Replaced Disqus with self hosted Commento

· by Raghu Rajagopalan · Read in about 3 min · (483 words) ·

One thing that’s bothered me with this blog is having to have Disqus for comments. Not that I get a lot of comments but the thing is that disqus loads a boatload of scripts and content and generally makes things slow. Anyway, in comes Commento - an open source project for self hosted blog comments.

My current setup

Commento itself requires PostgreSQL db - but something that’s more 'production' strength requires HTTPS - so I’m running a caddy server in front of Commento. Caddy does automatic HTTPS with LetsEncrypt - including cert renewals so it’s really just configuring it once and then leaving it. The other bits mostly have to do with setting it all up to run as services under Systemd

  1. On a Standard A2 instance on Azure

  2. Install postgres, create a database

    $ sudo apt install postgresql
    $ sudo -i -u postgre
    
    # set a password, create a db
    postgres=# \password
    postgres=# create database commento;
  3. FIgure out ip address of the docker0 bridge

    $ ip addr
    
    ....
    4: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
        link/ether 02:42:32:7a:c3:2a brd ff:ff:ff:ff:ff:ff
        inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 (1)
           valid_lft forever preferred_lft forever
        inet6 fe80::42:32ff:fe7a:c32a/64 scope link
           valid_lft forever preferred_lft forever
    ....
    1 Note the subnet - 172.17.0.1
  4. Allow access from docker0 bridge

    $ sudo vim /etc/postgresql/10/main/pg_hba.conf
    
    host    all             all             127.0.0.1/32            md5
    host    all             all             172.17.0.1/16            md5
    
    # make sure that pgsql actually listens on the docker0 interface
    $ sudo vim /etc/postgresql/10/main/postgresql.conf
    
    listen_addresses = 'localhost,172.17.0.1'
    
    # check if you can connect to the db from a docker container
    $ docker run -it --rm ubuntu
    # inside the container now
    apt update && apt install postgresql-client
    psql -U postgres -h 172.17.0.1
  5. Create OAuth applications for social logins - I did for twitter, Google & github

  6. Create configuration file for Commento

    $ cd ~/commento
    $ vim commento.conf
    
    COMMENTO_ORIGIN=https://comments.rraghur.in
    COMMENTO_POSTGRES=postgres://postgres:notmypass@172.17.0.1:5432/commento?sslmode=disable
    COMMENTO_GZIP_STATIC=true
    COMMENTO_GITHUB_KEY=...
  7. Run Commento in a container

    $ docker run -d -p 8080:8080 -v ~/commento:/etc/commento -e COMMENTO_CONFIG_FILE=/etc/commento/commento.conf  registry.gitlab.com/commento/commento
  8. SSL - deploy caddy on the host

    # download caddy and unzip
    # give caddy perms to bind to privileged ports
    
    $ sudo setcap cap_net_bind_service=+ep ./caddy
    
    # create config for caddy
    $ vim Caddyfile
    
    
    https://comments.rraghur.in:443 {
            tls redacted@email.com
            log stdout
            errors stdout
            proxy / localhost:8080 {
                    transparent
    
            }
    }
  9. Run everything as a service in systemd

    $ sudo vim /etc/systemd/system/commento.service
    
    [Unit]
    Description=Commento service
    After=docker.service
    Wants=network-online.target docker.socket
    Requires=docker.socket
    
    [Service]
    Restart=always
    ExecStartPre=/bin/bash -c "/usr/bin/docker container inspect commento 2> /dev/null || /usr/bin/docker run -d --name commento --privileged -p 8080:8080 -v /var/run/docker.sock:/var/run/docker.sock -v /home/raghu/commento:/etc/commento -e COMMENTO_CONFIG_FILE=/etc/commento/commento.conf -e COMMENTO_POSTGRES=postgres://postgres:notmypass@172.17.0.1/commento  registry.gitlab.com/commento/commento"
    ExecStart=/usr/bin/docker start -a commento
    ExecStop=/usr/bin/docker stop -t 10 commento
    
    [Install]
    WantedBy=multi-user.target
    
    
    $ sudo vim /etc/systemd/system/commento-web.service
    
    [Unit]
    Description=Commento HTTP
    PartOf=commento.service
    After=commento.service
    Requires=commento.service
    
    [Service]
    Restart=always
    ExecStart=/home/raghu/commento/caddy -agree -conf /home/raghu/commento/Caddyfile -http-port 9090
    ExecReload=/bin/kill -USR1 $MAINPID
    KillMode=mixed
    KillSignal=SIGQUIT
    TimeoutStopSec=5s
    
    [Install]
    WantedBy=multi-user.target
  10. Now commento can be started/stopped with systemctl start commento-web

  11. To run it automatically on boot, enable it in systemd with systemctl enable commento