- About Me + About Me
@@ -151,7 +151,7 @@ @@ -179,7 +179,7 @@ I mainly want to post about what I learned, what inspires me.- What am I currently working on + What am I currently working on
@@ -187,7 +187,7 @@ I mainly want to post about what I learned, what inspires me. @@ -197,13 +197,18 @@ I mainly want to post about what I learned, what inspires me.
-
diff --git a/public/index.xml b/public/index.xml
index 41da23e..e0027da 100644
--- a/public/index.xml
+++ b/public/index.xml
@@ -2,25 +2,25 @@
Building a Self-Sustaining Infrastructure: A Two-Server Docker Setup -Overview -Creating a resilient, self-sustaining infrastructure doesn’t require complex enterprise solutions. With two strategically configured servers and a well-thought-out backup strategy, you can achieve both reliability and security for your self-hosted applications.
-The Architecture -Docker Host Server -The primary server runs all application workloads using Docker containers. This containerized approach provides:
-Isolation: Each service runs in its own container with defined resources
+Building a Self-Sustaining Infrastructure: A Two-Server Docker Setup
+Overview
+Creating a resilient, self-sustaining infrastructure doesn’t require complex enterprise solutions. With two strategically configured servers and a well-thought-out backup strategy, you can achieve both reliability and security for your self-hosted applications.
+The Architecture
+Docker Host Server
+The primary server runs all application workloads using Docker containers. This containerized approach provides:
+-
+
- Isolation: Each service runs in its own container with defined resources +
- Portability: Services can be easily migrated or replicated +
- Consistency: Docker Compose configurations ensure reproducible deployments +
The Docker host maintains minimal external exposure, with only essential ports opened to the internet. This reduces the attack surface while still providing necessary services.
- About Me + About Me
diff --git a/public/posts/index.html b/public/posts/index.html index a3dee56..edcc089 100644 --- a/public/posts/index.html +++ b/public/posts/index.html @@ -1,6 +1,6 @@ - +- About Me + About Me
@@ -161,14 +161,14 @@ I mainly want to post about what I learned, what inspires me.- What am I currently working on + What am I currently working on
@@ -178,13 +178,18 @@ I mainly want to post about what I learned, what inspires me.
-
diff --git a/public/posts/index.xml b/public/posts/index.xml
index 080ee90..8782ce6 100644
--- a/public/posts/index.xml
+++ b/public/posts/index.xml
@@ -2,25 +2,25 @@
Building a Self-Sustaining Infrastructure: A Two-Server Docker Setup -Overview -Creating a resilient, self-sustaining infrastructure doesn’t require complex enterprise solutions. With two strategically configured servers and a well-thought-out backup strategy, you can achieve both reliability and security for your self-hosted applications.
-The Architecture -Docker Host Server -The primary server runs all application workloads using Docker containers. This containerized approach provides:
-Isolation: Each service runs in its own container with defined resources
+Building a Self-Sustaining Infrastructure: A Two-Server Docker Setup
+Overview
+Creating a resilient, self-sustaining infrastructure doesn’t require complex enterprise solutions. With two strategically configured servers and a well-thought-out backup strategy, you can achieve both reliability and security for your self-hosted applications.
+The Architecture
+Docker Host Server
+The primary server runs all application workloads using Docker containers. This containerized approach provides:
+-
+
- Isolation: Each service runs in its own container with defined resources +
- Portability: Services can be easily migrated or replicated +
- Consistency: Docker Compose configurations ensure reproducible deployments +
The Docker host maintains minimal external exposure, with only essential ports opened to the internet. This reduces the attack surface while still providing necessary services.
- What am I currently working on + What am I currently working on
@@ -146,45 +146,55 @@ Isolation: Each service runs in its own container with defined resources
-
+
Building a Self-Sustaining Infrastructure: A Two-Server Docker Setup -Overview -Creating a resilient, self-sustaining infrastructure doesn’t require complex enterprise solutions. With two strategically configured servers and a well-thought-out backup strategy, you can achieve both reliability and security for your self-hosted applications.
-The Architecture -Docker Host Server -The primary server runs all application workloads using Docker containers. This containerized approach provides:
-Isolation: Each service runs in its own container with defined resources
-Portability: Services can be easily migrated or replicated
-Consistency: Docker Compose configurations ensure reproducible deployments
+Building a Self-Sustaining Infrastructure: A Two-Server Docker Setup#
+Overview#
+Creating a resilient, self-sustaining infrastructure doesn’t require complex enterprise solutions. With two strategically configured servers and a well-thought-out backup strategy, you can achieve both reliability and security for your self-hosted applications.
+The Architecture#
+Docker Host Server#
+The primary server runs all application workloads using Docker containers. This containerized approach provides:
+-
+
- Isolation: Each service runs in its own container with defined resources +
- Portability: Services can be easily migrated or replicated +
- Consistency: Docker Compose configurations ensure reproducible deployments +
The Docker host maintains minimal external exposure, with only essential ports opened to the internet. This reduces the attack surface while still providing necessary services.
