https://github.com/ducks/burrow
Docker config for my Fornex VPS
https://github.com/ducks/burrow
Last synced: about 2 months ago
JSON representation
Docker config for my Fornex VPS
- Host: GitHub
- URL: https://github.com/ducks/burrow
- Owner: ducks
- Created: 2025-12-20T23:14:52.000Z (7 months ago)
- Default Branch: main
- Last Pushed: 2025-12-20T23:39:40.000Z (7 months ago)
- Last Synced: 2025-12-22T21:36:35.107Z (6 months ago)
- Language: Shell
- Size: 13.7 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Infrastructure
Declarative burrow setup for VPS services.
## Services
- **Caddy** - Reverse proxy with automatic HTTPS (Let's Encrypt)
- **Gitea** - Self-hosted Git service (code.jakegoldsborough.com)
- **GoatCounter JG** - Analytics for jakegoldsborough.com (stats.jakegoldsborough.com)
- **GoatCounter DV** - Analytics for date-ver.com (stats.date-ver.com)
- **PostgreSQL** - Single database instance with multiple databases
## First-Time Setup
### 1. On your VPS, install Docker
```bash
# Arch Linux
sudo pacman -S docker docker-compose
sudo systemctl enable --now docker
sudo usermod -aG docker $USER
# Log out and back in for group to take effect
```
### 2. Clone the repository
```bash
cd ~
git clone burrow
cd burrow
```
### 3. Bootstrap environment file
```bash
./bin/bootstrap
```
This will:
- Generate secure random passwords
- Create `.env` file automatically
- Make all scripts executable
Or manually:
```bash
cp .env.example .env
nano .env # Set secure passwords for all services
chmod +x bin/* postgres/init-databases.sh
```
### 4. Start the stack
```bash
docker compose up -d
```
### 5. Check status
```bash
docker compose ps
docker compose logs -f
```
### 6. Enable systemd auto-start (optional)
```bash
sudo cp systemd/burrow.service /etc/systemd/system/
sudo systemctl daemon-reload
sudo systemctl enable burrow.service
sudo systemctl status burrow.service
```
## Accessing Services
- **Gitea**: https://code.jakegoldsborough.com
- SSH: `git clone ssh://git@code.jakegoldsborough.com:2222/user/repo.git`
- **GoatCounter JG**: https://stats.jakegoldsborough.com
- **GoatCounter DV**: https://stats.date-ver.com
## Management
### Deploy updates
```bash
./bin/deploy
```
Or manually:
```bash
git pull
docker compose pull
docker compose up -d
```
### View logs
```bash
# All services
docker compose logs -f
# Specific service
docker compose logs -f gitea
docker compose logs -f caddy
```
### Backup databases
```bash
./bin/backup
```
Backups are saved to `./backups/` with timestamps.
### Restore database
```bash
# Example: restore Gitea database
gunzip -c backups/gitea_20231220_120000.sql.gz | docker exec -i postgres psql -U gitea gitea
```
## Migrating Existing Databases
If you have existing databases to migrate:
### Option 1: Import during first startup
1. Place your SQL dumps in `postgres/` directory
2. Modify `postgres/init-databases.sh` to import them after creating databases
3. Start the stack
### Option 2: Import after startup
```bash
# Import Gitea database
cat your-gitea-dump.sql | docker exec -i postgres psql -U gitea gitea
# Import GoatCounter databases
cat your-goatcounter-jg-dump.sql | docker exec -i postgres psql -U goatcounter_jg goatcounter_jg
cat your-goatcounter-dv-dump.sql | docker exec -i postgres psql -U goatcounter_dv goatcounter_dv
```
## Firewall
Make sure ports are open:
```bash
# Using UFW
sudo ufw allow 22/tcp # SSH
sudo ufw allow 80/tcp # HTTP
sudo ufw allow 443/tcp # HTTPS
sudo ufw allow 2222/tcp # Gitea SSH
sudo ufw enable
```
## Troubleshooting
### Check container status
```bash
docker compose ps
```
### View container logs
```bash
docker compose logs -f
```
### Restart a service
```bash
docker compose restart
```
### Restart everything
```bash
docker compose down
docker compose up -d
```
### Access PostgreSQL directly
```bash
docker exec -it postgres psql -U postgres
```
### Check Let's Encrypt certificate status
```bash
docker exec caddy caddy list-certificates
```
## Directory Structure
```
burrow/
├── docker-compose.yml # Service definitions
├── Caddyfile # Reverse proxy config
├── .env # Secrets (git-ignored)
├── .env.example # Template for .env
├── .gitignore # Git ignore rules
├── systemd/
│ └── burrow.service # Systemd unit for auto-start
├── postgres/
│ └── init-databases.sh # Database initialization
├── bin/
│ ├── bootstrap # Initial setup script
│ ├── deploy # Deployment helper
│ └── backup # Backup helper
└── README.md # This file
```
## Notes
- All configuration is declarative and version-controlled
- Secrets are in `.env` (git-ignored), with `.env.example` as template
- Caddy automatically handles HTTPS certificates via Let's Encrypt
- All services communicate via Docker network (not exposed to host except Caddy and Gitea SSH)
- Persistent data is stored in Docker named volumes