After three months of hard work, the SSL certificate of my RSS aggregator finally expired. The auto-renew script failed to renew it — this happened a couple of times, I need to login into the web panel and renew it manually every three months. Unfortunately, the web panel malfunctioned this time either. After an epic battle with cert-bot, Nginx, and even the web panel I used, I finally gave up and decided to switch to another self-hosting solution.
TLDR
I’m now using Docker compose and Caddy to deploy all the self-host projects.
Why Docker Compose
I’ve been using Docker for a while, it’s pretty convenient to create a database instance for testing proposes. It’s scaleable, easy to deploy, and use to migrate to another host OS. However, I never considered using docker to deploy all my self-host projects. Chris’s post inspired me to give it a try.
By using docker-compose, each project has a separate directory with a docker-compose.yml
file. The file contains all the information needed to deploy the project.
The folder directory looks like this:
ubuntu@services:~$ tree . -L 2
.
├── Caddyfile
├── calibre
│ ├── config
│ └── docker-compose.yaml
├── calibre-web
│ ├── config
│ └── docker-compose.yaml
├── iptables-rules
├── microbin
│ ├── docker-compose.yaml
│ └── microbin-data
├── miniflux
│ └── docker-compose.yml
├── mtg
│ ├── config.toml
│ └── docker-compose.yaml
├── shadowsocks
│ └── docker-compose.yml
└── snapdrop
├── config
└── docker-compose.yaml
11 directories, 10 files
Many OSS provides docker deployment instructions, it’s easy to follow and deploy. Here is my Miniflux docker-compose file:
version: '3.4'
services:
miniflux:
image: ${MINIFLUX_IMAGE:-miniflux/miniflux:latest}
container_name: miniflux
restart: always
ports:
- "127.0.0.1:3000:8080"
depends_on:
- db
environment:
- DATABASE_URL=postgres://miniflux:secret@db/miniflux?sslmode=disable
- RUN_MIGRATIONS=1
- CREATE_ADMIN=1
- ADMIN_USERNAME=root
- ADMIN_PASSWORD=secret
- DEBUG=0
# Optional health check:
# healthcheck:
# test: ["CMD", "/usr/bin/miniflux", "-healthcheck", "auto"]
db:
image: postgres:latest
container_name: postgres
environment:
- POSTGRES_USER=miniflux
- POSTGRES_PASSWORD=secret
volumes:
- miniflux-db:/var/lib/postgresql/data
healthcheck:
test: ["CMD", "pg_isready", "-U", "miniflux"]
interval: 10s
start_period: 30s
volumes:
miniflux-db:
To deploy a project, just need to run docker-compose up -d
in the project directory. To update the project, I just need to run docker-compose pull
and docker-compose up -d
again.
To migrate to another host, I just need to copy the directory to the new host and run docker-compose up -d
to start the project.
Why Caddy
Caddy is a web server written in Go. It’s extremely easy to use and configure. Me, I have no idea about the Nginx reverse proxy policy, I have to google the random answer on the internet when I have to face it. With Caddy, the reserve proxy rule is just one line of code.
Furthermore, another the most important feature is that it can automatically generate an SSL certificate for me. I don’t need to worry about the certificate expiring anymore.
The Caddyfile looks like this, at the moment, only the RSS aggregator is using Caddy.
expl.example.com {
respond "Hello, world!"
}
rss.example.com {
reverse_proxy :3000
}
Sum up
Docker compose and Caddy really make the self-hosting easier. I can deploy a project in a few minutes. I don’t need to worry about the backup of the configuration and the certificate expiring anymore. I’m not sure whether I will use it for all my self-host projects, but I will definitely use it for projects in which I don’t need to modify the configuration frequently.
Reference
What apps I’m currently self-hosting – cri.dev