3.1 KiB
self-host
Configuration of self-hosted third-party software on my Hetzner Cloud VPS.
Third-party applications
Docker-based
Services
| Server port | Docker port | Subdomain | Service | Description |
|---|---|---|---|---|
| 8000 | 3000 | grafana.systemsobscure.net | Grafana | Server logs and monitoring |
| 8001 | 9090 | bookmarks.systemsobscure.net | Linkding | Article bookmarking tool |
| 8002 | 3000 | forgejo.systemsobscure.net | Forgejo | Git forge |
| 8004 | 3000 | wakapi.systemsobscure.net | Wakapi | Coding statistics tracker |
| 8005 | 8080 | miniflux.systemsobscure.net | Miniflux | RSS aggregator |
Service data
Some applicaton data is stored in a network-attached Hetzner Storagebox drive ("Storagebox Alpha"). Docker volumes are mapped to this location.
This device is permanantly mounted using the CIFS
protocol
at /mnt/storagebox_alpha, as specified in /etc/fstab.
Other application data is stored on the small harddrive of the VPS:
| Service | Data | Location | Description |
|---|---|---|---|
| Forgejo | MySQL database | /data/mysql/forgejo |
Database data only. Repositories stored in NAS. |
| Wakapi | SQLite database | /data/sqlite/wakapi |
Native-based ("bare metal")
Forgejo runners
Although my Forgejo instance runs in Docker, the forgejo-runner software that manages the
runners necessary to execute Forgejo Actions is installed on the metal.
This service runs as a systemd service configured at
/etc/systemd/system/forgejo-runner.service.
I currently only have a single global runner in operation (self-host-server)
that runs on ubuntu-latest.
Garage object storage
I run a single-zone instance of Garage at
s3.systemsobscure.net. This subdomain is used for authenticated API and
awscli access to my buckets.
Garage is configured at /etc/garage.toml. Garage runs as a systemd service configured at
/etc/systemd/system/garage.service.
Certain buckets are publicly exposed to the Internet on subdomains for un-authenticated access:
The naming convention here is
[bucket-name].[garage_instance].[server_address].
My applications
All the applications that I have built and which I currently host are installed on the bare metal of the server and do not use Docker.
systemsobscure.blog
This is a static website served from the /var/www/systemsobscure.blog directory.