Installation sources

  • regular debian9 repositories
  • docker-ce repository (deb [arch=amd64] stretch stable edge)
  • pip3 install docker-compose

General philosophy

  • every service is running in a separate docker container
  • we use docker-compose (/etc/compose/docker-compose.yml) to start all of those containers
    • /etc/systemd/system/docker-compose.service is what triggers starting of all containers during boot
  • even the nginx dispatcher (reverse proxy) is running inside a docker container, which gets ports 80 + 443 forwarded from the physical machine
  • all persistent data of a given container stored in /external/$container_name


  • certbot is another docker container that bind-mounts the "right" directories from the nginx dispatcher
    • cron-job in /etc/cron.d/letsencrypt executes this every 15 days


  • /etc/systemd/system/rs-backup-run.{timer,service} executed nightly
Add picture from clipboard (Maximum size: 48.8 MB)