Jump to content

VPS: Difference between revisions

From Archive
← Older edit
No edit summary
No edit summary
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
= VPS Documentation =
= VPS Documentation =
''Self-hosted services and applications running on the ejfvps infrastructure''


== Applications ==
== Applications ==
* '''Main Website''' - [https://ejfox.com ejfox.com] - Personal site and blog (Nuxt.js)
* '''Archive Wiki''' - [https://archive.ejfox.com archive.ejfox.com] - MediaWiki knowledge base
* '''Smallweb''' - *.ejfox.tools - Small self-hosted deno micro-apps
* '''Kuma Uptime Monitoring''' - [https://status.tools.ejfox.com status.tools.ejfox.com] - Service availability tracking
* '''Personal APIs''' - ejfox.com/api/* - Self-quantification data endpoints
* '''[[ArchiveBox]]''' - [https://snap.ejfox.com snap.ejfox.com] - Web archiving and snapshot preservation
* '''n8n''' - [https://n8n.tools.ejfox.com n8n.tools.ejfox.com] - Workflow automation and API orchestration
* '''Grafana''' - [https://grafana.tools.ejfox.com grafana.tools.ejfox.com] - System metrics and personal data dashboards
* '''Loki''' - [https://loki.tools.ejfox.com loki.tools.ejfox.com] - Log aggregation and analysis
* '''Umami Analytics''' - [https://umami.tools.ejfox.com umami.tools.ejfox.com] - Privacy-focused web analytics
== System Overview ==
=== Hardware Specifications ===
{| class="wikitable"
! Component !! Specification
|-
| '''Host System''' || Debian GNU/Linux 12 (bookworm)
|-
| '''Kernel''' || Linux 6.1.0-37-cloud-amd64
|-
| '''Hostname''' || ejfvps
|-
| '''Architecture''' || x86_64
|-
| '''CPU''' || Intel(R) Xeon(R) CPU E5-2620 v4 @ 2.10GHz (2 cores)
|-
| '''Memory''' || 3.8GB RAM
|-
| '''Root Storage''' || 7.8GB (/dev/vda1)
|-
| '''Data Storage''' || 20GB (/dev/vdb1)
|-
| '''Data2 Storage''' || 49GB (/dev/vdc)
|}
=== Port Mapping ===
{| class="wikitable"
! Service !! Internal Port !! Public URL !! Purpose
|-
| Main Website || 3013 || ejfox.com || Personal site & blog
|-
| Personal APIs || 3013 || ejfox.com/api/* || Self-quantification endpoints
|-
| MediaWiki || 8437 || archive.ejfox.com || Knowledge base
|-
| ArchiveBox || 4040 || snap.ejfox.com || Web archiving
|-
| Smallweb || 7777 || ejfox.tools || Development platform
|-
| n8n || 5678 || n8n.tools.ejfox.com || Workflow automation
|-
| Datasette || 8002 || datasette.tools.ejfox.com || Data exploration
|-
| Capabilities || 9991 || capabilities.tools.ejfox.com || Skills tracking
|-
| Grafana || 3333 || grafana.tools.ejfox.com || Metrics dashboards
|-
| Loki || 3100 || loki.tools.ejfox.com || Log aggregation
|-
| Umami || 3900 || umami.tools.ejfox.com || Web analytics
|-
| Uptime Kuma || 54321 || status.tools.ejfox.com || Uptime monitoring
|-
| Room302 || 3012 || room302.studio || Creative projects
|}
== Docker Troubleshooting ==
=== Emergency Procedures ===
==== Kill Runaway Docker Process ====
When dockerd consumes 100%+ CPU:
<pre>
# Force kill Docker
sudo kill -9 $(pgrep dockerd)
sudo systemctl stop docker
sudo systemctl stop docker.socket
sudo systemctl stop containerd
</pre>
==== Disable Docker Bridge Networking ====
Prevents bridge networking conflicts on VPS:
<pre>
# Edit /etc/docker/daemon.json
{
  "iptables": false,
  "bridge": "none"
}
# Restart Docker
sudo systemctl restart docker
</pre>
==== Prevent Docker Auto-Restart ====
<pre>
sudo systemctl stop docker docker.socket containerd
sudo systemctl disable docker docker.socket containerd
sudo systemctl mask docker  # Prevents any activation
</pre>
=== Disk Space Management ===
==== Quick Cleanup Commands ====
<pre>
# Nuclear Docker cleanup (removes ALL unused data)
docker system prune -a --volumes --force
# Clean journal logs
sudo journalctl --vacuum-time=3d
# Clean apt cache
sudo apt clean
</pre>
==== Find Large Files Without du ====
When du hangs or is slow:
<pre>
# Find files over 100MB
find /data2 -type f -size +100M -exec ls -lh {} \; 2>/dev/null | sort -k5 -rh
# Sort directory by size
ls -lhS /directory/
# Count Docker veth interfaces
ip link show | grep veth | wc -l
</pre>
==== Docker Overlay2 Maintenance ====
Location: `/var/lib/docker/overlay2/` or `/data2/docker/overlay2/`
<pre>
# Check Docker disk usage
docker system df
# Progressive cleanup
docker image prune -a      # Remove unused images
docker container prune      # Remove stopped containers
docker volume prune          # Remove unused volumes
docker builder prune        # Remove build cache
</pre>
=== System Diagnostics ===
==== Process Monitoring ====
<pre>
# System load
top
ps aux | grep -E "(docker|containerd)"
# Memory status
free -h
# Disk status
df -h
</pre>
==== Log Investigation ====
<pre>
# Check time-specific logs
sudo journalctl --since "2025-09-09 07:00" --until "2025-09-09 08:00"
# Docker logs
sudo journalctl -u docker -n 100
# System errors
sudo journalctl -b -p err
</pre>
=== Recovery Methods ===
==== Console Keyboard Shortcuts ====
* '''Ctrl+Alt+F2 to F6''' - Switch TTY when console is flooded
* '''Ctrl+C''' - Interrupt running process
* '''Ctrl+Alt+Del''' - Force system reboot
==== Volume Mount Recovery ====
When instance is inaccessible:


