229 lines
8.5 KiB
HTML
229 lines
8.5 KiB
HTML
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
|
|
<title>What am I currently working on :: TechnicalBlog</title>
|
|
|
|
<meta http-equiv="content-type" content="text/html; charset=utf-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<meta name="description" content="Building a Self-Sustaining Infrastructure: A Two-Server Docker Setup Overview Creating a resilient, self-sustaining infrastructure doesn’t require complex enterprise solutions. With two strategically configured servers and a well-thought-out backup strategy, you can achieve both reliability and security for your self-hosted applications.
|
|
The Architecture Docker Host Server The primary server runs all application workloads using Docker containers. This containerized approach provides:
|
|
Isolation: Each service runs in its own container with defined resources
|
|
" />
|
|
<meta name="keywords" content="" />
|
|
|
|
<meta name="robots" content="noodp" />
|
|
|
|
<link rel="canonical" href="https://blog.fuhlig.de/posts/whatimworkingoncurrently/" />
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<link rel="stylesheet" href="https://blog.fuhlig.de/css/buttons.min.86f6b4c106b6c6eb690ae5203d36b442c1f66f718ff4e8164fa86cf6c61ad641.css">
|
|
|
|
|
|
<link rel="stylesheet" href="https://blog.fuhlig.de/css/code.min.d529ea4b2fb8d34328d7d31afc5466d5f7bc2f0bc9abdd98b69385335d7baee4.css">
|
|
|
|
|
|
<link rel="stylesheet" href="https://blog.fuhlig.de/css/fonts.min.5bb7ed13e1d00d8ff39ea84af26737007eb5051b157b86fc24487c94f3dc8bbe.css">
|
|
|
|
|
|
<link rel="stylesheet" href="https://blog.fuhlig.de/css/footer.min.eb8dfc2c6a7eafa36cd3ba92d63e69e849e2200e0002a228d137f236b09ecd75.css">
|
|
|
|
|
|
<link rel="stylesheet" href="https://blog.fuhlig.de/css/gist.min.a751e8b0abe1ba8bc53ced52a38b19d8950fe78ca29454ea8c2595cf26aad5c0.css">
|
|
|
|
|
|
<link rel="stylesheet" href="https://blog.fuhlig.de/css/header.min.75c7eb0e2872d95ff48109c6647d0223a38db52e2561dd87966eb5fc7c6bdac6.css">
|
|
|
|
|
|
<link rel="stylesheet" href="https://blog.fuhlig.de/css/main.min.36833afd348409fc6c3d09d0897c5833d9d5bf1ff31f5e60ea3ee42ce2b1268c.css">
|
|
|
|
|
|
<link rel="stylesheet" href="https://blog.fuhlig.de/css/menu.min.3c17467ebeb3d38663dce68f71f519901124fa5cbb4519b2fb0667a21e9aca39.css">
|
|
|
|
|
|
<link rel="stylesheet" href="https://blog.fuhlig.de/css/pagination.min.bbb986dbce00a5ce5aca0504b7925fc1c581992a4bf57f163e5d69cc1db7d836.css">
|
|
|
|
|
|
<link rel="stylesheet" href="https://blog.fuhlig.de/css/post.min.e6dddd258e64c83e05cec0cd49c05216742d42fc8ecbfbe6b67083412b609bd3.css">
|
|
|
|
|
|
<link rel="stylesheet" href="https://blog.fuhlig.de/css/syntax.min.a0773cce9310cb6d8ed23e50f005448facf29a53001b57e038828daa466b25c0.css">
|
|
|
|
|
|
<link rel="stylesheet" href="https://blog.fuhlig.de/css/terminal.min.e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855.css">
|
|
|
|
|
|
<link rel="stylesheet" href="https://blog.fuhlig.de/css/terms.min.b81791663c3790e738e571cdbf802312390d30e4b1d8dc9d814a5b5454d0ac11.css">
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<link rel="shortcut icon" href="https://blog.fuhlig.de/favicon.png">
|
|
<link rel="apple-touch-icon" href="https://blog.fuhlig.de/apple-touch-icon.png">
|
|
|
|
|
|
<meta name="twitter:card" content="summary" />
|
|
|
|
|
|
|
|
<meta property="og:locale" content="en" />
|
|
<meta property="og:type" content="article" />
|
|
<meta property="og:title" content="What am I currently working on">
|
|
<meta property="og:description" content="Building a Self-Sustaining Infrastructure: A Two-Server Docker Setup Overview Creating a resilient, self-sustaining infrastructure doesn’t require complex enterprise solutions. With two strategically configured servers and a well-thought-out backup strategy, you can achieve both reliability and security for your self-hosted applications.
