{"id":13587384,"url":"https://github.com/tldr-devops/startpack","last_synced_at":"2025-05-16T10:05:41.266Z","repository":{"id":40437417,"uuid":"470985349","full_name":"tldr-devops/startpack","owner":"tldr-devops","description":"Selfhosted tech starter pack for development of new project or startup","archived":false,"fork":false,"pushed_at":"2023-07-17T08:59:42.000Z","size":68,"stargazers_count":1240,"open_issues_count":2,"forks_count":62,"subscribers_count":17,"default_branch":"main","last_synced_at":"2025-05-16T10:04:25.972Z","etag":null,"topics":["appwrite","bitwarden","docker-compose","docker-swarm","gitlab","mariadb","minio","monitoring","nocodb","openproject","portainer","postgresql","starter","starter-kit","startup","strapi","taiga","traefic"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tldr-devops.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null},"funding":{"ko_fi":"filipp_frizzy"}},"created_at":"2022-03-17T12:29:15.000Z","updated_at":"2025-05-13T01:39:36.000Z","dependencies_parsed_at":"2024-01-13T19:42:59.163Z","dependency_job_id":"3801572f-9373-4b84-a645-9027e47ded00","html_url":"https://github.com/tldr-devops/startpack","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tldr-devops%2Fstartpack","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tldr-devops%2Fstartpack/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tldr-devops%2Fstartpack/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tldr-devops%2Fstartpack/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tldr-devops","download_url":"https://codeload.github.com/tldr-devops/startpack/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254509476,"owners_count":22082891,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["appwrite","bitwarden","docker-compose","docker-swarm","gitlab","mariadb","minio","monitoring","nocodb","openproject","portainer","postgresql","starter","starter-kit","startup","strapi","taiga","traefic"],"created_at":"2024-08-01T15:06:11.192Z","updated_at":"2025-05-16T10:05:41.232Z","avatar_url":"https://github.com/tldr-devops.png","language":"Shell","readme":"# startpack\n\n[![#StandWithBelarus](https://img.shields.io/badge/Belarus-red?label=%23%20Stand%20With\u0026labelColor=white\u0026color=red)\n\u003cimg src=\"https://upload.wikimedia.org/wikipedia/commons/thumb/e/ea/Presidential_Standard_of_Belarus_%28fictional%29.svg/240px-Presidential_Standard_of_Belarus_%28fictional%29.svg.png\" width=\"20\" height=\"20\" alt=\"Voices From Belarus\" /\u003e](https://bysol.org/en/) [![Stand With Ukraine](https://raw.githubusercontent.com/vshymanskyy/StandWithUkraine/main/badges/StandWithUkraine.svg)](https://vshymanskyy.github.io/StandWithUkraine)\n\nThis is a basic setup of services for faster startup development. You can run it via [docker-compose](https://docs.docker.com/compose/) or [docker swarm](https://docs.docker.com/engine/reference/commandline/stack/).\n\nWarning: This setup doesn't provide high level of security or any [high availability](https://www.digitalocean.com/community/tutorials/what-is-high-availability). You have to hire some skilled devops engineer (like me)) for close this gap after getting first round or sales.