Overview

A comprehensive Orthodox Christian community website featuring a Ghost CMS blog, Rallly scheduling system, and Campfire chat application. The site serves as a digital hub for the Brotherhood of Nicola community.

Architecture

  • Domain: brotherhoodofnicola.com
  • Infrastructure: Docker Compose on Digital Ocean droplet
  • Reverse Proxy: Traefik with automatic SSL
  • Database: MySQL 8.0 for Ghost, PostgreSQL 15 for Rallly
  • Storage: Docker volumes for persistence

Services

Ghost CMS (Main Blog)

  • Purpose: Primary content management and blog
  • URL: https://brotherhoodofnicola.com
  • Database: MySQL 8.0
  • Features:
    • Orthodox Christian content and articles
    • Member stories and testimonials
    • Event announcements
    • Photo galleries
    • SEO optimized

Rallly (Event Scheduling)

  • Purpose: Community event scheduling and RSVP management
  • URL: https://schedule.brotherhoodofnicola.com
  • Database: PostgreSQL 15
  • Features:
    • Event creation and management
    • RSVP tracking
    • Email notifications
    • Calendar integration
    • Member coordination

Campfire (Community Chat)

  • Purpose: Real-time community communication
  • URL: https://chat.brotherhoodofnicola.com
  • Database: SQLite (embedded)
  • Features:
    • Multiple chat rooms
    • Direct messaging
    • File attachments
    • @mentions and notifications
    • Web Push notifications

Calendar (Static)

Technical Stack

Backend Services

  • Ghost: 6.0.10-alpine
  • Rallly: lukevella/rallly:latest
  • Campfire: ghcr.io/basecamp/once-campfire
  • Databases: MySQL 8.0, PostgreSQL 15-alpine

Infrastructure

  • Container Orchestration: Docker Compose
  • Reverse Proxy: Traefik
  • SSL: Let’s Encrypt automatic certificates
  • Networking: Isolated Docker networks per service

Security

  • SSL/TLS: Automatic HTTPS with Let’s Encrypt
  • Network Isolation: Separate networks for each service
  • Volume Persistence: Encrypted storage volumes
  • Access Control: Traefik-based routing and authentication

Deployment Process

Initial Setup

  1. Domain Configuration: DNS A/AAAA records pointing to Digital Ocean droplet
  2. SSL Certificates: Automatic generation via Traefik and Let’s Encrypt
  3. Database Initialization: MySQL and PostgreSQL containers with persistent volumes
  4. Service Configuration: Environment variables and secrets management

Service Dependencies 

ghost -> db (MySQL)
rallly -> rallly-db (PostgreSQL)
campfire -> (SQLite embedded)
calendar -> (Static files)

Environment Management

  • Ghost: Shared environment file for database and SMTP configuration
  • Rallly: Dedicated environment variables for authentication and database
  • Campfire: Isolated environment file (.env.campfire) for security keys

Monitoring and Maintenance

Health Checks

  • Ghost: Database connectivity and service health
  • Rallly: Application health endpoint monitoring
  • Campfire: Container-level health monitoring
  • Traefik: SSL certificate status and routing

Backup Strategy

  • Database Backups: Automated MySQL and PostgreSQL dumps
  • Volume Backups: Regular snapshots of Docker volumes
  • Configuration Backups: Version-controlled docker-compose.yml and environment files

Update Process

  • Image Updates: Pinned to specific digests for stability
  • Security Updates: Regular base image updates
  • Application Updates: Controlled deployment with rollback capability

Performance Optimization

Caching

  • Traefik: Built-in caching for static assets
  • Ghost: Content caching and CDN integration
  • Database: Optimized queries and indexing

Resource Management

  • Memory Limits: Container resource constraints
  • CPU Allocation: Service-specific resource allocation
  • Storage: Efficient volume management and cleanup

Security Considerations

Network Security

  • Isolated Networks: Service-specific Docker networks
  • Firewall Rules: Restricted port access
  • SSL/TLS: End-to-end encryption

Data Protection

  • Encryption: Database and volume encryption
  • Access Control: Service-specific authentication
  • Audit Logging: Comprehensive logging and monitoring

Future Enhancements

  • CDN Integration: Global content delivery
  • Advanced Analytics: Detailed usage tracking
  • Mobile App: Native mobile application
  • API Development: RESTful API for third-party integrations