Docker on Servicios Rogeliowar

Wazuh SIEM with Docker: complete deployment with SSL and compliance rules

Fri, 22 May 2026 00:00:00 +0000

What is ENS and Why It Matters
#

The National Security Framework (ENS) is the mandatory cybersecurity regulatory framework for Spanish Public Administrations and private companies that provide services to them. It is regulated by the Royal Decree 311/2022 and establishes the principles, requirements, and security measures that must be applied to information systems that handle public data or services.

Migrate Grafana and Listmonk to centralized PostgreSQL in Docker

Tue, 19 May 2026 00:00:00 +0000

The initial problem
#

I had Grafana and Listmonk running in Docker containers, each with its own embedded PostgreSQL instance. This worked, but it was inefficient: two database engines consuming resources and no centralized way to do backups. I decided to consolidate everything into a single shared PostgreSQL instance.

Preparation: setting up central PostgreSQL
#

The first step was to create the PostgreSQL server that would be the central point. I did this with a dedicated docker-compose:

VPN with Wireguard in Docker: Secure access to internal services without exposing ports

Wed, 06 May 2026 00:00:00 +0000

Why you need this
#

A few months ago I faced a common problem: I wanted to access my internal services (Jellyfin, Home Assistant, etc.) from outside my home, but I didn’t want to expose them directly on the internet. Opening ports is an unnecessary risk. The solution was to set up a VPN with Wireguard in Docker. It was the best decision I made for my home infrastructure.

Monitoring Docker containers with Prometheus and Grafana: automatic alerts at home

Tue, 05 May 2026 00:00:00 +0000

The Problem
#

After spending months running containers on my home server, I got tired of discovering issues when things were already broken. A container consuming all the memory. A volume full with no warning. I needed real visibility into what was happening in my infrastructure.

I decided to implement a monitoring stack with Prometheus and Grafana. Here I document exactly how I did it.

Automatic backups with rsync and cron for home Docker

Mon, 04 May 2026 00:00:00 +0000

The Problem
#

Recently I lost a hard drive without warning. It wasn’t catastrophic because I had backups, but it made me aware that many hobbyists with home servers have no data protection strategy at all. If your Docker server crashes tomorrow, how long would it take you to recover it?

In this article I share how I automated backups of my Docker infrastructure using rsync and cron. It’s simple, efficient, and it works.

Environment variables with special characters in Docker Compose: the dollar sign problem and how to recreate containers

Mon, 04 May 2026 00:00:00 +0000

The Real Problem
#

I’ve been running services on my home server with Docker Compose for months. Recently I tried setting a password with special characters in my .env file. The password was something like Pass$word123!@. When starting the containers, the variable arrived empty or malformed. After investigating, I discovered that Docker Compose was interpreting the $ as a reference to another variable.

The hidden cost of --reload in uvicorn: what actually consumes CPU in production

Mon, 04 May 2026 00:00:00 +0000

The Problem Nobody Sees
#

Two months ago I deployed a FastAPI API to production and the server was behaving strangely. CPU stable at 40-50% for no apparent reason. I thought it was a memory leak, that it was the logs, that it was the database. It was --reload.

It turns out that copy-pasting the development command directly into the Docker container is more common than it should be. And yes, uvicorn with --reload works. The server responds. Requests go fast. But there’s a cost you don’t see until you have 10K requests daily.

CI/CD with local GitLab Runner to automatically deploy a Hugo blog

Thu, 30 Apr 2026 00:00:00 +0000

Introduction
#

Tired of manually deploying my Hugo blog every time I publish an article. I decided to set up a local CI/CD pipeline with GitLab Runner. The result: automatic, reliable, and without depending on external services.

Prerequisites
#

You need:

A server with Docker installed
A repository on GitLab (can be self-hosted or gitlab.com)
Hugo installed locally for testing
SSH access configured on your server

Installing GitLab Runner
#

First, install GitLab Runner on your server. I did it on Docker because I already had the daemon running.

Complete monitoring with Prometheus, Grafana and Loki: metrics, logs and Docker containers

Thu, 30 Apr 2026 00:00:00 +0000

A server without monitoring is a blind server. You don’t know when the disk fills up, which container is consuming too much RAM, or how many 404 requests your web is generating. This article documents how I configured the complete stack: Prometheus + Node Exporter + Grafana + Loki + Promtail.

The architecture
#

[Servidor doméstico]
 ├── node-exporter → métricas del sistema (CPU, RAM, disco, red)
 ├── docker-stats- → métricas de contenedores (textfile collector)
 │ collector
 ├── prometheus → recolecta y almacena métricas
 ├── loki → agrega y almacena logs
 ├── promtail → envía logs de Nginx y syslog a Loki
 └── grafana → dashboards de todo lo anterior

All services run in Docker, coordinated by the same docker-compose.yml.

