This document describes the deployment and maintenance procedures for the TUM Meldeplattform.
The TUM Meldeplattform runs as a containerized application using Docker Compose with the following components:
- Traefik: Reverse proxy and certificate manager
- Website: Main application container
- Watchtower: Automatic container updates
The platform is hosted on a TUM server and can be accessed via SSH:
The main application directory is located at /root/meldeplattform/ and contains:
docker-compose.yml: Container orchestration configurationtraefik.toml: Traefik reverse proxy configurationconfig.yaml: Application configurationdata/: Directory containing runtime data and certificatesacme/: Directory for Let's Encrypt certificates
The deployment uses Docker Compose with three main services:
-
Traefik
- Handles SSL/TLS termination
- Manages automatic HTTPS redirects
- Provides reverse proxy functionality
-
Website
- Main application container
- Mounts local configuration and data volumes
- Exposes port 8080 internally
-
Watchtower
- Monitors and automatically updates containers
The platform uses certificates for authentication. The certificates are stored in the /root/meldeplattform/data directory:
key.pem: Private keycert.pem: Public certificate
When certificates need to be renewed:
- Backup existing certificates:
cd /root/meldeplattform/data
mv key.pem key.pem.old
mv cert.pem cert.pem.old- Restart the website container to generate new certificates:
docker restart meldeplattform_website_1- Update the certificate in DFN-AAI:
- Access mdv.aai.dfn.de
- Replace the old certificate (do not add as additional)
- Current certificate validity: January 15, 2027, 6:16 PM
Note: After certificate renewal, it may take up to an hour for the login to function properly. In some cases, an additional container restart may be required.
To check the status of containers:
docker compose psTo view container logs:
docker compose logs [service_name]To restart services:
docker compose restart [service_name]Watchtower automatically handles container updates. However, manual updates can be performed:
docker compose pull
docker compose up -dAccess service logs for debugging:
# Traefik logs
docker compose logs traefik
# Website logs
docker compose logs websiteTo update the Go packages in the project:
- Clone the repository locally:
git clone https://github.com/tum-dev/meldeplattform.git
cd meldeplattform- Update all dependencies to their latest versions:
go get -u ./...- Clean up the go.mod file:
go mod tidy- Test the application to ensure updates haven't introduced issues:
go test ./...- Commit the changes to go.mod and go.sum:
git add go.mod go.sum
git commit -m "chore: update go dependencies"- Create a pull request with the updates
- Keep track of major version updates in dependencies
- Review changelog/release notes of updated packages
- Test thoroughly after significant updates
- Implement certificate renewal without downtime
- Add monitoring and alerting
- Develop automated backup solutions
For additional support or questions, contact the TUM IT Support team.