feature, which allows for you to embed static assets in a go binary.
This got me thinking…
Could I create a single binary blog?
Yes!
This is that blog. I’m calling it puffin, and it’s about 100 lines of go
, using exclusively the standard library.
All of the blog posts are just .txt files (though I might move to markdown at some point), which are
aliased to \*.html files by puffin.
deployment
For deployment, I wanted something that I don’t have to mess with. I hate dealing with local system state,
and so when I was recomended nixos
, it was perfect. I don’t have space to explain the incredible number of
reasons nixos is amazing, but I should get around posting a blog post on it soon. Here are some quick points
it supports fully declarative configuartion using the nix language
it has a great package manager, confusingly also named named nix
it supports easily building / compiling custom packages
it supports building custom images super easily
my nix config was suprisingly simple to setup. I decided to build a hermetic deploy using niv
to pin my package versions. I pinned them at 21.05, as a result of issues I’ll talk about later.
On nix, I’m running a pretty standard config with a ngnix instance revese proxying puffin
. The webserver is built
with a nix expression and packaged as a service.
On that note, I was surprised at just how effortless it was to create a nix config.
Once you get over some of prickly bits of the language and the lack of documentation (I found the nix option search
to be a lifesaver), it’s super easy to get a working system state - my whole config is less than 200 lines it total across
only 3 files!
For actually deploying to hardware, I’m using terraform. I’d love to use nixops - it seems to have a much smoother
ux in my experience, however it’s in process of being upgraded to v2 and it doesn’t support remote state,
which is a requirement for me.
The terraform config is pretty simple. It consists of a single ec2 instance, which is currently a t3.micro. The only
special part of it is the deploy_nixos module[ref]. I’ve found it to be pretty great - although
it runs into the aforementioned issues when initally deploying to nixos > 21.05, as 21.11
deprecated RSA keys. This is compounded by terraform_tls not liking ed25519 keys for whatever
reason. If anyone has any idea why they don’t work, please let me know.
The actual deployment is a simple makefile (I’m fond of them but I’m not quite sure why) that
runs nix-shell and then terraform apply.
This will automatically pick up any changes in my terraform state, nixos config or go binary
and rebuild them if neccesary.
Overall, I’m pretty pleased with how things turned out for about 5-6 hours of work, though I might (and probably will)
rework some of it later.