one place to install the Helm charts for the Postgres and Redis (and Elasticsearch back when it was still part of the stack) instances in addition to the Rails app. It worked really nicely.

Thread Thread
 
pandeybk profile image
Balkrishna Pandey

Actually I am working on this project since yesterday :). I manage to deploy dev in kubernetes. Its running on baremetal from my home.

goglides.dev/

I am using some other operator to manage each component separately.

github.com/ot-container-kit/redis-... (for redis management)
postgres-operator.readthedocs.io/e... (for postgres)
github.com/imgproxy/imgproxy-helm (for image proxy)
cert-manager.io/docs/configuration... (to automate certificate management)
kubernetes.github.io/ingress-nginx... (for ingress)
operatorhub.io/operator/elastic-cl... (for elasticsearch)
rancher (for kubernetes)
github.com/openshift/local-storage... (for storage management)

I am also using Argocd for GitOps. I honestly think dev.to should tap into kubernetes, it will become easier to manage this project. Plus attract more enterprise customer.

Still doing some configuration. But this is really working well.

All of the secrets are hard coded at the moment. But I think I can use vault chart to deploy hashicorp vault and fetch the secrets from vault.

Thread Thread
 
pandeybk profile image
Balkrishna Pandey

Wait a minute are you saying Elasticsearch is now not a part of stack ?

"(and Elasticsearch back when it was still part of the stack)"

Thread Thread
 
jamie profile image
Jamie Gaskins

Correct. We removed it in favor of using Postgres full-text search because a JVM running Elasticsearch consumed more memory than the entire rest of the stack combined on a self-host instance.

Thread Thread
 
jamie profile image
Jamie Gaskins

I am using some other operator to manage each component separately.

Nice. That looks very much like where I landed, too. I don't have imgproxy running, but I should. Serving raw images can give away sensitive personal information (name and time/location the photo was taken) when they're uploaded to the Forem instance from a phone and imgproxy strips that out.

Thread Thread
 
pandeybk profile image
Balkrishna Pandey

Running into couple of issue with my deployment, exactly not sure what is causing it, I wonder if you are seeing something similar with your deployment, when you have time possible to go through this issues.

  1. RSS Feed not working
  2. mailchimp integration not working
Thread Thread
 
pandeybk profile image
Balkrishna Pandey

issue fixed forget to tun bundle exec sidekiq -c 2

Collapse
 
charlesfrm profile image
Charles Lin

Thanks Jamie for sharing your experience. Sorry for responding so late. I made an attempt after my post and later decided to use discourse for my side-project. I'm still very interested in forem and will follow its development.