Forum OpenACS Development: OpenACS.org runs now containerized

Posted by Gustaf Neumann on 12/19/25 02:33 PM

Dear all,

OpenACS.org is now running fully containerized.

Please let me know if you notice any problems with the site. OpenACS.org is a long-lived installation that has grown over more than 20 years and includes many legacy packages. During the transition to a containerized setup, special care is required for things like links that point outside the application’s file system tree or other assumptions that do not always carry over cleanly into containers.

If you encounter anything that looks broken, inconsistent, or slower than expected, your feedback would be greatly appreciated.

Thanks for your help in testing and improving the setup!

2: Re: OpenACS.org runs now containerized (response to 1)

Posted by Gustaf Neumann on 12/19/25 07:25 PM

In essence, the container has all data on the file-system/DB, and all binaries (nsd, mail-delivery, munin node and master) are containerized, interacting via docker compose


                           +----------------+
                           |  Browser       |
                           |  https://openacs.org:443
                           +--------+-------+
                                    |
                              Public Internet
                                    | Host:443
                                    v
                 +------------------------------------------------+
                 |  openacs-org (NaviServer / OpenACS)           |
                 |  Internal ports:                               |
                 |    8443 HTTPS (mapped from Host:443)           |
                 |    8888 loopback (health, Munin interface)     |
                 +------------------+-----------------------------+
                                   / \
                                  /   \
                    HTTP metrics /     \  SMTP relay (internal)
                                /       \
                               v         v
      +--------------------------+     +--------------------------+
      |  munin-node              |     |  mail-relay              |
      |  Port 4949 (internal)    |     |  Postfix on port 25      |
      |  polled by munin-master  |     |  (internal Docker net)   |
      +-------------+------------+     +-------------+------------+
                    ^                                |
                    | TCP 4949 (internal)           | SMTP to Internet
                    |                               v
      +-------------+------------+          +--------------------------+
      |  munin-master            |          | External mail servers    |
      |  cron → munin-cron       |          | (MX hosts, SMTP 25/587/…)|
      |  writes HTML + PNG to    |          +--------------------------+
      |  /var/www/openacs/www/   |
      |  munin-container         |
      +-------------+------------+
                    |
                    | bind mount (on host filesystem)
                    v
      +-------------------------------------------------+
      | /var/www/openacs.org/www/munin                  |
      | (served by OpenACS as /munin/ over HTTPS 8443)  |
      +-------------------------------------------------+

3: Re: OpenACS.org runs now containerized (response to 1)

Posted by Gustaf Neumann on 12/24/25 01:56 PM

The full configuration of OpenACS is available from:

https://github.com/gustafn/docker-ns/tree/main/examples/openacs-org
https://github.com/gustafn/docker-ns/blob/main/examples/openacs-org/docker-compose.yml