[[ArchiveBox]] for snapshot archiving, available at [https://snap.ejfox.com snap.ejfox.com]
# Stop broken instance
# Create minimal rescue instance
# Detach root volume from broken instance
# Attach to rescue instance as secondary drive
# Mount and repair:


== System Overview ==
<pre>
sudo mount /dev/vdb1 /mnt
sudo chroot /mnt
# Fix issues (disable services, edit configs, etc)
systemctl disable problem-service
exit
sudo umount /mnt
</pre>


'''Host System:''' Debian GNU/Linux 12 (bookworm)<br>
=== Preventive Maintenance ===
'''Kernel:''' Linux 6.1.0-37-cloud-amd64<br>
'''Hostname:''' ejfvps<br>
'''Architecture:''' x86_64<br>
'''CPU:''' Intel(R) Xeon(R) CPU E5-2620 v4 @ 2.10GHz (2 cores)<br>
'''Memory:''' 3.8GB RAM<br>
'''Storage:'''
* Root: 7.8GB (/dev/vda1)
* Data: 20GB (/dev/vdb1)
* Data2: 49GB (/dev/vdc)


== Core Infrastructure Services ==
==== Weekly Tasks ====
* Clean Docker: `docker system prune -a --volumes`
* Check disk usage: `df -h`
* Review Docker disk usage: `docker system df`


=== Reverse Proxy & SSL ===
==== Monthly Tasks ====
* '''Caddy''' - Modern web server with automatic HTTPS
* Clean old logs: `sudo journalctl --vacuum-time=30d`
** Port: 80/443
* Update system packages: `sudo apt update && sudo apt upgrade`
** Config: /etc/caddy/Caddyfile
* Review container resource usage
** Features: Automatic SSL certificates, HTTP/2, reverse proxy


=== Container Orchestration ===
==== Critical Files ====
* '''Docker Engine''' - Container runtime
{| class="wikitable"
* '''Docker Compose''' - Multi-container application definitions
! File/Directory !! Purpose
* '''Containerd''' - Low-level container runtime
|-
| /etc/docker/daemon.json || Docker daemon configuration
|-
| /etc/systemd/system/docker.service.d/ || Docker service overrides
|-
| /var/lib/docker/ || Docker data directory
|-
| /etc/caddy/Caddyfile || Reverse proxy configuration
|}


