An open API service indexing awesome lists of open source software.

https://github.com/ducks/burrow

Docker config for my Fornex VPS
https://github.com/ducks/burrow

Last synced: about 2 months ago
JSON representation

Docker config for my Fornex VPS

Awesome Lists containing this project

README

          

# Infrastructure

Declarative burrow setup for VPS services.

## Services

- **Caddy** - Reverse proxy with automatic HTTPS (Let's Encrypt)
- **Gitea** - Self-hosted Git service (code.jakegoldsborough.com)
- **GoatCounter JG** - Analytics for jakegoldsborough.com (stats.jakegoldsborough.com)
- **GoatCounter DV** - Analytics for date-ver.com (stats.date-ver.com)
- **PostgreSQL** - Single database instance with multiple databases

## First-Time Setup

### 1. On your VPS, install Docker

```bash
# Arch Linux
sudo pacman -S docker docker-compose
sudo systemctl enable --now docker
sudo usermod -aG docker $USER
# Log out and back in for group to take effect
```

### 2. Clone the repository

```bash
cd ~
git clone burrow
cd burrow
```

### 3. Bootstrap environment file

```bash
./bin/bootstrap
```

This will:
- Generate secure random passwords
- Create `.env` file automatically
- Make all scripts executable

Or manually:
```bash
cp .env.example .env
nano .env # Set secure passwords for all services
chmod +x bin/* postgres/init-databases.sh
```

### 4. Start the stack

```bash
docker compose up -d
```

### 5. Check status

```bash
docker compose ps
docker compose logs -f
```

### 6. Enable systemd auto-start (optional)

```bash
sudo cp systemd/burrow.service /etc/systemd/system/
sudo systemctl daemon-reload
sudo systemctl enable burrow.service
sudo systemctl status burrow.service
```

## Accessing Services

- **Gitea**: https://code.jakegoldsborough.com
- SSH: `git clone ssh://git@code.jakegoldsborough.com:2222/user/repo.git`
- **GoatCounter JG**: https://stats.jakegoldsborough.com
- **GoatCounter DV**: https://stats.date-ver.com

## Management

### Deploy updates

```bash
./bin/deploy
```

Or manually:
```bash
git pull
docker compose pull
docker compose up -d
```

### View logs

```bash
# All services
docker compose logs -f

# Specific service
docker compose logs -f gitea
docker compose logs -f caddy
```

### Backup databases

```bash
./bin/backup
```

Backups are saved to `./backups/` with timestamps.

### Restore database

```bash
# Example: restore Gitea database
gunzip -c backups/gitea_20231220_120000.sql.gz | docker exec -i postgres psql -U gitea gitea
```

## Migrating Existing Databases

If you have existing databases to migrate:

### Option 1: Import during first startup

1. Place your SQL dumps in `postgres/` directory
2. Modify `postgres/init-databases.sh` to import them after creating databases
3. Start the stack

### Option 2: Import after startup

```bash
# Import Gitea database
cat your-gitea-dump.sql | docker exec -i postgres psql -U gitea gitea

# Import GoatCounter databases
cat your-goatcounter-jg-dump.sql | docker exec -i postgres psql -U goatcounter_jg goatcounter_jg
cat your-goatcounter-dv-dump.sql | docker exec -i postgres psql -U goatcounter_dv goatcounter_dv
```

## Firewall

Make sure ports are open:

```bash
# Using UFW
sudo ufw allow 22/tcp # SSH
sudo ufw allow 80/tcp # HTTP
sudo ufw allow 443/tcp # HTTPS
sudo ufw allow 2222/tcp # Gitea SSH
sudo ufw enable
```

## Troubleshooting

### Check container status
```bash
docker compose ps
```

### View container logs
```bash
docker compose logs -f
```

### Restart a service
```bash
docker compose restart
```

### Restart everything
```bash
docker compose down
docker compose up -d
```

### Access PostgreSQL directly
```bash
docker exec -it postgres psql -U postgres
```

### Check Let's Encrypt certificate status
```bash
docker exec caddy caddy list-certificates
```

## Directory Structure

```
burrow/
├── docker-compose.yml # Service definitions
├── Caddyfile # Reverse proxy config
├── .env # Secrets (git-ignored)
├── .env.example # Template for .env
├── .gitignore # Git ignore rules
├── systemd/
│ └── burrow.service # Systemd unit for auto-start
├── postgres/
│ └── init-databases.sh # Database initialization
├── bin/
│ ├── bootstrap # Initial setup script
│ ├── deploy # Deployment helper
│ └── backup # Backup helper
└── README.md # This file
```

## Notes

- All configuration is declarative and version-controlled
- Secrets are in `.env` (git-ignored), with `.env.example` as template
- Caddy automatically handles HTTPS certificates via Let's Encrypt
- All services communicate via Docker network (not exposed to host except Caddy and Gitea SSH)
- Persistent data is stored in Docker named volumes