I finally cleaned up my VPS (it didn't need it)
tldr: my actions have no consequences and I can fix them whenever I want.
For as long as I've been on the internet people have been lecturing others about the best practises of getting setup on a VPS. Over the years I've deployed, managed, and maintained really quite a lot of installs, and I've always done my best to follow those best practises because everyone said if I didn't then they'd get hacked so fast and everyone would ridicule me and I'd have a really bad time.
After enough hosting experience, you get complacent though. It got to the point where I'd be setting sites up because I had some idea while I was drunk and it's just muscle memory to get it working so why wait to sober up?
The VPS I'm writing about has been around for around 2.5 years, it started life as an Azure VM with Ubuntu Server on it and I installed MySQL, PHP-FPM, Nginx and Wordpress because I needed it working while I had the idea in my head.
Over time it expanded, I put more stuff on it. Another Wordpress site, a ticketing/knowledgebase server, an express API that got booted off later and now a Ghost blog.
With each thing I added it became more convoluted, configs got messier and less consistent, the MySQL accounts made no sense (for the support website I didn't even make a SQL user, I just used the root login at the time).
Still nobody hacked me, what was I doing right?
Bringing us to last weekend - I installed docker on the box and started diligently moving everything to their new containerised homes.
It's not complicated work, it's not a big dream or ambitious project, but it definitely gets me in that flow state.
It's almost soothing to take something chaotic of my own making and transform it to something neat and organised. Noticing and fixing the little things, ticking off each service like a little milestone, planning the next steps.
The other thing that was interesting to me is that against my own intuition the overall resource usage has actually decreased (so far). During the planning process Claude told me:
oooh you're gonna have to increase the size of this machine, it's gonna be sketchy for you once you introduce the overhead of Docker+Portainer on a VM with only 2 cores and 4GB of memory
I'm using 1.5GB less memory right now, Claude can pound sand.
So the lessons I've learned are:
- Bad security practises are more about risk tolerance than guaranteed disaster
- Re-plumbing production systems is my zen garden
- Switching to containers decreased overhead in a real and unexpected way
Subscribe for more of this