Guide for Commento behind Traefik
Self-hosted commenting system Commento++ with Traefik as reverse proxy.
Table of Contents
CAUTION
Please note that this blog post was originally written in German and has been translated for your convenience. Although every effort has been made to ensure accuracy, there may be translation errors. I apologize for any discrepancies or misunderstandings that may result from the translation and I am grateful for any corrections in the comments or via mail.
I would like to enable comments on my blog. Disqus costs money if you donβt want ads and users to be tracked. Thatβs why I need a self-hosted solution: Commento.
Commento is a fast, privacy-focused commenting platform
It is possible to host Commento for $10/month (https://commento.io). However, this guide is about hosting Commento using Traefik as a reverse proxy. The server should be set up roughly as described here.
Commento needs a database to run. We use Postgres. First, we need a new folder.
cd ~/docker
touch docker-compose-commento.yml
mkdir appdata/commento/db -p
nano docker-compose-commento.yml
version: "3.7"
### NETWORKS ###
networks:
web:
external:
name: web
internal:
external: false
default:
driver: bridge
### SERVICEs ###
services:
commento-server:
container_name: commento
image: registry.gitlab.com/commento/commento
restart: unless-stopped
networks:
- internal
- web
security_opt:
- no-new-privileges:true
environment:
- COMMENTO_ORIGIN=https://commento.somedomain.de
- COMMENTO_PORT=8080
- COMMENTO_POSTGRES=postgres://postgres:password@commento-db:5432/commento?sslmode=disable
labels:
- "traefik.enable=true"
- "traefik.http.routers.commento-rtr.entrypoints=https"
- "traefik.http.routers.commento-rtr.rule=Host(`commento.$DOMAINNAME`)"
- "traefik.http.routers.commento-rtr.tls=true"
- "traefik.http.routers.commento-rtr.service=commento-svc"
- "traefik.http.services.commento-svc.loadbalancer.server.port=8080"
- "traefik.http.routers.commento-rtr.middlewares=chain-no-auth@file"
depends_on:
- commento-db
commento-db:
container_name: commento-db
image: postgres
restart: unless-stopped
networks:
- internal
security_opt:
- no-new-privileges:true
environment:
- POSTGRES_DB=commento
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=password
volumes:
- $DOCKERDIR/appdata/commento/db:/var/lib/postgresql/data
labels:
- "traefik.enable=false"
What needs to be changed is the domain and the password. Thatβs it, docker-compose -f docker-compose-commento up -d starts the container. Now, we call up the domain under which Commento is running and create an account. Once the account has been created and in the dashboard, we again enter the command docker-compose -f docker-compose-commento down.
We adjust the settings.
version: "3.7"
### NETWORKS ###
networks:
web:
external:
name: web
internal:
external: false
default:
driver: bridge
### SERVICEs ###
services:
commento-server:
container_name: commento
image: registry.gitlab.com/commento/commento
restart: unless-stopped
networks:
- internal
- web
security_opt:
- no-new-privileges:true
environment:
- COMMENTO_ORIGIN=https://commento.somedomain.de
- COMMENTO_PORT=8080
- COMMENTO_POSTGRES=postgres://postgres:password@commento-db:5432/commento?sslmode=disable
- COMMENTO_FORBID_NEW_OWNERS=true
labels:
- "traefik.enable=true"
- "traefik.http.routers.commento-rtr.entrypoints=https"
- "traefik.http.routers.commento-rtr.rule=Host(`commento.$DOMAINNAME`)"
- "traefik.http.routers.commento-rtr.tls=true"
- "traefik.http.routers.commento-rtr.service=commento-svc"
- "traefik.http.services.commento-svc.loadbalancer.server.port=8080"
- "traefik.http.routers.commento-rtr.middlewares=chain-no-auth@file"
depends_on:
- commento-db
commento-db:
container_name: commento-db
image: postgres
restart: unless-stopped
networks:
- internal
security_opt:
- no-new-privileges:true
environment:
- POSTGRES_DB=commento
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=password
volumes:
- $DOCKERDIR/appdata/commento/db:/var/lib/postgresql/data
labels:
- "traefik.enable=false"
The environment of the Commento server is extended by one entry.
docker-compose -f docker-compose-commento up -d
It should no longer be possible to create a new account with Commento.
Then why are no comments displayed below? Because the GDPR does not allow it without restrictions. Commento still needs an integrated option for users to delete their accounts themselves. Anonymous commenters have no option to enter a name (so everyone is called the same). Anyone can register with any e-mail address. You donβt have to accept a confirmation e-mail.
As a result, I have decided not to add a comment function at this time. π’
Update:
After some searching, I found the repository of souramoo with Commento++. His fork of Commento at least allows anonymous users to choose a name, eliminating the need for fake mail addresses.
He also responded within a few minutes to my inquiry about whether it would be possible to implement a function allowing users to delete their accounts. This has already been implemented and is available from version 1.8.6.
In any case, itβs time to change the Docker image.
cd ~/docker
docker-compose -f docker-compose-commento.yml down
nano docker-compose-commento.yml
version: "3.7"
### NETWORKS ###
networks:
web:
external:
name: web
internal:
external: false
default:
driver: bridge
### SERVICEs ###
services:
commento-server:
container_name: commento
image: caroga/commentoplusplus
restart: unless-stopped
networks:
- internal
- web
security_opt:
- no-new-privileges:true
environment:
- COMMENTO_ORIGIN=https://commento.somedomain.de
- COMMENTO_PORT=8080
- COMMENTO_POSTGRES=postgres://postgres:IrerenrBeAsdf@commento-db:5432/commento?sslmode=disable
- COMMENTO_FORBID_NEW_OWNERS=true
- COMMENTO_GZIP_STATIC=true
labels:
- "traefik.enable=true"
- "traefik.http.routers.commento-rtr.entrypoints=https"
- "traefik.http.routers.commento-rtr.rule=Host(`commento.$DOMAINNAME`)"
- "traefik.http.routers.commento-rtr.tls=true"
- "traefik.http.routers.commento-rtr.service=commento-svc"
- "traefik.http.services.commento-svc.loadbalancer.server.port=8080"
- "traefik.http.routers.commento-rtr.middlewares=chain-no-auth@file"
depends_on:
- commento-db
commento-db:
container_name: commento-db
image: postgres
restart: unless-stopped
networks:
- internal
security_opt:
- no-new-privileges:true
environment:
- POSTGRES_DB=commento
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=IrerenrBeAsdf
volumes:
- $DOCKERDIR/appdata/commento/db:/var/lib/postgresql/data
labels:
- "traefik.enable=false"
The most significant change is the image from the Commento server.
docker-compose -f docker-compose-commento up -d
The server is now running. Commento++ only needs to be integrated into your own website π