This project has been created as part of the 42 curriculum by ezohin.
Inception is a system administration project that uses Docker and Docker Compose to deploy a complete web infrastructure inside a virtual machine. The stack includes an NGINX reverse proxy with TLS, a WordPress application served by php-fpm, and a MariaDB database — each running in its own isolated container.
The goal is to understand containerization, service orchestration, networking, and persistent storage through hands-on practice.
- Base image: Debian Bookworm (penultimate stable release) for all containers.
- Secrets management: Docker secrets mounted as files at
/run/secrets/, never embedded in Dockerfiles or images. - Networking: A dedicated Docker bridge network (
inception) connects all services. NGINX is the sole entry point on port 443 with TLS. - Volumes: Named volumes with local driver, data stored on the host at
/home/ezohin/data/.
| Aspect | Virtual Machines | Docker Containers |
|---|---|---|
| Isolation | Full OS-level (hypervisor) | Process-level (shared kernel) |
| Startup | Minutes | Seconds |
| Size | GBs (full OS) | MBs (only app + deps) |
| Performance | Overhead from emulation | Near-native |
| Use case | Full OS environments | Microservices, isolated apps |
| Aspect | Docker Secrets | Environment Variables |
|---|---|---|
| Storage | Encrypted, mounted as files in /run/secrets/ |
Plain text in container env |
| Security | Not visible in docker inspect |
Visible in docker inspect |
| Best for | Passwords, API keys, tokens | Non-sensitive config (domain, ports) |
| Aspect | Docker Bridge Network | Host Network |
|---|---|---|
| Isolation | Containers have their own IP space | Shares host's network stack |
| Port mapping | Explicit port publishing | No mapping needed |
| Security | Better isolation between services | Less isolation |
| DNS | Built-in service discovery | No container DNS |
| Aspect | Named Volumes | Bind Mounts |
|---|---|---|
| Management | Managed by Docker | Managed by user |
| Portability | Easier to back up and migrate | Tied to host path |
| Performance | Optimized by Docker | Depends on host filesystem |
| Use case | Production data persistence | Development (live code reload) |
- A Virtual Machine running Debian/Ubuntu
- Docker and Docker Compose installed
makeinstalled
- Clone the repository
- Create the secrets files in
secrets/:credentials.txt— WordPress admin/user passworddb_password.txt— MariaDB user passworddb_root_password.txt— MariaDB root password
- Create the
.envfile insrcs/(see.env.example) - Add your domain to
/etc/hosts:127.0.0.1 ezohin.42.fr - Build and run:
make
| Command | Description |
|---|---|
make |
Build and start all services |
make down |
Stop and remove containers |
make clean |
Remove containers and images |
make fclean |
Full cleanup including volumes and data |
make re |
Full rebuild |
make logs |
Follow container logs |
make status |
Show running containers |
- Docker Documentation
- Docker Compose Reference
- NGINX Documentation
- WordPress CLI
- MariaDB Knowledge Base
- Dockerfile Best Practices
- Docker Secrets
AI tools were used to assist with:
- Generating configuration file templates (NGINX, MariaDB, php-fpm)
- Writing entrypoint scripts for container initialization
- Creating documentation (README, USER_DOC, DEV_DOC)
- Debugging Docker Compose configuration
All AI-generated content was reviewed, tested, and understood before integration.