* Caddy for auto HTTPS. Caddy provides the equivalent to an cloud "application load balancer" service
* Rathole for NAT traversal. Rathole provides the equivalent to a cloud "network load balancer" service
* Rathole for NAT traversal. Rathole provides the equivalent to a cloud "network load balancer" service. Some services like SSH are exposed directly from the VM
* Docker and docker compose to run all services
@ -104,5 +95,47 @@ Certificate authorities require that the service that requests the cert runs in
Servers don't rotate the IP while on. If you ever need to restart the VM, then just change the A records in the DNS configuration. Of course you can allocate a static IP for your VM, but it will be more expensive than the VM itself.
# Storage
## File storage
The lab runs an instance of [minio](https://min.io/)
## RDBMS
There are multiple services in the lab that require a RDBMS. Postgresql is supported by all of them, so Postgresql it is. The usual practice when one deploys with docker compose is to create a separate database server for each service, but considering the capabilities of Postgresql, this is definitely an overkill. My decision has been to run postgres 14 on the server, and make it accessible to the containers by adding the following section in the docker compose file:
```
extra_hosts:
- host.docker.internal:host-gateway
```
This would be analogous to runing a managed DRBMS service, like Azure PostgreSQL or Aurora PostgreSQL. This means that one has to manage database creation, accounts, and passwords separately. This is how the database looks after deploying the whole thing:
```
~$ sudo -u postgres psql postgres
[sudo] password for guillem:
could not change directory to "/home/guillem": Permission denied
