Let's take a moment and take a look at what initsix.dev is and how it is built.

initsix.dev is a tech blog and a knowledgebase site built with, but not limited to Ghost, Realms-wiki and Nginx running inside a docker-compose managed environment. It is meant to be a place for laying out ideas, personal project details, and also sharing and archiving knowledge. You can find out more about me here, but for now, let's get back to the site.

As you may already suspect this initsix.dev will mainly be a technical site, almost always having something to do with QA, automation, development and DevOps topics, with some hints of me trying to be funny. So to give you a taste of content that you can expect, here are the internal workings of this site.

The server it is running on is a DigitalOcean Debian Linux droplet with:

  • 1 vCPU
  • 3 GB ram
  • 60 GB disk

All of the sites web content is being run with the help of docker-compose:

version: '3'
services:
  nginx:
    container_name: nginx
    image: nginx:1.17
    restart: always
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./nginx/default:/etc/nginx/conf.d/default.conf
      - /etc/letsencrypt:/etc/letsencrypt
    logging:
      driver: none
  ghost:
    container_name: ghost
    image: ghost:3.0-alpine
    restart: always
    volumes:
      - ./ghost/data:/var/lib/ghost/content
    environment:
       - url=https://initsix.dev
  wiki:
    container_name: wiki 
    image: realms/realms-wiki:latest 
    volumes:                                     
      - ./wiki/realms-data/wiki.db:/home/wiki/realms-wiki/wiki.db
      - ./wiki/realms-wiki.json:/home/wiki/realms-wiki/realms-wiki.json
      - ./wiki/wiki:/home/wiki/realms-wiki/wiki
    environment:
       - url=https://wiki.initsix.dev

SSL/TLS has been set up over letsencrypt.org via certbot and an Nginx reverse proxy is being used to handle SSL/TLS and route traffic.

default.conf

server {
        server_name initsix.dev;
        listen 443 ssl;

location / {
                proxy_pass      http://ghost:2368;
                proxy_set_header    X-Real-IP $remote_addr;
                proxy_set_header    Host      $http_host;
                proxy_set_header X-Forwarded-Proto https;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
        ssl_certificate /etc/letsencrypt/live/initsix.dev/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/initsix.dev/privkey.pem;
        ssl on;
}
server {
        server_name wiki.initsix.dev;
        listen 443 ssl;
location / {
                proxy_pass      http://wiki:5000;
                proxy_set_header    X-Real-IP $remote_addr;
                proxy_set_header    Host      $http_host;
                proxy_set_header X-Forwarded-Proto https;  
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }                                 
        ssl_certificate /etc/letsencrypt/live/wiki.initsix.dev/fullchain.pem;                                         
        ssl_certificate_key /etc/letsencrypt/live/wiki.initsix.dev/privkey.pem;                                   
        ssl on;
}  

And that's about it, stay tuned for more.

P.S. Security trough obscurity, I know, I know.