=== System Monitoring ===
=== Network Configuration ===
* '''Cloudflared''' - Cloudflare tunnel service
* '''Fail2ban''' - Intrusion prevention system
* '''Monit''' - System monitoring daemon


== Application Stack ==
==== Docker Network Alternatives ====
When bridge networking fails:


=== Analytics & Monitoring ===
<pre>
# Host networking (shares host network)
docker run --network host image:tag


==== Umami Analytics ====
# No network
'''Primary Instance:'''
docker run --network none image:tag
* '''Image:''' ghcr.io/umami-software/umami:postgresql-latest


==== Grafana Monitoring Stack ====
# Custom network
* '''Grafana''' - Visualization dashboard
docker network create mynet --driver bridge
** Image: grafana/grafana:latest
docker run --network mynet image:tag
** Plugins: ClickHouse, GitHub, Loki Explorer, Pyroscope, JSON datasource
</pre>


* '''Loki''' - Log aggregation system
==== Firewall Management ====
** Image: grafana/loki:latest
With Docker iptables disabled:
* Manage ports via Caddy reverse proxy
* Use ufw for firewall rules
* Manual iptables configuration if needed


==== Uptime Monitoring ====
=== Monitoring Thresholds ===
* '''Uptime Kuma''' - Self-hosted monitoring tool
** Image: louislam/uptime-kuma:latest
** Base URL: https://status.tools.ejfox.com
** Features: Website monitoring, notifications, status pages


=== Content Management ===
{| class="wikitable"
! Metric !! Warning Level !! Critical Level
|-
| Disk Usage || 85% || 95%
|-
| CPU Usage (sustained) || 70% || 90%
|-
| Memory Usage || 80% || 90%
|-
| Docker overlay2 size || 20GB || 30GB
|}


==== MediaWiki ====
== Service-Specific Documentation ==
* '''Image:''' mediawiki:latest
* '''Port:''' 8437 → 80
* '''Database:''' SQLite (multiple databases)
* '''Extensions:''' AWS S3 integration
* '''Skin:''' Citizen theme
* '''Volumes:'''
** Data: /home/debian/mediawiki/data
** Config: /home/debian/mediawiki/LocalSettings.php


==== ArchiveBox ====
=== Core Services ===
* '''Image:''' archivebox/archivebox:latest
* '''Features:''' Web archiving, full-text search via Sonic
* '''Components:'''
** Main archiver
** Background scheduler (ofelia-based)
** Sonic search backend
** noVNC remote browser control


=== Development & Automation ===
==== Caddy (Reverse Proxy) ====
* '''Port:''' 80/443
* '''Config:''' /etc/caddy/Caddyfile
* '''Features:''' Automatic SSL, HTTP/2, reverse proxy
* '''Restart:''' `sudo systemctl restart caddy`


==== Smallweb ====
==== Docker & Containerd ====
* '''Image:''' ghcr.io/pomdtr/smallweb:latest
* '''Config:''' /etc/docker/daemon.json
* '''Ports:''' 7777, 2222
* '''Data:''' /data2/docker/
* '''Purpose:''' Lightweight web app hosting platform
* '''Status:''' `systemctl status docker`
* '''Projects:''' Multiple TypeScript/Deno applications including:
* '''Logs:''' `journalctl -u docker`
** Health dashboard and webhooks
** GitHub integrations
** Location tracking
** Screenshot generation
** Weather apps
** Mastodon integration


==== n8n Workflow Automation ====
==== PM2 Process Manager ====
* '''Image:''' docker.n8n.io/n8nio/n8n
* '''Status:''' `pm2 status`
* '''Logs:''' `pm2 logs`
* '''Save config:''' `pm2 save`
* '''Startup script:''' `pm2 startup`


==== Retroscope ====
=== Container Management ===
* '''Custom Application''' - retroscope
* '''Scheduler:''' mcuadros/ofelia:latest
* '''Status:''' Healthy, with background job scheduling


