MACARARE

NGINX

What is NGINX
Nginx is a high-performance web server and reverse proxy, widely used for serving static content, acting as a secure TLS gateway, and efficiently routing traffic to backend services. It is known for its speed, reliability, and flexibility in handling modern web workloads.
My experience
On this server, Nginx is deployed in a Docker container as the public-facing edge for all web services. It fronts WordPress, phpMyAdmin, and custom applications like OpenClaw, handling both HTTP and HTTPS traffic. The configuration is tuned for security, performance, and maintainability, with careful separation of concerns and strict access controls for admin endpoints.

Configuration and Facts

  • Dockerized Setup: Nginx runs in a container with host networking for direct access to local services.
  • Reverse Proxy: Routes traffic to:
    • WordPress (127.0.0.1:8080)
    • phpMyAdmin (127.0.0.1:8081)
    • OpenClaw (192.168.XXX.XXX:18789)
  • TLS/SSL: Serves macarare.com, www.macarare.com, and 192.168.XXX.XXX with Let’s Encrypt certificates.
  • Access Control: Only local/private IPs can access admin endpoints.
  • Cloudflare Integration: Restores real client IPs using Cloudflare’s IP ranges and headers.
  • CORS and Host Checks: Only trusted hosts and origins are allowed.
  • File Structure: All configs are organized under conf.d and related folders for clarity and version control.
  • Validation: Nginx config syntax is always validated before any restart.

Skills Developed

Docker & Host Networking

Deep understanding of containerized Nginx with host networking for seamless integration with other services.

Reverse Proxy Mastery

Advanced routing, SSL termination, and upstream management.

Security Best Practices

Implementing strict access controls, real IP restoration, and safe certificate handling.

Automation

Automated certificate renewal and safe deployment workflows.

Troubleshooting

Diagnosing and resolving complex proxy, TLS, and routing issues.

Deployed Services

Aligned featured image for NAS and Nextcloud on marhome

NAS (NextCloud)

Dedicated overview of my current Nextcloud NAS setup on marhome: drive layout, Docker architecture, and RAID-5 roadmap.

Monitoring

Monitoring stack walkthrough with corrected dashboard-section copy and improved Plausible + WordPress operational narrative.

WordPress

WordPress is the world’s most popular open-source content management system (CMS), powering millions of websites and blogs. It is known for its flexibility, ease of use, and a vast ecosystem of plugins and themes.

NGINX

Nginx is a high-performance web server and reverse proxy, widely used for serving static content, acting as a secure TLS gateway, and efficiently routing traffic to backend services. It is known for its speed, reliability, and flexibility in handling modern web workloads.

Openclaw

OpenClaw is an intelligent interface that enables automated workflows across multiple services. It runs locally and connects seamlessly to powerful language models such as Claude, DeepSeek, or OpenAI’s GPT. Users interact with OpenClaw through a chatbot integrated into messaging platforms like Signal, Telegram, Discord, or WhatsApp. Configuration data and interaction history are stored locally, allowing for persistent and adaptive behavior across sessions.