Self Host 101 - Set up Coolify | Self Hosted PaaS with Zero Config Deployments

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

setting up and managing your own server is a very timec consuming process there's a lot to learn and a lot to figure out and there have been some attempts at solutions to kind of streamline this process and so in episode 7:30 of syntax Scott and Wes talk about some of these paas or platform as a service solutions that you can host on your own server and get a netlify or Heroku or versell like experience now one of the tools they talk about and one of the things that people have been asking about in the YouTube comments and on Twitter is holfi so I have spent the last two weeks learning everything I can about coolify and in this video I'm going to show you how to set it up but we're not just going to stop there I'm going to show you how to debug coolify when things go wrong I'll show you how to deploy apps that are based on Docker and Docker composed files and I'll also show you how to set up https and dubdub duub redirects for all of your wild card domains that are running on your kify instance so let's get into it I'm CJ welcome to syntax once you have kify up and running on your server you'll get a nice little dashboard that looks like this it has a place where you can look at all your projects and for any given project you can manage all of its resources so a resource is something like a database running in a Docker container or an app running in a container or a service stack which would be like a Docker composed with multiple services and you can also add new resources and so when you add a resource you can Source it from a public repo a private repo you can also just specify a Docker file or a Docker compos file or the name of an image on some Docker registry they also have oneclick deploy for some pretty commonly used databases and they also have one-click deploys for some pretty commonly used service Stacks now if you hook this up to a private git repo you can actually set up a GitHub app and this will configure everything so that you have web hooks so anytime there's a change to the code for that app it'll automatically alert to kify and kify will rebuild and redeploy your app from there within your applications you can manage these resources you have lots of settings that you can configure including looking at the container logs and uh from there you're good to go so anytime you need to manage things you'll just log into the coolify dashboard you can see status of stuff you can start things up stop things add new resources and stuff like that now when you install kify on your server you're going to need to make sure that it meets the minimum requirements now if you look in their docs they say that coolify needs 2 CPUs and 2 gigs of RAM and 30 gbt of storage that's for coolify alone so just to run the coolify dashboard and everything that it needs those are the minimum specs so anything you want to run on top of that is going to need more than just two CPUs and 2 gigs of RAM you can see an example description down here of a server with four CPUs and 8 gigs of RAM and all the services that it's running and what they're saying is they're never at more than 30 or 40% usage with all of these apps and these specs but your mileage may vary it's going to depend on the kind of apps that you're running the amount of users that you have but at a minimum you need this just to run kify and anything on top of that any other services you're going to want to be running you'll need to make sure that you have more resources now let's see an example of spinning up a server on header and some of the options that they provide so when I add a server here I can choose a location I'm going to go to Hillsboro Oregon because that's closest to me we're going to do Ubuntu make sure that you have more specs than that so at least the next tier now I'm going to choose this tier here that has four CPUs and 8 gigs of RAM it's about $14 a month but that's on par with the service that they're describing here with all those Services running so in all of my tests this seemed to do just fine it didn't get bogged down when I was doing Docker builds or anything like that it's it's a pretty pretty decent machine now let's set everything else up uh you're going to want to set up an SSH key if you don't set up an SSH key they're going to email you a root password but you don't want that so definitely set up an SSH key in the first video in my host series I actually show you how to set up sssh key so I'll link that here you can go set those up if you haven't yet but you're going to want to just click here and then add your SSH key and this is going to allow you to log in as the root user without specifying a password it's just going to use your SSH key now from there we're going to skip firewall setup for now but I will show you how we set up the firewall in a little bit and we are actually going to do this Cloud config so in that first video in the celf phost series I show you how to lock down SSH how to create a non-root user all that that stuff I have a cloud config here that does all of that and uh I'll walk you through what this is doing and I'll also link you to some docs on how you can create your own uh but if you're also curious about what we're doing here definitely check out that first video in the series where we kind of walk through this stuff manually but with this Cloud config it's going to create a user called CJ set it up with that same SSH key so I can log in with that User it's going to add them to the pseudo group and set bash as the default shell and it's going to set a default password that has to be changed the first time this user logs in now the commands we have running here are setting up preferred SSH settings now if you watched the first video in the series I talked about how you actually want to disable root login to lock down your server in this case we can't because kify needs to be able to remote into the server as the root user what we will do is we'll disable password login as the root user so we're changing the permit root login setting to be without password and that means a root user can log in over SSH but they have to use an SSH key and that's going to use the SSH key that we set up in the header settings there we're also enabling public key authentic ation and we are disabling password authentication so no one will be able to log on over SSH with a password and this is to prevent those Brute Force attacks of bots trying to automatically log in as users by trying a bunch of different passwords that'll restart the SSH service and then we have some commands here that will update all of the package list and install all of the latest packages in an unattended way and then reboot the server so this one config is all I need to do all the things that I covered in that first video in the self-host series so what you can do is you can grab this paste it in over here and that's going to run it on the the server whenever it spins it up now if you want to learn more about cloud in it uh you can check out their docs here there's so many more settings that you can specify to preconfig a server but this is all we'll need here and I'm going to give it a name of kify so let's create it and then once it's spun up we'll ssh in so the server's up and running I also waited a couple minutes to make sure that the updates finish running and now I'm going to copy that IP address and ssh in so we'll do SSH root that IP address now this will use my public key that I set up earlier if you didn't set up a key then you're going to have to type in your password the first time you connect you will see this message just type yes and you should never see this message again if you do you're the victim of a man-in-the-middle attack so don't connect to that server uh from here all of my uh packages should be up to date and so you want to make sure you're on a completely updated system before you install kify and you can see that because those cloudinit scripts ran that I I put in there then we don't have any updates but I'm just going to do it um to make sure and also for anybody that didn't run that script you're going to want to make sure you do an apt update and an appt upgrade and uh it's very likely you might actually have a kernel upgrade as well so you might need to reboot your machine if you haven't yet there's a couple of packages that didn't get installed but everything else is up to date so I'm on a fully updated machine I'm ready to install kifi so to install coolify now we will grab the install script here from the docs and we'll run it as the root user now the developer of kifi is working on making it so that you don't have to be the root user but right now you must run this command as root and so this is going to download an install everything that coolify needs to get up and going and once it's done we should have a coolify dashboard so finished installing let's give it a go you can see that it's running over HTTP at the IP address of my server on Port 8000 so if we try to go to this it loads and this is bad I mean it's not that bad but uh I don't have a firewall uh in front of my VPS right now which means any port of anything listening on my machine is technically open to the world and I don't like that we're going to fix that next but I you should get an ick icky icky feeling if you ever see uh ports and you haven't actually explicitly opened these on the firewall that means everything is open on the firewall regardless let's get this set up so the name here is CJ I'm going to give it my email and specify a password now I'm doing a dummy password right now because this is running over HTTP which means it's not going to be encrypted in transit so I'm going to change the password later [Music] great now let's get the server set up and then we'll we'll lock things down so you click on getting started and next you're going to need to choose the server now Local Host in coolify terms corresponds to the server that kify is running on so in our case because we installed kify here and this is where I'm going to be running everything I'm going to choose Local Host now they have more info about this in the docs but basically Local Host is where kify is running and remote is any remote Linux server that kifi can manage and they do talk about in the docs that you can use Local Host as a server where all where all of your resources are running but it's not recommended as high server usage could prevent the use of kify uh let's talk about what they mean there so this is how I'm going to be setting up kify just because this is is for demo purposes I don't have any production apps living here I should be fine to set it up this way so kify is installed and running on this VPS any Services I spin up are going to be running on that same VPS coolify actually can work on remote instances though so technically you could have an instance where coolify is running and then point that at some remote VPS and it would spin up the instances on that remote VPS and the reason you might want to do this is if for whatever reason any of your services are ever under heavy load then it might make it so that the coolify dashboard is inaccessible because like maybe this API here has spiked the CPU to 100% and now you can't even get to the get to the coolify dashboard and and manage things or stop it if kify is running on a separate instance you would potentially have that capability and so this is a multi-tiered archit Ure instead of a single tiered architecture and kify supports that um the other thing is you can connect multiple servers up to kify and also like a build server but like I said we're going to keep it simple I'm going to have a a single server where everything is running and because of that I'm