Configure Traefik v2.11 as a reverse proxy with Docker and automatic HTTPS with Let's Encrypt

Thu, 30 Apr 2026 00:00:00 +0000

Introduction
#

After months of using nginx manually, I decided to switch to Traefik. The reason is simple: managing SSL certificates for each new service is tedious. Traefik automates all of that with integrated Let’s Encrypt. Here’s my actual configuration.

Why Traefik
#

With Traefik you don’t need to reload nginx every time you add a container. It automatically detects Docker services, generates SSL certificates on demand, and redirects traffic. All declarative.

Emergency replica: how to have your home server backed up on a VPS

Thu, 30 Apr 2026 00:00:00 +0000

Having a server at home has an obvious weak point: if the power goes out, the router fails, or the disk dies, your website disappears. The solution is to have a replica in the cloud ready to activate in minutes.

The architecture
#

[servidor-casa] → rsync cada 6h → [VPS réplica]
 servicios activos réplica en espera
 TTL DNS: 5 min Uptime Kuma vigilando

The home server pushes content to the VPS every 6 hours. If the server goes down, I change the DNS and in 5 minutes the VPS serves the site.

How to set up your own web infrastructure at home with Docker and Traefik: from zero to automatic HTTPS

Thu, 30 Apr 2026 00:00:00 +0000

Introduction
#

A few months ago I decided to stop using expensive cloud services and set up my own infrastructure at home. The solution I found was combining Docker with Traefik. It works well and now I have several services running under HTTPS without manually touching a certificate. I’ll tell you how I did it.

What you need
#

A server with Docker installed (any Linux machine with 2GB of RAM is enough). Your own domain. A bit of patience with DNS. That’s it.

WireGuard VPN: Access your home server from anywhere

Thu, 30 Apr 2026 00:00:00 +0000

One of the classic problems with having a server at home is secure remote access. Opening SSH ports directly to the world is a bad idea — you see it in the auth logs: hundreds of attempts per day. The elegant solution is a VPN, and WireGuard is today’s best available option.

Why WireGuard?
#

Compared to OpenVPN or IPSec:

How This Blog Was Born

Wed, 29 Apr 2026 00:00:00 +0000

This blog was born from a real process.

I had a domain, a home server, and the desire to build something of my own. Instead of following a generic tutorial, I decided to document exactly what I was doing — errors included.

What you’ll find here
#

Articles about what I’m building and learning:

Linux server configuration
Service deployment with Docker
Networks, DNS, and security
Automation and infrastructure

No shortcuts, no simplifications. Real process, documented step by step.

Docker on Servicios Rogeliowar

Wazuh SIEM with Docker: complete deployment with SSL and compliance rules

What is ENS and Why It Matters #

Migrate Grafana and Listmonk to centralized PostgreSQL in Docker

The initial problem #

Preparation: setting up central PostgreSQL #

VPN with Wireguard in Docker: Secure access to internal services without exposing ports

Why you need this #

Monitoring Docker containers with Prometheus and Grafana: automatic alerts at home

The Problem #

Automatic backups with rsync and cron for home Docker

The Problem #

Environment variables with special characters in Docker Compose: the dollar sign problem and how to recreate containers

The Real Problem #

The hidden cost of --reload in uvicorn: what actually consumes CPU in production

The Problem Nobody Sees #

CI/CD with local GitLab Runner to automatically deploy a Hugo blog

Introduction #

Prerequisites #

Installing GitLab Runner #

Complete monitoring with Prometheus, Grafana and Loki: metrics, logs and Docker containers

The architecture #

Configure Traefik v2.11 as a reverse proxy with Docker and automatic HTTPS with Let's Encrypt

Introduction #

Why Traefik #

Emergency replica: how to have your home server backed up on a VPS

The architecture #

How to set up your own web infrastructure at home with Docker and Traefik: from zero to automatic HTTPS

Introduction #

What you need #

WireGuard VPN: Access your home server from anywhere

Why WireGuard? #

How This Blog Was Born

What you’ll find here #

What is ENS and Why It Matters
#

The initial problem
#

Preparation: setting up central PostgreSQL
#

Why you need this
#

The Problem
#

The Problem
#

The Real Problem
#

The Problem Nobody Sees
#

Introduction
#

Prerequisites
#

Installing GitLab Runner
#

The architecture
#

Introduction
#

Why Traefik
#

The architecture
#

Introduction
#

What you need
#

Why WireGuard?
#

What you’ll find here
#