Skip to content

Deploy your first app

In order to deploy an app you need two things:

  1. a server (e.g. Hetzner VPS), with
  2. SSH access
  3. a public IP address
  4. a DNS provider (e.g. Gandi)

Create your server

Co-op Cloud has itself near zero system requirements. You only need to worry about the system resource usage of your apps and the overhead of running containers with the docker runtime (often negligible. If you want to know more, see this FAQ entry). We will deploy a new Nextcloud instance in this guide, so you will only need 1GB of RAM according to their documentation. You may also be interested in this FAQ entry if you are curious about security in the context of containers.

Wire up your DNS

Typically, you'll need two A records, one to point to the VPS itself and another to support sub-domains for the apps. You can then support an app hosted on your root domain (e.g. example.com) and other apps on sub-domains (e.g. foo.example.com, bar.example.com). Your entries in your DNS provider setup might look like the following.

@  1800 IN A 116.203.211.204
*. 1800 IN A 116.203.211.204

Where 116.203.211.204 can be replaced with the IP address of your server.

Install server prerequisites

You'll want to install Docker on your server. This can be done by following the install documentation.

Bootstrap abra

Once your DNS and docker daemon are up, you can install abra locally on your developer machine and hook it up to your server.

Firstly, install abra locally.

curl https://install.abra.autonomic.zone | bash

The source for this script is here.

You may need to add the ~/.local/bin/ directory with your $PATH in order to run the executable.

export PATH=$PATH:$HOME/.local/bin
abra -h # check it works

Now you can connect abra with your new server.

abra server add example.com

Where example.com is replaced with your server DNS name.

About SSH

abra uses Docker's built-in SSH support to make a secure connection to a remote Docker daemon, to deploy and manage apps from your local development machine.

If you need to specify a non-standard port, and/or different username, for SSH,
add them as extra arguments:

```bash
abra server add example.com username 2222
```

Once you've added the sever, you can initialise the new single-host swarm on your server.

abra server init example.com

You will now have a new ~/.abra/ folder on your local file system which stores all the configuration of your Co-op Cloud instance. You can easily share this as a git repository with others.

Deploy Traefik

In order to have your Co-op cloud installation automagically provision SSL certificates, we will first install Traefik. This tool is the main entrypoint for all web requests (e.g. like NGINX) and supports automatic SSL certificate configuration and other quality-of-life features which make deploying libre apps more enjoyable.

abra app new traefik

You will want to take a look at your generated configuration and tweak the LETS_ENCRYPT_EMAIL value:

abra app config traefik

Every app you deploy will have one of these .env files, which contains variables which will be injected into app configurations when deployed. Variables starting with # are optional, others are required.

abra app deploy traefik

Deploy Nextcloud

And now we can deploy apps.

Let's create a new Nextcloud app.

abra app new nextcloud

And we need to generate secrets for the app: database connection password, root password and admin password.

abra app secret generate --all nextcloud

Warning

Take care, these secrets are only shown once on the terminal so make sure to take note of them! abra makes use of the Docker secrets mechanism to ship these secrets securely to the server and store them as encrypted data.

Then we can deploy the Nextcloud.

abra app deploy nextcloud

We can watch to see that things come up correctly.

abra app ps nextcloud    # status check
abra app logs nextcloud  # logs watch

Note

Since Nextcloud takes some time to come up live, you can run the ps command under watch like so.

watch abra app ps nextcloud

And you can wait until you see that all containers have the "Running" state.

Your traefik instance will detect that a new app is coming up and generate SSL certificates for it.