going to choose Local Host now from here I can create my first project now I actually don't want to create a project or resources yet I want to start to lock things down so the next part of this tutorial we're going to set up the firewall and also set up https [Music] first step in locking things down is to change the password on that secondary user that we created so I used that cloud andit script it created that CJ user so now I should be able to ssh in as that CJ user so if we instead SSH as CJ or whatever you called that user if you did that cloud andit script it's going to log in it's going to use your public key to connect because we set that up but it's going to tell you to change your password and if you use the cloud init script the password right now is change me and then set up your own uh secure password so now that that CJ user password is updated if I ever SSH into the server as CJ now if I need to use Pudo so let's say I just want to drop down to a root shell I'll do a pseudo Sue it's going to ask me uh for that password and now that password works and it's it's a more secure password than that that default one that we set the other thing I want to do is I want to set the root password because this doesn't have a password because we we logged in with SSH by default and uh if we ever need to go into like rescue mode or something if we ever lose our s stage keys we're going to want to know what the root password is so I can set it here so now that I'm in a root shell if I do a pass WD we can set the root password and just set this to something secure and something that you remember in case you need to drop into rescue mode great so the password's updated I'm just going to exit out of both of these shells and so now we have passwords set for both the CJ user and the root user now let's get this site hooked up to a domain and working over https so the first thing you'll need to do is set up some DNS records now I have purchased this domain it's called apps. gdn this is all mine I it's it's mine I own it and it's really cool and short u but this is a real domain and I've set up two a records so I have the Apex domain pointed to that IP address in a TTL of 1 minute check out the second video in my self-host series if you want to learn about what all this means and then also I have a wild card record set up to point to this IP address and what this means is I can have any subdomain of apps. gdn and those are going to resolve to the IP address of my server here so dubdub dub. apps. gdn will resolve to this IP banana. apps. gdn will resolve to this IP so at a minimum I want these two records so that any address at apps. gdn is going to resolve to my server from there in the coolify settings go here and then specify the instance domain so I'm going to do https col slash and I am going to put it under a subdomain like technically I could put it at the root apps. gdn but I don't want people just going there because I have a I'll have other things hosted on the server too so I'm going to put this at coolify apps. gdn uh I'm going to uncheck validate DNS settings in my experience this isn't working very well so I just want to make sure that this is checked uh and then also while we're here in the app settings I'm going to uncheck auto update coolify now anytime there is a coolify update available you'll get a notification down here uh but right now I am on the four beta so changes are happening pretty often so uh I recommend that you update manually after you've checked it to make sure that all of the uh latest features that got pushed are good to go uh and so this is another another thing to note when you're watching this tutorial you could be on a later version of kify I'm on kify version for beta 258 and so if you're on anything later than that or earlier than that you things might be a little bit different in the UI okay so I have the instance domain set up here I'm going to save that next we're going to go into servers and then go to our Local Host server here here and set up the Wild Card domain this we do want to be the root of our domain so I'm going to do https apps. gdn so whatever your domain is you want that root domain there and that means any other app that gets spun up on the server is going to be appn name. apps. gdn we'll save this and uh then we're going to head into the proxy settings so by default coolify is set up with the traffic proxy and uh that's fine if you prefer traffic you can leave this enabled but I like caddy so I'm going to enable the caddy proxy now I going to stop the proxy now in order for this to work you need to make sure that you haven't locked down the ports yet and you're still accessing your instance over the IP address and Port 8,000 because once you turn off that proxy you're going to lose access over uh Port 443 and Port 80 so I'm going to stop the proxy and then I'm going to click switch proxy and again make sure I'm still running at the IP and the port here and I'm going to enable caddy now now it says experimental it's worked for everything that I needed and caddy is a lot easier in my experience to configure than traffic so I'm going to click on caddy it says the proxy is running now to make sure that all of this is hooked up in the right way if you go to Dynamic configurations let's see yeah this is good you want to see this coolify do catty instance and you want to make sure that it lists the domain that you put an instance domain right so back over in settings the thing that we put right here coolify apps. gdn you want to make sure that that is listed in your proxy settings in order for this to work so it's going to be in Dynamic configurations and you want to see that sometimes there's a bug where like if you switch the proxy or or or something like that this doesn't pop up if that's the case you might try stopping restarting the proxy but if you have this entry entry then that means this should work as long as you have your DNS records set up you should be able to get to your app via https so let's try it so if I go to coolify apps. gdn Boom the login page loads so at this point I know I'm good to lock things down further now I do want to mention really quick the reason I'm using just like name cheap DNS and not cloudflare or anything like that is I want to make sure that you understand really what's happening when all of these things are connecting because if you use cloud flare like technically you might be using its proxy and then like it's handling all of the https for you but if you set it up this way we're setting it up so that the connection from coolify is always https so uh that's why we're using just a regular plain old name Che DNS you can use any DNS provider um but that's why I'm not using Cloud flare in this instance I want to make sure we understand how this all connects together so now that I can get to my app bya https I'm going to lock down all ports that are not 443 and 80 and we're going to do this with a hetner firewall so here inside of my header dashboard I'm going to go to firewalls and create a firewall and by default we definitely want Port 22 open or whatever Port SSH is running on that needs to be open we also are going to add TCP for Port 80 because that's HTTP and then we're going to add another rule for Port 443 now I'm not going to add a rule for Port 8,000 and so the moment I enable this firewall you'll no longer be able to get to your coolify instance via that Port 8,000 you can only do it via your instance domain so I'm going to click create firewall and this will take a second to spin up cool and at this point to really test it out let's try to get to Port 8,000 right if I if I plug this in and the page doesn't load that's a good sign because now our firewall is only letting traffic in over Port 80 and Port 443 which means the only way we can get to our kify instance is by going directly to the Coolified domain awesome with all of that set up let's lock down our kify user account so let's log in as the user that we set up earlier and then we're we're going to go into profile and we're going to change our password now I highly recommend that you change your password because now we're running over https so all of that Network traffic is going to be encrypted and if for whatever reason it was intercepted when whenever you were over HTTP now you can set it to a more secure password so let's do that the other thing I highly recommend you do is set up two- Factor authentication because uh right now there isn't really any protection against Brute Force login on that password but if you have two Factor off that is one more level of security Now from here use an authenticator app there's a lot of that out there um but this will allow you to have that two Factor off whenever you're logging into kify once you add it you'll get your recovery code so just make sure to save those somewhere safe in case you don't have your authenticator app and then after that I recommend logging out and then log back in to make sure that your two-factor off stuff works so it should prompt you for your onetime code and we're in all right let's set up our first project and for this it's just a static website so I have this get repo here it's a public repo and I want to deploy it as a static website on my coolify instance let's set it up so I'm going to give it a name it's called banana and then you can specify your environment so this is one of the nice things about coolify is every project could have like a staging a development a production environment in our case we're just going to have a production environment each environment can have its resources I'm going to add a resource here and in this case I'm just going to choose a public repository so I'm going to grab my GitHub URL we'll choose the server to deploy to like like I talked about earlier we're just doing everything here on this coolify instance and it's going to deploy this in a Docker container now we specify the git URL it's going to do some checks to make sure that it can reach it and for build pack we're going to choose static and so this will really only work if you specifically have a website that is a set of static files this site has an HTML a JavaScript and a CSS file there's no build process it doesn't need node there there's no special process required here I just have these static files so I'm going to make sure that I choose this static build pack and then we'll click continue okay from here before I click deploy I want to make sure that I set up all of my domains so I'm going to add banana here and then click save and whenever you click save you're going to want to make sure that you see these container labels get updated here so the way that coolify actually links a domain to the actual caddy configuration or traffic configuration is with labels and if you scroll down here you can see the actual labels that are used to specify the caddy config so you can see here that uh it has the domain as banana. apps. gdn and then it has a reverse proxy to Port 80 which is the port that's going to be running for this container that's running this static website so from there I'm just going to click deploy and we're in and so on any project if you click on links you'll see those links that you've set up if you click on it you should see your website so our website is deployed and it has that nice subdomain now I want to set up a dubdub duub redirect so when someone goes to www. banana. apps. gdn I want that to redirect to banana. apps. gdn and all of this is actually working on top of Docker and on top of caddy so if you look at this project here it's called the caddy Docker proxy this is actually what kulfi is using under the hood and you can read all about it here so this actually tells you how to specify these labels which in turn get picked up by caddy to set up your