Tag: server


Having played around with the managed Kubernetes offerings of various cloud players (DO, AWS, GCP), I was wondering if it was possible to do this cheap. My site doesn’t have much traffic or anything complicated really, so running it off a $5 DO droplet is reasonable. Sadly managed Kubernetes offerings won’t come out so cheap. (Sure I could leech off the starting $300 GCP credit for a year then keep hopping accounts, but…)

Then I read about k3s. The people behind Rancher made it as a lightweight (but functionally complete) Kubernetes distro. Lightweight, they say… Just how light? (Imagine a weird maniac light in my eyes here.) Could I run it on a $5 droplet?

Passing the correct remote address

Today I was playing with my database in PHPMyAdmin, when I suddenly realized that it’s up there open to anyone who can guess the path (which isn’t a very hard task). I decided to only allow connections to it from my home IP, which shouldn’t be such a difficult thing to do. Except Apache is behind an nginx reverse proxy, so it kinda is.

I’ve noticed before that all Apache access logs show the remote IP as, localhost where nginx is running (and proxying requests). I didn’t really care about it, since it’s just a personal site, but now that I wanted to use the actual visitor’s IP address to limit access, it was a whole different story.

About certs, for version control

Version control in the sense that I haven’t made any Ansible (or similar) scripts to deal with this, so I have to keep writing blog posts not to forget what I did and managed.

For ages now I’ve had Apache crashing (at least so it seemed) at regular intervals. I had no idea what was causing it, so I just added a crontab entry to (try to) start the Apache service every 5 minutes. That solved the issue of 502 Bad Gateway errors, but not the cause for them.

Setting up nginx reverse proxy

I once set up nginx reverse proxy before, but I was just pasting stuff from online tutorials, not really understanding what I was doing. So when earlier today I decided I’d set up nginx to serve as a reverse proxy both for Apache and for node.js and Rails projects (soon to be) running on my server, I basically had to learn it all from scratch again.

Since everything on my server is now secured with SSL, I had to combine the methods from various sources on Git, Stack Overflow and Digital Ocean. My idea of the request flow was like this: