I wanted to be able to run Go binaries and Docker containers on the same system.
I only want to build HTTP into those services, the same way I build services in containers at my day job.
I also want proper domain names and TLS encryption (HTTPS). Using a reverse proxy allows me to use TLS encryption and gives me clean urls (i.e. https://example.joeldare.com) as a byproduct.
Without a reverse proxy I’d have add HTTPS to my service and use port numbers. The HTTPS bit is actually pretty easy but then there are certificates to manage.
Self-signed certificates aren’t too bad to generate, but if you need it to work in a web browser then you need a proper certificate solution like Let’s Encrypt. Certbot, which is often used for Let’s Encrypt, will do all this for you and automatically adds HTTPS to your Nginx config.
Once that’s done your services themselves can just speak HTTP and are therefore quite portable. If you outgrow your VPS you don’t have some weird setup, you can transition any service to any cloud provider, when the time comes.
Why not start with the cloud providers? Maybe I should, but my old boss used to say:
There’s money in confusion.
That’s what I feel like todays cloud providers are selling. For the companies they target, this isn’t a big deal, but for tiny personal projects, I can’t risk big, accidental charges.
I’ve been running a Digital Ocean VPS for 25 years and my charges are always pretty flat. So, I purchased another VPS just for this project. My plan is to eventually transition all my tests to this one VPS. I can consider other options if any of my services ever out grows the VPS.
They have small VPS services for as little as $4 per month.
I try to be a bit of a privacy fanatic. These days it’s really difficult to do this. If I send all of my traffic through a cloud provider they gain a bunch of metadata about my visitors. Data that I don’t even track myself.
Digital Ocean may log user metadata too, but at least they aren’t primarily in the data business.
It’s lightweight and it’s everywhere. The config files are short and I’m familiar with them.
It has easy Let’s Encrypt integration via Certbot and makes HTTPS certificates easy to manage.
This is the hardest part but I’ll really only have to do it once and Nginx has a relatively strait-forward install process. I’ve done this before, so I’m at least a little familiar with the process. Once in a while I’ll run into strange and difficult problems, but this time it went smoothly.
Here’s the process in a nutshell:
apt-get update and apt-get install nginx/etc/nginx/sites-available/, link it, and test itTo add an app I just run it and add a tiny nginx config file to route traffic to it. My traffic looks professional and is encrypted.
For a few things, I need to go this far, but this is the “over engineered” solution for most of my work. You’ll usually find me creating dead simple static sites.
If you want to build your next site in pure HTML and CSS, join the free Five-Day Neat Starter Email Course and build a lean, production-ready page before Friday.
JoelDare.com © Dare Companies Dotcom LLC