About

About Cloud Cauldron

Cloud Cauldron is a small consultancy helping Enterprise organisations adopt DevOps and Cloud Computing at scale.

We specialise in:

• AWS, Google, and Azure clouds.
• Infrastructure as code via Terraform, OpenTofu, Ansible, and Terragrunt.
• Container Orchestration with Kubernetes, Docker, EKS, GKE, or AKS.
• Cloud migration and adoption.
• CI/CD Systems and Pipelines.
• Architectural evolution.
• Cloud-native Applicaiton Development.
• Serverless Lambda & functions.
• Enterprise DevSecOps and Security-By-Design.
• Observability (logging, metrics, events, tooling, etc).
• Site reliability engineering and Operational support.
• Database Administration across both NoSQL and SQL databases.
• And more!

About This Web Site

I’ve recently finished rebuilding both my AWS servers into this common containerised platform running in a single Spot instance. The final piece was getting my Git server instance in place. I still haven’t imported the old server’s export. For anyone interested, it basically looks like this:

• A dedicated VPC, and EC2 Spot instance spun up with Terraform (OpenTofu) with encrypted state, running a Debian Sid AMI but encrypted.

• Root volume is small and remains mostly untouched. Only enough changes to the root volume to enable it to reboot without needing any configuration changes.

• All important persistent data and configuration lives on a separate encrypted volume mounted at /volume. This gets backed up via a snapshot from AWS Data Lifecycle Manager.

• I’ve open sourced all the Terraform/OpenTofu to create it all here.

• Everything important is running as a Docker container via Docker Compose. There are 5 major Docker containers that need to remain up:

  • certbot: Mostly sleeping for 12 hours at a time but then checking for certs that need to be renewed
  • nginx: Powers all the static and tool sites.
  • php: Has the same mounts as nginx and runs any PHP needed
  • mariadb: Powers any needed mysql/mariadb databases.
  • gitlab: powers Gitea separately. nginx reverse proxies it.

• All Powering These Sites:

  • A Wordpress site powering a personal archive. (nginx and php)
  • bocan.dev - A 1 page CV site. (just nginx)
  • cfunder.me - A personal URL shortener. (nginx and php)
  • My personal blog (nginx and hugo), and tooling hidden underneath:
    • A personal photo gallery powered by Piwigo.
    • A webapp that gives quotes and advice.
    • My self hosted Nextcloud engine.
    • A time dashboard I built to amuse myself.
  • My business site (just nginx) - but soon to be my business blog (nginx and hugo)
  • My family tree site (just nginx)

• There are 3 crontab jobs executing commands inside the docker containers:

  • Every 15 minutes, exec into php and update my TTRSS site to get check RSS feeds.
  • Every 31 minutes, exec into php and run the Nextcloud cron processing.
  • Every 5 minutes, use Git to pull all configuration from Github, then exec into the Hugo container and generate the static blogs.

• Issues I still need to fix:

  • The Terraform state is local on my laptop.
  • The Github repo that controls all of the content stores the web certificates so I can’t make it public.