Overview
Scealai is a server intended for use by the An Scealaí developers to run their infrastructure, their setup and stack is quite different from the rest of the projects so they are largely left to their own devices when it comes to infrastructure tasks.
Specs
| Key | Value |
|---|---|
| Product | QEMU VM |
| CPU | 1 vCore |
| Memory | 16GiB 3600 MT/s |
| Disk | 128gb NVME |
| OS | Debian 12 Bookworm |
Accessing the An Scéalaí Production Server
The production server for both the An Scéalaí angular frontend static files, and the An Scéalaí API process are on a VM accessible via SSH at hostname srv.abair.ie on port 22106. Also, some test/dev servers are running on this VM.
There three important VMs used for the production An Scéalaí site, and all VMs are connected on a virtual LAN. The internal IP addresses for these VMs are:
10.0.0.1: The primary gateway server that terminates TLS and proxies requests to the relevant VM.10.0.0.2: The services VM which runs our production MongoDB instance.10.0.0.6: The An Scéalaí VM which hosts the static frontend files, runs the backend API node application, and runs various dev/test servers for quality assurance.
Consider adding a Host configuration to your SSH config such as below (replacing nrobinso with the username you have been assigned on the server).
Host scealai.abair.ie
HostName srv.abair.ie
User nrobinso
Port 22106
With this configuration installed Neimhin typically accesses the production server by running $ ssh scealai.abair.ie, which is equivalent to $ ssh srv.abair.ie -l nrobinso -p 22106.
Managing the Production Backend
The backend API process is monitored using systemd, and the configuration is found at /etc/systemd/scealai.service and reads (as of Oct 6th 2024):
$ cat /etc/systemd/system/scealai.service
[Unit]
Description=An Scéalaí backend
[Service]
User=scealai-prod
WorkingDirectory=/srv/scealai
ExecStart=/usr/bin/node ./dist/server.js
Restart=always
[Install]
WantedBy=multi-user.target
The OS user that runs the API is scealai-prod, and the location of the main entry point is /srv/scealai/dist/server.js. Sensitive configuration secrets for the backend are stored in /srv/scealai/.env. The files in /srv/scealai are owned by scealai-prod, and changing ownership of these files could cause errors, so be careful when copying a new build of the backend to /srv/scealai/dist.
The backend service can be checked, started, stopped, restarted, etc. with the systemctl command, e.g.:
$ systemctl status scealai.service
● scealai.service - An Scéalaí backend
Loaded: loaded (/etc/systemd/system/scealai.service; enabled; preset: enabled)
Active: active (running) since Mon 2024-07-08 16:45:42 IST; 2 months 28 days ago
Main PID: 1816763 (node)
Tasks: 11 (limit: 18693)
Memory: 320.8M
CPU: 9h 18min 30.534s
CGroup: /system.slice/scealai.service
└─1816763 /usr/bin/node ./dist/server.js
In order to push updates to /srv/scealai/dist one needs to authenticate as the scealai-prod user with a password. Pushing the updates as root could cause problems if the ownership of the files in /srv/scealai is changed from scealai-prod.
Development Hot URLs
Developers can run dev version of the An Scéalaí project on srv.abair.ie, so that their version of the site can
be accessed at e.g. neimhin-dev.scealai.abair.ie. For new developers a new nginx config will have to be added to assign two dev ports to that developer.
Here is neimhin's development config:
server {
listen 80;
server_name neimhin-dev.scealai.abair.ie;
location / {
proxy_pass http://127.0.0.1:41000/;
}
location /api/ {
proxy_pass http://127.0.0.1:41001/;
proxy_set_header Host $host;
}
}
This above configuration has the result that the frontend can be run on port 41000 and will be accessible on https://neimhin-dev.scealai.abair.ie. And the backend can be run on port 41001 and will be accessible on https://neimhin-dev.scealai.abair.ie/api. This works differently from the production site, which does not use ng serve for the frontend. Rather the production site serves static files.
TODO: Instead of using ng serve for the dev servers we ought to build the frontend and serve static files, because ng serve is not considered secure.
Connecting to MongoDB
The VM at srv.abair.ie:22106 (a.k.a. scealai.abair.ie) has a test mongod instance listening on port 27017. Test versions of the API can connect to this database instance using DB_HOSTNAME=localhost:27017 in <scealai-root>/api/.env.
The production MongoDB server runs on srv.abair.ie:22102. The production API is configured to access the production mongo server in the /srv/scealai/.env file using the internal IP address of the srv.abair.ie:22102 VM:
$ cat /srv/scealai/.env | grep HOSTNAME
DB_HOSTNAME=10.0.0.2:27017/