Copy the example environment file and modify the VPS Provisioning
configs.
cp .env.example .env
make bootstrap
- Generate an SSH key pair
- Create the main user
- Set up firewall rules
- Change the root password
- Disable root login
make provision
- Install: virtualenv, Docker, AWS CLI, make
- Allow 80/TCP connections
Update the Docker Services
configs in .env
, where ENVIRONMENT
can be dev
(local machine) or prod
.
make start
- Create the
tifa
network - Run the Traefik reverse proxy
- Run a MySQL instance
- Run a phpMyAdmin instance
In the development environment, a certificate is created at ./assets/traefik/certs/dev.crt
. On macOS it is added to the system's trusted SSL certificates.
Add a new hostname in the .env
file and restart services.
make restart
Add the following labels and proxy
network to service:
myservice:
image: myimage
labels:
traefik.enable: true
traefik.http.routers.<ROUTER_KEY>.rule: Host(`${HOSTNAME:-}`)
traefik.http.routers.<ROUTER_KEY>.entrypoints: <ENTRYPOINT>
networks:
- tifa
Each service needs to have a unique ROUTER_KEY
.
Currently supported entrypoints:
Entrypoint | Port |
---|---|
web | 80 |
websecure | 443 |
mysql | 3306 |
For websecure
HTTPS connections, enable TLS.
traefik.http.routers.<ROUTER_KEY>.tls.certresolver: letsencrypt
Finally, define the external network at the top level.
networks:
proxy:
external: true