Caddy v2 is the easiest reverse proxy ever! You'll be able to host multiple dockerized applications with one VM and one domain name! I learned from DoTheEvo, but their guide assumes you already installed docker and docker-compose. From my A-Z guide... you be handheld from the beginning. In addition to the app specific guides on DoTheEvo's page I also added some of my own!
Anyways please start with the A-Z Guide guide below which will take you from base Ubuntu 20.04 to having docker, docker-compose, caddy v2 installed.
https://github.com/StarWhiz/docker_deployment_notes/tree/master/initial%20ubuntu%20setup
After you finish the A-Z guide. You can then follow application specific guides from me below. Or from DoTheEvo for other apps.
- caddy_v2 - reverse proxy
- vaultwarden - password manager
- bookstack - notes and documentation
- kopia - backup utility replacing borg
- borg_backup - backup utility
- ddclient - automatic DNS update
- dnsmasq - DNS and DHCP server
- gotify / ntfy / signal - instant notifications apps
- frigate - managing security cameras
- jellyfin - video and music streaming
- minecraft - game server
- meshcrentral - web based remote desktop, like teamviewer or anydesk
- rustdesk - remote desktop, like teamviewer or anydesk
- nextcloud - file share & sync
- opnsense - a firewall, enterprise level
- qbittorrent - torrent client
- portainer - docker management
- prometheus_grafana_loki - monitoring
- unifi - management utility for ubiquiti devices
- snipeit - IT inventory management
- trueNAS scale - network file sharing
- uptime kuma - uptime alerting tool
- squid - anonymize forward proxy
- wireguard - the one and only VPN to ever consider
- wg-easy - wireguard in docker with web gui
- zammad - ticketing system
- arch_linux_host_install
Disclaimer: My guides aren't as high quality as DoTheEvo's guides. Also most of them are based on docker v1. If you're on docker v2 just replace docker-compose
command with docker compose
!
If DoTheEvo has a guide for the same application follow theirs over mine! I did not include my own guides in this list so just browse the folders in this repostory to view the everything.
- Easy!Appointments - Self Hosted Appointment Scheduler
- Heimdall - Another Homepage Dashboard
- FreePBX+Asterisk - VOIP & telephony server
- Jitsi Meet - Videoconferencing
- Kanboard - An Open Source Kanban Board
- Kutt.it - Modern looking URL Shortener / Custom Shortlinks
- Mumble - Voice Chat Before Discord Days
- NocoDB - Airtable alternative
- Organizr - Another homage dashboard like heimdall
- Outline Wiki - Gorgeous wiki that looks like confluence but feels fast and smooth! Supports video drag and drop unlike most Wikis!
- OvenMediaEngine + Radium Next - Sub-second latency streaming from OBS to a web browser. It's better than real-time discord streams! Great for movie nights!
- PureFTPd - FTP server
- Rocket.chat - Discord / Slack Clone
- Seafile - Cloud Drive
- Splinterlands-bot-v2 - Bot for Splinterlands
- Wordpress - CMS / Website Hosting
- VCFconvert - Converts .vCard files to .csv or LDIF
- Zoneminder - CCTV NVR
docker network create caddy_net # Only need to do this once on new VMs (From Step 9 of A-Z Guide)
Only need once.
docker exec -w /etc/caddy caddy caddy reload
Use this command everytime you make changes to Caddyfile.
docker exec -ti CONTAINERNAME /bin/bash
docker exec -ti CONTAINERNAME /bin/sh
Commands to enter a container's shell. Use bash first, if that doens't work try sh.
docker container ls # list all running containers
docker container ls -a # list all containers even stopped ones
docker container rm # remove container
docker container kill # kill a running container
docker system prune # Remove all unused docker: containers, images, networks and volumes to free up space
docker container prune # Similar to system prune but only targets containers.
docker logs CONTAINERNAME # Shows logs for the container
docker logs --follow CONTAINERNAME # Shows log for the container in the foreground
### While inside app specific folder
docker-compose restart # restart docker stack for application
docker-compose down # turn off application
docker-compose up # turn on application with logs. CTRL+C to exit
docker-compose up -d # turn on application without logs and runs in background
docker-compose pull # update application
services:
exampleapp:
### Commonly Added To Applications
container_name: app-name # A container name for Caddyfile to reference to
# with reverse-proxy app-name:80 for example
restart: unless-stopped # When your VM restarts the docker-container will start automatically
ports:
- "8080:80" # Usually reverse-proxy will do. Sometimes there are cases where you need ports open.
# Here we open port 8080 on the host machine. It maps to port 80 inside the docker container.
volumes:
- ./folder:/some/pathinsidecontainer/folder # Changes made in ./folder will appear inside the path mentioned
### The Caddy Network
networks:
default:
external:
name: caddy_net
### Example .env variables in docker-compose.yml
${VARIABLE_A}
### Example variable in .env
VARIABLE_A=My_SQL_PASSWORD
sudo ufw status numbered #numbered list of all ufw rules
sudo delete 3 #delete rule #3 from ufw rules
sudo ufw enable
sudo ufw disable
sudo ufw allow 21/tcp # Open TCP port 21
sudo ufw allow 21/udp # Open UDP port 21
sudo ufw allow 21 # Open UDP & TCP for port 21.
To prevent automatic HTTPS on Caddy 2, append http:// to your CaddyFile Entries. Example Below.
http://subdomain.yourdomain.com {
reverse_proxy wordpress:80
}
You can reverse proxy to IP Address + Port instead of by container name.
subdomain.yourdomain.com {
reverse_proxy 192.168.16.5:8080
}
Check size of current directory
sudo du -sh ./
Check total disk usage
sudo df -h ./
Remember to docker-compose down everything inside local machine so nothing shows up on docker container ls.
# Generate keys. Choose defaults. Public key saves to ~/.ssh/id_rsa.pub
# Why do we do this? Because we set PermitRootLogin prohibit-password earlier.
# So we can only login root on the remote server via rsa key.
# As root user on local server generate Keys...
ssh-keygen -t rsa
cat ~/.ssh/id_rsa.pub
# Install Rsync. Local and remote server. 2 installs total.
sudo apt update
sudo apt install rsync
# Login to remote server
sudo su # to be the root user
mkdir ~/.ssh # if it didn't exist already
cd .ssh
nano authorized_keys # Append/Paste lines from id_rsa.pub generated from local server.
# Then save an exit.
# Back to your local server... The command
rsync -aP -e "ssh -i /home/<username>/.ssh/id_rsa" <source> <destination>
# Copy whole folder from source to destination example
rsync -aP -e "ssh -i /home/sammy/.ssh/id_rsa" ~/docker/someapp root@<IPADDRESS>:/home/sammy/
# Copy contents of folder from source to destination example # There is a / in front of ./docker in this case.
rsync -aP -e "ssh -i /home/sammy/.ssh/id_rsa" ~/docker/someapp/ root@<IPADDRESS>:/home/sammy/
# Rsync Flags
-a # The -a option is a combination flag. It stands for “archive” and syncs recursively and preserves symbolic links, special and device files, modification times, group, owner, and permissions
-e # specify ssh command...
-v # verbose
-P # progress + partial combined
-h # output numbers in human readable format