-Backup Storage Server -The secondary server serves as a dedicated backup repository with substantial storage capacity. This server is:
-Isolated from the internet: No external access is permitted
-Secured via iptables: Firewall rules prevent unauthorized connections
-Connected via WireGuard VPN: Encrypted tunnel ensures secure communication between servers
-Security Through Network Segmentation -The WireGuard VPN creates a secure, encrypted tunnel between the Docker host and backup server. This architecture provides several benefits:
-Private communication channel for backup operations
-Zero trust model for the backup server (completely isolated from public internet)
-Reduced risk of data exfiltration
-Encrypted data transfer between servers
-Automated Backup Strategy -Daily automated backups capture the critical components:
-Database Backups -All databases are exported and stored, ensuring data consistency and point-in-time recovery capabilities.
-Docker Volume Backups -Persistent data from Docker volumes is systematically backed up, including:
-Application configuration files
-User-generated content
-Service-specific data stores
+Backup Storage Server#
+The secondary server serves as a dedicated backup repository with substantial storage capacity. This server is:
+-
+
- Isolated from the internet: No external access is permitted +
- Secured via iptables: Firewall rules prevent unauthorized connections +
- Connected via WireGuard VPN: Encrypted tunnel ensures secure communication between servers +
Security Through Network Segmentation#
+The WireGuard VPN creates a secure, encrypted tunnel between the Docker host and backup server. This architecture provides several benefits:
+-
+
- Private communication channel for backup operations +
- Zero trust model for the backup server (completely isolated from public internet) +
- Reduced risk of data exfiltration +
- Encrypted data transfer between servers +
Automated Backup Strategy#
+Daily automated backups capture the critical components:
+Database Backups#
+All databases are exported and stored, ensuring data consistency and point-in-time recovery capabilities.
+Docker Volume Backups#
+Persistent data from Docker volumes is systematically backed up, including:
+-
+
- Application configuration files +
- User-generated content +
- Service-specific data stores +
This comprehensive approach ensures that the entire infrastructure can be restored from backups, making the system truly self-sustaining.
-Benefits of This Approach -Resilience: Hardware failure on the Docker host doesn’t result in data loss -Security: Multi-layered security with network segmentation and minimal exposure -Maintainability: Containerized services are easy to update and manage -Scalability: Additional Docker hosts can connect to the same backup server -Cost-effective: Self-hosted solution with predictable costs
-Conclusion -This two-server architecture strikes an excellent balance between simplicity and robustness. By combining Docker containerization with a dedicated, secured backup server connected via WireGuard, you achieve enterprise-grade reliability without enterprise-level complexity. Daily automated backups provide peace of mind, while the security-first network design protects your data from external threats.
+Benefits of This Approach#
+Resilience: Hardware failure on the Docker host doesn’t result in data loss
+Security: Multi-layered security with network segmentation and minimal exposure
+Maintainability: Containerized services are easy to update and manage
+Scalability: Additional Docker hosts can connect to the same backup server
+Cost-effective: Self-hosted solution with predictable costs
Conclusion#
+This two-server architecture strikes an excellent balance between simplicity and robustness. By combining Docker containerization with a dedicated, secured backup server connected via WireGuard, you achieve enterprise-grade reliability without enterprise-level complexity. Daily automated backups provide peace of mind, while the security-first network design protects your data from external threats.
++
This setup demonstrates that effective infrastructure doesn’t require massive cloud budgets—just thoughtful design and consistent execution.
-
diff --git a/public/tags/blog/index.xml b/public/tags/blog/index.xml
index 215629c..2efa1a2 100644
--- a/public/tags/blog/index.xml
+++ b/public/tags/blog/index.xml
@@ -20,7 +20,7 @@
https://blog.fuhlig.de/posts/whatimworkingoncurrently/
Building a Self-Sustaining Infrastructure: A Two-Server Docker Setup -Overview -Creating a resilient, self-sustaining infrastructure doesn’t require complex enterprise solutions. With two strategically configured servers and a well-thought-out backup strategy, you can achieve both reliability and security for your self-hosted applications.
-The Architecture -Docker Host Server -The primary server runs all application workloads using Docker containers. This containerized approach provides:
-Isolation: Each service runs in its own container with defined resources
+Building a Self-Sustaining Infrastructure: A Two-Server Docker Setup
+Overview
+Creating a resilient, self-sustaining infrastructure doesn’t require complex enterprise solutions. With two strategically configured servers and a well-thought-out backup strategy, you can achieve both reliability and security for your self-hosted applications.
+The Architecture
+Docker Host Server
+The primary server runs all application workloads using Docker containers. This containerized approach provides:
+-
+
- Isolation: Each service runs in its own container with defined resources +
- Portability: Services can be easily migrated or replicated +
- Consistency: Docker Compose configurations ensure reproducible deployments +
The Docker host maintains minimal external exposure, with only essential ports opened to the internet. This reduces the attack surface while still providing necessary services.