fekoneko VPS

Here are all Docker containers that I run on my VPS.

All the services are under Traefik reverse-proxy and use their own dedicated Docker network (traefik). I also prefer making dynamic file configs over container labels for Traefik to keep them in one place, clean and readable.

Available services

WEB:

• Landing page - https://$DOMAIN
• SearXNG - https://searxng.$DOMAIN
• Nextcloud - https://nextcloud.$DOMAIN
• Wireguard panel - https://wireguard.$DOMAIN
• Traefik dashboard - https://traefik.$DOMAIN
• Vaultwarden - https://vaultwarden.$DOMAIN

Other:

• Wireguard VPN - $DOMAIN:51820/udp
• Wireguard VPN through WebSocket tunnel:

# This will need a DNS server or cache to be available
wstunnel client -L 'udp://51820:172.20.0.4:51820?timeout_sec=0' wss://wstunnel.$DOMAIN:443

# This will allow to connect directly using IP address
# Preferrable when DNS is done througn WireGuard as well
wstunnel client \
  --local-to-remote udp://51820:172.20.0.4:51820?timeout_sec=0 \
  --tls-verify-certificate \
  --tls-sni-override wstunnel.$DOMAIN \
  --http-headers Host:wstunnel.$DOMAIN \
  wss://$IPV4:443

• Drawpile server - drawpile.$DOMAIN:27750/tcp
• Anki sync server - https://anki.$DOMAIN

Before composing containers

• Create the Docker network with the following command:

docker network create --driver=bridge --subnet=172.20.0.0/16 traefik

• Create .env files in each container's directory. Use .env.example as a reference.