graph TD
subgraph Domain
Registrar --> ICANN[ICANN Registries]
CA[Certificate Authority]
end
subgraph Server
Registrar -->|Points DNS records to| VPS
VPS --> Docker
Docker -->|Manages| Containers
end
subgraph Development
ssh -->|Initial setup| VPS
md[Markdown files] -->|Processed by| Hugo
Hugo -->|Generates| HTML[HTML files]
HTML --> rsync
end
subgraph Containers
Caddy -->|Reverse proxy| Plausible
Caddy -->|Reverse proxy| Isso
end
VPS <-.->|binds to :80, :443| Caddy
rsync -->|Deploys to| VPS
Caddy --> CA
Motivação: Um site com um domínio que eu escolhi, com o conteúdo que eu escolhi, rodando o que eu escolhi. Minimizando dependencias externas, buscando ter tudo localhost
Mermaid diagram
VPS
- Alt: aws ec2
- Alt: other providers
- Servidor
- Especificações
- Valor
- Endereço IP Other billing options, saldo vs boleto
Domínio
alt: GoDaddy
- Finalidade
- Usuários precisam de um nome
- Segurança (TLS)
- Whois
- Como era e como é
- ICANN
- É alugado
- Tem lifetime buy option?
- DNS
- A Records
- CNAME Records
- TXT records (Google validation)
- More…
- Configurar corretamente
- https://www.netlify.com/blog/2020/03/26/how-to-set-up-netlify-dns-custom-domains-cname-and-a-records/ Preço, mercado secundário - Nomes curtos, cool TLDs
Caddy
Canonical name
- TLS
- Per (sub)domain or not
- basic_auth
- reverse_proxy
Isso
Alternatives:
- Comments, Comentario - Self hostable (Possibly managed service).
- Disqus, Facebook Comments - Managed services only, no control.
- Giscus - Relies on GitHub issue comments.
My requirements: leave a comment without login with an optional name - suits the website size of zero active users per week Still no visits and still no bot spam. How long this gonna last? Admin panel credentials stored in plain text. Apparently no encryption ever takes place. Login attempts fail very fast, very likely susceptible to brute force or DoS attacks
Plausible
Alternatives:
- Google Analytics, Matomo
- awstats, goacess
Why I don’t use analytics. subdomain (Got default ad blocked). This can be circunvened anyway.
Docker
Alternatives:
- Podman.
- native, systemd.
Other items:
- registrar
- images
- containers
- virtual volumes, virtual networks
- restart policies / launch on boot
- dependencies
- compose
ssh
- Public/private key
- Private key locked with a password
rsync
Alternatives:
- scp
- Other deployment options
Hugo
Alternatives:
- Next.js, Jekyll.
- React & other modern stuff.
Other stuff:
- JamStack (didn’t really take off?)
- Themes. Minimalistic, complex, non-blog-like