With the evolution of technology, we find ourselves needing to be even more vigilant with our online security every day. Our browsing and shopping behaviors are also being continuously tracked online via tracking cookies being dropped on our browsers that we allow by clicking the “I Accept” button next to deliberately long agreements on websites before we can get the full benefit of said site.
Watch this article:
Additionally, hackers are always looking for a target and it’s common for even big companies to have their servers compromised in any number of ways and have sensitive data leaked, often to the highest bidder.
These are just some of the reasons that I started looking into self-hosting as much of my own data as I could.
Because not everyone has the option to self-host on their own, private hardware, whether it’s for lack of hardware, or because their ISP makes it difficult or impossible to do so, I want to show you what I believe to be the next best step, and that’s a semi-self-hosted solution on Linode.
Let’s jump right in!
Setting up a Linode
First things first, you’ll need a Docker server set up. Linode has made that process very simple and you can set one up for just a few bucks a month and can add a private IP address (for free) and backups for just a couple bucks more per month.
Get logged into your Linode account click on “Create Linode”.
Don’t have a Linode account? Get $100 in credit clicking here
On the “Create” page, click on the “Marketplace” tab and scroll down to the “Docker” option. Click it.
With Docker selected, scroll down and close the “Advanced Options” as we won’t be using them.
Below that, we’ll select the most recent version of Debian (version 10 at the time of writing).
In order to get the the lowest latency for your setup, select a Region nearest you.
When we get to the “Linode Plan” area, find an option that fits your budget. You can always start with a small plan and upgrade later as your needs grow.
Next, enter a “Linode Label” as an identifier for you. You can enter tags if you want.
Enter a Root Password and import an SSH key if you have one. If you don’t that’s fine, you don’t need to use an SSH key. If you’d like to generate one and use it, you can find more information about how to do so here “Creating an SSH Key Pair and Configuring Public Key Authentication on a Server”).
You can skip the VLAN section, but I encourage you to check the boxes for Backups and Private IP.
Once you have all your choices made, you can click the “Create Linode” button on the right side of the page.
Configuring Your Domain
Another thing you’ll need is a domain name, which you can buy from almost anywhere online for a wide range of prices depending on where you make your purchase. Be sure to point the domains DNS settings to point to Linode.
Your domain’s DNS will need to be pointed to:
You can find more information about where to point your DNS here: https://www.linode.com/docs/guides/dns-manager/
Back in your Linode dashboard, you can click the “Domains” link on the left side and add your domain to your Linode account there.
Please note that DNS can take 24-48 hours to propagate, so be patient for the DNS settings to kick in while you’re configuring your Linode setup.
Container Management with Portainer
The great thing about self-hosting is that there isn’t necessarily one right way to do things. We’re going to use [Portainer](https://www.portainer.io/) to manage (most of) our Docker containers, so let’s get that installed next.
We’re going to do this via command line, but it’s super easy!
Open your favorite terminal program. You can use Windows Terminal, or the CMD prompt or whatever you want.
Login to your Linode server by typing the following into your terminal:
You’ll be asked if you’re sure you want to connect. Type “yes” without quotes and press Enter on your keyboard.
You should be prompted for your root password if you aren’t using an SSH key.
Once you’re logged in, you can just copy/paste this into your terminal window:
docker run -d -p 9000:9000 -p 8000:8000 --name portainer --restart always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest
Your system will now download all the requirements to deploy Portainer.
Once the terminal has gone back to a blinking cursour, Portainer should be installed and ready.
Head over to http://your.server.ip.address:9000 in your browser. You should be prompted to create an account.
For security reasons, it’s best if you don’t use the default “admin” username, but replace it with a username of your choosing. Next, enter a password for the account and then verify it and then click “Create user”.
A new screen should show up that has 2 options. We want to select the “Get Started” option.
Now click the “Environments” option on the left side of the page and then click the “local” option on the main portion of the page.
You’re going to look for the “Public IP” entry and put in your server’s IP Address in that block and then click “Update Environment”.
You’ll also want a reverse proxy set up on your Docker Server so that you can do things like route traffic to your different containers and manage SSLs on your server for your domains and subdomains.
There are several options out there for reverse proxies, but we’re going to use Nginx Proxy Manager for our setup.
To get Nginx Proxy Manager set up on our Docker server, we’re going to use use SSH one last time (for this tutorial), so head back to terminal program and make sure you’re logged in.
We’re going to create a folder for our docker-compose files. Then we’re going to change to that directory:
mkdir docker-compose && cd docker-compose
Next, we want to create a folder for the nging proxy manager docker-compose.yml file and change into that directory:
mkdir nginxproxymanager && cd nginxproxymanager
Now we can create the docker-compose file we need in order to deploy our Nginx Proxy Manager Docker container:
This will bring up a mostly empty screen where you can copy/paste in the following:
version: '3'<br></br><br></br>networks:<br></br> nginx_proxy_manager:<br></br><br></br>services:<br></br> app:<br></br> image: 'jc21/nginx-proxy-manager:latest'<br></br> container_name: nginxproxymanager<br></br> restart: unless-stopped <br></br> ports:<br></br> - '80:80'<br></br> - '81:81'<br></br> - '443:443'<br></br> volumes:<br></br> - /home/docker/nginxproxymanager/data:/data<br></br> - /home/docker/nginxproxymanager/letsencrypt:/etc/letsencrypt<br></br> networks:<br></br> nginx_proxy_manager:
This Docker compose file tells the system to download the latest jc21/nginx-proxy-manager image to the Docker server, name the container “nginxproxymanager“, mount it to the directory “home/docker/nginxproxymanager“, and make its dashboard available on the Docker server’s port 81.
Ports 80 and 443 will be used to manage traffic (both secure and insecure).
It also created a Docker network called “nginx_proxy_manager” that we will use for future containers that we add to our server.
The default credentials for Nginx Proxy Manager are:
Email: firstname.lastname@example.org Password: changeme
Enter those credentials to get logged in. You’ll be asked to change your default email address and password before you can continue.
Believe it or not, we’ve covered quite a bit in this tutorial. We set up a Linode instance, pointed a domain to Linode, set up Portainer and Nginx Proxy Manager and even created a network on Nginx Proxy Manager to be used by containers that we’ll add to our setup in the future.
Be sure to turn on notifications where relevant to be notified when future posts and videos come out in this series!