IBM Server Migration Part #9 - 162 Days Later

Web Server Feb 24, 2019

Solid as Rock

Uptime right now is 51 days. There were a major power loss in the neighbourhood that last half a day. Few hours more than my UPS can stand. But it stand a lot of shorter power loses and power plugs failures. So it proof it is working and protecting the server perfectly.

Docker Updates

I always wondered what will happen after running docker containers for some time and there will be a need for update. How to manage this? It turns out it's not that hard at all.

Using portainer all I needed to do was to click 'recreate' on each container and choose 'latest' image. I switched all containers to use 'latest' and now it's as easy as 'apt upgrade' on the host machine.

During this updated I find a problem with my Ghost blogs and SSL. It took me some time to debug and find a solution. Now it's all working and I want to share this experience.

Ghost Blogs on Full SSL

Ghost blog in container runs on plain 'http'. I was using proxy to have SSL from the outside world to the server and then normal communication to the docker container. This was a problem when ghost internally use 'http' URLs. Latest browsers blocks 'http' images on 'https' domains. So after the update all of images were gone (blocked).

It turns out that my apache configs made by Let's Encrypt certbot were wrongly configured. The part with 'ProxyReverse' was bad.

After some ducking the internet I found a different configuration that was working as expected.

Apache docker site config - image for security reasons

The change was for the last 5 lines of config.

Automatic Backup

On-site

Backups are now running each night. Simple script takes most essential directories (apache configs and /home/ with all docker volumes) and copies them to the Syncthing client. Then it is propagated to all my computers.

Off-site

Raspberry Pi + WD 160GB off-site backup solution

The only thing it's missing is an off-site backup. And for this I'm thinking about making a Raspberry Pi with HDD running Syncthing client. Then put it somewhere with good internet connection. I have all the parts I just need to set it up.

That's something for the next part.