{"id":50312802,"url":"https://github.com/simonefelici/inception","last_synced_at":"2026-05-28T22:02:21.034Z","repository":{"id":345108416,"uuid":"1178789056","full_name":"SimoneFelici/Inception","owner":"SimoneFelici","description":null,"archived":false,"fork":false,"pushed_at":"2026-03-31T14:24:52.000Z","size":12,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-03-31T15:30:44.694Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SimoneFelici.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-03-11T11:19:47.000Z","updated_at":"2026-03-31T14:26:12.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/SimoneFelici/Inception","commit_stats":null,"previous_names":["simonefelici/inception"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/SimoneFelici/Inception","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SimoneFelici%2FInception","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SimoneFelici%2FInception/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SimoneFelici%2FInception/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SimoneFelici%2FInception/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SimoneFelici","download_url":"https://codeload.github.com/SimoneFelici/Inception/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SimoneFelici%2FInception/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33627948,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-05-28T02:00:06.440Z","response_time":99,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-05-28T22:02:14.034Z","updated_at":"2026-05-28T22:02:21.028Z","avatar_url":"https://github.com/SimoneFelici.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"*This project has been created as part of the 42 curriculum by sfelici.*\n\n# Inception\n\n## Description\n\nInception is a system administration project that uses Docker to build a small web infrastructure from scratch. The goal is to set up three interconnected services — NGINX, WordPress with PHP-FPM, and MariaDB — each running in its own container, orchestrated via Docker Compose.\n\nThe infrastructure serves a WordPress website accessible over HTTPS (port 443 only) through an NGINX reverse proxy. All Docker images are custom-built from Debian, with no pre-made images pulled from Docker Hub.\n\n### Project Description — Docker and Design Choices\n\nThis project relies entirely on Docker and Docker Compose to containerize and orchestrate the services. Each service (NGINX, WordPress, MariaDB) has its own Dockerfile built from `debian:oldstable`. The containers communicate through a dedicated Docker bridge network, and persistent data is stored using Docker named volumes mapped to the host filesystem at `/home/sfelici/data/`.\n\nSensitive credentials (database passwords, WordPress admin password) are managed through Docker secrets, stored in local files that are excluded from version control.\n\n#### Virtual Machines vs Docker\n\nVirtual machines emulate an entire operating system with its own kernel, consuming significant resources (RAM, CPU, disk). Docker containers share the host kernel and only isolate the application layer, making them much lighter and faster to start. VMs provide stronger isolation since each has a full OS, while containers trade some isolation for efficiency. For this project, Docker is the better fit because we need lightweight, reproducible services that can be built and torn down quickly.\n\n#### Secrets vs Environment Variables\n\nEnvironment variables are convenient for non-sensitive configuration (domain names, usernames) but are visible in process listings, logs, and container inspect output. Docker secrets mount sensitive data as files inside `/run/secrets/`, readable only by the container, and are never exposed in logs or environment dumps. This project uses environment variables for general config (`.env`) and secrets for all passwords.\n\n#### Docker Network vs Host Network\n\nHost networking removes network isolation — the container shares the host's network stack directly. This means containers can conflict on ports and there is no separation between services. A Docker bridge network creates an isolated virtual network where containers communicate by service name (DNS resolution) and only explicitly published ports are accessible from outside. This project uses a bridge network (`inception_network`) for proper isolation, with only port 443 exposed through NGINX.\n\n#### Docker Volumes vs Bind Mounts\n\nBind mounts map a specific host path directly into a container, tightly coupling the container to the host filesystem. Docker named volumes are managed by Docker, offering better portability and lifecycle management. However, this project uses named volumes with `driver_opts` that point to `/home/sfelici/data/`, combining the management benefits of named volumes with a predictable host storage location as required by the subject.\n\n## Instructions\n\n### Prerequisites\n\n- A virtual machine running Debian\n- Docker and Docker Compose installed\n- Root or sudo access\n\n### Setup\n\n1. Clone the repository\n2. Add the domain to `/etc/hosts`:\n   ```\n   sudo sh -c 'echo \"127.0.0.1 sfelici.42.fr\" \u003e\u003e /etc/hosts'\n   ```\n3. Create the secrets directory at the project root with real passwords:\n   ```\n   mkdir -p secrets\n   echo \"your_db_password\" \u003e secrets/db_password.txt\n   echo \"your_db_root_password\" \u003e secrets/db_root_password.txt\n   echo \"your_wp_admin_password\" \u003e secrets/credentials.txt\n   ```\n4. Build and start everything:\n   ```\n   make\n   ```\n5. Access the website at `https://sfelici.42.fr`\n\n### Other commands\n\n- `make stop` — stop containers\n- `make start` — restart stopped containers\n- `make down` — remove containers\n- `make clean` — remove containers and prune images\n- `make fclean` — full cleanup including volumes and data\n- `make re` — full rebuild\n\n## Resources\n\n- [Docker documentation](https://docs.docker.com/)\n- [Docker Compose documentation](https://docs.docker.com/compose/)\n- [MariaDB documentation](https://mariadb.com/kb/en/documentation/)\n- [NGINX documentation](https://nginx.org/en/docs/)\n- [WordPress CLI handbook](https://make.wordpress.org/cli/handbook/)\n- [PHP-FPM documentation](https://www.php.net/manual/en/install.fpm.php)\n- [Debian Docker base image](https://hub.docker.com/_/debian)\n- [OpenSSL self-signed certificates](https://www.openssl.org/docs/)\n\n### AI Usage\n\nAI (Claude) was used as a learning and productivity tool during this project for the following tasks:\n\n- Understanding Docker Compose syntax and best practices for writing Dockerfiles\n- Reviewing and debugging configuration files\n- Comparing my setup against project requirements and identifying missing elements\n- Writing boilerplate for entrypoint scripts and understanding PID 1 best practices\n\nAll AI-generated content was reviewed, tested, and understood before being integrated into the project.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimonefelici%2Finception","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsimonefelici%2Finception","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimonefelici%2Finception/lists"}