|Data • Used packs • Huh? • Backend? • Help me|
Under the hood (for nerds)
In addition to learning about electricity, I am using this project to improve my knowledge of various programming languages, server security, server optimization, network security, protocols and so on and so forth. I figure, might anyone be interested, a scratchpad-like page of my progress on that front is worth making and updating.
I am hosting the site on a cheap Chromebook running Linux in a chroot environment. It's in my basement on the fringe of the wifi range. Pictured below.
The backend server is NGINX serving from Varnish, python for a few subtle gimmicks and tricks like guessing your rough location (maybe Ashburn or thereabouts?).
The site's SSL is almost perfect, though a bit strict with respect to old browsers not being compatible on the strong ciphers and recent protocols I only support. Highlights include ssl stapling, elliptical curving (secp384r1), perfect forward secrecy, pinning, and stripping off .php extensions from URIs to conceal that I'm using php (shh!). Here's a slightly censored version of my site's configuration file for nginx.
I'm trying to add in memcached to save a few milliseconds. I am also trying to add, in addition to already using HTTP2, Google's QUIC protocol. NGINX does not support QUIC so the only way I've found to pull this off is to run a QUIC-supporting server with Docker and Go-lang with a reverse proxy server wrapped around that aiming at NGINX. Tricky but worthwhile to have that ability under my belt for professional contexts (none of this matters in order to show you a table of battery test results).
Some things I tried but ditched due to degraded performance include running on Apache2 and using mod_pagespeed, Google's wonderful tool that cleans up the mess made by designers and server guys, but because this machine is a Chromebook and not a supercomputer, mod_pagespeed required enough resources to slow down the web server enough to create a longer pageload. Perhaps I can tweak it a bit more.
Thanks for visiting. Here, a picture of the server and the messy basement.