\n\nAlso you can check [Awesome Selfhosted](https://github.com/awesome-selfhosted/awesome-selfhosted), [Awesome Sysadmin](https://github.com/kahun/awesome-sysadmin) and [Free for Dev](https://free-for.dev/) for more options ;)\n\nAnd [Coolify](https://github.com/coollabsio/coolify) or [Dokku](https://dokku.com) - an open-source \u0026 self-hostable Heroku / Netlify alternative\n\n[Discuss on hacker news](https://news.ycombinator.com/item?id=30871211#30871600)\n\nTime track:\n- [Filipp Frizzy](https://github.com/Friz-zy/): 63h 30m for 15 days\n\n## Available and planned open source components\n\n### Platform\n* [DONE] [Docker Compose](https://docs.docker.com/compose/)\n* [DONE] [Docker Swarm](https://docs.docker.com/engine/reference/commandline/stack/)\n* [DONE] [Traefik](https://traefik.io) as web server with autodiscovery and [letsencrypt](https://letsencrypt.org) certs\n* [DONE] [NFS](https://hub.docker.com/r/itsthenetwork/nfs-server-alpine/) for docker swarm volumes\n* [DONE] [Portainer](https://www.portainer.io/) as admin panel for docker services\n* [DONE] [Docker registry](https://docs.docker.com/registry/) for store your docker images\n* [DONE] [Influxdb 2](https://www.influxdata.com/blog/influxdb-2-0-open-source-is-generally-available/) and [Telegraf](https://www.influxdata.com/time-series-platform/telegraf/) for monitoring services\n* [DONE] [Grafana](https://grafana.com/) and [Victoriametrics](https://victoriametrics.com) for monitoring services\n\n### Databases and Storage\n* [DONE] [Mariadb](https://mariadb.org/) as SQL database\n* [DONE] [Postgresql](https://www.postgresql.org/) as another popular SQL database\n* [DONE] [SQL Adminer](https://www.adminer.org/) as admin panel for SQL databases\n* [DONE] [Minio](https://minio.io/) as s3 storage\n\n### Management\n* [DONE] [Gitlab](https://about.gitlab.com/) as git hosting and devops platform\n* [DONE] [Nextcloud](https://nextcloud.com/) as cloud storage with plugins for email, task management, password storage, etc\n* [DONE] [Tuleap](https://www.tuleap.org/) as management software\n* [DONE] [Openproject](https://www.openproject.org/) as management software\n* [DONE] [Vaultwarden](https://github.com/dani-garcia/vaultwarden/wiki) as password manager for business\n* [Backlog] [Zentao](https://www.zentao.pm) as scrum management software\n* [Backlog] [Taiga](https://www.taiga.io/) as kanban board based management software\n* [Backlog] [Owncloud](https://owncloud.com/) as cloud storage\n\n### Chat\n* [DONE] [Rocket](https://rocket.chat/)\n* [Backlog] [Mattermost](https://mattermost.com/)\n* [Backlog] [Twake](https://twake.app/) as alternative to Microsoft Teams\n* [Backlog] [Wire](https://wire.com) as alternative to Microsoft Teams\n\n### Backend as a service\n* [DONE] [Nocodb](https://www.nocodb.com/) as airtable alternative\n* [DONE] [Strapi](https://strapi.io/) as headless CMS\n* [Backlog] [Appwrite](https://appwrite.io/) as firebase alternative\n\n### CMS\n* [Backlog] [Wordpress](https://wordpress.org) one of the most popular CMS\n* [Backlog] [Ghost](https://github.com/TryGhost/Ghost) as alternative to medium\n* [Backlog] [Webiny](https://www.webiny.com/) landing page builder with drag and drop features\n* [Backlog] [Grapedrop](https://grapedrop.com/) open source page builder\n\n### Low Code Platform\n* [Backlog] [Anvil](https://github.com/anvil-works/anvil-runtime) is a framework for building full-stack web apps with nothing but Python\n* [Backlog] [Budibase](https://budibase.com/) build modern business apps in under 5 minutes\n* [Backlog] [Appsmith](https://www.appsmith.com/) a powerful open source framework to build internal tools\n* [Backlog] [Tooljet](https://tooljet.com/) everything you need to build internal tools\n\n### CI \u0026 CD\n* [DONE] [Gitlab Runner](https://about.gitlab.com/) should be placed on separate host\n\n### Miss something? [Could you tell me more about how can I help you, please?](https://forms.gle/wSHs4C6pHXaxVm1a8)\n\n## About the Author\n\nHello, everyone! My name is Filipp, and I have been working with high load distribution systems and services, security, monitoring, continuous deployment and release management (DevOps domain) since 2012.