{"id":20132587,"url":"https://github.com/pviotti/vps","last_synced_at":"2025-04-09T16:53:34.447Z","repository":{"id":44598560,"uuid":"289764245","full_name":"pviotti/vps","owner":"pviotti","description":"A simple recipe for file synchronization and password management on a virtual private server (VPS)","archived":false,"fork":false,"pushed_at":"2025-03-13T02:57:16.000Z","size":26,"stargazers_count":8,"open_issues_count":10,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-23T19:04:18.943Z","etag":null,"topics":["azure","bitwarden","caddyserver","nextcloud","selfhosted","vps"],"latest_commit_sha":null,"homepage":"","language":"F#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pviotti.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-08-23T20:49:50.000Z","updated_at":"2025-01-05T18:50:19.000Z","dependencies_parsed_at":"2023-10-01T16:23:15.340Z","dependency_job_id":"6626a89c-8956-43cb-a2f4-d8eac4822276","html_url":"https://github.com/pviotti/vps","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pviotti%2Fvps","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pviotti%2Fvps/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pviotti%2Fvps/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pviotti%2Fvps/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pviotti","download_url":"https://codeload.github.com/pviotti/vps/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248073722,"owners_count":21043474,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["azure","bitwarden","caddyserver","nextcloud","selfhosted","vps"],"created_at":"2024-11-13T20:54:05.729Z","updated_at":"2025-04-09T16:53:34.415Z","avatar_url":"https://github.com/pviotti.png","language":"F#","funding_links":[],"categories":[],"sub_categories":[],"readme":"# VPS\n\nThis repo holds scripts and configuration files to [self-host] some web services\nsuch as [Bitwarden] and [Nextcloud] on a private server.\nThe goal is to have a *simple* (as in: concise, programmatic and declarative),\ncheap and secure setup to handle file synchronization\nand credential management for a few users (e.g. \u003c10).\n\n## VPS on Azure\n\n\u003cdetails\u003e\u003csummary\u003ePrerequisites\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest\"\u003eAzure CLI\u003c/a\u003e - and select the right Azure subscription: \u003cpre\u003eaz login; az account set --subscription \"NameOfSubscription\"\u003c/pre\u003e\u003c/li\u003e\n \u003cli\u003e\u003ca href=\"https://dotnet.microsoft.com/\"\u003e.NET\u003c/a\u003e\u003c/li\u003e\n \u003c/ul\u003e\n\u003c/details\u003e\n\nIn the `vms` folder is a [Farmer] script that creates a virtual machine\non Azure with this specs:\n - [SKU][azure-vm-sku]: Standard B2s 2vCPUs, 4GB RAM, 60GB SSD (~20€/mo as of 8/2020)\n - [region][azure-regions]: North Europe\n - OS: Ubuntu 20.04\n\nTo create the virtual machine, change directory to `vms` and:\n 1. copy `env.example` to `.env` and edit it as suitable for\n username, password, host and resource name\n 2. issue: `make deploy`. The script will deploy the VM and\n generate the related ARM template json file.\n A setup script similar to `setup-vm.sh` will be executed upon deployment\n to install required tools (e.g. Docker, etc)\n 3. setup passwordless authentication\n    - copy your public key to the VM: `ssh-copy-id -i ~/.ssh/mypub.key user@server`\n    - editing the following settings in `/etc/ssh/sshd_config` on the VM: `PasswordAuthentication no`;\n    `ChallengeResponseAuthentication no`; `UsePAM no`.\n    Then restart sshd: `sudo systemctl restart ssh`.\n 4. set up start and stop VM automation during off hours as described [here][vm-automation], and make the VM IP static (*TODO: automate*)\n\n## Applications\n\n\u003cdetails\u003e\u003csummary\u003ePrerequisites\u003c/summary\u003e\nThis setup assumes you own a DNS domain, and you've made its\n\"A Record\"s for naked domain (\"@\") and subdomains (\"*\")\npoint to the VM's public IP.\nFailing that, you'll still be able to run the applications,\nbut Caddy will have issues creating the certificates to use\nfor the HTTPS connections.\nNotice that while Azure virtual machines have a public DNS\nname (e.g. name.region.cloudapp.azure.net), their DNS setting\ndoes not allow using subdomains, so it won't work.\n\u003c/details\u003e\n\nThe `apps` directory contains a Docker Compose file\nto run Bitwarden and Nextcloud (with its MariaDB database) behind [Caddy] reverse proxy.\nAt the end of the instructions\n - Nextcloud will be reachable at `https://nc.\u003cyour domain\u003e` and `https://\u003cyour domain\u003e`\n - Bitwarden will be reachable at `https://bw.\u003cyour domain\u003e`\n\nTo deploy the applications:\n  1. copy the app directory to your server (or clone this repo)\n  2. change to `apps` folder, copy `env.example` to `.env` and edit it as suitable\n  3. run `make up`. You can follow the progress of the setup by issuing `make log`.\n\n## Maintenance\n\n### Applications upgrade\n\nTo upgrade the applications just issue:\n\n    docker-compose pull\n    docker-compose down\n    docker-compose up -d\n\nOr, more cautiously, issue the same commands but for one application at a time,\ne.g.`docker-compose pull nextcloud`.\nBeware that some applications require additional steps when upgrading\nbetween major versions, so make sure to read their upgrade documentation too.\n\n## :construction_worker: To do\n\n - add instructions for adding Prometheus and Graphana to monitor\n host VM, Docker and applications\n - add instructions for backup\n - automate the remaining manual steps of VM creation\n\n## References\n\n - [best practices for Docker Compose][docker-compose]\n\n [azure-vm-sku]: https://docs.microsoft.com/en-us/azure/virtual-machines/sizes\n [azure-regions]: https://azure.microsoft.com/en-us/global-infrastructure/geographies/#overview\n [vm-automation]: https://learn.microsoft.com/en-us/azure/azure-functions/start-stop-vms/overview\n [bitwarden]: https://bitwarden.com/\n [nextcloud]: https://nextcloud.com/\n [self-host]: https://en.wikipedia.org/wiki/Self-hosting_(web_services)\n [azure-cli]: https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest\n [dotnet]: https://dotnet.microsoft.com/\n [farmer]: https://compositionalit.github.io/farmer/\n [caddy]: https://caddyserver.com/\n [docker-compose]: https://nickjanetakis.com/blog/best-practices-around-production-ready-web-apps-with-docker-compose\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpviotti%2Fvps","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpviotti%2Fvps","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpviotti%2Fvps/lists"}