Self-hosted apps

Websites

Static website

Setup the Apache web-server with a vhost configuration that contains contains configuration to serve a folder of html files.

All content will be served via https, a redirect will be set up so that all http traffic will be forwarded to https. A Let's encrypt certificate will be requested, and a cron job will be set up to re-new that certificate before it expires.

As a second step, a single html file will be generated, with some custom content.

Create a text file, 'static-site.frecklet', with:

- static-website-from-folder:
    hostname: example.com
    path: /var/www/html
    webserver: apache
    use_https: true
    server_admin: [email protected]
- file-with-content:
    owner: www-data
    path: /var/www/html/index.html
    content: |
      <h1><i>freckles</i> says "hello", World!</h1>

then run with either:

freckles

freckles -t <user>@example.com static-site.frecklet

frecklecute

frecklecute -t <user>@example.com static-site.frecklet

Note: the 'user' for the 'example.com' host needs to have root or sudo permissions for this to work, obviously. Also, a DNS record needs to be in place for the certificate request part to work.

Wordpress

On a remote machine, setup the Apache web-server, MariaDB, PHP. Download Wordpress and configure everything so Apache serves the Wordpress instance via https (http redirects to https), using a Let's encrypt staging certificate (good for testing). Asks for Wordpress admin password interactively, and it will auto generate a password for the database.

freckles

# run with: freckles --target [email protected] <this_file>
- wordpress-standalone:
    wp_admin_email: [email protected]
    wp_title: My Wordpress site
    hostname: example.com
    use_https: true
    letsencrypt_staging: true

frecklecute

frecklecute --target [email protected] wordpress-standalone \
      --wp-admin-email [email protected] \
      --wp-title "My wordpress site" \
      --hostname example.com \
      --use-https \
      --letsencrypt-staging

frecklets used:

wordpress-standalone

Note: A DNS record needs to be in place for the certificate request part to work.

Discourse

Discourse is a popular forum software. This example shows how to use freckles to setup an instance of *discourse', following the

freckles

# run with: freckles --community --target [email protected] <this_file>
- discourse-standalone:
    hostname: discourse.example.com
    admin_emails:
      - [email protected]
    discourse_smtp_address: smtp.postmarkapp.com
    discourse_smtp_port: 587
    discourse_smtp_user_name: uuid-uuid-uuid-uuid
    discourse_smtp_password: super-secret-password

frecklecute

frecklecute --community --target [email protected] discourse-standalone \
      --hostname discourse.example.com \
      --admin-email [email protected] \
      --discourse-smtp-address smtp.postmarkapp.com \
      --discourse-smtp-port: 587 \
      --discourse-smtp-user-name: uuid-uuid-uuid-uuid \
      --discourse-smtp-password ::ask::

Misc. services

Keycloak

Keycloak is an open source identity and access management service, which can be used to implement authentication for your services. It is a bit cumbersome to install, though. This frecklet can help you do a standalone (non-clustered) install of Keycloak:

freckles

# run with: freckles --community --target [email protected] <this_file>
- keycloak-standalone:
    hostname: auth.example.com
    admin_email: [email protected]
    keycloak_admin_password: password123

frecklecute

frecklecute --community --target [email protected] keycloak-standalone \
    --hostname auth.example.com \
    --admin-email [email protected]
    --keycloak-admin-password ::ask::  # this makes freckles prompt for the password