Follow

In case anyone is curious the system infrastructure here at qoto.org's collection of servers is really cool.

We use some modified open-source scripts to combine haproxy, letsencrypt and docker in some really cool ways. Basically haproxy sits on port 80 and 443 acting as the reverse proxy. It constantly listens to the Docker API to detect whenever a new container comes up. If the container exposes port 80 (doesnt need to be port forwarded locally) and the local container has its own environment variable set called VIRTUAL_HOST with the domain name for the container then thats when the magic kicks in. a letencrypt SSL certificate is requested and generated automatically for the domain and a reverse proxy connection is established to it.

In the end this means if i want to bring up a brand new server (or an old one) all i do is bring up a container with the above mentioned settings and all the load-balancing, ssl cert, and reverse proxy stuff happens automatically and the server shows up with a nice ssl cert and port 80 url!

Cuts my amazon costs in half an d saves me a LOT of time in the end!

Sign in to participate in the conversation
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.