reverse proxy so down here these are the labels that are getting passed to Docker so that this caddy Docker proxy kicks in and then actually sets up the uh caddy configs for us so the first thing we'll do is we'll just add the domain so let's just do a comma here and we're going to add dubdub dub. banana. apps. gdn now you're going to want to make sure you have that wild card set in your DNS but let's just save this cuz if you save this this should update your labels down here and now you should see a section for dubdub dub but this is the point where we can actually change that configuration so this if we left it alone and actually let's just leave it alone let's actually do a redeploy so uh now it will actually be accessible from those two different domains and they both should work cool so now I have two different URLs and I can go to dubdub duub but you see that it doesn't redirect and then I can go to the root and that loads as well but now we want to customize that caddy config to actually do the redirect so to do this it's multifold first we need to figure out what is the Syntax for a cad file for from uh caddy itself so we're going to look in the cadd docs we're going to go to the cad file directives and specifically the one that we want is the reader directive and uh I believe if you scroll to the bottom of this page yeah you can see some examples so basically what we want is for the dubdub duub entry we want to redirect that to the root one and so this is what it looks like as a caddy config if you look at the docs for caddy Docker proxy you can see how they convert some of these caddy configs to the labels that are going to be passed in to the docker uh container so let's do just that so basically we want to replicate this and if we go back over to General and configuration on our app here go down to our labels we want to change the uh banana. apps. gdn and so this is labeled as caddy 1 and so every one of these things listed as caddy 1 is technically for our banana. apps. gdn so what I'm going to do is I'm actually going to delete everything and especially delete this reverse proxy because this reverse proxy is what actually is able to load our app running in that Docker container but what we want is we want to specify a reader so caddy 1. reader so that'll be a nested property inside of cadd 1 and then where do I want to redirect that to I want to redirect that to the route like this so that should be all we need I'm going to save this and then make sure that all all of my updates are still there and then we'll do a redeploy and so in a sense this is actually how you to configure caddy is via these labels and you're going to need to cross reference the caddy server docs to get your right configuration for the config and then cross reference the caddy Docker proxy project to make sure that you're converting that in the right way okay at this point if I attempt to visit dubdub duub you'll see that the redirect happens and I made a typo you can see that I forgot to get rid of that dot but that does mean it's working so if we dial back in here yeah I left that dot so I'm going to get rid of that we'll save it we'll do a restart let's see if restart picks it up I'm actually still unclear on the difference between redeploy and restart sometimes my settings get picked up with the a restart sometimes they don't cool let's try it so if we go here you can see that it redirects so uh at the end of the day this is how you're going to be reconfiguring these redirects and everything else you're going to want to make sure that you understand the caddy config and also make sure that you understand the caddy uh Docker proxy labels that you need to specify now in all of my examples I am using caddy because I specified that as my proxy server so if you go to servers and then proxy uh at the beginning of this tutorial we changed our proxy to use caddy if you're using traffic the process is a little bit different with traffic it has a Docker plugin built in and it works in a similar way it works via labels but you're going to want to go to the docs here to find the right labels and then whenever you're in a specific project you would want to make make sure that you specify those labels correct here now before we jump into project settings and stuff like that I do want to show you one more thing on the proxy for the server so if you go to servers go to your specific server click on proxy we are going to set up a dynamic configuration so that we can have a redirect for our coolify instance right now our kify instance is at kify apps. gdn but if we ever type in dubdub dub. coolify apps. gdn that's not going to load we need a caddy config that does that redirect and so if you ever need some sort of caddy configuration that isn't specific to a project in this case it's specific to the entire instance you can do that in Dynamic configurations and so you can see here that it's loading them in any of these catty files so here we can specify our own caddy file so I'm going to call this uh instance redirect do caddy and then in the configuration we can specify it so when somebody goes to www. cify apps. gdn we are going to add that redirect directives so we're going to reder them to https colol i. apps. gdn and then uh you can look in the the caddy documentation or watch the video I did on caddy for more syntax here but that's just going to pass in the URI so once I save this we now have a dynamic caddy file that gets loaded in and uh it should have reloaded the proxy by default but now if I try to go to dubdub duub it will redirect to the coolify instance so this is always super useful if also if for whatever reason you can't figure out how to customize the tags for for a container you can just create a custom uh caddy configuration here and this will get loaded in and all of these settings will get loaded in as well now let's deploy an application that is more complex than just a static site we're going to use nextjs and this will require a serers side runtime like nodejs so for this example I just used the next CLI to generate the app and there's nothing beyond that so there's no database it's not complex at all it's just the basic next app but it will it will running with no JS so let's get this application deployed so within coolify I'm going to add a new project we're going to call this next example we're going to choose the production environment we're going to add a resource in this case I'm going to choose public repo so I'm going to grab my GitHub URL here and then we're going to throw that in cool and then for build pack we are going to choose NYX packs now it is possible that if you have a Docker file within your GitHub repo you can choose Docker file if you have a docker compos within your git repo you can choose Docker compose and it'll just use that file that lives in your git repo in our case we have nothing related to Docker in our repo so we want some magic and that magic is going to come from NX pack now NX pack is an open source project that was started by Railway and essentially it's the Magic in one-click deployments and so this is how coolify gives us this nice oneclick deployment experience we don't have to know anything about Docker we don't have to create a Docker file all of that that is handled by nyxx and so essentially nyxx is going to look at the source code for the application you're trying to deploy and then automatically figure out how to containerize it and how to build it and how to start it and everything else and so if you look at the Nyx packs documentation you can see that they support a lot of different languages and runtimes and essentially what's going to happen is during the build process it's going to look at your source code to determine the kind of application and in our case it's going to see that package.json and say oh I know this is no. JS application and then from there it's going to say oh I'm going to use the convention that there's probably a build script in there and a start script in there and it's going to use those whenever it's setting up our container um so we're going to use just the default settings of Nyx packs here uh but if you ever want to customize that build and and you're going to be using NYX packs you can customize it with environment variables so if you check out the Nyx packs documentation they list all the environment variables that you can set you can set these within your coolify resource settings just add them there and Nyx packs will pick these up and use those custom settings now you also can customize NYX packs with a file you would need to commit this file to your repo for it to be picked up uh but what I'll show you in a second is there are a few things that we can customize within the qualify dashboard that you don't need uh the NEX packs file for so from here we'll just click continue and now we have our app set up so the first thing I'll do is just set my domain I want this to be next example. apps. gdn and I'll click save on that so down here is where we can customize the commands that NYX packs will run for install build and start um but because this is a node app it's going to look at the package.json it's just going to run that build script run that start script now for the install it is going to look for a lock file in your repo and then run the according install and in our case we have a package lock so it's going to do an mpm install but if you have a yarn lock file or a PM PM lock file it will run and install with those instead so if you look in the Nyx packs documentation for node you can see that it will do just that it's going to look at the lock file and determine how to do an install so because we don't need to customize anything we should be good to go I'm just going to click deploy and we'll see what happens I'll also show the debug logs here and kind of like talk through what's happening so yeah by default you can see right here it has detected that this is a nodejs application essentially because that package.json exists and it's telling us the commands that it's going to run and again we could override those in the settings if we wanted to now from here it's going to run the build it now generated our Docker image for us and now it's attempting to start it up and so when you use NYX packs it uses this thing called a health check and by default that's just going to be the index route of the thing that you're spinning up and so in this case it will determine that the container is healthy if it gets a 200 status code by requesting the index page here and so you can see there are a couple of checks and then finally it got a 200 status code so it says that the service is up and running if you click on deployments you can see there was a successful deployment there if you click on logs you can see the actual container logs of the running nextjs application and now we should be able to visit it so if I click on this the appload is just fine great so this was a super basic example there's nothing complex we don't have a database there's no custom build uh but for some nextjs applications this might be all you need you essentially just say use NYX packs everything else is handled for you and your app can be deployed just like that now up until this point the projects we've deployed have just been a public git repo now I want to set up a GitHub application so I can deploy private repos and also get automatic deployments via web Hooks and to do this we're going to go over to sources and we're going to create a GitHub application so I'm going to click add and then we'll give it a name and so this needs to be unique across GitHub so I'm just going to call mine kify apps GD and you might have to play around with the name to make sure you get a unique one and then for web hook endpoint you're going to want to make sure