I know

Maybe the first or second post being about the fact that I'm writing a blog might be a bit cliche. But I have been asked if I have one before (by more than one person) and could do with somewhere to write about projects and the things I'm toying with.

The stack

So lets write about something moderately interesting, the stack on which the blog is built.

The hardware

The machine serving the content at the minute is a mid-2013 Macbook Pro running ubuntu 18.04, normally I'd rather use that as my main machine over my current mid-2012 Macbook Air (OSX) however it's suffering from a fairly wide-spread GPU problem so once every few hours the screen turns off. It needs some time before it can be restarted and the correct GPU is used. It does however still run fine in this state and given a decent CPU, 16GB ram & the ability to connect to the internet, it makes a decent server.

Docker

I've fallen for docker in the same way everyone else did back in 2013. Containerisation is merely a single part of what I like about the current Ops toolbox, swarm and docker hub have both proven invaluable in providing "turnkey" services which allows for rapid deployment & even more easily, tear down.

Portainer

I've been using portainer as a management tool for docker, I'm typically a CLI person but some services are just a little too big for me to comfortably wrap my head around & this offers both an easy overview of the service & also the ability to create services simply.

Ghost

I'm using the official docker Ghost container with a volume mapped to /var/lib/ghost/content for content retention (obviously). Ghost is running a theme called Ghostium which has been lightly modified to add my own information in the side bar (check the burger menu at the top left)

Load Balancing

Traefik handles SSL & hostname routing primarily, there are some other services in use on "server", Traefik can assign a hostname to each service & acquire an SSL certificate from LetsEncrypt. This means my nextcloud instance, my blog and any of my own personal projects can all be routed out via the same port and wrapped in highly secure SSL. Finally this is all routed to you though cloudflare which handles some caching & provides a small amount of analytics.

Conclusion

The current service feels fairly standard to me, it's very similar to other service set-ups I've read about (aside from the hardware). Over the next few weeks I aim to throw out some more interesting posts as I get dirtier with ceph.