Docker, Ghost, Free SSL with Caddy WebServer

A few comments on my experience with creating this website. The blog was built using a combination of techs which are fairly new to me

• Docker software containerization platform http://www.docker.com
• Nginx - web server https://www.nginx.com
• Caddy web server, out-of-box encryption https://caddyserver.com
• Let's Encrypt ssl certificate authority https://letsencrypt.org
• Digital Ocean cloud server virtualization https://www.digitalocean.com
• Ghost blogging platform https://ghost.org

Today I'm going to focus on Docker. I might follow up with my experience with the other tools listed.

Docker

In hindsight the concept for Docker is simple, but it took some getting used to. The idea of packaging software into containers and providing them via an NPM or apt-get style repository is daunting considering the amount of configuration that often goes into something like a web server or other application.

One of the best concepts behind Docker is the transience of hosted containers. Docker runs a virtualized file system for each container so there is no risk of the child application putting files where they shouldn't go or otherwise messing with your server config. Since containers are isolated they can be deleted with similar audacity.

Docker containers do not come in these zesty colors | Bins-2 by TeacherPouch LLC / CC BY-SA-NC 3.0

The docker template for Ghost is a Docker official repository. Official repositories are the Docker team's attempt at maintaining integrity of template offerings via peer review. From what I understand even official repositories do not necessarily have to be associated with the original product team.

Example

Docker can be installed using apt. Once installed, build a ghost container (like this one) using the command

docker run -p 80:2368 -d --name myGhost ghost

The container can be stopped and deleted similarly

docker stop ghost
docker rm ghost

-p is for mapping ports, -d for splitting the the container away from the current terminal's process. The run command will download & install the docker template from docker hub similar to the apt experience.

From here, you will have a running ghost blog. At this point you may notice blog posts are stored within the created container. If you create a Ghost container, write a test blog post, then delete the container, the blog post will be deleted along with it.

don't throw out the baby with the bathwater | 324: Rubber Ducky by Denise Mattox / CC BY-ND 2.0

To avoid this scenario, you'll want to "bind mount" a folder on the host os to a volume in the container. The container will operate as it did before, the difference is, files stored in the bound volume will persist after the container has been deleted. The syntax is very similar, with a -v arg added

docker run -p 80:2368 -d --name myGhost -v /path/to/local/folder:/var/lib/ghost ghost

By default, the Ghost container includes a virtual volume "/var/lib/ghost". The -v argument tells Docker to store any file which would normally go into /var/lib/ghost on the local file system at the path specified. Bind mounting a volume to store docker databases and configuration is a must and should be done for any container meant to last longer than a prototype phase.

HTTPS and Next Steps

By default the Ghost container ships with nodejs express web server. In the spirit of privacy and peer pressure I decided that SSL was the next step. I'll discuss my experience with two web server applications, Nginx and Caddy in another post.

Title Image | Ghost_Large by TeacherPouch LLC / CC BY-SA-NC 3.0