that you choose your https URL so there I at least from what I've seen there have been some issues delivering web hooks to http URLs so make sure you choose your https URL and then click register now so this is going to take you over to GitHub and you're going to create the app on on GitHub and so this name has to be unique and if it is unique the app will be created now from here we need to choose which repositories are available for us to use within the GitHub app so we'll click on this this will take us back over to GitHub and we can choose now you can give it access to everything you can just say you can have literally all of my repositories um or you can select specific ones now I believe in the principle of least privilege so I'm only going to select the projects that I want to deploy and for now I'm just going to add the same next app that we added earlier but we're going to redeploy it but also demonstrate getting automatic deploys with web Hooks and stuff like that okay so we've given it access I'm going to click install and so now we're good to go now to check and see if everything is configured correctly click refetch and as long as this comes back you can see that this GitHub app that we've created actually has permissions to read from our repos and if you ever need to add new repos to that list you can click this button that'll take you back over to GitHub you can add the repos that you'd like here and then uh save them and then head back over to your coolify instance now let's deploy that same next app but we're going to use this GitHub app integration so I'm going to click add we're going to say another next app we'll choose the production environment and then we're going to add a resource and in this case we can choose private repository with a GitHub app so we'll click that choose where we want to deploy it and then choose the GitHub app that we set up now here you'll get a drop down of all of the repos that you've added in this case I've only added one repo so I'm going to select that one and then click load repository now just like before we can choose NYX packs and the default setup should work for us we're going to update the domain here to be another next app click save and give it a go so I'm going to click deploy okay so the deploy finished we should be able to visit our application and it works just fine that's awesome uh but now we want to demo this this GitHub integration so if you go to configuration and then you go under web hooks you'll see that you can't do anything for manual G web hooks because these are automatically set up for us and essentially what's going to happen is if I push a commit to this git repo GitHub will then make a post request to my coolify instance which will then detect that and then pull in the latest changes and do a rebuild and a redeploy so let's try that now so I have here in the source codes I'm just going to make a quick little edit and just say uh Auto deploy with coolify save it and then we're going to commit it okay so committed my changes let's push them up good to go so the commit has been pushed to GitHub and if we head back over to qualify and we click on deployments we should see that a deployment has been triggered and you can see that it was triggered via a web hook so we click on this we can see the build progress and once it finishes we should be able to see that update okay so it finished and now if we visit the application we should see that update yeah Auto deploy with qualify nice so since we set up that GitHub application essentially anytime a new commit comes in GitHub will then make a post request to the web hook that kify has set up which will then trigger a rebuild and a redeploy and so we have that nice automatic deployment experience every time a new commit gets merged into the main branch of our repo now let's see how to deploy a slightly more complex nextjs application so I have here a T3 app and this is using a postgress database and also has next off with GitHub ooth so we're going to set that up now I'm going to call this the T3 example choose the environment we're going to add a resource now the first thing I'll do is just add a postgress database because our app needs access to one so I'm going to create one within this environment cool uh I'm going to give it a useful name we're going to call this our t3db and we're going to save it and then start it so now just like that I have a postgress database up and running on my coolify instance now it's possible to connect to this database remotely like over the public internet and you would have to check make publicly available here uh but you would also need to configure your firewall so you need to go into your firewall and then make sure the specific Port you want this to be accessible on is open I want to keep everything within my VPS I don't want to access it remotely so I'm just going to keep this going here um but we do get this postgress URL and I'm even comfortable sharing it with you because it's not accessible over the public Internet it's only accessible within our Docker Network here because it's using the the container host name there so this URL can be used by any other container here in kify to connect to that database and so that's what we'll do now I want to push my schema to this database and so my app is using Prisma and I need to push the schema now like I said you technically could go in here make the database public and then push that schema from your like local machine but I'm going to do all of this within kify itself and to do that I am going to create a Docker container so I'm going to go to new and here I'm going to specify a Docker file now if you're new to Docker it's not that it's not that hard I have I have confidence that you can figure it out also I've done a video on Docker if you're interested on on learning more about it but basically what we're going to do is we're going to write out a Docker file that clones the repo installs the dependencies and then does a Prisma DB and also starts up Prisma studio so we can look at our database so follow along we're going to say from node so we're going to grab the nodejs base image because this is going to give us node and mpm then I'm going to specify my working directory and I'm going to specify that to be slapp and then I need to clone my repo now if it's a public G git repo this is going to be super easy just grab the hdps URL and I'll show you what that looks like now so you'll just say run get clone paste in the URL and do period so that'll clone this URL into the/ apppp directory from there we just want to do an mpm install so run npm install and then from there we want to push the the uh DB schema to the database so I can do run uh npx Prisma DB push and then lastly we're going to use command to say what command should be run uh after the the container has has spun up and in this case we'll do npx Prisma studio so this is a little container that clones the repo installs dependencies pushes the DB schema and then starts up Prisma studio so I'm going to go ahead and save this and I'm going to give this a domain so I'm going to call this studio. T3 example. apps. gdn and then save that now in order for the DB push to work we do need to add an environment variable so I'm going to go grab that connection URL from our database here we'll copy it and then if we go back into our app here and also I'm going to update the name just so we remember what it is so this is the T Studio T3 save that and then in our environment variables we can add one called database URL paste in that value there and then save it now this is a build variable because when we're building the container pris is going to need access to that environment variable so I'm going to make sure that that is a build variable now from here if I want to be able to access this Prisma Studio I need to make sure that the port is set up and so by default Prisma Studio runs on Port 5555 so I'm going to set the exposed port to that click save and then click deploy so it looks like it's done let's try to visit it so if we click this link Prisma Studio loads up now you of course you don't want to leave this running all the time especially because it's it's not password protected and anybody that goes here can uh literally change our database uh but this is good to know that it's up and Runing and all of our tables have been created so I'm going to go ahead and just stop this container for now because I know the database is good to go and then I'll show you how we can do the same thing if we're working with a private repo so if you need to do this kind of thing from a private repo it's you won't just be able to clone directly from the https URL you're going to need to clone from an SSH URL and you're going to need to set up a deploy key so let's do that so first thing we'll do is over here on the server we'll do keys and tokens and we're going to create a new private key now I'm going to click generate this key here and I'm going to give it a name that matches the application that I'm deploying so I'm going to call this T3 example now you should never leak your private key I'm going to delete this the moment I'm done recording this uh but don't don't leak your private key because anybody that has that will get access to wherever you you set up this this public key so we're going to click continue we now have this key set up now what I need to do is I need to add the public key here to our repo so that this private key can get access to that repo so on your GitHub repo go over to settings then go down to deploy keys and then add a deploy key going to paste in that public key and we'll just call this our our kifi at gdn and then add the key and I'm not going to allow right access so basically with this key if for whatever reason the private key got leaked they would only be able to read from this repo they wouldn't be able to write to this repo so we've added the key to GitHub but now I need to use this private key inside of that Docker container whenever we're cloning the repo so I'm going to copy this key and then we're going to go back over to our project and update that Docker file now I need to put this private key into a private key file so I'm going to write a command that does just that now this is a lot of codes to write out so I'm going to link a gist in the description of this video so you can copy paste and kind of just update with your own stuff if you want to do this so the first thing we'll do is we'll create an SSH directory and this is where we're going to put our private key then we need to say run Echo we'll do some double quotes we want to put this into the SSH folder into a file called _ ed25519 so this is the algorithm used to generate the key that we generated earlier and so that's what the name of the file that we're going to give it uh then we need to change the permissions of that file so I'm going to say run chamod and we'll say 600 for that specific file and then lastly we need to add github.com to our known host file so we'll say run ssh-key scan dtsa github.com into our known host file now be sure to check the description you can copy these commands to run in now the last thing we'll need to do is to actually put our private key in between the quotes here so I'm going to save this we'll go back over to our keys and tokens grab our T3 example let's grab our private key we'll copy it and now we're going to paste it in between the double quotes here like so but we do need to add new lines so I'm going to escape the new lines and then do a forward slash to say that this should continue on the next line so uh at the end of each line I'm going to add this so that way the new lines will exist within that file as well from here we should be good to go we create the SSH directory we create our private key change the