=== Personal Websites ===
==== Essential Container Commands ====
<pre>
# View all containers
docker ps -a


==== ejfox.com ====
# Start specific service
* '''Custom Build''' - ejfoxcom_ejfox
docker start container_name
* '''Port:''' 3013 → 3013
* '''Size:''' 1.84GB image
* '''Status:''' Production website


==== room302.studio ====
# View logs
* '''Custom Build''' - website_room302
docker logs -f container_name
* '''Port:''' 3012 → 3012
* '''Size:''' 1.82GB image
* '''Status:''' Secondary website


== Network Configuration ==
# Restart with docker-compose
cd /path/to/project
docker-compose up -d


=== Backup Strategy ===
# Rebuild container
* MediaWiki has backup/restore scripts
docker-compose build --no-cache
* Database files stored in persistent volumes
docker-compose up -d
* Configuration files version controlled
</pre>


== Process Management ==
==== Backup Procedures ====
* MediaWiki: Backup scripts in `/home/debian/mediawiki/`
* Docker volumes: Located in `/data2/docker/volumes/`
* Databases: Regular dumps to `/data/backups/`
* Configuration: Version controlled in git repositories


=== PM2 ===
[[Category:System Administration]]
* '''PM2 modules:''' Auto-pull, log rotation
[[Category:Docker]]
* '''Stopped processes:''' Discord bot, capabilities service
[[Category:VPS Management]]
* '''Log management:''' Automated log rotation

Latest revision as of 13:43, 9 September 2025

VPS Documentation

Self-hosted services and applications running on the ejfvps infrastructure

Applications

System Overview

Hardware Specifications

Component Specification
Host System Debian GNU/Linux 12 (bookworm)
Kernel Linux 6.1.0-37-cloud-amd64
Hostname ejfvps
Architecture x86_64
CPU Intel(R) Xeon(R) CPU E5-2620 v4 @ 2.10GHz (2 cores)
Memory 3.8GB RAM
Root Storage 7.8GB (/dev/vda1)
Data Storage 20GB (/dev/vdb1)
Data2 Storage 49GB (/dev/vdc)

Port Mapping

Service Internal Port Public URL Purpose
Main Website 3013 ejfox.com Personal site & blog
Personal APIs 3013 ejfox.com/api/* Self-quantification endpoints
MediaWiki 8437 archive.ejfox.com Knowledge base
ArchiveBox 4040 snap.ejfox.com Web archiving
Smallweb 7777 ejfox.tools Development platform
n8n 5678 n8n.tools.ejfox.com Workflow automation
Datasette 8002 datasette.tools.ejfox.com Data exploration
Capabilities 9991 capabilities.tools.ejfox.com Skills tracking
Grafana 3333 grafana.tools.ejfox.com Metrics dashboards
Loki 3100 loki.tools.ejfox.com Log aggregation
Umami 3900 umami.tools.ejfox.com Web analytics
Uptime Kuma 54321 status.tools.ejfox.com Uptime monitoring
Room302 3012 room302.studio Creative projects

Docker Troubleshooting

Emergency Procedures

Kill Runaway Docker Process

When dockerd consumes 100%+ CPU: 

# Force kill Docker
sudo kill -9 $(pgrep dockerd)
sudo systemctl stop docker
sudo systemctl stop docker.socket
sudo systemctl stop containerd

Disable Docker Bridge Networking

Prevents bridge networking conflicts on VPS: 

# Edit /etc/docker/daemon.json
{
  "iptables": false,
  "bridge": "none"
}

# Restart Docker
sudo systemctl restart docker

Prevent Docker Auto-Restart

sudo systemctl stop docker docker.socket containerd
sudo systemctl disable docker docker.socket containerd
sudo systemctl mask docker  # Prevents any activation

Disk Space Management

Quick Cleanup Commands

# Nuclear Docker cleanup (removes ALL unused data)
docker system prune -a --volumes --force

# Clean journal logs
sudo journalctl --vacuum-time=3d

# Clean apt cache
sudo apt clean

Find Large Files Without du

When du hangs or is slow: 

