This Blog’s Infrastructure

The stack that runs this WordPress installation evolved over many months; from the beginning of 2017 to now, I have been fine-tuning my lab to accommodate a number of services and applications, including those needed to run this blog.  The whole process really started years ago when I first setup a home server, but that’s a topic for another post.  Here, I will give you the basic run down of how how this shit works.

For the data store, I run MySQL in a Docker container.   Nothing special, I’m just running the official MySQL Docker Image from the DockerHub.  The next step up in the stack is the application itself.  For this installation, that’s just the official WordPress image from the DockerHub.  I don’t know the exact details of what is running in there, but that should be relatively easy to figure out in a few Google searches.

This is where the fun starts.  At home, I have 2 WAN connections (two separate Internet services).  One is 50/5 cable, and one is 8/.8 DSL.  They are configured in a pfSense WAN failover group, and both have dynamic public IPs.  This is not an ideal situation for hosting a website, and I don’t want to host my site on a VPS.  As I was going to college, I was setting up a VPS to provide me with a way to reliably VPN into mt home network, even if my public IP at home changes, or one of my ISPs goes down  (I’ll make a detailed post on that another time.  Basically the VPS has a constant site-to-site OpenVPN tunnel to my pfSense

router at home.  The router connects to the VPS, and is configured to failover to whatever ISP is working).  I realized that I could use this for my blog.  I deployed an Nginx docker container to my VPS, and set it up as a reverse proxy to handle my blog.  It uses the site-to-site VPN tunnel to connect to the actual WordPress server, which is running in my basement.  I even configured some caching so images would load faster.  The VPS basically acts as a bridge that will always have a connection to my home network.  This project probably would not have worked if it was not for the work I put into having a reliable VPN connection to my home network.

Leave a Reply

Your email address will not be published. Required fields are marked *