permissions add github.com to the known hosts uh and then we clone the repo but now instead of cloning from https we need to clone from SSH so if we go over to our repo we can grab the SSH URL and throw that in right here and we'll say this and then see if it works now it's important to note that because we've set this up manually this isn't going to automatically deploy whenever we push to the repo um but this is a nice way of at least being able to run all of these commands I need to run within the coolify uh instance instead of having to like run these commands remotely so if everything works here then uh it should push the the DB schema which it's already done there shouldn't be any changes that need to be made and then it'll spin up Prisma Studio as well cool we can test it out if uh Prisma studio is still running that means all the other commands ran as well from here I'm going to stop the Prisma Studio container because again I don't want that running 24/7 anybody that finds it would be able to mess with my database so I'm just going to stop that instance so that way uh Prisma Studio isn't running anymore now let's actually deploy our T3 app so I'm going to go add a resource and in this case we will use uh our GitHub app so we can get automatic deploy so I'm going to click on this click on our server and then our GitHub app and I want to choose the T3 example so I'll click on that and then click load repository and in this case we can use NYX packs so I'll use NYX packs it is running on Port 3000 and I'll click continue now let's update the domain I'm just going to call this T3 example. apps. gdn we'll save that and we need to Now set up all of our environment variables so you can add these one by one but what I really like is the developer view because you can actually just copy paste these in from like aemv file uh and it'll it'll load all multiple environment variables all at once so I'm going to set up all of my environment variables up really quick so I've added all my values here the database URL is just like we set up for the other container and it's just the one that we copy pasted from the postgress database that we spun up for next off URL this is just going to be the instance domain so whatever you set in general that's what you're going to want to set up there as well for next off you're going to want to generate a secret and in my case I'm using GitHub ooth so this is my client ID and then I'm going to plug in my secret as well after you save it you should have all of your environment variables set up here and this should be everything we need to start up the app so if we go back over here and then click deploy cool so it says it has been deployed we can try visiting it awesome and so uh now we can sign in so I will show you really quick my GitHub settings if you are using GitHub oo uh essentially I've set up the authorization callback URL so whatever type of oo you're using you're going to want to make sure that you specify your actual instance domain and then depending on what your off provider is make sure that you have the correct uh call back path there but because I have that set up correctly we should be able to log in with GitHub so I'm going to click sign in sign in with GitHub I get redirected back so I'm now logged in as CJ in my app here so I just modified the T3 example now we have a post page so if we go to posts now we can add things like hello world and uh that actually gets put into the database let's see like another one that awesome so it's working so we have a a a T3 app it's connected to our postgress database it's storing users that are via GitHub oath we're we're good to go now since we're using caddy as our proxy I actually want to show you how you can lock down certain things with HTTP basic authentication so take for example our uh Prisma Studio that we set up for our T3 example when we run this anybody can visit this site and uh access our database so I'll I'll deploy this really quick and when we visit it we can see our T3 example we can see all of our our posts in the database we can see all of our users in the database and this isn't good right because if somebody had this URL they could just access our entire database but one thing I can do is I can protect this page with HTTP basic authentication and so let's set that up with caddy so earlier we talked about how we can use these uh container labels to actually set up a custom caddy config configurations and within caddy we have the ability to set up HTTP basic o so if you look in the caddy docs and then you go to directives there is one called basic o and they show some examples so what you can do is add a block here called basic off specify the username and then the hashed password and now it's going to protect that resource with uh HTTP basic off so let's generate a password you can see here that caddy has a built-in command called hash password so let's use that so we can use caddy from the command line run hash password and it'll spit out a hashed password now um I don't have caddy installed on my machine but our VPS has Docker installed on it so we can actually spin up a Docker container use the caddy command from within that Docker contain container and then spin it back down so if we go over to our server so I can do pseudo Docker run specify the image name in this case we're just going to use the the default caddy image and then I can specify the command that I want to run in this case I want to just run this command here so I'll say caddy hash Das password and then specify the password I want to hash with Das piece we'll just say dasp and then the password that we want to hash and then that'll actually spin up a container run the command and then spin the container back down but this is the hashed password that I need to use so we'll go back over to our container labels and basically what we need to do is for this caddy zero we want to add a new block called basic off so very similar to how um like handle path here is adding a new block we will add one here and so we'll say cadore 0 we'll say basic off and the next line then needs to be username space password so what we can we can take the reverse proxy as an example because uh handle path has on the next line reverse proxy and then the value itself so what we need to do is zore and so that basically puts us on the next line then I want to specify the username in this case it'll be CJ and then the value will be that hash password so I'll throw that in there and so this should be all we need and now anytime someone goes to this page it's going to use HTTP basic off uh before you can actually access the resource on that page so I'm going to save this and then restart the container and we'll try it out okay it restarted let's visit it and this is a good sign so if you see this it is prompting you for that username and password that you set up and if you type it in right you should get in now I will say this isn't the best type of authentication uh because it is uh vulnerable to Brute Force like someone could basically try a bunch of username and password combinations and we haven't set up any protections for that um but this is nice for like little one-off instances right so if every now and then I want to spin up this Prisma Studio I can at least have to type in a password to get to it and then when I'm done with it I can just spin it back down um and and again this is also just useful for any resource you have where you just want to quickly throw up a password in front of it so whenever kifi has an upgrade you'll actually see this little icon here in your dashboard and you can upgrade to the latest version now currently I'm on uh V4 beta 266 which is actually even later than what I was at earlier in the video so I've updated a couple of times while recording this uh but if you head over to the settings tab earlier in the video we disabled auto update and so typically I leave this disabled and then I keep an eye on the coolify Discord and also the GitHub issues to make sure that the latest uh Beta release uh is at least stable enough to to use myself and hasn't broken anything um so I did I checked the Discord I checked the issues everything seems good so I'm going to click upgrade cool and it looks like we are updated to version 268 I'm just going to refresh my app here so after this upgrade it's very likely that the docker containers needed to restart especially the coolify proxy which is what is actually managing access via this instance domain here so I'm going to give it a second to make sure that all of the containers have restart everything's good to go and now you can see I'm on version V4 beta 268 and I don't see that upgrade option anymore now let's see an example of deploying an application that has an existing Docker composed file so I have this app here it's called Pokemon cacher it is a nodejs and express API that caches responses from the Pokey API into a reddis database um and if you take a look there's a branch called with Docker compose and this branch has a Docker file which dockerized the node.js application and then a Docker compose which loads that dockerized no app and also spins up a reddis database so I want to point kify at this repo and tell it to use this Docker compos file so within kify I'm going to go to projects add a new project we'll call this Pokemon cacher choose production and we'll add a resource now from here I'm going to choose private repo um and I have given my GitHub app access to that repo that I'm trying to deploy so should work and then from the drop down we want to choose that repo we'll load it in now here I want to choose the branch so I'm going to say the with Docker compos branch and for the build pack I'm going to choose Docker compos now in the last version there was a bug where when you click continue it changes the build pack yeah so that's still there this will be fixed soon but right now the build pack reverted back to NX packs I want to choose Docker compose um and then we'll use that setting so by def fault it tries to load the docker compos file from docker-compose.yml in my repo the file is docker-compose.yml I didn't debug this for two hours um so just make sure that the name that you have here matches the name that you have in your repo I'm going to remove that a click save and then you should see the docker compost file get loaded in here good so uh by default it'll load the the docker compose but it's also going to show you some of the labels that kify adds in order to manage these these containers so that looks good to me from here I want to set up all of my environment variables because you'll see that the node app has several of them that it depends on so I'm going to go over to environment variables click on develop r view and then within my app here I have an EnV sample file so I'm actually just going to copy this paste it in and then update accordingly so the node EnV here is going to be production and then the redest host actually can be what's listed in my Docker compose file so in my Docker compose file the reddest database service name is just DB so uh because they with live within the same Docker Network I can put DB here and it'll be able to connect to it it's listening on 6379 and then by default that rdus instance is in unprotected mode so it actually doesn't have a username and password so I can remove that and it will be able to connect now I'll save this and then uh we should be good to go now I will say the the fact that it's running in unprotected mode is okay because this reddest database is not exposed to the public internet so this redest database is only accessible within this Docker Network so for this for these purposes uh it's okay to not have a username and password now I want to set up an a domain for my node app here and kify has kind of