Coolify Crash Course | Self Host 101 | Secure Set up

Syntax・2 minutes read

Setting up and managing your server can be time-consuming and challenging, with Syntax discussing PaaS solutions like Netlify, Heroku, and Vercel. Holfi is a tool featured in the video that streamlines setting up, deploying apps, managing resources, and connecting to private git repos for automatic alerts.

Insights

Platform as a Service (PaaS) solutions like Netlify, Heroku, and Vercel offer an alternative to setting up and managing your own server, saving time and reducing the need for extensive learning and problem-solving.
Holfi, a tool explored in the video, streamlines the process of setting up, debugging, and deploying apps based on Docker files while providing a dashboard for managing projects, resources, and service stacks.
Coolify, while offering the convenience of one-click deployments and dynamic configurations, has limitations for custom applications, leading some users to prefer direct usage of Docker, Docker Compose, and Caddy for application management.

Get key ideas from YouTube videos. It’s free

Recent questions

What are some popular Platform as a Service solutions?
Netlify, Heroku, Vercel
How can I enhance security when setting up a server?
Create non-root user, update packages
What are the minimum server requirements for Holfi?
2 CPUs, 2GB RAM, 30GB storage
How can I deploy a static website project on Coolify?
Specify environment, add public repository
What is the process for upgrading Coolify?
Check for upgrades, disable auto-update

Related videos

Summary

00:00

Efficiently manage server with PaaS solutions.

Setting up and managing your own server is time-consuming and requires learning and problem-solving.
Episode 7:30 of Syntax discusses Platform as a Service (PaaS) solutions like Netlify, Heroku, and Vercel for hosting on your server.
Holfi is a tool explored in the video, focusing on setting it up, debugging, deploying apps based on Docker files, and configuring HTTPS and domain redirects.
Holfi provides a dashboard to manage projects and resources like databases, apps, and service stacks.
Resources can be sourced from public or private repos, Docker files, or Docker images on registries, with one-click deploys for databases and service stacks.
Connecting Holfi to a private git repo enables automatic alerts and redeployment on code changes.
Minimum server requirements for Holfi include 2 CPUs, 2GB RAM, and 30GB storage, with additional resources needed for running apps.
Example of spinning up a server on Hetzner with specific specs and setting up SSH keys for secure access.
Cloud config setup includes creating a non-root user, SSH settings, and updating packages for security.
Installing Holfi involves running the install script as root, accessing the dashboard over HTTP, and setting up a firewall and HTTPS for security.

11:58

Setting up secure domain access with Coolify

The domain purchased is apps.gdn, with two A records set up for the Apex domain pointing to an IP address with a TTL of 1 minute.
A wildcard record is established to resolve any subdomain of apps.gdn to the server's IP address.
In Coolify settings, specify the instance domain under a subdomain like coolify.apps.gdn, uncheck validate DNS settings, and disable auto-update to manually update Coolify.
Set up the Wild Card domain in the Local Host server as https://apps.gdn to enable access via the root domain.
Enable the Caddy proxy in Coolify settings, ensuring ports are not locked down to maintain access over Port 443 and Port 80.
Verify the proxy settings in Dynamic configurations to ensure the domain is correctly listed for HTTPS access.
Secure the Coolify instance by setting up a firewall in Hetner to allow only traffic over Port 80 and Port 443.
Enhance security by changing the Coolify user account password to a more secure one and enabling two-factor authentication.
Deploy a static website project on Coolify by specifying the environment, adding a public repository resource, and choosing the static build pack.
Configure a redirect from www.banana.apps.gdn to banana.apps.gdn using Caddy configuration in Coolify settings, ensuring proper syntax and deployment for the redirect to function correctly.

24:32

Optimizing Deployment Processes with Caddy and NYX

The difference between redeploy and restart can impact settings; sometimes settings are picked up with a restart, sometimes not.
To reconfigure redirects, understand the caddy config and Docker proxy labels for caddy as the proxy server.
Using caddy as the proxy server, changing proxy to caddy in servers and proxy settings is necessary.
For traffic, a different process is involved with Docker plugin built-in; refer to the docs for the right labels.
Set up dynamic configurations for redirects in caddy files for specific instances or projects.
Create a caddy configuration for redirects like specifying a redirect directive for specific URLs.
Deploying a more complex application like Next.js with a server-side runtime like Node.js requires specific steps.
Use NYX packs for one-click deployments, letting it automatically containerize and build applications based on source code.
Customize NYX packs with environment variables or a file in the repo for specific settings.
Set up a GitHub application for deploying private repos and automatic deployments via web hooks, ensuring unique names and proper configurations.