\n\nOne of my passions is developing DevOps solutions and contributing to the open-source community. By sharing my knowledge and experiences, I strive to save time for both myself and others while fostering a culture of collaboration and learning.\n\nI had to leave my home country, Belarus, due to my participation in [protests against the oppressive regime of dictator Lukashenko](https://en.wikipedia.org/wiki/2020%E2%80%932021_Belarusian_protests), who maintains a close affiliation with Putin. Since then, I'm trying to build my life from zero in other countries.\n\nIf you are seeking a skilled DevOps lead or architect to enhance your project, I invite you to connect with me on [LinkedIn](https://www.linkedin.com/in/filipp-frizzy-289a0360/) or explore my valuable contributions on [GitHub](https://github.com/Friz-zy/). Let's collaborate and create some cool solutions together :)\n\n## Support\n\nYou can support this or any other of my projects\n  - [![ko-fi](https://ko-fi.com/img/githubbutton_sm.svg)](https://ko-fi.com/filipp_frizzy)\n  - [donationalerts.com/r/filipp_frizzy](https://www.donationalerts.com/r/filipp_frizzy)\n  - ETH 0xCD9fC1719b9E174E911f343CA2B391060F931ff7\n  - BTC bc1q8fhsj24f5ncv3995zk9v3jhwwmscecc6w0tdw3\n\n## Setup\n\nAll operations should be executed from root on target machine. You can use your laptop or some server. For running all services you need at least 2 cpu cores, 8gb memory and 20gb of free disk space. You can find cheap servers on [hetzner.com](https://www.hetzner.com/cloud) or compare small hosters on [vps.today](https://vps.today/).\n\nYou also need a valid domain name pointed to this server for automatically setting up https with [traefik](https://traefik.io) and [letsencrypt](https://letsencrypt.org). However, you can [hack your hosts file](https://docs.rackspace.com/support/how-to/modify-your-hosts-file/) for working without https.\n\nFor bying domain and configuring DNS I recommend you [Cloudflare](https://dash.cloudflare.com). You should create at least two DNS record type `A`:\n1) `your domain name` pointed to `your server IP`\n2) `*.your domain name` pointed to `your server IP`\n\nIf you run services with `docker-compose`, all service will be located on your single server. With `docker stack` (swarm) mode, you can [add addition servers](https://docs.docker.com/engine/swarm/swarm-tutorial/add-nodes/) in the same local network (the same network important for nfs volumes mounting unfortunately).\n\n#### 1) Install docker if it doesn't installed\n(run scripts from the internet is a bad practice, but if you don't know how to install docker with package managers - it's acceptable)\n```\ncurl -fsSL https://get.docker.com -o get-docker.sh\nDRY_RUN=1 sh ./get-docker.sh\nsh ./get-docker.sh\n```\n\nInstall docker-compose\n```\ncurl -L \"https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)\" -o /usr/local/bin/docker-compose\nchmod +x /usr/local/bin/docker-compose\n```\n\n#### 2) [Setup docker swarm](https://docs.docker.com/engine/reference/commandline/swarm_init/) if you choose using it.\n```\ndocker swarm init --advertise-addr $(hostname -I | awk '{print $1}')\n```\n\n#### 3) Get this repo\n```\ngit clone https://github.com/tldr-devops/startpack.git --depth=1\ncd startpack\n```\n\n#### 4) Fill necessary variables like domain name of your server, your email, passwords for basic auth and sql services.