|
|
The Architecture Docker Host Server The primary server runs all application workloads using Docker containers. This containerized approach provides:
|
|
Isolation: Each service runs in its own container with defined resources
|
|
" />
|
|
<meta property="og:url" content="https://blog.fuhlig.de/posts/whatimworkingoncurrently/" />
|
|
<meta property="og:site_name" content="TechnicalBlog" />
|
|
|
|
<meta property="og:image" content="https://blog.fuhlig.de/og-image.png">
|
|
|
|
<meta property="og:image:width" content="1200">
|
|
<meta property="og:image:height" content="627">
|
|
|
|
|
|
<meta property="article:published_time" content="2025-12-03 00:00:00 +0000 UTC" />
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</head>
|
|
<body>
|
|
|
|
|
|
<div class="container center">
|
|
|
|
<header class="header">
|
|
<div class="header__inner">
|
|
<div class="header__logo">
|
|
<a href="/">
|
|
<div class="logo">
|
|
TechnicalBlog
|
|
</div>
|
|
</a>
|
|
|
|
</div>
|
|
|
|
|
|
</div>
|
|
|
|
</header>
|
|
|
|
|
|
<div class="content">
|
|
|
|
<article class="post">
|
|
<h1 class="post-title">
|
|
<a href="https://blog.fuhlig.de/posts/whatimworkingoncurrently/">What am I currently working on</a>
|
|
</h1>
|
|
<div class="post-meta"><time class="post-date">2025-12-03</time></div>
|
|
|
|
|
|
<span class="post-tags">
|
|
|
|
#<a href="https://blog.fuhlig.de/tags/blog/">blog</a>
|
|
|
|
</span>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<div class="post-content"><div>
|
|
<p>Building a Self-Sustaining Infrastructure: A Two-Server Docker Setup
|
|
Overview
|
|
Creating a resilient, self-sustaining infrastructure doesn’t require complex enterprise solutions. With two strategically configured servers and a well-thought-out backup strategy, you can achieve both reliability and security for your self-hosted applications.</p>
|
|
<p>The Architecture
|
|
Docker Host Server
|
|
The primary server runs all application workloads using Docker containers. This containerized approach provides:</p>
|
|
<p>Isolation: Each service runs in its own container with defined resources</p>
|
|
<p>Portability: Services can be easily migrated or replicated</p>
|
|
<p>Consistency: Docker Compose configurations ensure reproducible deployments</p>
|
|
<p>The Docker host maintains minimal external exposure, with only essential ports opened to the internet. This reduces the attack surface while still providing necessary services.</p>
|
|
<p>Backup Storage Server
|
|
The secondary server serves as a dedicated backup repository with substantial storage capacity. This server is:</p>
|
|
<p>Isolated from the internet: No external access is permitted</p>
|
|
<p>Secured via iptables: Firewall rules prevent unauthorized connections</p>
|
|
<p>Connected via WireGuard VPN: Encrypted tunnel ensures secure communication between servers</p>
|
|
<p>Security Through Network Segmentation
|
|
The WireGuard VPN creates a secure, encrypted tunnel between the Docker host and backup server. This architecture provides several benefits:</p>
|
|
<p>Private communication channel for backup operations</p>
|
|
<p>Zero trust model for the backup server (completely isolated from public internet)</p>
|
|
<p>Reduced risk of data exfiltration</p>
|
|
<p>Encrypted data transfer between servers</p>
|
|
<p>Automated Backup Strategy
|
|
Daily automated backups capture the critical components:</p>
|
|
<p>Database Backups
|
|
All databases are exported and stored, ensuring data consistency and point-in-time recovery capabilities.</p>
|
|
<p>Docker Volume Backups
|
|
Persistent data from Docker volumes is systematically backed up, including:</p>
|
|
<p>Application configuration files</p>
|
|
<p>User-generated content</p>
|
|
<p>Service-specific data stores</p>
|
|
<p>This comprehensive approach ensures that the entire infrastructure can be restored from backups, making the system truly self-sustaining.</p>
|
|
<p>Benefits of This Approach
|
|
Resilience: Hardware failure on the Docker host doesn’t result in data loss
|
|
Security: Multi-layered security with network segmentation and minimal exposure
|
|
Maintainability: Containerized services are easy to update and manage
|
|
Scalability: Additional Docker hosts can connect to the same backup server
|
|
Cost-effective: Self-hosted solution with predictable costs</p>
|
|
<p>Conclusion
|
|
This two-server architecture strikes an excellent balance between simplicity and robustness. By combining Docker containerization with a dedicated, secured backup server connected via WireGuard, you achieve enterprise-grade reliability without enterprise-level complexity. Daily automated backups provide peace of mind, while the security-first network design protects your data from external threats.</p>
|
|
|
|
</div></div>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</article>
|
|
|
|
</div>
|
|
|
|
|
|
<footer class="footer">
|
|
<div class="footer__inner">
|
|
|
|
<div class="copyright">
|
|
<span>© 2025 Powered by <a href="https://gohugo.io">Hugo</a></span>
|
|
|
|
<span>:: <a href="https://github.com/panr/hugo-theme-terminal" target="_blank">Theme</a> made by <a href="https://github.com/panr" target="_blank">panr</a></span>
|
|
</div>
|
|
</div>
|
|
</footer>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<script type="text/javascript" src="/bundle.min.js"></script>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</div>
|
|
|
|
</body>
|
|
</html>
|