detected that I think because this thing is exposing a port you have access here to set the domain for it now I'm going to set it so I'm going to do https slash we're going to call this Pokemon cacher apps. gdn and I'll save that now let's give it a try looks like there was an issue with the deploy it says uh Service app at ports at zero expected a map but got a string what does that mean I don't I don't know um we can see here the generated uh Docker compost file it has ports listed and then we have our two ports there okay so I did a bit of bit of digging I think it's because I was exposing the ports for both of these services and the way coolify works is it actually doesn't necessarily need to expose the port because it can access the port uh via the IP address of the container so what I did is I updated the docker compose to remove those port mappings for both app and DB and I put it on a different branch so let's try changing the branch I'm going to go over to source and then change the branch to be coolify Docker compos so this is the new branch that I made so I'm going to save that and then over on General I'm going to reload the compose file and so I'm not seeing the latest Docker compose loaded in um let's actually do this let's let's trick it let's just change the name to something that doesn't exist and then try to reload it so I'll save that okay it's not reload reloading the docker compose I'm just going to delete the project and start over um I have found with coolify if I'm debugging stuff I get to a certain point I'm just going to start over so let's add a new resource I I'll pull it in from the same repo choose my repo here yeah make sure that it's the coolify docker compose Branch choose Docker compose update the build pack and then tell it where to find the file there we go so that pulled in the updated Docker compose good and then I'll go ahead and set up all my environment variables in the same way awesome so updated my environment variables set the domain I'm going to save it let's try deploying again cool let's check out the container logs so we have redis is running and then the app is running on Port 5000 so let's try to visit our app it's not loading I think one thing we're going to have to do is specify the port that the app is listening on so right now if we visit our site if you see a 502 error this is a bad gateway error so this is coming from the coolify proxy and it basically just means that it it cannot uh proxy to that that specific application so let's take a look at our configuration and see the labels that were generated so right now for the app you can see that it has upstreams but it doesn't have the port number and so one of the things you can do when you're specifying a domain is you can actually put the port number on the end you can see that in these examples here so if I do pull in 5000 and then save that from there I will click reload compost file you want to make sure that it picks up that setting and then if you look in here so we're going to look under app and look under our labels and make sure that our caddy label for reverse proxy is updated it is so you can see it says upstreams and then Port 5000 so now uh we shouldn't get that bad gateway because now it's going to know to proxy it to Port 5,000 of this running container now do we need to redeploy we do so I'm going to redeploy that should pick up those labels that got added to the container and it should set up the correct reverse proxy to our application Co let's look at the logs again no errors here we'll do a refresh we get an application sweet so sometimes you might have to debug a little bit like that but it really just comes down to uh checking your status code making sure that the labels have got set in the correct way uh and then the application is loaded but let's give it a try so if we go here to SL API slv1 pookemon and and put in a Pokemon name like Pikachu she get back a response nice um and the fact that it's even showing this to me um tells me that the redest database connection is working as well because it wouldn't even return the values if it wasn't able to put it into the redest database um I think we can also see how fast the response comes back so yeah this initially took 273 milliseconds but now it's in the redis cache so if I refresh 46 millisec so it's it's definitely loading that data from the reddest database now next up I want to be able to see the status of my full VPS like CPU usage memory usage that kind of thing from some kind of web dashboard and there's a lot of ways to set this up I'm going to use a tool called glances it actually looks like it's running in the terminal but you can visit it from a web browser uh it's based on python we can run it in a Docker container so I'm going to set this one up because it's fairly uh simple to set up now another way to get these kinds of stats is by using a stack that includes grafana which is like an open source web Dash word where you can add all kinds of visualizations but there are tools that can report data to grafana and then grafana will allow you to visualize it so to get VPS stats you use a tool called Prometheus and then another tool called note exporter which exports the data to Prometheus and then you add a Prometheus importer into graphon um and so that's one way of going about it uh this is nice because you actually can set up things like email alerts or like slack notifications if you have high CPU usage or if a server goes down or something like that so for big production deployments this is a a very nice stack to have another one that I tried out which seemed fine but they do have like a paid plan is called net data and so they actually give you a command where you just run this directly on your VPS and then they give you a web dashboard that will show you the stats of of your server um so that's one way go to go about it uh like I said I'm just going to use glances for now because it's fairly simple to set up with Docker and uh it just gives us a nice little dashboard where we can quickly see things like CPU stats and memory usage and all of the the stats of the containers that are running pretty much any service that offers up a Docker image or Docker compose file can be run with coolify and so in the glances documentation I went over to their Docker docs and they actually give us this Docker compos that's kind of like ready to go so this is what we're going to use So within coolify I'm going to add a project I'm just going to call this UPS stats going to go into production add a resource and in this case I'm going to choose Docker compose now here I'm going to paste in the Docker compost file now a lot of examples you see out there with an existing Docker compost file like this like whether or not it's glances like there might be something else that shows you how to run it with Docker compose they might actually have a proxy listed in the services here and because we're using coolify we don't need that so what I'm going to do is I'm going to grab this whole Docker compos file here but I'm going to get rid of the proxy because we're going to use the coolify proxy instead of trying to spin up our our own container so I'm going to get rid of that and so in this case really all we need is the glances image and I am going to uncomment this line here because I wanted to show this the uh info about my actual VPS uh we also can get rid of these labels because we're going to be using caddy and those are all going to get added automatically now for glances to be able to work it does need to access to this Docker sock and so that's how it's able to show us the status of all of our running containers and then the other thing is this setting right here PID host in order for it to show all of the processes that are running on the main VPS it needs this because otherwise it would only show you the processes running on the container itself so this should be all we need I'm going to save this and then I am going to give it a domain name so I'm going to go into settings here and then we'll just call it uh let's do stats. my domain and then we need to specify the port that it's running on so if we look in the docker compose 6128 is the actual Port that glances runs on so here we'll just say colon that and then save it now if we go back we should be good to go let's deploy it awesome and now if we try to visit it it we get a nice little dashboard so you can see it tells me that my server here is running Ubuntu um but earlier in the tutorial I showed you how to set up HTTP basic off so you should set that up for this domain as well I'm not going to go through the process of doing that again check check earlier in the tutorial when I set it up but basically what we can do is inside of the compos file we can add labels so here under labels we can add one for CAD Zer so if we do caddy 0 you do basic off and then specify our username and then p in the password that you generate using the caddy hash password save that compost file restart the container and then you should be prompted for a password whenever you visit now if we try to visit the app it should prompt for username and password and we're in now let's see an example of deploying an existing service stack so this is a one-click deployment that's uh built into kify so in this case I'm going to try superbase so I'm going to add add a project that's called a superbase and then from here it'll be in production add a resource and then if you scroll down here to Services these are all oneclick deploy so these are preconfigured to work with kify and they're literally just one-click deploys so in here there is super base so I'm going to try it out so click on super base choose where I want to deploy it and it's almost ready to go so it generates a username and password for me to log in with and you can see that it also generates the domain for the superbase instance so this is what I'm going to update I'm just going to call this superb base. apps. gdn like that so we'll save it and then from here we will deploy it and uh this actually requires quite a few containers as you can see and it's going to have to pull all of these images and start them up and everything else and so this is a good use case for actually checking out glances while this is happening so we can see that CPU usage so I'm going to click deploy it's going to need to pull all of these images and uh let's just keep an eye yeah so it's pulling all of these let's keep an eye on glances while this is happening yeah so uh on my machine which has four CPUs we're already at 50% CPU usage um and then memory we're only at 25% you know down to 30 back up to 60 things are starting 30 100% so something happened that's actually like really spiking the CPU usage right now yeah so you can see that it went way up and then now the containers are up and running and and it should start to spin back down to idle but this is something you need to look out for so super base itself probably requires two CPUs and like I think at least two gigs of RAM your mileage may vary it's going to depend on what you're trying to do with it but there are a lot of services going here so just super base itself actually needs that much resources so the VPS that I have this running on I think has four CPUs and eight gigs of RAM so right now we definitely are are kind of like pushing the limits trying to run both coolify and super base on it but yeah you can see my C has dropped back down to about 17% and now we can see if it loads so let's try visiting it yeah and it prompts for username and password and so we can just grab that right here so it generates a user for us and then it also generates a password so I'm going to bring this in Co we're the super base dashboard so from here I can just use this maybe in one of my other projects so like if