You’ve decided you really-really want a blog! Awesome!.. There are so many thing and questions to answer before it becomes alive. But don’t worry, this series if posts will walk you through all steps necessary to get you up and running on the WEB.
New blogs need to build audience to increase traffic and start making some income. However in the beginning traffic may not be high enough even to pay for hosting. So how do we run a blog almost for FREE, but still maintain high standards? Well, most of cloud providers at the time of writing have “one year free” offers. The catch is that “free tiers” do not cover large machines or scaling possibilities, however for a “just starting blog” these limitations are acceptable.
How about security? How can we have HTTPS for our blog? The answer is free TLS certificate issued by Let’s Encrypt. We need that too.
Maintenance? Yeah.. No one likes it, so let’s design an infrastructure which requires little to no maintenance and can completely run on auto-pilot.
Another goals is to stay as much independent from a cloud provider’s infrastructure as we can. This allows to avoid “vendor lock” and easily migrate our blog to different cloud provider at any time.
Diagram below illustrates our approach. We are going to have four containers.
- WordPress itself
- MySQL database for WordPress
- HAProxy to enforce HTTPS and possibly load-balance in the future
- Certbot to auto-renew our TLS certificate
We will mount certificate folder to Certbot and HAProxy containers. Certbot will write to the folder when certificate get’s renewed and HAProxy will read the certificate from the folder.
We also have cron to restarts HAProxy container daily. HAProxy needs to be restarted to pick up new certificate when Certbot renews it. The certificate will be renewed at least a week before expiration, so daily restarts of HAProxy will ensure that it always has valid certificate.
The first thing
First thing first, you need to choose the name. Name of your blog will drive the rest. There are so many options, but here are some ideas
- You have a great blog name already… That is your name. Blog can be just named as FirstName.LastName or any other combination.
- Choose a positive cheerful name related to your domain. Can be also combined nicely with top level domain, for example SimplyCodeAs.xyz
Choose a domain name
After you’ve decided upon blog name it’s time to select a domain name. If you’ve already chosen cloud provider (AWS (Route 53), Azure, Google Cloud and etc.) you can use their domain registration services to check if domain is available. It would also be easier on you if you use their services because after registering a cloud provider will do the following.
- Pre-setup routing.
- Bill you for domain registration, so instead of receiving many bills you’ll have just one.
- Offer or setup domain registration auto-renew, so you don’t need to worry about registration being expired.
Example below shows AWS domain registration page.
What if domain you’ve chosen is already taken?
Well, there are several ways to deal with that.
- Try to extend you domain with verb, country name, abbreviation, catchphrase or hyphen “-“. E.g. gettocode.com (verb), bootcampusa.com (country name) or allabout.net (catchphrase).
- Use country top level domain names, e.g. .us, .de. .com.uk
- Use alternative top level domain names like .net, and .xyz, e.g calcurator.xyz, but keep in mind that for some people it may not feel save to open URLs with “weird” top level domains.
- Try to buy. This may be costly, so it may be the last option to try.
I found this blog as useful resource to get more info on the subject. Or you can watch the video below that quickly walks through 8 tips on choosing a domain name.
Let’s create a virtual machine
Since we have domain registered we can create a virtual machine and route all requests to it. On Amazon AWS the service for virtual machines is EC2. On Azure it’s one of the Linux flavors. Because we decided to go as inexpensive as we can we are limited to a VM selection from the free tier. So go ahead and create a Linux VM.
All shell script examples below assume you have Ubuntu. If you chose different Linux distribution the commands may slightly vary.
Now as we have a machine, we can route all request for our domain to the machine. On AWS you need to open Route 53 service and configure your domain record sets to go to you machine’s private IP address. Below is an example of what needs to be configured.
Install Docker on you Linux machine.
sudo apt-get install docker
We will also need docker-compose later on, but nowadays it gets installed with docker. To double check whether you have docker-compose installed run the command below.
Now we have a machine and all request to our domain get routed to the machine! It is time to get TLS certificate! With Let Encrypt we are going to use certbot to obtain and update the certificate. In general we are going to follow certbot instructions with one exception. We are going to do it from inside a Docker container.
# Run docker container which we are going to use to obtain TLS certificate. # We map necessary ports and volumes for certbot to obtain the certificate. sudo docker run --rm -it -p 80:80 -p 443:443 -v /etc/letsencrypt:/etc/letsencrypt debian:stretch-slim
Inside the container we need to install certbot.
apt-get update \ && echo 'deb http://ftp.debian.org/debian stretch-backports main' >> /etc/apt/sources.list \ && apt-get update \ && apt-get install -y certbot -t stretch-backports
And now we are ready to get our certificate! After running the command below we will have
/etc/letsencrypt folder with all necessary files.
sudo certbot certonly --standalon
We’ve achieved a lot so far and built a solid base for next steps. We figured out a blog name, registered a domain, span up a virtual machine, installed docker and obtained our TLS certificate.
Next post will describe each Docker container configuration, will help to set up entire infrastructure so we have our blog up and running.