harbormaster
https-portal
Our great sponsors
harbormaster | https-portal | |
---|---|---|
27 | 9 | |
- | 4,358 | |
- | - | |
- | 5.6 | |
- | 3 months ago | |
Ruby | ||
- | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
harbormaster
- Harbormaster: The Tiniest Container Orchestrator
-
Ask HN: What hardware are you running for your home server?
I use an HP ProLiant Microserver with four drives in a ZFS RAIDZ array and an SSD for the OS. For software, I mostly run it in Docker using a very small container orchestration program I wrote:
- MRSK vs. Fly.io
-
I am a one-man show: Deployment and infrastructure for a 150k/m visits webapp
I needed something that would restart containers automatically when I pushed to a branch, so I wrote a few lines of code to do it:
https://gitlab.com/stavros/harbormaster
As far as PaaSes go, it's probably the simplest, and works really well.
-
My VM is Lighter (and Safer) than your Container
I was in the same boat as you and built something simple that I really like:
https://gitlab.com/stavros/harbormaster
It'll just pull some repos, make sure the containers are up, and make your configuration simple and discoverable. It really works great at that.
-
Exposing a web service with Cloudflare Tunnel
I do this for our services, it works great and we can easily put SSO in front of them with CF Access. I publish a Docker container that you can use as a sidecar for your Compose deployments:
https://gitlab.com/stavros/docker-cloudflared
I use this with Harbormaster (https://gitlab.com/stavros/harbormaster) so I can expose containerized stuff without ever forwarding any ports outside of Docker.
-
I Miss RSS
I use Dokku for that (I can share my Bitwarden repo if you want, the entire thing is four lines or something). I also made https://gitlab.com/stavros/harbormaster for things that weren't so "web server -> app -> database" and love it.
-
Self-Hosting Dozens of Web Applications and Services on a Single Server
I had the same problem and didn't want to manage things by hand, so I wrote Harbormaster:
https://gitlab.com/stavros/harbormaster
It basically pulls Compose apps from the git repositories you specify, builds the containers and makes sure they're running. Pretty simple and works really well for me.
-
Setting Up Cloudflare Argo and Access on a Raspberry Pi
(This post should read "Argo tunnel" instead of just "Argo")
I did the same to enable secure access to services via SSO at work. I used Harbormaster[1] to deploy Compose files, but it's otherwise the same setup.
One of the big advantages this has is that the services can't be accessed any other way (not even from the same host, as they only listen inside the Docker network). That makes it hard to forget some port exposed because you listened to 0.0.0.0 instead of localhost.
Cloudflare access is very easy to set up SSO with, as well. I'd recommend this setup if you need it, though for home usage I usually just set up Caddy as a reverse proxy with basic auth, as I'll be the only person using this and I don't want Cloudflare MITMing my personal stuff.
-
What is the cleanest way to deploy a docker-compose stack to a remote server?
Something like harbormaster? https://gitlab.com/stavros/harbormaster
https-portal
- Vaultwarden + SSL
-
Which reverse proxy are you using?
HTTPS-PORTAL has everything I need.
- Looking for recommendations for a reverse proxy
-
Never have an SSL certificate expire again
If you use LetsEncrypt and Docker, I can recommend HTTPS Portal to automatically manage your SSL certs: https://github.com/SteveLTN/https-portal
I use it for my blog and have never had any issues with certs being renewed well in advance of their expiration date.
-
Harbormaster: The anti-Kubernetes for your personal server
This looks awesome!
What I couldn't immediately see from skimming the repo is:
How hard would it be to use a docker-based automatic https proxy such as this [1] with all projects?
I've had a handfull of docker-based services running for many years and love the convenience. What I'm doing now is simply wrap the images in a bash script that stops the containers, snapshots the ZFS volume, pulls newer versions and re-launches everything. That's then run via cron once a day. Zero issues across at least five years.
-
What is best practice for serving multiple docker container on port 443?
HTTPS-PORTAL [DockerHub, GitHub]
-
Only allow communication within docker-compose network?
You're welcome! I might sound "advertise-y" here, but perhaps you can look into Nginx Proxy Manager or Https-Portal as well since they do involve Nginx.
-
Docker angular frontend with express backend in same file
For the nginx reverse proxy I use this https proxy. It sits on top of all my containers, enables and renews https automatically with let’s encrypt and has very good defaults.
-
Containers and Local SSL Certificates: Can I share 1 Local Certificate Across Multiple Containers?
You can use https://github.com/SteveLTN/https-portal. You’ll be up and running in 5 minutes.
What are some alternatives?
swarmpit - Lightweight mobile-friendly Docker Swarm management UI
ufw-docker - To fix the Docker and UFW security flaw without disabling iptables
Nginx Proxy Manager - Docker container for managing Nginx proxy hosts with a simple, powerful interface
nixos-infect - [GPLv3+] install nixos over the existing OS in a DigitalOcean droplet (and others with minor modifications)
docker-swag - Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention.
docker-box - A lightweight docker application platform for single servers.
caddy-docker-proxy - Caddy as a reverse proxy for Docker
Dokku - A docker-powered PaaS that helps you build and manage the lifecycle of applications
caddy-docker - Source for the official Caddy v2 Docker Image
neural-hash-collider - Preimage attack against NeuralHash 💣
Portainer - Making Docker and Kubernetes management easy.