about this website

Posted on April 11, 2022
When I started with wanting to create a website, I decided that I wanted something that was
  • easy to build / deploy
  • minimal configuration / state
  • easibly changable / hackable

I decided to write some custom webserver software with go, mostly as a learning project - while I was doing this, I stumbled upon the embed
https://pkg.go.dev/embed
feature, which allows for you to embed static assets in a go binary.

This got me thinking…

Could I create a single binary blog?

Yes! This is that blog. I’m calling it puffin, and it’s about 100 lines of go
https://github.com/blobcode/puffin
, using exclusively the standard library. All of the blog posts are just .txt files (though I might move to markdown at some point), which are aliased to *.html files by puffin.

deployment

For deployment, I wanted something that I don’t have to mess with. I hate dealing with local system state, and so when I was recomended nixos
https://nixos.org
, it was perfect. I don’t have space to explain the incredible number of reasons nixos is amazing, but I should get around posting a blog post on it soon. Here are some quick points
  • it supports fully declarative configuartion using the nix language
  • it has a great package manager, confusingly also named named nix
  • it supports easily building / compiling custom packages
  • it supports building custom images super easily

my nix config was suprisingly simple to setup. I decided to build a hermetic deploy using niv to pin my package versions. I pinned them at 21.05, as a result of issues I’ll talk about later.

On nix, I’m running a pretty standard config with a ngnix instance revese proxying puffin
https://github.com/blobcode/puffin
. The webserver is built with a nix expression and packaged as a service.

On that note, I was surprised at just how effortless it was to create a nix config. Once you get over some of prickly bits of the language and the lack of documentation (I found the nix option search
https://search.nixos.org/options?
to be a lifesaver), it’s super easy to get a working system state - my whole config is less than 200 lines it total across only 3 files!

For actually deploying to hardware, I’m using terraform. I’d love to use nixops - it seems to have a much smoother ux in my experience, however it’s in process of being upgraded to v2 and it doesn’t support remote state, which is a requirement for me.

The terraform config is pretty simple. It consists of a single ec2 instance, which is currently a t3.micro. The only special part of it is the deploy_nixos module[ref]. I’ve found it to be pretty great - although it runs into the aforementioned issues when initally deploying to nixos > 21.05, as 21.11 deprecated RSA keys. This is compounded by terraform_tls not liking ed25519 keys for whatever reason. If anyone has any idea why they don’t work, please let me know.

The actual deployment is a simple makefile (I’m fond of them but I’m not quite sure why) that runs nix-shell and then terraform apply.

This will automatically pick up any changes in my terraform state, nixos config or go binary and rebuild them if neccesary.

Overall, I’m pretty pleased with how things turned out for about 5-6 hours of work, though I might (and probably will) rework some of it later.