Personal Infrastructure


The following describes how I build, deploy, and operate my personal websites and services in 2020. The most notable change in the past few years has been the move from Systemd to Kubernetes for service management.



All domain names use AWS Route53 nameservers. Terraform manages the lifecycle of zones and records.


Everything runs on a single AWS EC2 instance using the K3s Kubernetes distro, effectively replacing Systemd unit files and bash scripts. All associated networking and configuration is managed by Terraform.

Reverse Proxy

A single Traefik proxy listens on port 80/443 and upgrades traffic to HTTPS. Certficates are automatically generated and renewed using cert-manager and Let's Encrypt. Requests are routed to the appropriate upstream service by Host header or path.


I primarily run static websites and Go services but regardless of technology, everything is built in CircleCI and distributed in a Docker image published to Dockerhub.

Deployments and GitOps

The desired state of every service, configuration, and route is declaratively stored in a git repository and automatically syncronized to the cluster using the FluxCD deployment operator. A typical deployment consists of updating a Docker image tag in a yaml file. Most services are configured to auto deploy anytime a new Docker image is published.

← home