I go over to the API docs you can see that it actually has my domain that I have specified here and I could use these API docs to actually use this superbase database within one of my other projects next up I want to show you how to set up minio which is S3 compatible object storage so S3 is actually something that comes from Amazon it's their object storage offering uh but there are have been some projects that have popped up that basically give you S3 compatible storage and what that means is we can self-host this minio and uh it will behave just as if we were hosting something on AWS S3 and this is useful for a lot of things if you're implementing for instance like file uploads in your application you can set minio as the destination for those uploads and it has the exact same API as Amazon S3 and so your app will be able to connect to it in the same way uh also coolify actually supports uh automatic backups and so once we get a minio instance up and going we can schedule coolify to create backups and it'll actually upload those backups to the minio S3 compatible storage so that's what we would like let's get it going so I'm going to add a project and I'm just going to call this storage now I will say I'm going I'm creating all of this stuff on the same coolify instance a good backup is actually offsite so it's on a different server because if something bad ever happens to This Server um all of my backups that I'm storing inside of minio are gone as well so a a true production setup would actually have minio set up on a separate server potentially multiple separ servers and then you have multiple backups multiple offside backups but uh all of that said I'm putting it on this same server it'll work in the same way if you set it up somewhere else so uh coolify actually has minio as a one-click deploy so just search here for minio click on it choose your server and network and now our minio instance is ready to go so first thing I'll do is just update the S3 URL so I'm just going to call this storage. apps. gdn and then I'm also going to update the console URL and I'm going to give it a subdomain so I'm going to do console. storage. apps. gdn we'll save this and deploy it oh looks like it's ready to go I'm going to copy that admin username and then if I visit the console this is the web dashboard and I can log in so I'll throw in my username there and then I'll copy my password great uh now we can create buckets we can create access keys so let's go ahead and do that I'm going to create a bucket and I'm going to call this DB backups and we'll just leave all the default settings so now I have that bucket there and then there's a lot of different ways you can go about giving access to this bucket you can actually like create users and create like fine grain controls I'm just going to create an access key that has access to all of my meno storage here so going I create this access key you can set up expiration and everything else um but I am just going to give this a name I'm going to call this the DB backups key and click create now it's going to prompt you to uh download these and copy them because it's not going to show you the secret ever again so make sure that you do that uh from there we can now use this access key in secret to upload things to this bucket here now the other thing I'll do is set the region name so if you go down here to configuration you can set the server location and I'm just going to use like the S3 convention so I'm going to say us West one and then save that and so now whenever we're configuring the connection to it uh we can use that specific server location and I'm going to have to restart the instance so that's good to go now there there's so much more you can do to configure and set up like site replication and again like further more restricted access policies check out the minio docs for all of that for our purposes super simple we just have a bucket we have an access key I want to upload things to the bucket so this is what we'll use whenever we're setting up our database backups next up I'm going to configure backups for the postest database that we added to our T3 example earlier so if we go in here go into our app go to our database you'll see that I have this backups tab here and so this backups tab exists on any of the database resources that are like one click deploys from within kify a couple of them don't have backups configured just yet uh because there's a specific task that needs to to be run in order to backup that database in the case of postgress there's PG dump and so this has been preconfigured to run PG dump so let's schedule the backup now for frequency we need to specify the KRON tab syntax and uh if you visit Chron tab. Guru they give you a nice little UI that makes it easier to understand what's Happening Here you also could just ask chat gbt it probably could spit it out for you but for instance if we say minute zero and then hour zero this syntax says run every day at midnight um and so just for this example I'm actually going to run it every single minute and so uh if I use this syntax it's going to literally do a PG dump every single minute and I'm just going to do this so that way we can actually see these dumps happening now when and how often you back up your database is dependent on many many different things so like how often is the data in your database changing How likely is it that something might go wrong on the server um and uh how how much guarantee do you want to have because you you could run this let's say uh once a day or twice a day but anything that uh has been added to the database since your last backup will potentially be lost and if you do it super fre frequently like every minute then potentially your server is going to have to be spinning uh a lot of CPU to run that backup so there's a lot of things to consider when scheduling a backup uh so take that into account and also search the web there's there's better there's better info on it out there than what I can provide but for this example we're going to back up this database every minute and I'm going to click save here now by default coolify will actually store these backups on the coolify instance itself so if you look at the frequency here um after a minute has passed we actually will get access to uh one of those backup files so let's just just wait for that to happen great so we can see that the last backup was a success we could download it if we wanted to and you can also see the number of backups to keep so these are the backups on the coolify instance itself and so this is going to depend on how much storage you have on this VPS so you can set the number of backups that should be kept locally there um but next up we're going to set up this S3 backup so instead of just backing up to this coolify instance it's going to upload it to our S3 compatible storage so to do that we can go over on the left hand side to S3 storages it will say this is a recent addition to the left-and sidebar make sure you're at least on beta 269 to uh to see this in the sidebar before it was under teams and then there was like a storages tab but now it's over here on the left so we're going to add a storage and we're going to add the minio instance that we set up earlier so we're going to click on ADD we're just going to call this our storage the endpoint is the storage endpoint so what we set up earlier was https call storage doapp . gdn and then the bucket we created was called db- backups so just make sure this matches the bucket name you created and then the region we set was us West one so just make sure that all of these values match what you set up for meno earlier and then uh add your access key and secret so I'm going to copy these values in we're going to validate the connection and if it was a valid connection it'll add it so now we're ready to go with this S3 connection so anytime a backup happens it'll also be uploaded uh over the network to this this storage endpoint so if we go back to our project and then under backups we can now check S3 enabled and then choose the storage that we set up earlier and then click save and so now anytime a backup happens it will be back up backed up locally so we'll have access to that local backup but it'll also be backed up to the uh S3 compatible storage that you set up there so if we head over to the minio console we can actually see that kify has created a directory here and it's going to create a directory for every database that you're backing up so we have our team and then we have our specific instance so this instance name matches the internal instance name of that specific database and then we can see these PG dump files and so every time one happens it also gets uploaded over here to our minio storage and if we need to use this to back it up we can actually download it now when you visit qualify. one of the options for host is also this Cloud option so let's talk about what that means so if you take a look at the pricing page on the basic plan they talk about it being able to connect to two servers and it's five bucks a month so essentially what you get with kify cloud is a kify instance that can manage other bps's so when you sign up for this five bucks a month uh management instance you're not going to be able to deploy applications there you're just going to be able to manage other vpss that you potentially have resources running on and we talked about this at the beginning of the video the idea that you might want to have coolify running on a separate instance so that way if at any point some of your resources are using a lot of CPU you can still get to the coolify dashboard that's what kify cloud is going to help you with so I actually signed up over here at app. cify doio and uh I'll show you around so I mean it looks exactly like your your main kify dashboard but the only thing is you can't actually create projects directly on This Server whenever you're creating projects you need to point them to some remote server and so I'm going to set that up now I'm going to going to point it to the coolify instance that we've been working on before so I'm going to go over here to servers and then add my own coolify instance I've already set up a private key I went ahead and added the public key as an authorized key on my server um if you want more info on that check out the first video in the self-host series I talk about authorized keys and stuff like that but let's give it a go so I'm going to set this up and now the this coolify hosted instance will be able to manage my apps. gdn server let's see when I click this button validate server and install Docker engine it's actually going to remote connect to that instance and uh just make sure that it has everything it needs to be able to create resources on it so let's try it cool so it looks like it's ready to go I am now going to try to create a project and actually point it to my apps. gdn server so basically I'm managing things from app. qualify. now instead of directly from apps. gdn so let's do it I'm going to create a project and for this I'm just going to deploy this uh public repo that is a static website so I'll throw the git URL in here we're going to deploy it to the apps. gdn server that we have connected here based in the URL we're going to make this a static website and we can we can set up that instance domain so if I go back over to servers now I technically have this set up already on the apps. GD and coolify instance but this coolify instance needs to know about that as well so if I set up the Wild Card domain in the same way so apps. gdn and save that now inside of my project I should be able to set that domain here so I'm going to set this as uh banana 2. apps. gdn save it and let's give it a try and now I'm just going to try to visit it so if we go to Banana 