Document osTicket deployment, DB unification, and osticket-capstone repo
This commit is contained in:
parent
4d08df827b
commit
2ff78f1978
2 changed files with 47 additions and 1 deletions
|
|
@ -505,3 +505,49 @@ NOTE: same active-active pattern as kscloud1 — shared Authentik Postgres+Redis
|
|||
Tailscale, same TUNNEL_TOKEN, fresh DBs for stateful apps except identity (authentik/kavita).
|
||||
IMPORTANT Oracle gotcha: Ubuntu on Oracle has iptables rules that block all traffic at boot
|
||||
even after Security List rules are opened. Must flush iptables as part of initial setup.
|
||||
|
||||
## osTicket deployed on monk + kscloud1 (found 2026-06-13/14, installed ~2026-06-12)
|
||||
osTicket (campbellsoftwaresolutions/osticket image, x86 - runs natively on both hosts,
|
||||
no QEMU needed) + nginx proxy + MariaDB 10.11, under
|
||||
`~/kitestacks-live/docker/osticket/` (monk) and `/opt/kitestacks/docker/osticket/`
|
||||
(kscloud1). `tasks.kitestacks.com` -> "KiteStacks Help Desk", verified HTTP 200.
|
||||
Admin: kenpat7177 / kenpat7177@gmail.com. Host ports: monk 8092:8080, kscloud1 8090:8080
|
||||
(both nginx -> osticket-app:80). .env (OSTICKET_DB_PASS/ROOT/ADMIN_PASS/INSTALL_SECRET)
|
||||
is IDENTICAL on both hosts.
|
||||
|
||||
### DB unification (2026-06-13/14) - same pattern as Authentik shared-DB fix
|
||||
Both hosts originally had their OWN osticket-db (drift risk like pre-fix Kavita). Per
|
||||
user request ("database should be accessible from any computer"), unified onto
|
||||
kscloud1's osticket-db as canonical:
|
||||
- kscloud1 osticket-db: added `ports: - "100.123.254.52:3306:3306"` (Tailscale-only,
|
||||
matches authentik-postgres/redis pattern) to
|
||||
`/opt/kitestacks/docker/osticket/docker-compose.yml`, `docker compose up -d`.
|
||||
- monk: `docker compose stop osticket-db` (left stopped, NOT removed - rollback data
|
||||
intact in its volume). Edited `~/kitestacks-live/docker/osticket/docker-compose.yml`:
|
||||
removed osticket-db service block, changed osticket-app's `MYSQL_HOST=osticket-db`
|
||||
-> `MYSQL_HOST=100.123.254.52`, removed `depends_on: osticket-db`. `docker compose
|
||||
up -d osticket-app`.
|
||||
- GOTCHA: after recreating osticket-app, the `osticket` nginx proxy container on monk
|
||||
returned 502 (cached stale upstream IP for osticket-app from its old container) -
|
||||
fixed with `docker restart osticket`. Apply this same restart on kscloud1's `osticket`
|
||||
nginx if its osticket-app is ever recreated.
|
||||
- Verified: both DBs had identical data before merge (1 ticket, 1 staff/kenpat7177) so
|
||||
no data loss either way. tasks.kitestacks.com returns 200 consistently post-merge.
|
||||
- Backups: `docker-compose.yml.bak` left in both hosts' osticket dirs.
|
||||
|
||||
### osticket-capstone Forgejo repo (created 2026-06-13/14)
|
||||
New private repo `kenpat/osticket-capstone` on gitforge (created via API using a
|
||||
scoped token `claude-capstone-osticket` generated via
|
||||
`docker exec -u git forgejo /app/gitea/gitea admin user generate-access-token` on
|
||||
monk's forgejo container - token has write:repository,write:user scopes). Holds
|
||||
redacted osTicket deployment config + Per Scholas capstone docs/evidence - see
|
||||
[[project-per-scholas-capstone]]. NOTE: gitforge.kitestacks.com is also
|
||||
active-active load-balanced (monk/kscloud1 separate forgejo DBs) - API calls
|
||||
against the public hostname can hit the wrong DB; use monk's local
|
||||
`http://localhost:3006` for API operations tied to monk's forgejo data.
|
||||
|
||||
### Remaining osTicket work
|
||||
- Authentik SSO plugin for osTicket staff/agent login (osTicket has no native OIDC,
|
||||
needs 3rd-party OAuth2/SAML plugin) - NOT YET DONE.
|
||||
- End-user ticket submission uses osTicket's native client portal signup (works
|
||||
out of the box, no SSO needed).
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue