Recently
Woof, so much has changed! Every single thing I said in my last entry is completely invalid, including the TLD… 😅 My portfolio’s still hosted on ezracelli.com (well it’s not up yet, but it will be shortly), since that’s the “commercial” part of my home setup, but everything else is now on ezracelli.dev.
The biggest is my home server and hosting architecture. I hated what I had set up before — there was one server that ran everything in Docker (even static sites like this one!) via one giant docker-compose.yml.
Because my public IP was shared with my roommate, we set up Nginx Proxy Manager as the reverse proxy, which was pretty nice; it has a UI to add “proxy hosts” and the option to automatically provision and renew certificates from Let’s Encrypt.
Unfortunately, Nginx is notoriously difficult to configure for non-HTTP upstreams (or HTTP extensions, like Web Sockets), and Nginx Proxy Manager doesn’t have any UI for configuring that (though it does have a “shell out” feature where you can add Nginx configuration blocks directly)…
Traefik
So, I switched to Traefik! Though it’s not possible to manage the configuration via the Dashboard UI, the config options are very well-documented, and it supports automatic service discovery via the Docker provider (among others).
Traefik also supports Let’s Encrypt provisioning, with one feature Nginx Proxy Manager doesn’t support — wildcard subdomains! Nginx Proxy Manager only supports the HTTP-01 challenge, but wildcard domain certs require the DNS-01 challenge. My DNS is managed by Google Cloud DNS, so all I had to do was create a service account for Traefik to use and configure the certResolver in Traefik’s config.
GitLab
What’s that wildcard cert for, anyway? That’s the second biggest infrastructure change, addressing the root of the problem: I now have a self hosted GitLab instance, decked out with self-hosted runners, GitLab Pages, a Docker Container Registry, automatic backups to S3… the works! GitLab Pages requires a wildcard cert, since user pages are served from ${namespace}.${domain}/${project}.
Compared to Gitea, GitLab was a nightmare and a half to set up. It took three full days of work, which I’m chalking up to the fact that the documentation is too all-encompassing. Each page of documentation page is a novel, so finding what you want to know isn’t always easy.
With that said, it was definitely worth it in the end; GitLab is super flexible, and Pages allows me to build, deploy, and host static sites in a predictable way — while holding on to the source files. (I’ve swapped operating systems on the server a few times, and while the built sites always stick around, I have a habit of not keeping track of the source files.)
That’s actually part of the reason I haven’t written a post on this blog in more than two years; the old Jekyll implementation was lost to a move at some point. This one’s built by Astro, which has been an amazing experience! Super fast builds, and way more flexible than comparable tools. If I can find the motivation, I’ll write a full post on that soon.
Life
I know this is more of a journal thing, but… I bought an apartment! In NYC! !!! We’re moving in next month, and I can’t wait. It’s absolutely gorgeous.
!!!!!