Home

Awesome

<p align="center"> <img src="_utilities/docker.png" width="400" alt="docker" title="docker" /> </p>

Guide with examples !

Services

Information

The overall guide is centered around example. Each of the services is tied with either a docker-compose or a script, everything has been made so that each service is almost ready to use, only a few user-specific variable are required.

All services respect a certain format :

Traefik is the core of this setup as it is the reverse proxy, it should be one of the first services to configure and use.

Requirement

Basic linux knowledge is required and docker is a must-have, everything should be pretty easy to set up but understanding docker will make it even more easy. Each guide gives links to the official documentation, they are usually well written, and they should answer most of your questions.

On the technical side :

Usage

All the docker-compose provided in this repository are ready to be used, and you should not have to touch them. The only thing you need to change are the .env file provided with the docker-compose, they are user-specific.

To begin with, you can clone this repository on your host.

git clone https://github.com/BaptisteBdn/docker-selfhosted-apps.git

Provided you already have a domain, you can use the following commands to update all .env at once as well as some specific config files.

DOMAIN=your-domain.com
find ./ \( -name ".env" -or -name "*.yml" -or -name "*.json" \) -type f -exec sed -i 's/example.com/'$DOMAIN'/g' {} \;

You can now go forward and try whatever service you want, every example as a # Usage section to guide you through the process. However, as most of them are using Traefik, it is recommended to set this one first.

Other

Docker and UFW

UFW is a popular iptables front end on Ubuntu that makes it easy to manage firewall rules. But when Docker is installed, Docker bypass the UFW rules and the published ports can be accessed from outside.

An easy fix is available, allowing to easily manage your firewall. As most of the services are going through Traefik, only the port 443 is mandatory. If another port is required, it will be listed in the requirements.

Docker tips

Docker images

Most images are used with the tag latest as it simplify the testing. It is usually not recommended running an image with this tag as it is not very dynamic and precise. Feel free to experiment with the provided docker-compose examples and then use a better versionning system. For more information about latest.

Updating docker images

This repository images are automatically updated with watchtower, however this can be a security risk. More details in the watchtower guide.

If you want to manually update an image, you can use docker-compose.

Docker tools

Some useful tools to manage your private docker infrastructure.

Docker resources

A compilation of resources mainly focus on security.

Credits

This guide is inspired from @DoTheEvo own docker guide, built with caddy at its core, check it out !