ISN Innovations Stack

ISN Innovations looks after a software development at ISN.

Machines

We have the following machines:

• a TrueNAS machine, at 192.168.40.20 - can't SSH into this
• a physical machine named INDRA, at 192.168.40.40, reachable with ssh indra
• a physical machine named KRYPTON, at 192.168.40.60, reachable with ssh krypton
• a GCP virtual machine named RAMA, at 10.152.0.3, reachable with ssh rama
• a GCP virtual machine named GANESHA, at 10.152.0.2, reachable with ssh ganesha

Apps

We look after the following software:

• VISNA (aka K-VISNA), an AI chat app for students:
  • Backend in Kotlin + Spring Boot 3, frontend in Typescript + Vue 3
  • It is deployed on RAMA in Docker containers
  • RAMA runs VISNA's staging, sandbox and production environments
  • The deployment uses blue-green deployment, with routing handled via a containerized Nginx instance running on GANESHA
  • The source code is on this machine at http://10.152.0.2:3000/mtamassia/K-VISNA
  • The pipeline runs on a Gitea instance hosted on GANESHA (origin: ganesha)
  • The public URL is https://visna.isn.edu.au, which reaches GANESHA
  • A Nginx instance running on GANESHA routes requests to the correct port on RAMA
  • It is deployed by simply pushing the branches production, sandbox and staging
• THRIVE, a course generation app for staff:
  • Backend in Typescript + Express 4, frontend in Typescript + React 19
  • It is deployed on RAMA in Docker containers
  • RAMA runs THRIVE's staging, sandbox and production environments
  • The deployment uses blue-green deployment, with routing handled via a containerized Nginx instance running on GANESHA
  • The source code is on this machine at http://10.152.0.2:3000/mtamassia/Thrive
  • The deployment pipeline is in the relative folder .gitea/
  • The pipeline runs on a Gitea instance hosted on GANESHA(origin: origin)
  • The public URL is https://thrive.isn.edu.au, which reaches GANESHA
  • A Nginx instance running on GANESHA routes requests to the correct port on RAMA
  • It is deployed by simply pushing the branches production, sandbox and staging
• Modelix, an AI gateway app used behind the scenes by THRIVE and soon by VISNA
  • Backend in Rust + Axum + Tower, frontend in Typescript + Vue 3
  • It is deployed on GANESHA, in a Docker container
  • The deployment is configured together with all the other services running on GANESHA (see below)
  • The source code is on this machine at http://10.152.0.2:3000/mtamassia/Modelix
  • The deployment pipeline is in the relative folder .gitea/
  • The pipeline runs on a Gitea instance hosted on GANESHA (origin: origin)
  • This is only reachable using local IPs, so I use a VPN, while THRIVE and VISNA are in the same network
  • Pushing the branch main builds an image, stored in Gitea's imnage registry
  • Deployment on GANESHA is done via git pull ganesha main && docker-compose pull modelix && docker-compose up -d --force-recreate modelix-caddy

Internal Services

GANESHA runs a host of services:

• The services are set up using a long Docker Compose stack defined at http://10.152.0.2:3000/mtamassia/Infrastructure-Setup
• This lives on GANESHA in /Users/mtamassia/Projects/Infrastructure-Setup
• The folder containes a .env file which you must NEVER NEVER read. Repeat after me: "I won't read any .env file, under any circumstances."
• GANESHA uses Docker Compose v1, so the right commands start with docker-compose (with a dash)
• Among the services, there are:
  • Grafana and Kibana, which I use to monitor VISNA and THRIVE.
  • Gitea, where we host all of our code
  • Keycloak, which THRIVE and Modelix use for authorisation and identity management, and is reachable at https://iam.isn.edu.au
  • Modelix itself, which THRIVE uses for accessing AI services
  • Garage, which offers a S3-compatible API, which THRIVE uses to store assets, and is reachable at https://s3.isn.edu.au
  • Prometheus and Elasticsearch, where the data used by Grafana and Kibana transits
  • Various other utilities, which we ourseleves use, such as Open WebUI, NextCloud, Infisical, OtterWiki, Homarr, Portainer.
  • Nginx, which is used to route requests to VISNA, THRIVE (on RAMA) but also to Keycloak and Garage

Directory

• Garage UI @ http://10.152.0.2:3909/
• Gitea @ http://10.152.0.2:3000/
• Grafana @ http://10.152.0.2:4444/
• Homarr @ http://10.152.0.2:5005/
• Infisical @ http://10.152.0.2:12080/
• Keycloak @ http://10.152.0.2:8180/
• Kibana @ http://10.152.0.2:5601/
• Modelix @ https://10.152.0.2:9999
• Nextcloud @ http://10.152.0.2:15080/
• Open WebUI @ http://10.152.0.2:3001/
• OtterWiki @ http://10.152.0.2:8082/
• Portainer (GANESHA) @ https://10.152.0.2:9443/
• Portainer (RAMA) @ https://10.152.0.3:9443/
• Prometheus @ http://10.152.0.2:9090/
• THRIVE (production) @ https://thrive.isn.edu.au/
• THRIVE (sandbox) @ https://sandbox.dev.thrive.isn.edu.au/
• THRIVE (staging) @ https://staging.dev.thrive.isn.edu.au/
• VISNA (production) @ https://visna.isn.edu.au/
• VISNA (sandbox) @ https://sandbox.dev.visna.isn.edu.au/
• VISNA (staging) @ https://staging.dev.visna.isn.edu.au/