- What is this?
- Features
- Setup
- Examples
- Folder structure on the remote machine
- Container Networks
- Roadmap
This repository contains scripts and templates for infrastructure automation that will create a Hetzner Cloud VM that is ready to run Docker containers, while keeping maintenance as low as possible. This means that the defaults aren't really "production safe", but good enough for some self-hosted services. Updates for example get automaticly installed and the machine reboots itself to apply kernel updates, which obviously causes a downtime.
But its perfect for services you dont really want to pay attention to!
In addition to the core scripts for deploying and managing Docker environments, the code is extensible with custom ansible files for more flexible setups.
- Automated updates (OS and Docker images)
- Automated backups to Google Cloud Storage
- Letsencrypt SSL Proxy for all Docker services (jwilder-nginx-proxy)
- Deployment of new docker-compose files via Ansible
- Some Web UI Management Tools
- Prepare your Hetzner environment
- Create an SSH key and add it to your Hetzner project
Create an floating IP, if you don't want to use this, comment out the last 5 lines in main.tf
- Create terraform.tfvars in the custom directory directory. (An example is shown here)
- Initialize Terraform and all plugins by running
./hosting.sh setup
- Configure your VM details in the custom directory (ansible-config.yml in custom/) directory.
- Find out how to configure your DNS records. This is dependend on your domain registrar and will be needed later
Run the script in the root directory. If everything was configured correctly this will create the VM and install everything.
./hosting.sh create
After that you can login via SSH with any key that is added to your Hetzner account
If you can access the Portainer management interface at http://<Your-Servers-IP>:9000 the deployment was successful.
Alternatively, if you configured a domain in your ansible configuration file your Portainer interface is also acessible via
https://docker.<Your-Domain.tld>. To make this work you need to setup the correct DNS configuration. In most cases it is enough to create a single wildcard record that directs all subdomains to your new Hetzner IP.
How to manage your new server is documented here
For specific details on how to use Portainer, check the official documentaion
The hosting environment created by these scripts automaticly installs various automation scripts which make it easier for you to manage your services.
| Service | Description | URL/Port |
|---|---|---|
| Portainer | Manage Docker containers and view logs. | :9000, or https://docker.<Your-Domain> |
| Script | Description |
|---|---|
| Update | The VM will update itself and all containers in /hosting/instances on reboot. This is also used to start each service after a reboot. |
| Backup | Automated backups to GCP Storage. For more information (like how to change the repo password check the official documentation) |
| Reboot | The VM will restart every Sunday at 3:30AM. This will cause a short downtime. |
Check the script documentation for detailed examples
Check the example documentation for detailed examples
| Usage | Path |
|---|---|
| Root | /hosting |
| Docker configurations | /hosting/instances |
| Management and scripts | /hosting/scripts |
| Secrets | /hosting/secrets |
| Network name | Description |
|---|---|
| proxy | Required for each container that has to be available to the internet |
All custom configuration, your docker-compose files and all secrets are placed inside the custom directory.
If you want to use git to manage your files, follow these steps:
git subtree split -P custom -b <name-of-new-branch>
# Create a new git repository
mkdir ~/<new-repo> && cd ~/<new-repo>
git init
git pull </path/to/hetzner-docker-hosting> <name-of-new-branch>
# Add a remote for the new repo
git remote add origin <git@github.com:user/new-repo.git>
git push -u origin master
# Symlink new folder to the custom folder
ln -s </path/to/new/repo </path/to/hetzner-docker-hosting/custom>The roadmap and upcoming features are documented as issues in this repository. This is also the correct way to request new features or additional documentation.
"Could not find or access '../custom/secrets/gcp-secret.json' is an error that occurs, because the location of the secret file got moved to the custom directory. Just copy (or move) your secrets folder into your existing custom directory.
Yes! Simply change the terraform.tfvars in the custom directory to the desired ARM server type and adapt your Dockerfiles accordingly.