Own Cloud
Hi,
I've been working this weekend on having all services running again from my own server.
Cloudflare Worker
I still have a domain that I bought for my gf called "somethingstudio.store".
First I need to map 443 HTTPS default port to 8443, this is only a workaround for the ISP router.
They have 443 reserved so I am actually exposing 8443 and a cloudflare worker is running as a proxy rewrite basically.
export default {
async fetch(request) {
const regex = new RegExp("somethingstudio.store")
const url = new URL(request.url);
if (url.hostname.match(regex)) {
url.port = '8443'
return fetch(url.toString(), request);
}
return fetch(request);
},
};
Hosting
Everything gets to that port and nginx as a proxy reverse gets 4 service right now:
- Portainer (docker manager)
- Strapi (cms)
- Gitlab (self hosted git)
- NextCloud (self hosted google drive)
Portainer agent
So my next service it's going to be "agent.somethingstudio.store".
docker run -d \
-p 9001:9001 \
--name portainer_agent \
--restart=always \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /var/lib/docker/volumes:/var/lib/docker/volumes \
portainer/agent:2.19.1
This allows me to use my server from any server that is running portainer.
Having a small VM on any cloud or locally I can run:
docker run -d -p 2086:8000 -p 2087:9443 -p 9000:9000 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest
From that instance I need to point to the agent and I can use 16gb or ram and 24 cores to deploy any new service.
0auth
The problem with all of this is that everything is behind cloudflare and "safe", but all services rely on common login authentication, so the next step is to get everything behind 0auth with my own provider instance keycloak.