Coolify
Coolify Container, Workers and Services servers
Infra for utilizing Hetzner low-cost VPS and Docker containers, wrapped in Coolify as an all-in-one PaaS, to self-host your own applications, databases, or services.
1. Configure infrastructure
Choose how many servers you want to have in your cluster. For a minimum cluster in swarm mode, we need a controller, 3 workers, and a load balancer in front of the cluster. Servers that are part of services are also managed with Coolify controller. Read more about possible configurations and how to use Coolify in the official docs
2. Define hosts and run ansible playbook
In your inventory/hosts
file, specify the IP addresses of your newly created servers obtained from Terraform output, or alternatively, verify them in the Hetzner Cloud console
Run playbook:
cd ansible
ansible-playbook playbooks/playbook_install_coolify.yml
Ansible playbook automates the installation of Coolify on controller hosts. It configures common dependencies and enhances system security on both controller, workers and services hosts:
- Updates package lists and upgrades all packages to ensure the system is up to date.
- Installs necessary dependencies including UFW and Fail2Ban for enhancing system security.
- Sets up UFW to allow specific incoming traffic and enables it for added security.
- Configures Fail2Ban to prevent unauthorized access attempts by banning malicious IP addresses.
- Implements SSH hardening measures to secure remote access to the system.
- Installs Coolify on controller hosts and configures it to listen on specific ports.
- Configures worker hosts to allow incoming traffic on specified ports required for Coolify operation .
3. Open UI:
When Ansible finishes, Coolify's UI will be available at:
CONTROLER_SERVER_IP:8000
Now is the time to configure Coolify. Add your private key that Terraform created, use workers private IPs and add the workers to your cluster. Consult the documentation for futher steps.
4. SSH into server
Terraform creates SSH private and public keys that are added to Hetzner and servers. They are also used by Ansible. Be careful with keys, you don't want to lose them.
If needed, you can ssh into the server with the following command:
ssh root@<server-ip> -i ~/.ssh/self_hosted_hetzner_key.pem