VPS Docker Environment Setup

This repository contains a modular Docker-based environment to manage various services on a VPS using Docker Compose, Traefik, Watchtower, and more. Each service (analytics, registry, Dozzle, etc.) has its own docker-compose.yml file and is auto-discovered by the Makefile.

---

📁 Directory Structure

.
├── Makefile
├── README.md
├── .env.example
├── analytics/
│   └── docker-compose.yml
├── dozzle/
│   └── docker-compose.yml
├── example-app/
│   └── docker-compose.yml
├── registry/
│   └── docker-compose.yml
├── traefik/
│   └── docker-compose.yml
├── watchtower/
│   └── docker-compose.yml

---

⚙️ Requirements

• Debian 12 (or compatible Linux distro)
• Docker and Docker Compose
• htpasswd installed (apache2-utils or httpd-tools)

Install it on Debian-based systems:

sudo apt install apache2-utils

---

🔧 Configuration

Environment Variables

Copy .env.example to .env and update values as needed:

cp .env.example .env

---

🛠️ Available Commands

Use the Makefile to manage all services at once:

make help

Start all services

make up

This will automatically detect all subdirectories with a docker-compose.yml and start them.

Stop all services

make down

Gracefully stops all containers from all discovered services.

Generate htpasswd files

make create-htpasswd

Interactively prompts for usernames and passwords for:

• Traefik
• Dozzle
• Registry

And saves them to the appropriate paths:

• traefik/auth/htpasswd
• dozzle/auth/htpasswd
• registry/auth/htpasswd

---

🧩 Adding a New Service

To add a new service to your Docker environment, follow these steps:

1. Create a New Folder

Create a new directory in the root of the project, for example:

mkdir my-app

Inside this folder, create a docker-compose.yml file.

2. Define the Service

Here’s a basic template for a new service that will be routed by Traefik and monitored by Watchtower:

services:
  example_app:
    image: ${REGISTRY_DOMAIN}/my_app
    container_name: hosted_my_app
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.hosted_my_app.rule=Host(`${MY_APP_DOMAIN}`)"
      - "traefik.http.routers.hosted_my_app.entrypoints=websecure"
      - "traefik.http.routers.hosted_my_app.tls.certresolver=myresolver"
      - "com.centurylinklabs.watchtower.enable=true"
    networks:
      - web

networks:
  web:
    external: true

3. Add the Domain to .env

Make sure your domain is defined in the .env file at the project root:

MY_APP_DOMAIN=my-app.mydomain.com

4. Launch the Service

Use the Makefile to automatically detect and launch the new service:

make up

Your app will now be available at https://my-app.mydomain.com.

---

🔐 Security Notes

• Make sure to secure your VPS with tools like fail2ban, firewall rules, SSH keys, and regular updates.
• The .env file should never be committed if it contains secrets.

---

🧼 Future Enhancements

• Add fail2ban automation.
• TLS certificate backup / restore.

---

Happy hosting! 🚀