jonas_namespace

How This Website is Hosted

This is a blog about my trials and tribulations in getting this WordPress site hosted inside a Docker container running on a Windows 10 machine.

I’ve been hosting my website using Google domains for a few years on a Linux machine. At first I was running WordPress natively, using Apache, then inside Docker (thank you to the wonderful community) on a Raspberry pi, then on a spare machine I had running in my office.

Recently, however, I have been reducing the number of machines I need running. I have it down to just a few. One is my workstation, machine #2 is a Windows server with 28TB of media and backups, and machine #3 was a Linux server which was running WordPress site and Teslamate inside containers.

All of the routing was done with Google Domains, DNS entries, and LetsEncrypt for SSL. The challenge here was to host this from Windows which isn’t straightforward.

The Windows server is running Plex Media Server (exactly what it sounds like) and StableBit Drive Pool. You can think of that as a software JBOD RAID array, with different folders being allowed differing duplication levels. If a disk fails you get an email, and can replace it at your leisure (no more waiting for the array to rebuild).

For one thing, Windows containers are running in Hyper-V, which, itself is accessible through WSL2 (the Windows Subsystem for Linux). Docker networks, by default, don’t bind to a host’s network interface, and topping that off, I hadn’t used nginx in much capacity before.

But it all came to fruition after a long weekend.

I think by the end of the weekend my game plan when debugging connectivity was:

  1. Access the website from localhost
  2. Access it from the LAN
  3. Access it from the Internet

The challenges were:

  1. Host the WordPress container
  2. Host the Teslamate/Grafana stack
  3. Reverse proxy with nginx
  4. Get SSL enabled through LetsEncrypt
Teslamate

Check out the GitHub repo for the end result, but the meat is:

worker_processes  1;

events { worker_connections  1024; }


http {
    	sendfile        on;
	
    	proxy_set_header	Host $host;
	proxy_set_header	X-Real-IP $remote_addr;
	proxy_set_header	X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header	X-Forwarded-Host $server_name;
	
	server {
		listen 80;
		listen [::]:80;
		listen 443 default_server ssl http2;
		listen [::]:443 ssl http2;
		ssl_certificate /etc/nginx/ssl/live/jonasjschreiber.com/fullchain.pem;
		ssl_certificate_key /etc/nginx/ssl/live/jonasjschreiber.com/privkey.pem;
        	client_max_body_size 500M ;

		
		server_name localhost jonasjschreiber.com www.jonasjschreiber.com
		server_tokens off;
		
		location / {
			proxy_pass 		   http://wordpress:80;
        		proxy_redirect     off;
		}
		
		location /grafana {
		    	proxy_pass 		   http://grafana:3000;
	        	proxy_redirect     off;
		}
		location /teslamate {
			return 301  http://localhost:4000;
		}
		
		location /.well-known/acme-challenge/ {
			root /var/www/certbot;
		}
		
        	#error_page   500 502 503 504  /50x.html;
       		location = /50x.html {
        		root   html;
		}
		
   	}  
}

Posted

in

by

JonasJSchreiber

Tags:

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *