rebuild

content/posts/AboutMe.md

@@ -2,6 +2,7 @@
 title: "About Me"
 date: 2025-12-01
 tags: ["blog"]
+weight: 1
 draft: false
 ---
 

content/posts/WhatImWorkingOnCurrently.md

@@ -5,13 +5,65 @@ tags: ["blog"]
 draft: false
 ---
 
-### Goals
-- Have an self sustaining hosted infrastructure
-- Have bakups of everything
+Building a Self-Sustaining Infrastructure: A Two-Server Docker Setup
+Overview
+Creating a resilient, self-sustaining infrastructure doesn't require complex enterprise solutions. With two strategically configured servers and a well-thought-out backup strategy, you can achieve both reliability and security for your self-hosted applications.
 
+The Architecture
+Docker Host Server
+The primary server runs all application workloads using Docker containers. This containerized approach provides:
 
-### Current point
-- My current infrasturcure looks like on hosted server with docker containers running and one hosted server with a lot of data storage
-- Backups are done every day
-- Backups are made of the databases and docker volumes
-- The two servers are connected via a Wireguard-VPN and the backup server is not available from the outside (secured via iptables) the docker host has only a few ports available by the outside
+Isolation: Each service runs in its own container with defined resources
+
+Portability: Services can be easily migrated or replicated
+
+Consistency: Docker Compose configurations ensure reproducible deployments
+
+The Docker host maintains minimal external exposure, with only essential ports opened to the internet. This reduces the attack surface while still providing necessary services.
+
+Backup Storage Server
+The secondary server serves as a dedicated backup repository with substantial storage capacity. This server is:
+
+Isolated from the internet: No external access is permitted
+
+Secured via iptables: Firewall rules prevent unauthorized connections
+
+Connected via WireGuard VPN: Encrypted tunnel ensures secure communication between servers
+
+Security Through Network Segmentation
+The WireGuard VPN creates a secure, encrypted tunnel between the Docker host and backup server. This architecture provides several benefits:
+
+Private communication channel for backup operations
+
+Zero trust model for the backup server (completely isolated from public internet)
+
+Reduced risk of data exfiltration
+
+Encrypted data transfer between servers
+
+Automated Backup Strategy
+Daily automated backups capture the critical components:
+
+Database Backups
+All databases are exported and stored, ensuring data consistency and point-in-time recovery capabilities.
+
+Docker Volume Backups
+Persistent data from Docker volumes is systematically backed up, including:
+
+Application configuration files
+
+User-generated content
+
+Service-specific data stores
+
+This comprehensive approach ensures that the entire infrastructure can be restored from backups, making the system truly self-sustaining.
+
+Benefits of This Approach
+Resilience: Hardware failure on the Docker host doesn't result in data loss
+Security: Multi-layered security with network segmentation and minimal exposure
+Maintainability: Containerized services are easy to update and manage
+Scalability: Additional Docker hosts can connect to the same backup server
+Cost-effective: Self-hosted solution with predictable costs
+
+Conclusion
+This two-server architecture strikes an excellent balance between simplicity and robustness. By combining Docker containerization with a dedicated, secured backup server connected via WireGuard, you achieve enterprise-grade reliability without enterprise-level complexity. Daily automated backups provide peace of mind, while the security-first network design protects your data from external threats.