# Find files over 100MB
find /data2 -type f -size +100M -exec ls -lh {} \; 2>/dev/null | sort -k5 -rh

# Sort directory by size
ls -lhS /directory/

# Count Docker veth interfaces
ip link show | grep veth | wc -l

Docker Overlay2 Maintenance

Location: `/var/lib/docker/overlay2/` or `/data2/docker/overlay2/` 

# Check Docker disk usage
docker system df

# Progressive cleanup
docker image prune -a       # Remove unused images
docker container prune       # Remove stopped containers
docker volume prune          # Remove unused volumes
docker builder prune         # Remove build cache

System Diagnostics

Process Monitoring

# System load
top
ps aux | grep -E "(docker|containerd)"

# Memory status
free -h

# Disk status
df -h

Log Investigation

# Check time-specific logs
sudo journalctl --since "2025-09-09 07:00" --until "2025-09-09 08:00"

# Docker logs
sudo journalctl -u docker -n 100

# System errors
sudo journalctl -b -p err

Recovery Methods

Console Keyboard Shortcuts

  • Ctrl+Alt+F2 to F6 - Switch TTY when console is flooded
  • Ctrl+C - Interrupt running process
  • Ctrl+Alt+Del - Force system reboot

Volume Mount Recovery

When instance is inaccessible:

  1. Stop broken instance
  2. Create minimal rescue instance
  3. Detach root volume from broken instance
  4. Attach to rescue instance as secondary drive
  5. Mount and repair:
sudo mount /dev/vdb1 /mnt
sudo chroot /mnt
# Fix issues (disable services, edit configs, etc)
systemctl disable problem-service
exit
sudo umount /mnt

Preventive Maintenance

Weekly Tasks

  • Clean Docker: `docker system prune -a --volumes`
  • Check disk usage: `df -h`
  • Review Docker disk usage: `docker system df`

Monthly Tasks

  • Clean old logs: `sudo journalctl --vacuum-time=30d`
  • Update system packages: `sudo apt update && sudo apt upgrade`
  • Review container resource usage

Critical Files

File/Directory Purpose
/etc/docker/daemon.json Docker daemon configuration
/etc/systemd/system/docker.service.d/ Docker service overrides
/var/lib/docker/ Docker data directory
/etc/caddy/Caddyfile Reverse proxy configuration

Network Configuration

Docker Network Alternatives

When bridge networking fails: 

# Host networking (shares host network)
docker run --network host image:tag

# No network
docker run --network none image:tag

# Custom network
docker network create mynet --driver bridge
docker run --network mynet image:tag

Firewall Management

With Docker iptables disabled:

  • Manage ports via Caddy reverse proxy
  • Use ufw for firewall rules
  • Manual iptables configuration if needed

Monitoring Thresholds

Metric Warning Level Critical Level
Disk Usage 85% 95%
CPU Usage (sustained) 70% 90%
Memory Usage 80% 90%
Docker overlay2 size 20GB 30GB

Service-Specific Documentation

Core Services

Caddy (Reverse Proxy)

  • Port: 80/443
  • Config: /etc/caddy/Caddyfile
  • Features: Automatic SSL, HTTP/2, reverse proxy
  • Restart: `sudo systemctl restart caddy`

Docker & Containerd

  • Config: /etc/docker/daemon.json
  • Data: /data2/docker/
  • Status: `systemctl status docker`
  • Logs: `journalctl -u docker`

PM2 Process Manager

  • Status: `pm2 status`
  • Logs: `pm2 logs`
  • Save config: `pm2 save`
  • Startup script: `pm2 startup`

Container Management

Essential Container Commands

# View all containers
docker ps -a

# Start specific service
docker start container_name

# View logs
docker logs -f container_name

# Restart with docker-compose
cd /path/to/project
docker-compose up -d

# Rebuild container
docker-compose build --no-cache
docker-compose up -d

Backup Procedures

  • MediaWiki: Backup scripts in `/home/debian/mediawiki/`
  • Docker volumes: Located in `/data2/docker/volumes/`
  • Databases: Regular dumps to `/data/backups/`
  • Configuration: Version controlled in git repositories
Retrieved from "https://archive.ejfox.com/index.php?title=VPS&oldid=182"