Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
traefik-forward-auth
Minimal forward authentication service that provides Google/OpenID oauth based login and authentication for the traefik reverse proxy
-
docker-mailserver
Production-ready fullstack but simple mail server (SMTP, IMAP, LDAP, Antispam, Antivirus, etc.) running inside a container.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
For backups I use UrBackup, and with the UrBackup Client container, I can back up each application's persistent volumes. I run it in Docker for now, and store backups on a BTRFS Zvol in my ZFS array. Though technically it's not totally safe to backup databases this way, I have not run into many issues going this. Restoring or migrating is as simple as spinning up my helm chart on the new server (with only the client and its Persistent Volume Claims active), hitting restore, and then upgrading the deployment with the actual databases and services.
I use the servers to power a variety of applications used in a small business of mine. I host a file storage server as well as a software build server here. I also plan on running Harvester on a helm chart as a hypervisor.
In front of all of my private dashboards, I use Traefik Forward Auth to limit who can access them.
For backups I use UrBackup, and with the UrBackup Client container, I can back up each application's persistent volumes. I run it in Docker for now, and store backups on a BTRFS Zvol in my ZFS array. Though technically it's not totally safe to backup databases this way, I have not run into many issues going this. Restoring or migrating is as simple as spinning up my helm chart on the new server (with only the client and its Persistent Volume Claims active), hitting restore, and then upgrading the deployment with the actual databases and services.
For my CI pipeline, I plan to use Act in my runners to enable me to use GitHub actions locally.
For receiving email, I use Modoboa, but I am planning on moving the backend to Docker Mailserver. I usually reply with a Gmail address though. Until I get the email server configured to send emails through something like Sendgrid.
For Authentication and Authorization, I use FreeIPA for LDAP and Keycloak for OAuth2/OpenID Connect. The FreeIPA client automatically pulls my public SSH key into whichever server I sign in to, so I never need to enter my password from my primary PC.
For general development, I still run old server licenses of Atlassian Jira, Confluence, Bitbucket, and Bamboo. Though I am planning on migrating to Gitea, Woodpecker, Tiaga, and Bookstack eventually. Or the Jetbrains suite. Not sure yet. For my CI pipeline, I plan to use Act in my runners to enable me to use GitHub actions locally.
For general development, I still run old server licenses of Atlassian Jira, Confluence, Bitbucket, and Bamboo. Though I am planning on migrating to Gitea, Woodpecker, Tiaga, and Bookstack eventually. Or the Jetbrains suite. Not sure yet. For my CI pipeline, I plan to use Act in my runners to enable me to use GitHub actions locally.
For my Ingress, I use Traefik. When paired with Cert Manager, and using Vultr for my DNS server, I can issue valid LetsEncrypt certificates with a DNS01 challenge. So I don't need to worry about having an application being open to the internet on port 80 in order to avoid browser warnings.
For file storage I use Filerun Enterprise, though I might be moving to Nextcloud eventually.
For my primary CSI provider, I use Longhorn, and to administrate my clusters, I use the Kubernetes Dashboard. In front of all of my private dashboards, I use Traefik Forward Auth to limit who can access them.
For writing Markdown documents I use Hedgedoc.
For my Container Registry and Helm Chart Registry I use Harbor. When paired with Keel, I can automatically update apps after I push them. I have not checked out ArgoCD yet.
For my accounting I use Akaunting, though I am planning on maybe moving to ERPNext.
To provision all of my clusters, I use Rancher with RKE2. The primary Rancher server is hosted on a bootstrapped RKE2 cluster running on a VPS.
When paired with Cert Manager, and using Vultr for my DNS server, I can issue valid LetsEncrypt certificates with a DNS01 challenge. So I don't need to worry about having an application being open to the internet on port 80 in order to avoid browser warnings.
For my accounting I use Akaunting, though I am planning on maybe moving to ERPNext.