Wanted to share what apps & services I’m currently self-hosting on my small Linode VPS
Using docker-compose, nginx and CloudFlare
- Tools used
- Folder structure
- Apps & services
- Next steps
Everything runs smoothly on a “Nanode” (Linode’s version of a 5$/month VPS with 1GB RAM, 25GB SSD, 1 CPU)
My setup consists of a lovely symbiosis between docker-compose, nginx and CloudFlare.
CloudFlare serves the SSL certificates for the subdomains I set up for the various services.
To give you an idea of the subdomains I set up
nginx serves as a reverse proxy to dispatch requests to the correct service.
docker/docker-compose to keep the various services running and isolated from each other (e.g. multiple services could use postgres or redis, but are shielded and managed separately).
Read more below how to set it up yourself.
This is how I organized the various services in folders, with the own
docker-compose.yml and eventual config / source files:
[email protected]:~$ tree . -L 2 . ├── commento │ └── docker-compose.yml ├── linkding │ ├── data │ └── docker-compose.yml ├── miniflux │ └── docker-compose.yml ├── planka │ └── docker-compose.yml ├── pleroma-docker │ └── ...other source files... │ ├── config.exs │ ├── data │ ├── docker-compose.yml │ └── Dockerfile ├── snapdrop │ ├── config │ └── docker-compose.yml ├── umami │ └── docker-compose.yml └── wireguard ├── config └── docker-compose.yml
As you can see, the only “exception” is
pleroma-docker where the source files are needed and an additional
config.exs to configure it correctly.
Below I want to go in deeper detail how to set up each service individually.
For all services below, simply create an individual DNS subdomain on CloudFlare (or where your domain is managed).
A record that points to your servers IP.
CloudFlare takes care of your certificates, that’s why I recommend it.
You could also generate the certificates yourself with Letsencrypt.
Apps & services
WireGuard is my go-to VPN when I need to set up one on my own, for personal use.
To create my personal VPN I’m using the following
- SERVERPORT=51820 # optional
- PEERS=5 # optional, this will create 5 configurations
Once you placed this
docker-compose.yml in the folder
docker-compose up -d
Eventually check the logs with
docker logs -f wireguard to see if everything seems fine.
Now you can either show a QR code to connect to the VPN through a mobile phone, or
scp the configuration file to your PC:
To connect from a mobile device by scanning the QR code for the desired config, run
docker exec -it wireguard /app/show-peer 1
You can also
scp the config files located under
wireguard/config/peer*/peer*.conf to set up your PC
Place the config files under your local
/etc/wireguard/ folder and manage the connections with
For more info check out this blog post about “5$/month Self Hosted VPN with WireGuard”
Miniflux has become my go-to RSS reader, that I can visit from my phone or PC seamlessly on the web.
For Miniflux I am using this
Set your own
ADMIN_PASSWORD to log in on the Web UI.
docker-compose up -d in the
miniflux directory, and you have your own RSS reader.
The service is exposed on port
Check out the nginx section to set up your reverse proxy for Miniflux.
A dead-simple Trello-like Kanban board.
docker-compose.yml is based on the official one
Simply copy it in the
planka folder, follow the instructions and run
docker-compose up -d
Check out the nginx section to set up your reverse proxy for Planka.
Similarly for Linkding, I grabbed the official docker-compose.yml and placed it in the folder
The service is listening on port
Check out the nginx section to set up your reverse proxy for Linkding.
The default username and password are
[email protected] /
Change them on your first login through the Web UI.
Also here there is an official
The service runs on port
Check out the nginx section to set up your reverse proxy for Commento.
Using the official
The pro of self-hosting your website analytics software is that you get an real sense of your website visitors.
I noticed that most adblockers work by domain, thus hosting the service under your domain you likely don’t get blocked.
Snapdrop provides local file sharing in your browser. Inspired by Apple’s Airdrop.
On the same home network, I can share files between devices easily.
Works by using WebRTC for transfer and WebSockets for signalling, and can be installed as a PWA.
The source code is also quite nice.
To get everything up and running I’m using the linuxserver/snapdrop Docker image.
docker-compose.yml looks like this:
In the nginx section you’ll find more info on how to set up your reverse proxy for Snapdrop.
I am using
nginx as a reverse proxy to forward requests to the correct backend.
Each service exposes its port locally, meaning on the interface
127.0.0.1 without exposing the port on the internet.
All services are served by nginx on port
With CloudFlare I set up various subdomains to point to the IP address of my server.
Here is the configuration for
miniflux for example, which is set up to listen to the port
Put this file under
The only changes you need to make to set this up for the other services are
- set the correct port of the service (under the
- specify the
server_nameto match one you set up on CloudFlare
Now create a symbolic links to “enable” the site configuration:
sudo ln -s /etc/nginx/sites-available/miniflux /etc/nginx/sites-enabled/miniflux
and reload your nginx service
sudo systemctl reload nginx
I want to experiment is to make the services only accessible through the VPN network, so that they’re shielded from the internet.
Another approach could be to self-host them on a Raspberry Pi.
Although, I had some trouble finding ARM specific build for some images. You can still try to build them from source by yourself.
In the above list it was omitted, but of course you need to harden your server, limit root/password access and correctly set up your firewall.
There is an excellent guide on Linode’s docs page
The set of services outlined above suits my needs extremely well, plus the cost of managing them is super low (5$ / month).
On GitHub there is an exhaustive list of services that you can easily self-host.
Note: When you are self-hosting you will inevitably run into the following issues that you need to take extra care for:
- data backup / data loss
So it’s not all sunshine and roses.