I wanted to provision a Japanese version of my website but one of the containers kept on restarting. I couldn’t figure out what’s wrong with it for a while.
I finally figured out how to view the log of the container.
I guess I finished my personal project of provisioning WordPress site with Ansible. I was able to run it and get a WordPress site to show up in just about 10 mins. I’m sure there are some loose end I could tighten but it generally works. Here is the GitHub repo I worked on.
Setting up a free OCI account (ARM64 Oracle Linux 8 is always free eligible) and getting a domain name through dnsimple.com are two things you may need to do but if you pay like $60 for dnsimple.com (DNS service) annually, you get to have your own full blown WordPress site with your own domain name.
One thing to be careful about this approach is that you have the full control over the site, meaning if there is any issue, you are on your own to analyze and resolve the issue. You have to update your SSL cert yourself as well. If you are not so good with Linux or have no willingness to dig into it, it wouldn’t be for you.
If you are a CS student wanting your own site or you are learning how websites work, you may want to dig into it. After all, just $60 per year to have your own WordPress site with your own domain name is really reasonable.
This site is served on Oracle Linux 7 (ARM64) and Docker containers of WordPress, NGINX, Maria DB and phpMyAdmin. Since the time when I figured out how to have WordPress on Docker on a Linux host, I have configured this site manually multiple times. It’s not crazy hard but it’s still some work.
I thought about automating it but I just didn’t have a chance. Now that I’ve been learning Ansible, I feel I can make that happen. Just execute a command and it will automatically configure a WordPress site wherever your host is.
I’m starting a repo on GitHub. I will be pushing what I come up with.
I am wanting to make sure Docker engine is present on my Jenkins host. To prove that Docker is not installed yet, here is the result of sudo systemctl status docker on the Jenkins host.
Unit docker.service could not be found.
Here is the Ansible playbook I came up with. The target host is an Oracle Linux 7 on ARM64 processor.
I have migrated my site to Oracle Linux 7 on ARM64 just because I was curious how it would work on ARM64 or if it would work on ARM64 at all.
As of this writing, I’ve got this WordPress site on Docker to work on Oracle Linux 7 on ARM64 processor. It was some struggle but I feel it’s snappier.
Here is the Docker Compose file that works for this site. As you can see, I commented out the mysql image and using Maria DB for ARM64 instead. Maria DB is a fork for MySQL, so it’s sufficient enough for my personal blog site.
Docker Compose 2 works well on ARM64 as well. It is definitely faster than Docker Compose 1. By just changing the platform, I feel I upgraded my blog site for a better performance.
I have provisioned Oracle Linux 7 on ARM processor on OCI. In an attempt to get my blog site to work on the host, I have installed Docker engine and now I want to install Docker Compose 2. Here are the steps.
Create a directory. mkdir -p ~/.docker/cli-plugins/
Download the Docker Compose 2 binary for ARM64. curl -SL https://github.com/docker/compose/releases/download/v2.2.2/docker-compose-linux-armv7 -o ~/.docker/cli-plugins/docker-compose
Give the binary file execute permission. chmod +x ~/.docker/cli-plugins/docker-compose
Check if the binary has been installed successfully. docker compose version
I spined up an ARM host on OCI and installed Docker Compose 2 and then downloaded my docker-compose.yaml file to start my blog engine on it, but I got the following error.
This means no image is available for ARM64. I don’t think there is anything I can do at the moment (unless I make the effort and create images myself), so I am giving it up for now. Oh well…
Edit: I did some research to see if those Docker images are available and they are. I will give it another try.
Docker Compose has been around for a while and I have been using version 1 to spin up this site. I’ve found that Docker Compose 2 is working on ARM processor, so I may migrate my site to a ARM processor host and spin up with it.
I attempted to use Certbot by Let’s Encrypt for free SSL certificate for my subdomain using a Docker container but it was never successful, so I left it alone for a while. The DNS service that I use provides SSL certs but it charges me extra for subdomain. There are other services such as SSL for Free but they either limit the number of certificates or they charge for subdomains or they want me to pay like $10 per month for wildcard certificate. That’s pretty steep considering the host is being used only privately. The alternative is to create your own private CA authority and issue SSL cert and have the root CA cert on the machines that you use the hosts.
But this morning, I figured out a way to generate the free SSL cert for my subdomain using Certbot. I will write about what worked for me.
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for jenkins.hayato-iriumi.net
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
NOTE: The IP of this machine will be publicly logged as having requested this
certificate. If you're running certbot in manual mode on a machine that is not
your server, please ensure you're okay with that.
Are you OK with your IP being logged?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: Y
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Create a file containing just this data:
s8wH1u2z00ePejV4hyy4y3CTyW3pYvrFgxwxwsPVdd8.O3THIaz5tgLf8NuxfBYw8FZfrdQNf_Y_1U--J0PsgqQ
And make it available on your web server at this URL:
http://jenkins.hayato-iriumi.net/.well-known/acme-challenge/s8wH1u2z00ePejV4hyy4y3CTyW3pYvrFgxwxwsPVdd8
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue
Now you should create the file with the data specified in the output. Once you have that hit Enter to get the cert generated.
Lastly, when the cert generation is successful, you will see the output like the following.
Now switch to the root user by executing…
sudo -i
The cert files are at /etc/letsencrypt/archive/jenkins.hayato-iriumi.net
Copy cert1.pem and privkey1.pem to the directory where you would like to store your SSL files. In my ssl.conf file, I have specified the cert files like the following.