Southern California Grotto

Technology Stack Overview

Cloud Services

Discord

Discord is our chat room program where members talk. Setup was complex, we utilize a number of bots for integrations, so Discord has a dedicated setup page: Setup Overview

Google Sheets

We track trips and calendar in a google sheet. Ask for access if you need it.

Google Calendar

We use gCal to advertise events to website viewers and allow members to add the calendar to theirs. Technically it’s publicly viewable so don’t put location data directly into calendar events. The socalgrottocalendar@gmail.com user and API key are managed by Dav.

Webserver

The server lives under Dav’s desk. We could probably pay for virtual hosting if it becomes a problem, but we currently don’t. The machine is a little long in the tooth but has more storage and cpu cores than the grotto could reasonably pay for at AWS.

  • Linux 6.8.0-47-generic x86_64 GNU/Linux
  • Ubuntu 24.04 “Noble”
  • NGINX 1.24.0 (Ubuntu)
  • PHP 8.3.6
  • MariaDB 15.1 Distrib 10.11.0-MariaDB for debian-linux-gnu

WordPress

WordPress 6.8.1 (See plugin documentation)

Immich

Immich is our photo archive website. It runs on docker and has a nginx vhost map to https://photos.socalgrotto.com. The grotto currently utilizes two accounts. Dav also uses Immich for his own photos. We don’t have oauth2 setup yet for the grotto user so for the time being we just keep the login secret.

  • “socalgrotto” (the main photo repo)
  • “cavesely” (Carol’s map repo)
  • “dangel” (Dav’s photos)

Network

  • Domain: socalgrotto.com domain name is hosted at aws in dangel personal account
  • Bern still has the old southerncaliforniagrotto.com domain.
  • DNS: route53 dangel personal account
  • Internet: Spectrum at dangel’s house. Tests at about 500Mb/20Mb
  • Router: Firewalla 2.5g (QOS on)
  • Switch: 2.5g something or another
  • Intel PC running Linux. No VMs, Docker for zeppelin and various other services, but not wordpress.

Certbot

We use certbot and a r53 plugin to automatically update all certs for domains on the webhost. The process is run in cron occasionally.

Backups

  • Entire internal disk is written to a ZFS mirrored vdev daily
  • MySQL backups are currently sent to /tank/efap/backups/mysql twice a day
  • Immich backups are currently sent to /tank/efap/backups/mysql once a dayl
  • We need a .zip of the site and mysql to google drive or something offsite.

Stuff you should remember to do if you do this again:

  • Setup QOS on your router so your torrent traffic doesn’t clobber users