https://sleepymario.com/tags/nginx/Recent content in Nginx on Sleepy MarioHugo -- gohugo.ioen-usMon, 29 Jun 2026 14:30:00 +0800https://sleepymario.com/2026/06/another-guest-post-monitoring-comments-and-a-much-better-vps/Mon, 29 Jun 2026 14:30:00 +0800https://sleepymario.com/2026/06/another-guest-post-monitoring-comments-and-a-much-better-vps/<img src="https://sleepymario.com/2026/06/another-guest-post-monitoring-comments-and-a-much-better-vps/cover.png" alt="Featured image of post Another Guest Post: Monitoring, Comments, and a Much Better VPS" /><p>Today turned into one of those unexpectedly productive infrastructure days.</p> <p>I started with a monitoring setup that was only partially finished and ended with the entire environment visible in Prometheus and Grafana, a working comment system on the blog, a larger VPS, and a proper update script tying everything together.</p> <h2 id="monitoring-is-finally-complete">Monitoring is finally complete </h2><p>Prometheus is now scraping all the machines that matter:</p> <ul> <li>the monitoring VM</li> <li>the files VM</li> <li>the utility VM</li> <li>the ThinkPad server</li> <li>the VPS</li> <li>the cloud VM</li> <li>the archive VM</li> </ul> <p>Every target reports as healthy, and Grafana can switch cleanly between them.</p> <p>The dashboard now gives me one place to check CPU usage, memory, storage, load, uptime, and network activity across the entire setup.</p> <p>This had been sitting on the roadmap for a while, so finally being able to remove it felt good.</p> <h2 id="zerotier-is-cleaned-up-too">ZeroTier is cleaned up too </h2><p>The network separation was finished as well.</p> <p>The private systems and public-facing services now live on separate ZeroTier networks, with only the machines that genuinely need access connected to both.</p> <p>There is still a longer-term plan to simplify the public side further, but the current setup is already much cleaner than before.</p> <p>Eventually the VPS and files server will probably share a small service network of their own, while the rest of the infrastructure remains private.</p> <p>That can wait.</p> <h2 id="the-vps-got-an-upgrade">The VPS got an upgrade </h2><p>The VPS was still running with only 1 GB of RAM, which had become increasingly uncomfortable.</p> <p>GoAccess already consumed a noticeable amount of memory, and adding Docker and another public service would have left very little room.</p> <p>I upgraded it to:</p> <ul> <li>2 GB RAM</li> <li>50 GB disk</li> </ul> <p>The improvement was immediate. Swap usage disappeared, there is now comfortable free memory, and the disk has plenty of space for future work.</p> <p>This should also make the eventual migration of the archived WordPress site much less painful.</p> <p>Not painless, unfortunately. Just less painful.</p> <h2 id="remark42-is-now-live">Remark42 is now live </h2><p>The main goal for the day was to add comments to the new blog.</p> <p>I chose Remark42 because it is small, self-hosted, open source, and does not require handing the entire comment section over to an external platform.</p> <p>It now runs in Docker on the VPS and is exposed through nginx at:</p> <p><code>https://sleepymario.com/comments/</code></p> <p>The container itself only listens on localhost, so nginx is the only public entry point.</p> <p>The setup includes:</p> <ul> <li>persistent comment storage</li> <li>automatic backups</li> <li>GitHub login</li> <li>anonymous commenting</li> <li>administrator access through my GitHub account</li> <li>nginx reverse proxying</li> <li>a health check</li> <li>log rotation</li> </ul> <p>The comment section has been added to all current blog posts.</p> <h2 id="the-theme-now-follows-the-site">The theme now follows the site </h2><p>There was one visual problem.</p> <p>Remark42 initially stayed in light mode while the blog defaulted to dark mode, which looked fairly terrible.</p> <p>That was fixed by connecting Remark42 to the Stack theme’s existing color-scheme event.</p> <p>Now, when the site switches between light and dark mode, the comment section changes with it immediately.</p> <p>That small detail made the integration feel much more complete.</p> <h2 id="a-proper-vps-update-command">A proper VPS update command </h2><p>The final piece was a reusable VPS update script.</p> <p>Future maintenance now requires only:</p> <p><code>sudo update-vps</code></p> <p>The script:</p> <ul> <li>updates Ubuntu packages</li> <li>updates Docker and Docker Compose</li> <li>pulls the latest Remark42 image</li> <li>creates a backup before replacing the container</li> <li>retains the eight newest backups</li> <li>waits for the Remark42 health check</li> <li>validates nginx</li> <li>tests the main website</li> <li>tests the public comment endpoint</li> <li>reports whether a reboot is required</li> </ul> <p>The first full run completed successfully.</p> <p>No pending packages, no reboot required, and all services came back healthy.</p> <h2 id="what-is-left">What is left </h2><p>The infrastructure roadmap is much shorter now.</p> <p>The next actual project will probably be setting up the TCL NXTPAPER A1 as a dedicated notetaking device.</p> <p>Everything else can move slowly:</p> <ul> <li>Matrix and Element cleanup</li> <li>i3 or Sway configuration</li> <li>rebuilding the Gentoo control center</li> <li>migrating the archive site</li> <li>eventually simplifying the remaining public network layout</li> <li>several very low-priority services</li> </ul> <p>For once, nothing urgent is left unfinished.</p> <p>That is a good place to stop for the day.</p> <hr> <p>This is quite a technical author, isn&rsquo;t it. Now please don&rsquo;t hack me 哭哭.</p>