Docker, Ansible, Self-Hosted Infrastructure with monitoring

I design and operate reproducible infrastructure using Infrastructure as Code. Self-hosted, automated, monitored and documented.

This is my face
SΓ©bastien
Admin of the vallee.tech

Self-Hosted WordPress Platform as Code

lavallee.tech runs on a fully automated WordPress platform built with:

  • Docker (containerized services)

  • Ansible (infrastructure as code)

  • Caddy (reverse proxy with automatic TLS)

  • MariaDB (isolated per site)

  • Staging & Production environments

  • Vault-encrypted secrets

  • Automated backups & restore procedures

  • Observability (Prometheus & Grafana)

High-Level Architecture

Public traffic enters via VPS (public IP) and WireGuard tunnel. Requests are routed through Caddy reverse proxy to containerized WordPress instances. Each site runs in isolation with its own database and persistent storage.

  • Reverse proxy routing

  • Network isolation (Docker networks)

  • Persistent volumes

  • Automated deployment via Ansible playbooks

Platform Capabilities

🧱 Infrastructure as Code

  • Ansible roles & inventories
  • Staging / Production separation
  • Versioned configuration
  • Reproducible deployments

πŸ” Security

  • Encrypted secrets (Ansible Vault)
  • Automatic HTTPS (Caddy)
  • Environment isolation
  • Least privilege principles

πŸ“Š Observability

  • Container monitoring
  • Host metrics
  • Service uptime tracking
  • Dashboarded in Grafana

πŸ’Ύ Backup & Disaster Recovery

  • Automated database dumps
  • File backups
  • Restore runbooks tested
  • Documented recovery process

Operational Discipline

This platform is operated with production discipline:

  • Deployment through playbooks

  • Environment parity (staging β†’ production)

  • Tested restore procedures

  • Runbooks for common incidents

  • Structured documentation