At the OER Foundation, we have the convention of using Docker to deploy most components of the web services we offer. One notable exception to that is the way we deploy our most widely used database. Rather than deploying a separate MySQL/MariaDB container for every service on a given host, we instead deploy a single instance running on the host. We do this for a couple reasons:
Throughout our Free and Open Source Software tutorials, we need to specify passwords for things. Creating random passwords is surprisingly hard, but we've found a method that's very serviceable and makes it easy to do as we all should: ensure every separate identity or service has a strong password that is unique to that identity and application (i.e. never use the same password in more than one place). We also strongly encourage you all to track your passwords using a password manager!
Here at the OER Foundation, where we build and maintain the computer services used by the OERu, its learners, and its educators around the globe, we've come up with a tech process that seems to work very nicely, with minimal cost and maintenance overhead. It involves setting up hosting infrastructure to adhere to some conventions that have emerged over time (and are subject to change if we identify better ones).
One of the key requirements of pursuing Good Digital Hygiene is using strong passwords, and a different strong password for every application. This is relatively easy to do in theory, with the aid of clever software, but it's something desperately few people do well in practice. I'm going to explain how I've addressed this issue of digital hygiene for myself, and how you can do it for yourself, and your entire family, social circle, or community.
Just about any and every server needs to be able to send email - whether it's end-user-email, like password recovery services for a website to emails to system administrators reporting on the status of system backups and errors. The problem is that it's non trivial (understatement) to set up a mail server properly.
SkFor any website that requires anyone (users or even just a few admins) to transfer secrets to and from it, you want to ensure the data is end-to-end encrypted. Today various browsers (like Firefox) give warnings when you're sending secret data (like passwords) "in the clear", namely unencrypted.
The OERu offers a wide array of online services, all Free and Open Source Software (FOSS), for the benefit of its global learner community, its partner representatives, and educators in general.
As of this writing, in February 2021, we run the following production systems: