# 🌐 Self-hosted ## πŸ› οΈ Setup instructions ### πŸ› οΈ Configuration Setup 1. **Create `.env` File:** Add a `.env` file in your local repository with the following variables: ``` REMOTE_USER= REMOTE_HOST= REMOTE_PATH= ``` These variables will be utilized by the `Makefile` to synchronize configurations from your local environment to the server without exposing sensitive information in your Git repository. ### Set up Tailscale Tailscale provides a seamless way to connect your devices to your internal network securely. #### πŸ› οΈ Installation and Configuration Steps 1. Add Tailscale’s package signing key and repository: ``` curl -fsSL https://pkgs.tailscale.com/stable/debian/bookworm.noarmor.gpg | sudo tee /usr/share/keyrings/tailscale-archive-keyring.gpg >/dev/null curl -fsSL https://pkgs.tailscale.com/stable/debian/bookworm.tailscale-keyring.list | sudo tee /etc/apt/sources.list.d/tailscale.list ``` 2. Install Tailscale: ``` sudo apt-get update sudo apt-get install tailscale ``` 3. Connect your machine to your Tailscale network and authenticate in your browser: ``` sudo tailscale up ``` 4. Find your Tailscale IPv4 address by running: ``` tailscale ip -4 ``` #### πŸ› οΈ Preparing the System Update System and Install Dependencies: Update the package list and install essential dependencies. ``` sudo apt update sudo apt install ca-certificates curl gnupg lsb-release ``` #### πŸ”‘ Adding Docker Repository 1. Add Docker's GPG key ``` sudo mkdir -p /etc/apt/keyrings curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg sudo chmod a+r /etc/apt/keyrings/docker.gpg ``` 2. Add Docker Repository ``` echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null ``` #### πŸš€ Installing Docker and Docker Compose ``` sudo apt update sudo apt install docker-ce docker-ce-cli containerd.io sudo docker --version && docker compose version ``` ### Set up Docker #### πŸ”„ Removing Old Docker Versions **1. Remove Existing Docker Packages:** Ensure you have a clean slate by removing any existing Docker packages. ``` sudo apt remove docker docker-engine docker.io containerd runc ``` **2. Delete Existing Repositories:** Remove any existing Docker repositories to avoid conflicts. ``` sudo rm /etc/apt/sources.list.d/docker.list ``` ## πŸ“¦ Adding a new service 1. **Create Service Directory:** Inside your repository, create a new directory under `/service` for your new self-hosted service. 2. **Add Configuration Files:** - Place the `docker-compose.yml `file inside the newly created service directory. - If additional configuration files like .env or app.ini are required for your service, add them to the same directory. 3. **Synchronize Configuration:** To upload the `.env` file (or any other necessary configuration files) to the server, run the following command: ```bash make upload-{service_name} ``` Replace `{service_name}` with the name of your service directory. This command will sync the configurations to the specified server path using the variables defined in your `.env` file. ## πŸ“¦ Make service publicly available Add the following labels: ``` labels: - "traefik.enable=true" - "traefik.http.routers.gitea.rule=Host(${HOST})" - "traefik.http.routers.gitea.entrypoints=websecure" - "traefik.http.routers.gitea.tls.certresolver=myresolver" - "traefik.http.services.gitea.loadbalancer.server.port=3000" - "traefik.docker.network=traefik_network" ``` Set `HOST` in your `.env` file. Add your service to the `traefik_network` network: ``` networks: - traefik_network ``` Add: ``` networks: traefik_network: external: true ``` Rebuild Docker image: ``` docker compose up --build -d ``` ## πŸ› οΈ Storage ### πŸ“¦ Mounting a New Volume Using Hetzner's Storage Box This guide walks you through the process of mounting a Storage Box folder (`nextcloud_data`) to a specific mount point (`/mnt/nextcloud_data`) on your server. #### πŸ“ Prerequisites Create a sub-account in Hetzner's Robot Control Panel with SSH and Samba support enabled. Note down the sub-account username and the generated password provided by Hetzner. #### πŸš€ Steps to Mount the Storage Box 1. **SSH into the Storage Box:** Connect to your Storage Box via SSH using the sub-account username and the provided password. ```bash ssh -p23 SB_USERNAME@SB_USERNAME.your-storagebox.de ``` 2. **Create a Directory:** Inside the Storage Box, create a new directory named `nextcloud_data`. ```bash mkdir nextcloud_data ``` 3. **Update /etc/fstab:** Add an entry to the `/etc/fstab` file on your server to automatically mount the Storage Box folder to `/mnt/nextcloud_data.` Replace `YOUR_PATH` with `nextcloud_data` and `YOUR_MOUNT_POINT` with `/mnt/nextcloud_data`. ``` //SB_USERNAME.your-storagebox.de/YOUR_PATH /YOUR_MOUNT_POINT cifs seal,vers=3,iocharset=utf8,rw,credentials=/etc/secure_config/cifs-nextcloud-credentials.txt,uid=1000,gid=1000,file_mode=0660,dir_mode=0770 0 0 ``` 4. **Create Credentials File:** Add a credentials file (`cifs-nextcloud-credentials.txt`) in `/etc/secure_config` directory on your server with the sub-account username and password. ``` username=SB_SUBACCOUNT_USERNAME password=SB_SUBACCOUNT_PASSWORD ``` 5. **Mount and test:** Mount the Storage Box folder using the mount -a command and verify the mount status. ```bash mount -a ``` 6. **Verify Mount Point:** Ensure that the Storage Box is correctly mounted by checking the mount point using the df -h command. ```bash df -h ``` #### Troubleshooting **mount: /mnt/nextcloud_data: mount(2) system call failed: No route to host. dmesg(1) may have more information after failed mount system call.** Make sure Samba support is enabled. ### Volume encryption To be added ## 🧰 Maintenance ### Backup To be added ### Monitoring To be added ## 🐞 Troubleshooting To be added