About what, why and why?

I decided to write this short note after my own experience of deploying a personal "infrastructure" consisting of several applications for everyday affairs.

Here I will tell you how to deploy services for controlling finances ( FireFly3 ), notes and what is larger ( BookStack ) and controlling the time spent on tasks in opensource projects or at work ( Titra ) - all this on Vultr with protection using firewall groups and access only from the necessary ip, for example, home statics or vpn (we'll expand Pritunl for this).

I chose Vultr because I have been working with him for a long time and already know what he can and what not - in my case, he came up perfectly.

Hope this is helpful to someone.

Deploying services

For the services (all three), I chose a simple instance on Vultr + automatic backups, since all of them are not particularly demanding on resources.

.: , DNS, (certbot), , , personal.io, :)

. 2: — docker, , .

— FireFly3

Demo

. : , - , - .

FireFly3 , , .. ..

firefly3 , docker, . docker-compose c firefly :

version: '3.3'

services:
  fireflyiii:
    image: jc5x/firefly-iii:latest
    volumes:
      - firefly_iii_upload:/var/www/html/storage/upload
    env_file:
      - .env
    restart: unless-stopped
    ports:
      - 127.0.0.1:34567:8080
    depends_on:
      - fireflyiiidb

  fireflyiiidb:
    image: yobasystems/alpine-mariadb:latest
    restart: unless-stopped
    env_file:
      - .env.db
    volumes:
      - firefly_iii_db:/var/lib/mysql

volumes:
   firefly_iii_upload:
     driver: local
   firefly_iii_db:
     driver: local
      
      

        
        
        
      

    
        
        
        
      
      

        
        
        
      

    
    

, env- , , : , (SMTP MAILGUN), , (, , eloquent LDAP), , finance.personal.io. env- ( ) pastebin .

firefly3 , nginx proxypass , .

, .. — BookStack

Demo

/, - , , BookStack — , , markdown ( , ), : --.

, .

docker-compose.yml:

version: "3.1"
services:
  bookstack:
    image: linuxserver/bookstack
    container_name: bookstack
    volumes:
      - bookstack-volume:/config
    ports:
      - 127.0.0.1:34568:80
    env_file: 
      - .env.bookstack
    restart: unless-stopped
    depends_on:
      - bookstack_db

  bookstack_db:
    image: linuxserver/mariadb
    container_name: bookstack_db
    volumes:
      - bookstack-db:/config
    env_file: 
      - .env.db
    restart: unless-stopped

volumes:
  bookstack-volume:
    driver: local
  bookstack-db:
    driver: local
      
      

        
        
        
      

    
        
        
        
      
      

        
        
        
      

    
    

, firefly, web .

.env.bookstack:

DB_HOST=bookstack_db
DB_USER=bookstack
DB_PASS=bookstackpassword
DB_DATABASE=bookstackapp
APP_URL=https://notes.personal.io
      
      

        
        
        
      

    
        
        
        
      
      

        
        
        
      

    
    

, admin , .

bookstack LDAP, SAML — . pdf html, , .. .

— Titra

Demo

, , , . Titra , , (, ), ( ), ..

docker-compose.yml:

version: "3.1"
services:
  titra:
    image: kromit/titra
    container_name: titra
    depends_on:
      - mongodb
    ports:
      - "127.0.0.1:34569:3000"
    env_file:
      - .env.titra
    restart: always

  mongodb:
    image: mongo:4.2
    container_name: mongodb
    restart: always
    volumes:
      - titra_db:/data/db

volumes:
  titra_db:
    driver: local
      
      

        
        
        
      

    
        
        
        
      
      

        
        
        
      

    
    

.env.titra:

ROOT_URL=https://titra.personal.io
MONGO_URL=mongodb://mongodb/titra
      
      

        
        
        
      

    
        
        
        
      
      

        
        
        
      

    
    

: — Homer

Demo

, , , , . , heimdall homer, , .

Homer , , (, ).

docker-compose.yml:

version: "3.3"
services:
  homer:
    image: b4bz/homer:latest
    volumes:
      - ./assets:/www/assets
    ports:
      - "127.0.0.1:34570:8080"
    restart: unless-stopped

      
      

        
        
        
      

    
        
        
        
      
      

        
        
        
      

    
    

homer assets config.yml, , .

:

title: "Infrastructure"
subtitle: "Personal"

documentTitle: "Personal/Infrastructure"
icon: "fas fa-skull-crossbones"
header: true

columns: "3"

theme: default

colors:
  dark:
    highlight-primary: "#3367d6"
    highlight-secondary: "#4285f4"
    highlight-hover: "#5a95f5"
    background: "#131313"
    card-background: "#2b2b2b"
    text: "#eaeaea"
    text-header: "#ffffff"
    text-title: "#fafafa"
    text-subtitle: "#f5f5f5"
    card-shadow: rgba(0, 0, 0, 0.4)
    link-hover: "#ffdd57"

services:
  - name: "Main"
    icon: "fas fa-code-branch"
    items:
      - name: "Titra"
        icon: "fas fa-clock"
        subtitle: "time-tracking"
        url: "https://titra.personal.io"

      - name: "FireFly3"
        icon: "fas fa-piggy-bank"
        subtitle: "finance"
        url: "https://finance.personal.io"

      - name: "BookStack"
        icon: "fas fa-book"
        subtitle: "notes-articles-book"
        url: "https://notes.personal.io"
      
      

        
        
        
      

    
        
        
        
      
      

        
        
        
      

    
    

:

home.personal.io

, nginx certbot. , : apps.conf

nginx:

systemctl start nginx
      
      

        
        
        
      

    
        
        
        
      
      

        
        
        
      

    
    

, A- DNS , home, notes, finance, titra ip Vultr, certbot Let's Encrypt, :

certbot run --nginx
      
      

        
        
        
      

    
        
        
        
      
      

        
        
        
      

    
    

, .

, , :

1. Prtinul
2. firewall Vultr

, ( 60 ) pritunl vultr .

, firewall vultr ( )

1. "Add firewall group".

   
   
   
   
   
   
   

2. , , , 22 , - VPN. , :

   
   
   
   
   
   
   

1. , , .

   
   
   
   
   
   
   

2. .