2. apps. gdn the application loads so basically What's Happening Here is app. cify doio the hosted version of kify is managing this remote server and managing the docker containers on it and the the proxy and everything else and it's able to uh spin up resources remotely um and so if you if you get kify cloud in the hosted version this is basically what you're going to get you're going to get a dashboard where you can manage things but you're still going to need some VPS H hosted somewhere else that you connect it to and that's where all of your uh resources will live now I've done my best to show you how to get things going within kify in the best way that I know how but when you're working with kify you might come across some issues um so first I want to reiterate that uh currently in in the last few sections of this tutorial I've been using the V4 beta 269 so whenever you install kify you might be on a later version so some things might be slightly different and I will say if you do come across issues there are a few different places you can check out so if you go to pfy doio they have a link to their Discord Community this is probably the most active place where you can get help with your issues if you check out the Discord there is quite a few channels uh there is the main coolify Channel but I would actually recommend don't ask for help in the main qualify Channel there's so many people that just like ask oneoff questions and then never get any help in this channel you want to use the help forum and this actually is very active I see people answering questions including myself all the time so if you have a specific question about kify you should open up a a post here in the kify V4 help Forum now also avoid like generalized questions because I see a lot of people saying can kify run X or can kify run y kify is just based on top of Docker and Docker compose so if an app can be run inside of Docker and Docker compose it can be run with kify uh there might be some specific things you have to do to get it working with coolify but it is possible um and so ultimately the answer to that question is yes but with an asteris like you ultimately need to figure out well how does that going to work in the context of kifi so I would avoid asking like simple questions like that and really if you want to get something working in kify that's based on Docker and Docker compose it's going to come down to just some trial and error of kind of figuring figuring those things out uh the other thing is if you come across a real issue so that is a reproducible issue and you might even ask about it in the Discord hey have you seen this issue before um if it is a re reproducible issue and an actual issue that needs to be fixed you should open an issue over on on uh GitHub now andras the maintainer of coolify is extremely active so he he's in the comments here he sees when new issues gets opened um actually I'll show you this since I've been working on this video andras has closed four issues that I have opened and then uh there was also a couple of PRS that I opened because I wanted to to contribute to give back a little bit so you can see there's there's a few PRS that I opened that got closed as well so andras is an extremely active maintainer if you have an issue open it up here if you have a feature request that should happen over on discussions so any any idea for like a new feature or something that you think coolify should do don't open an issue open up a discussion technically you could ask in the Discord first but uh discussions are are the place where you're supposed to be asking for for new features and stuff like that I'll also say if you're deciding to contribute to kify there's this channel called contribute and uh you can ask for help in here or just mention that hey I want to work on X feature or Y feature and do that in in this Discord here um I think that's mainly it I I just I just want you to be aware of the places that you can get help and you should do your best to ask questions so that you can get good help um I'll also say that uh if you come across things either the Discord or GitHub issues are going to be the best place to get help because the YouTube comments here I I'll do my best to answer them but also a week from now two weeks from now kify could be on a an even later version and things could be fundamentally different than from what I've I've shown you here so the best place and the most upto dat place to get help is either the Discord or in GitHub issues all right now I'd like to give you my honest opinion about kify because while this has been a kify tutorial at the end of the day I have been kind of just learning kify the past two weeks and also just forming my own opinions on it so here they are here's CJ's opinions about kify uh first question would I use kifi for my own server and my own applications no the answer is no and let me tell you why um So kify currently is in active development so andras the core maintainer he he is it's one guy building this app if you didn't know it if you look at their GitHub repo uh it's literally just him making a bunch of commits every now and then someone will make a small contribution but most of this is just one person trying to make coolify happen and that's awesome but it's also a lot of work and uh there's a lot of issues that are coming up and a lot of moving parts and so just in the past two weeks there have been several different beta versions that I've upgraded to while I've been learning and working with kifi and so right now now it's it's not in my opinion it's not stable enough um a lot of people are on older versions maybe on version three or they're sticking to a specific beta version because that version is a bit more stable but in my experience I came across a few bugs that were kind of like non-starters and I couldn't really do the things I wanted to do unless I upgraded to the the later beta versions so that is something to take into account it's under active development the thing is andras is working hard though like once the V4 proper drops and all of these bugs are fixed and we're we're on a a more uh a less frequent update cycle I think kify will be in a in a a a much better spot uh the other thing is I know how to use and have taken the time to learn and understand all of the tools that kify is using under the hood right because kify at the end of the day is kind of just like a Docker Docker compos manager uh there there's there's a few more things that I don't want to simplify it that much but one of the main things kifi does is manage Docker and Docker compos containers um and I know how to do that myself from the command line right like I've I've learned how to use Docker I know how to use Docker compose and so a lot of times I was fighting kify to do the things that would be very easy to do if I could just run a Docker compos file directly and in a similar idea kifi also uses a a proxy so it's either using caddy or traffic depending on which one you choose and uh I have spent the time to learn C directly I've actually done a video on on how caddy works and so a lot of times I was banging my head against the wall trying to get kify to take these these caddy settings that if I was just using caddy directly I could have just written the codes to do that um and then same thing uh kifi is using this caddy Docker proxy under the hood which actually allows you to add labels to a uh Docker compose or to a Docker container and then cadd behind the scenes will pick up those labels and and add their settings um but when you're using coolify it's it's doing that kind of like indirectly so ultimately because I've already spent the time learning and I know how to use these tools like Docker Docker compos caddy traffic and like caddy Docker proxy I would prefer to just use those tools directly rather than to have to figure out the coolify way um now I know for a lot of people that's not the answer they want to hear right I mean people want this to be magic they they want to be able to have a one-click deploy experience just like you have on verel and for a lot of things you might get that in coolify but for a lot of other things and for your own like custom applications it's just like not really there yet and I'd rather spend my time doing it directly than actually uh doing it inside of kify now all of that said I have really high hopes for kify I want to visit revisit kify like maybe a few months from now to see when uh uh the stable V4 drops and when a lot of these uh like little bugs that are kind of like non-starters get fixed um and because I would love to see a self-hosted truly oneclick uh solution to to uh give us that like versel and netlify and Heroku like experience um but we're a little ways off uh from kifi I think um I will say if you check out syntax episode 7:30 so this is where they talked about uh owning your own platform as a service there are some other services they mentioned right so there's like uh Kubo and cap Rover and doku I definitely want to give some of these a try as well and also like piku I think peku works on like really Li Li mited resource servers um and if if I guess if I'm being honest this is just the CJ Rants and says was on his mind segment uh that's a potential another issue that I have with kify is the amount of resources required for it right so um because uh kifi is a PHP laravel application if you look under installing and and like resources coolify alone needs two CPUs and 2 gabt of memory just to run the coolify application that manages all of your other applications if I have a server where I just have Docker and caddy installed directly I'm gonna be able to do a lot more because I don't have this PHP larel application and its Associated databases all running on that same server to manage it um but that that comes with its pros and cons right like if I'm managing a server with caddy and and Docker directly I'm doing all of that from the command line where as with coolify you get like a nice little dashboard I don't know but those are my thoughts um I I will say it coolify doesn't exactly deliver on the promise of like magic oneclick deploys especially if you're trying to deploy your own custom application code I will say the uh like the oneclick deploys for like superbase and a lot of the other built-in apps to coolify those work really well and so if you want to be able to deploy apps that way completely fine but for me if I'm deploying my own custom applications I'm going to have to customize my Docker and my Docker compos um at the end of the day anyways so I I don't really see the benefit in using qualifi so that's it for this video thank you so much for watching and thank you for for tuning in for this this self-hosting series that started uh about a month ago um and and and for all of your your kind comments and encouragement because uh it's definitely been the motivation to keep going and creating this kind of content uh so let me know in the in the comments what do you want to see next what are you interested in um and I'd love to cover it I'd love to talk about it so uh yeah that's it see you in the next one [Music]

Info

Channel: Syntax

Views: 23,833

Rating: undefined out of 5

Keywords: tutorials, cms, html, css, html5, css3, education, free, lessons, tuts, tutorial, learn, software, web development, web developer, developer, web, website, devops, ubuntu, ubuntu setup, how to setup vps, vps setup, secure vps, ssh key setup, system administration, self host, paas, self-host, linux, unix, debian, configuration, vps, virtual private server, caddy, http server, caddy server, caddyfile, reverse proxy, hosting, coolify, setup coolify, deploy to coolify, syntax-related-730

Id: taJlPG82Ucw

Channel Id: undefined

Length: 89min 6sec (5346 seconds)

Published: Sat Apr 27 2024