How to self host EASILY many things on you own server

I'm new in the hosting world, but I know that self hosting could be very painful if it's not done properly. So I wanted to build a system that prevent (some) failure and I didn't want to have my configuration files and my applications all over my server system. So I've decided to use Docker with docker-compose to make my life easier.

With that said, let's dig in !

The reverse proxy

Because I wanted to have many applications on my server, I have to set up a reverse proxy. My flatmate said to me: "Just grab an nginx and it'll be easy". After some hours of configuration and an epic battle with the cert-bot in order to get my SSL certificates, I've stopped. It was definitely not the easy way.

After few research I've found a nginx reverse proxy with a cert-bot and the promises of easy deployment. So I've tried. And it was easy. Not easy, but VERY VERY EASY to use. Let's look at my `reverse-proxy/docker-compose.yml':

version: '2'

services:
  nginx-proxy:
    image: jwilder/nginx-proxy:alpine
    ports:
      - "80:80"
      - "443:443"
    networks:
      - proxy
    volumes:
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - /etc/nginx/certs:ro
      - /etc/nginx/vhost.d
      - /usr/share/nginx/html
    restart: always
  ssl-compagnion:
    image: jrcs/letsencrypt-nginx-proxy-companion:v1.9
    networks:
      - proxy
    volumes:
      - /etc/nginx/certs:rw
      - /var/run/docker.sock:/var/run/docker.sock:ro
    volumes_from:
      - nginx-proxy
    restart: always

networks:
  proxy:

Well, just basic stuff. I've just declare a new network called proxy so I can call it in other docker-compose.yml. I enter docker-compose up -d in my terminal and my reverse-proxy is running without almost any configuration !

Miniflux

I've just wanted to have my own RSS aggregator. I've found one written in go with a good documentation: miniflux. Here is my docker-compose.yml.

version: '3'

services:
  app:
    image: miniflux/miniflux:2.0.11
    expose:
      - "8080"
    depends_on:
      - db
    networks:
      - proxy
      - miniflux
    environment:
      - DATABASE_URL=postgres://XXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXX@db/miniflux?sslmode=disable
      - RUN_MIGRATIONS=1
      - VIRTUAL_HOST=rss.livda.fr
      - VIRTUAL_PORT=8080
      - LETSENCRYPT_HOST=rss.livda.fr
      - LETSENCRYPT_EMAIL=mail@gmail.com
    restart: always
  db:
    image: postgres:10.2
    environment:
      - POSTGRES_USER=XXXXXXXXXXXXXXXXXX
      - POSTGRES_PASSWORD=XXXXXXXXXXXXXXXXXX
    networks:
      - miniflux
    restart: always

networks:
  miniflux:
  proxy:
    external:
      name: reverse-proxy_proxy

The only thing that is not present in the miniflux documentation are those environment variables:

• VIRTUAL_HOST=rss.livda.fr
• VIRTUAL_PORT=8080
• LETSENCRYPT_HOST=rss.livda.fr
• LETSENCRYPT_EMAIL=mail@gmail.com

They are here for the reverse proxy and it's companion. The VIRTUAL_PORT is optional if your container expose the port 80.

With all of that, I've just run docker-compose up -d in the miniflux folder, I've edited my DNS record to make rss.livda.fr goes to my public IP and ... It worked ! That's all.

All my other applications are exposed like that, so I don't have to manager my SSL certificates, neither my nginx configuration with multiple vhost. I just put 3 or 4 environment variables, and my new application/website is online with a nice HTTPS url.