Well, that... took a while.

Simon Rolfmore

1 min read
A shot of the famous "Advanced Rubbish Co" dumpster from The Terminator, lit from above with moody, smoky lighting.
Finding this particular dumpster took longer than I had hoped.

I've finally fixed the problem that I was having, and it's a doozy.

I had a quite, uh, specific way that I wanted this to all work, with a web server front end shared by all the various sites I'd like to run. I want some of them to run Ghost, which means running MySQL (yes, MariaDB is less... Oracle, but it's also specifically not supported by Ghost), some of them are simple static sites, and a few other bits like simple file serving is handy.

After initially trying Ghost's self-hosting instructions, and feeling like that only really works if you have exactly one blog, I started to investigate other options.

Eventually, I realised it wasn't going to work without some sort of fiddly virtual networking and firewall bodging, or I could use containers to do some of that work for me.

Now I have 2 problems, as they say.

I initially ran into issues with nginx and the complexity of getting HTTPS working. Let's Encrypt's certbot makes things a lot easier, but nginx won't run up an SSL/TLS-enabled endpoint without a cert, so you get stuck in a bootstrapping issue that nginx won't start so certbot can't answer challenges, so there's no cert, so nginx can't start.

Chatting to a friend, he suggested using Caddy, which has built-in Let's Encrypt support out of the box, plus a vastly simpler and saner configuration format, and very sensible defaults. I'm extremely impressed with it.

That crossed off the shared web hosting part, so I moved onto MySQL.

Ghost needs its own database but, usefully, not its own server. However, as the various blogs on here are owned by different people, it was important that the databases have their own credentials.

This is where the trouble really started.