Session 2 - 2026-01-23

Summary

EC2 server setup and complete Docker infrastructure deployment.

Server Information

Parameter	Value
IP Address	16.171.135.212
Instance	t3.large
OS	Ubuntu 24.04
Disk	100GB (expanded from 6.8GB)

Completed Tasks

1. EC2 Server Connection & Setup

• ✅ Connected to EC2: 16.171.135.212
• ✅ Expanded disk: 6.8GB → 100GB
• ✅ Installed Docker + Docker Compose v2
• ✅ Created directory structure at /opt/gsign/

2. Database Containers

Container	Port	Status
gsign-postgres (PostgreSQL 16)	5432	✅
gsign-mongodb (MongoDB 7)	27017	✅
gsign-redis (Redis 7)	6379	✅

3. Monitoring & Logging Stack

Container	Port	Status
gsign-prometheus	9090	✅
gsign-grafana	3001	✅
gsign-loki	3100	✅
gsign-promtail	-	✅

4. GitLab Self-Hosted

• ✅ GitLab CE - port 8929
• ✅ Container Registry - port 5005
• ✅ GitLab Runner (docker executor)
• ✅ GitLab Runner (shell executor)
• ✅ CI/CD pipeline configured

5. Database Management Tools

Tool	URL
Adminer	https://pgadmin.gesign.mn
Mongo Express	https://mongo.gesign.mn
Redis Commander	https://redis.gesign.mn

6. Domain & SSL

• ✅ Wildcard domain: *.gesign.mn
• ✅ SSL certificates: Let's Encrypt (expires 2026-04-23)
• ✅ NGINX reverse proxy for all services

7. Runtime Environment

Runtime	Version
Go	1.23.5
Node.js	20.20.0
PM2	6.0.14

Issues Encountered & Fixed

Issue	Solution
Disk device name wrong	Used lsblk, found nvme0n1
Docker-compose syntax	Rewrote entire file
Prometheus permissions	chown -R 65534:65534
Grafana permissions	chown -R 472:472
pgAdmin redirect loop	Replaced with Adminer
GitLab Runner registration	Used internal URL http://gitlab:80
SSL certificate failed	Opened ports 80/443 in AWS Security Group

Statistics

• Docker Containers: 12 running
• Subdomains Configured: 10
• SSL Certificates: 1 wildcard
• GitLab Runners: 2 (docker + shell)
• Commands Executed: 100+

Key Decisions

1. Logging: Loki instead of EFK (lighter, better Grafana integration)
2. Database tool: Adminer instead of pgAdmin (simpler)
3. CI/CD: Container-based deployment
4. GitLab Runner URL: Internal Docker network for reliability

URLs Available

Service	URL
Frontend	https://gesign.mn
Admin Panel	https://admin.gesign.mn
API	https://api.gesign.mn
GitLab	https://gitlab.gesign.mn
Grafana	https://grafana.gesign.mn
Prometheus	https://prometheus.gesign.mn
Adminer	https://pgadmin.gesign.mn
Mongo Express	https://mongo.gesign.mn
Redis Commander	https://redis.gesign.mn

Status

Session 2: ✅ COMPLETE Ready for: Application development