37:14

Pushing Prisma Schema with Docker in Kify

To push the schema to the database using Prisma, a Docker container is created within Kify.
The Docker file specifies steps to clone the repo, install dependencies, push the DB schema, and start Prisma Studio.
The Docker file begins with "from node" to obtain the Node.js base image, setting the working directory to "slapp."
Cloning a public Git repo is straightforward by running "git clone" with the HTTPS URL.
After cloning, "npm install" is executed, followed by "npx Prisma DB push" to push the DB schema.
The command "npx Prisma studio" starts Prisma Studio to view the database.
Adding the database URL as an environment variable is necessary for the DB push to work.
Setting the exposed port to 5555 allows access to Prisma Studio, which runs on that port.
For private repos, cloning from an SSH URL and setting up a deploy key is required.
The Docker file is updated to include the private key, ensuring secure access to the private repo.

50:19

"Securely Restarting, Upgrading, and Deploying with Coolify"

To restart a container, visit it, and input the set username and password for access.
The authentication method described is vulnerable to Brute Force attacks due to lack of protection.
This type of authentication is suitable for temporary instances where a password is required for access.
Upgrading Coolify involves checking for upgrades in the dashboard and clicking on the upgrade option.
Disabling auto-update in settings allows for manual updates after verifying stability on Discord and GitHub.
Upgrading to the latest version may require restarting Docker containers, especially the Coolify proxy.
Deploying an application with an existing Docker compose file involves setting up a project in Coolify.
Setting up environment variables in Coolify involves copying and updating variables from the app's ENV sample file.
Setting up a domain for the app in Coolify involves specifying the domain and ensuring proper port configuration.
Debugging deployment issues in Coolify may involve adjusting port mappings and ensuring correct proxy settings for successful access.

01:03:28

"Efficient Deployment and Management with Kify"

Set up HTTP basic off for the domain by adding labels in the compos file with Caddy 0 for basic off, specifying username and password generated using Caddy hash password.
Deploy an existing service stack using one-click deployment in Kify, such as Superbase, by adding a project, selecting production, adding a resource, and choosing a preconfigured service from the Services section.
Monitor CPU and memory usage during deployment, noting the resources required by Superbase and the need to check Glances for performance insights.
Configure Minio, an S3-compatible object storage, by adding a project in Kify, selecting Minio for one-click deployment, updating the S3 URL and console URL, and setting the server location.
Create buckets, access keys, and set up region name for Minio, ensuring backups can be uploaded to the S3-compatible storage.
Schedule backups for a Postgres database using PG dump, specifying the KRON tab syntax for frequency, considering factors like data changes and server load when determining backup frequency.
Store backups locally on the Kify instance and set up S3 backup by adding a storage endpoint for Minio, enabling S3 backups in the project settings, and verifying the connection.
Access and manage backups in the Minio console, observing the directory structure and PG dump files created for each database backup.
Explore Kify Cloud, a management instance for managing other VPSs, allowing users to connect to two servers for $5 a month, enabling the management of resources running on separate instances.
Set up Kify Cloud by adding a Coolify instance as a remote server in the dashboard, enabling users to manage resources and access the Coolify dashboard on a separate server for better resource management.

01:16:37

Coolify: Managing Apps with Public Key

Public key used as an authorized key on the server for managing apps on Coolify hosted instance.
Validation and installation of Docker engine on the remote server through Coolify dashboard.
Creation of a project to deploy a static website from a public repo to the connected server.
Setting up Wild Card domain for the Coolify instance to recognize the server.
Accessing the deployed website on the server through the specified domain.
Recommendations for seeking help and support for Coolify-related issues on Discord and GitHub.
Personal opinion on Coolify's stability and usability, highlighting active development and resource requirements.
Preference for direct use of Docker, Docker Compose, and Caddy over Coolify for managing applications.
Acknowledgment of Coolify's potential for one-click deploys with built-in apps but limitations for custom applications.

Try it yourself — It’s free.