Server configuration with Docker Compose

My server configuration without any secrets.

Getting Started

These instructions will get you a copy of the project up and running on your local machine for deployment purposes.

Prerequisites

What things you need to install the software and how to install them

• Debian based OS

Setup

• Add SSH Key from 1Password Backup (SSH-Key (Ed25519)) and place in ~/.ssh/

• If not yet done, backup GPG Private key and place in ~/private.gpg

gpg --export-secret-keys --export-options export-backup --armor --output private.gpg [email protected]

• Download and run script from GitHub (repo: D3strukt0r/server-config, branch: master, path: bin/setup.sh)

wget -q -O - https://raw.githubusercontent.com/D3strukt0r/server-config/master/bin/setup.sh | bash

# How to pass parameters
wget -q -O - https://raw.githubusercontent.com/D3strukt0r/server-config/master/bin/setup.sh | bash -s - <parameters>
wget -q -O - https://raw.githubusercontent.com/D3strukt0r/server-config/master/bin/setup.sh | ENV=VALUE bash

# Using curl
curl -s https://raw.githubusercontent.com/D3strukt0r/server-config/master/bin/setup.sh | bash
curl -s https://raw.githubusercontent.com/D3strukt0r/server-config/master/bin/setup.sh | bash -s - <parameters>
curl -s https://raw.githubusercontent.com/D3strukt0r/server-config/master/bin/setup.sh | ENV=VALUE bash
bash <(curl -s https://raw.githubusercontent.com/D3strukt0r/server-config/master/bin/setup.sh)

• Enter Git info:

git config --global user.name 'D3strukt0r'
git config --global user.email '[email protected]'
git config --global user.signingkey 'C9E5AB85364CA764!'

• Login to Docker

echo '<Personal Access Token (PAT)>' | docker login --username d3strukt0r --password-stdin

Verify downloaded images with cosign (example)

wget https://artifacts.elastic.co/cosign.pub
cosign verify --key cosign.pub docker.elastic.co/elasticsearch/elasticsearch:8.10.2

Maintenance

Start/Stop

A script is installed so the system automatically starts/stops containers on boot and shutdown. To manually run it, call service docker-services {start|stop}.

Check available file system

df -a -T -h

example:

Filesystem     Type         Size  Used Avail Use% Mounted on
...
/dev/vda1      ext4          34G  8.8G   25G  27% /
...
/dev/sda       ext4         100G   18G   77G  19% /mnt/volume_fra1_01
...

Clear storage

docker system prune

Backup

Following command backups all git ignored files (e.g. ./traefik/acme.json)

git clean -dxn | sed 's/^Would remove \(.*\)/\1/g' | tar -czvf backup.tar.gz -T -

Restore

Following command restores all git ignored files (e.g. ./traefik/acme.json)

tar -xzvf backup.tar.gz

Complete Start/Stop

Start and stop all services except fluentd which is started first and stopped last.

(cd fluentd && docker compose up -d)
for dir in $(ls -d */ | grep -v -E '^(\.git|\.github|backup|bin|fluentd)'); do
  (cd $dir && docker compose up -d)
done

for dir in $(ls -d */ | grep -v -E '^(\.git|\.github|backup|bin|fluentd)'); do
  (cd $dir && docker compose down)
done
(cd fluentd && docker compose down)

Using OpenTofu

When adding providers, add them for all platforms

tofu providers lock \
  -platform=linux_arm64 \
  -platform=linux_amd64 \
  -platform=darwin_amd64 \
  -platform=windows_amd64

Built With

• Docker

Contributing

Please read CODE_OF_CONDUCT.md for details on our code of conduct, and CONTRIBUTING.md for the process for submitting pull requests to us.

Versioning

We use SemVer for versioning. For the versions available, see the tags on this repository.

Authors

All the authors can be seen in the AUTHORS.md file.

Contributors can be seen in the CONTRIBUTORS.md file.

See also the full list of contributors who participated in this project.

License

This project is licensed under the MIT License - see the LICENSE.txt file for details

Acknowledgments

A list of used libraries and code with their licenses can be seen in the ACKNOWLEDGMENTS.md file.