\n\nGenerate random passwords\n```\necho -e \"export TELEPORT_TOKEN=$(echo $RANDOM `date`|md5sum|base64)\\n$(cat env.sh)\" \u003e env.sh\necho -e \"export NEXTCLOUD_SQL_PASSWORD=$(echo $RANDOM `date`|md5sum|base64|head -c 25)\\n$(cat env.sh)\" \u003e env.sh\necho -e \"export TULEAP_SQL_PASSWORD=$(echo $RANDOM `date`|md5sum|base64|head -c 25)\\n$(cat env.sh)\" \u003e env.sh\necho -e \"export STRAPI_SQL_PASSWORD=$(echo $RANDOM `date`|md5sum|base64|head -c 25)\\n$(cat env.sh)\" \u003e env.sh\necho -e \"export GITLAB_SQL_PASSWORD=$(echo $RANDOM `date`|md5sum|base64|head -c 25)\\n$(cat env.sh)\" \u003e env.sh\necho -e \"export OPENPROJECT_SQL_PASSWORD=$(echo $RANDOM `date`|md5sum|base64|head -c 25)\\n$(cat env.sh)\" \u003e env.sh\necho -e \"export NOCODB_SQL_PASSWORD=$(echo $RANDOM `date`|md5sum|base64|head -c 25)\\n$(cat env.sh)\" \u003e env.sh\necho -e \"export REGISTRY_PASSWORD=$(echo $RANDOM `date`|md5sum|base64|head -c 25)\\n$(cat env.sh)\" \u003e env.sh\necho -e \"export SQL_ROOT_PASSWORD=$(echo $RANDOM `date`|md5sum|base64|head -c 25)\\n$(cat env.sh)\" \u003e env.sh\necho -e \"export PASSWORD=$(echo $RANDOM `date`|md5sum|base64|head -c 25)\\n$(cat env.sh)\" \u003e env.sh\n```\n\nYou should change this lines with your email and dns name\n```\necho -e \"export EMAIL='Type your email here'\\n$(cat env.sh)\" \u003e env.sh\necho -e \"export DOMAIN='Type your domain here'\\n$(cat env.sh)\" \u003e env.sh\n```\n\nThis is your credentials, store it in your password manager ;)\n```\ncat env.sh\n```\n\n#### 5) Prepare environment\n```\nsource env.sh\nbash setup.sh\n```\n\nIf you have docker swarm setup with more than one machine, you should start NFS server on main manager and [connect other nodes to it](https://linuxize.com/post/how-to-mount-an-nfs-share-in-linux/):\n\nA) On main machine\n```\n# Setup NFS server with compose as docker-swarm still doesn't support `privileged` mode\ndocker-compose -f nfs.yml up -d\n```\n\nB) On all other machines\n```\nexport MASTER_IP=\"your $MASTER_IP from step 4\"\nexport DATAPATH=\"your $DATAPATH from step 4\"\necho -e \"$MASTER_IP:$DATAPATH $DATAPATH nfs nfsvers=4,rw 0 0\" \u003e\u003e /etc/fstab\nmount $DATAPATH\n```\n\n#### 6) Run your new services\n\nAfter entering all commands below you'll able to login into your new services by addresses:\n* https://traefik.your_domain user `your $USERNAME` password `your $PASSWORD`\n* https://portainer.your_domain\n* https://registry.your_domain user `your $REGISTRY_USERNAME` password `your $REGISTRY_PASSWORD`\n* https://influxdb.your_domain user `your $USERNAME` password `your $PASSWORD`\n* https://grafana.your_domain user `your $USERNAME` password `your $PASSWORD`\n* https://victoriametrics.your_domain user `your $USERNAME` password `your $PASSWORD`\n* https://adminer.your_domain user `your $USERNAME` password `your $PASSWORD`\n* https://minio-console.your_domain user `your $USERNAME` password `your $PASSWORD`\n* https://gitlab.your_domain user `root` password `your $PASSWORD`\n* https://nextcloud.your_domain user `your $USERNAME` password `your $PASSWORD`\n* https://tuleap.your_domain user `admin` password `your $PASSWORD`\n* https://openproject.your_domain user `admin` password `admin`\n* https://rocketchat.your_domain\n* https://vaultwarden.your_domain/admin password `your $PASSWORD`\n* https://nocodb.your_domain\n* https://strapi.your_domain\n\n##### Docker Compose\n\nMandatory steps\n```\ndocker-compose -f setup-compose.yml up -d\ndocker-compose -f databases.yml up -d\n```\n\nfrom now on you can choose which services you need\n```\ndocker-compose -f monitoring.yml up -d\ndocker-compose -f registry.yml up -d\ndocker-compose -f minio.yml up -d\ndocker-compose -f vaultwarden.yml up -d\ndocker-compose -f tuleap.yml up -d\ndocker-compose -f nextcloud.yml up -d\ndocker-compose -f gitlab.yml up -d\n```\n\nAfter enabling portainer you should immediately go to portainer.your_domain and set admin password\n```\ndocker-compose -f portainer.yml up -d\n```\n\nAfter enabling rocketchat you should immediately go to