Prerequisite
What I started when I wanted to start writing blog posts was to first, think about different ways to publish simple content. I didn’t want a stupidly complex system, and I wanted to just build on ready-made software, rather than write something myself.
I also wanted to host everything in my own server. This is something I’ve started to come around after trying to like Cloud Hosting for many years, and always getting the ick -feeling.
Cloud hosting has it’s perks, it scales really easily. You can just publish containers and you have a lot of different hosting services (not just Google, AWS or Azure ), mainly built on top of Kubernetes.
Hosting is fun!
But nothing beats having your own server (even if it is leased). Hosting everything on your own, configuring and setting up everything like you want. Nothing gives you as much control, learning experience, but above else: fun.
I get so much fun while building my own infrastructure, making every piece of the system work, going over log files, making sure you do things The Proper Way. So yes, it’s a lot more work, but the gains to do everything on your own, building everything (by piecing ready made software), and linking everything so that the whole System works like You want!
What these last few weeks have been teaching me, and why I’m writing these posts. I really want to be in control of my own systems. It teaches you so much more than just pushing containers to Cloud Run.
But most importantly, every time you learn something new, get new piece of the system to work, fix something that bothered you, you get this elevated fun factor.
Building everything
So I went trough couple different system:
- Drupal – I’m extensively knowledgeable with Drupal, and even built a containerized system which I could deploy. But after getting everything done, and installing it, I just figured that it would take too long to actually build the website.
- Hugo – No go, I wanted to be able to write Posts from all around the world. And hosting content in GitHub and posting to my personal server didn’t sound good.
And what I ended up with? WordPress, I’ve installed WordPress once or twice, maybe 10+ years ago. It has always been in my mind this, software that is made purely for blogs. But most importantly, It has been in the news a lot how the security is total shite. Bugs here, bugs there, how many millions of WordPress sites have been infected or hijacked by bots.
But I decided that, even if that is true. I just need to keep WordPress updated, install minimal number of Plugins. And just hope that I’m technically savvy enough to get things secure. And my last line of defense, containers. Since I’m running everything in containers, even if someone manages to hack my WordPress, only thing they get access is few containers. Never the actual host machine.
Containers everywhere
So like I said in the previous post, I like separation of concerns, and even in simple things like websites, it works marvelously. Since you need multiple different software to get the whole system up and running, it makes total sense to just put everything in different containers.
So while I really do like to build things, I also think that it’s stupid to create everything from scratch every time. So as with everything, I just googled and found this handy guide how to build containerized WordPress with certbot and everything: How To Install WordPress With Docker Compose
But nothing is as simple as you think when you want to run everything in your own server.
Self made proxying?
So as I was about to publish, and I did manage to publish everything In my own server. I of course immediately ran in to the obvious problem; how do you run multiple nginx -services in the same server when everyone wants to attach to the same :80 -port?
It’s been over 10 years since I last time hosted my own websites. And then all I did was manage everything in this global nginx and php-fpm services. But with containers, you can’t do that anymore. You even don’t want to do anything like this.
So I toyed a bit, googled some solutions how people have managed these? And the most common and easy solution would have been to run nginx with proxy-pass as my first source of truth. I even toyed with this. But I encountered some problems that didn’t fit my ideology:
- Who handles SSL -certificates? Application or Proxy?
- Running a piece of software I need to manually update every time I want to release a new application.
Traefik Proxy
After fumbling a bit about how can this be so difficult. I found the solution in some obscure reddit conversation: Traefik. Yes, traefik at first seems to be a solution that does everything. Usually these kind of solutions are too big and obscure for the normal person who just want’s easy proxying.
But after toying it a bit, and looking at the actual open source software: Traefik Proxy
- Proper edgerouter to handle all the proxying I need and more.
- Handle all of my SSL needs via Let’sencrypt.
- Zero configuration after everything has been setup.
So even if traefik can do a lot more, connect to docker swarms, load balancing with multiple servers, and do all kind of things automatically. It’s actually really well suited for single server setups as well.
So after a few hours, traefik running on my server. And after few days of fumbling with how to connect my websites to traefik. Everything working like I wanted, and even more. I don’t need to touch traefik, I just build and configure my websites and let traefik auto discovery handle the rest.
But I do admit, I had a lot of trouble getting everything connecting properly and getting routes and networking working so that everything Just Works.
Learning to take away from this:
- When trying to configure new services and applications and making everything work. Start small, it’s easier to go from something that works (http) and then start stacking new features (ssl, etc).
- Start with simple services, do not go for the big ones with multiple containers and different internal routing.
Thoughts about all of this?
Finding, configuring and getting traefik to work was a good eye opener for me. I do code a bit, do some light stuff here and there if need be. But for most of my personal system to work, i don’t want to code to make them work. That made the whole nginx-proxy-pass a no go at the beginning even if I tried to accept it.
But mostly getting traefik to run has solified the idea people should try to adopt more: Do less custom solutions, use ready made solutions more. I think it’s easier for people to adapt to changes in how systems work rather than trying to adapt every system to work how some obscure group of people want their system to work.
It’s really easy to just accept that yes, I will code this, I will code that, I will solve this with custom code. But then you need to keep maintaining that code? Who has time for that! I want to do more new stuff, not keep going back to maintain some old piece of code.
Architectural Philosophical – Create so that you are not needed
So the idea is that you should build and create new things so that they require minimal maintenance. Be it just to update some docker images. Or updating some software every fortnight. Be it as much as you want, but please do try to minimize maintenance.
It’s much more fun to build new stuff, build new services, systems that interact, create new functionality, than it is to go and maintain some obscure piece of code you built 6 months ago!
Most of the time, it’s how you view problems and how you think them, if your solution is always to code this small piece of code because it’s “easier”, you’re just creating more stuff you need to maintain yourself. And for me, I want to build and forget today, so I can build something new tomorrow.