rocketchat.your_domain/admin and set admin password\n```\ndocker-compose -f rocketchat.yml up -d\n```\n\nAfter enabling openproject you should immediately go to openproject.your_domain,\nlogin with `admin` user and `admin` password, change it and update settings on\nopenproject.your_domain/admin/settings/general\n```\ndocker-compose -f openproject.yml up -d\n```\n\nAfter enabling nocodb you should immediately go to nocodb.your_domain and set admin password\n```\ndocker-compose -f nocodb.yml up -d\n```\n\nAfter enabling strapi you should wait a minute and then go to strapi.your_domain/admin and set admin password\n```\ndocker-compose -f strapi.yml up -d\n```\n\n##### Docker Swarm\n\nMandatory steps\n```\ndocker stack deploy --compose-file setup-swarm.yml startpack\ndocker stack deploy --compose-file databases.yml startpack\n```\n\nFrom now on you can choose which services you need\n```\ndocker stack deploy --compose-file monitoring.yml startpack\ndocker stack deploy --compose-file registry.yml startpack\ndocker stack deploy --compose-file minio.yml startpack\ndocker stack deploy --compose-file vaultwarden.yml startpack\ndocker stack deploy --compose-file tuleap.yml startpack\ndocker stack deploy --compose-file nextcloud.yml startpack\ndocker stack deploy --compose-file gitlab.yml startpack\n```\n\nAfter enabling portainer you should immediately go to portainer.your_domain and set admin password\n```\ndocker stack deploy --compose-file portainer.yml startpack\n```\n\nAfter enabling rocketchat you should immediately go to rocketchat.your_domain/admin and set admin password\n```\ndocker stack deploy --compose-file rocketchat.yml startpack\n```\n\nAfter enabling openproject you should immediately go to openproject.your_domain,\nlogin with `admin` user and `admin` password, change it and update settings on\nopenproject.your_domain/admin/settings/general\n```\ndocker stack deploy --compose-file openproject.yml startpack\n```\n\nAfter enabling nocodb you should immediately go to nocodb.your_domain and set admin password\n```\ndocker stack deploy --compose-file nocodb.yml startpack\n```\n\nAfter enabling strapi you should immediately go to strapi.your_domain/admin and set admin password\n```\ndocker stack deploy --compose-file strapi.yml startpack\n```\n\n#### 7) Run gitlab-runner on separate machine with docker-compose\n```\n# Install docker\ncurl -fsSL https://get.docker.com -o get-docker.sh\nDRY_RUN=1 sh ./get-docker.sh\nsh ./get-docker.sh\n\n# Install docker-compose\ncurl -L \"https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)\" -o /usr/local/bin/docker-compose\nchmod +x /usr/local/bin/docker-compose\n\n# Get files\ngit checkout https://github.com/tldr-devops/startpack.git --depth=1\ncd startpack\n\n# Prepare environment\nmkdir -p {builds,cache}\nexport DOMAIN=\"Your domain\"\nexport HASHED_PASSWORD=\"HASHED_PASSWORD from step 4\"\nenvsubst \u003c configs/gitlab-runner.toml \u003e ./config.toml\n\n# Run runner in docker with docker-compose\ndocker-compose -f gitlab-runner.yml up -d\n\n# Check runners logs\ndocker-compose -f gitlab-runner.yml logs -f\n```\n\n#### 8) Login into your docker registry on all docker hosts\n```\ndocker login -u \"Your REGISTRY_USERNAME from step 4\" -p \"Your REGISTRY_PASSWORD from step 4\" registry.\"YOUR DOMAIN\"\n```\n\n#### 9) You should configure backups of your server, at least $DATAPATH directory\n","funding_links":["https://ko-fi.com/filipp_frizzy"],"categories":["Shell","postgresql"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftldr-devops%2Fstartpack","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftldr-devops%2Fstartpack","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftldr-devops%2Fstartpack/lists"}