<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Self-Hosted Services on DevOps Engineer &amp; CloudAdmin</title><link>https://ru-admin.github.io/posts/self-hosted/</link><description>Recent content in Self-Hosted Services on DevOps Engineer &amp; CloudAdmin</description><generator>Hugo -- gohugo.io</generator><language>en-US</language><atom:link href="https://ru-admin.github.io/posts/self-hosted/index.xml" rel="self" type="application/rss+xml"/><item><title>Internet Radio on AzuraCast</title><link>https://ru-admin.github.io/posts/self-hosted/azuracast/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://ru-admin.github.io/posts/self-hosted/azuracast/</guid><description>&lt;h2 id="recovery-and-deployment-of-internet-radio-from-scratch"&gt;Recovery and deployment of internet radio from scratch&lt;/h2&gt;
&lt;hr&gt;
&lt;h4 id="client"&gt;Client&lt;/h4&gt;
&lt;p&gt;Community of independent artists with a mobile application and an audience of several dozen daily listeners&lt;/p&gt;
&lt;hr&gt;
&lt;h4 id="challenge"&gt;Challenge&lt;/h4&gt;
&lt;p&gt;After losing a rented VPS (along with the active configuration, website, and broadcast history), it was necessary to completely restore broadcasting for two internet radio stations. The only input data was a set of mp3 files. The task required deploying a new server, setting up an automated broadcasting platform, recreating a landing page with an embedded player, and ensuring stable 24/7 operation.&lt;/p&gt;</description></item><item><title>Self-Hosted Cloud Storage with Nextcloud</title><link>https://ru-admin.github.io/posts/self-hosted/nextcloud/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://ru-admin.github.io/posts/self-hosted/nextcloud/</guid><description>&lt;h2 id="self-hosted-corporate-cloud"&gt;Self-Hosted Corporate Cloud&lt;/h2&gt;
&lt;hr&gt;
&lt;h4 id="client"&gt;Client&lt;/h4&gt;
&lt;p&gt;Mid-sized business with strict data privacy and data residency requirements&lt;/p&gt;
&lt;hr&gt;
&lt;h4 id="challenge"&gt;Challenge&lt;/h4&gt;
&lt;p&gt;The company relied on third-party cloud services to store and share work files, creating data leakage risks and dependency on external providers. They needed a self-hosted solution with in-browser document editing, deleted file recovery, revision history, and additional collaboration tools — calendar, notes, and email — all under their own control.&lt;/p&gt;
&lt;hr&gt;
&lt;h4 id="solution"&gt;Solution&lt;/h4&gt;
&lt;h6 id="1-nextcloud-aio-deployment"&gt;1. Nextcloud AIO Deployment&lt;/h6&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;Nextcloud All-in-One&lt;/strong&gt; — official Docker image with the full stack out of the box&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;PostgreSQL&lt;/strong&gt; for application data storage&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Redis&lt;/strong&gt; for caching and background job queues&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Nginx&lt;/strong&gt; as a reverse proxy with automatic SSL/TLS&lt;/li&gt;
&lt;/ul&gt;
&lt;h6 id="2-in-browser-document-editing"&gt;2. In-Browser Document Editing&lt;/h6&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;Nextcloud Office&lt;/strong&gt; (Collabora Online) — built-in office suite&lt;/li&gt;
&lt;li&gt;Support for .docx, .xlsx, .pptx and ODF formats&lt;/li&gt;
&lt;li&gt;Real-time collaborative editing&lt;/li&gt;
&lt;li&gt;No local software installation required&lt;/li&gt;
&lt;/ul&gt;
&lt;h6 id="3-file-management"&gt;3. File Management&lt;/h6&gt;
&lt;ul&gt;
&lt;li&gt;Deleted files trash bin with configurable retention period&lt;/li&gt;
&lt;li&gt;File version history — roll back to any previous revision&lt;/li&gt;
&lt;li&gt;Granular access control: folders, share links, passwords&lt;/li&gt;
&lt;li&gt;Mobile and desktop sync clients&lt;/li&gt;
&lt;/ul&gt;
&lt;h6 id="4-collaboration-tools"&gt;4. Collaboration Tools&lt;/h6&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;Calendar&lt;/strong&gt; (CalDAV) — team scheduling and events&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Notes&lt;/strong&gt; — personal and team notes with Markdown support&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Mail&lt;/strong&gt; — built-in web client for corporate email (IMAP/SMTP)&lt;/li&gt;
&lt;/ul&gt;
&lt;h6 id="5-backup"&gt;5. Backup&lt;/h6&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;Borg Backup&lt;/strong&gt; — incremental backup built into Nextcloud AIO&lt;/li&gt;
&lt;li&gt;Data deduplication and compression&lt;/li&gt;
&lt;li&gt;Scheduled automatic runs&lt;/li&gt;
&lt;li&gt;Remote storage for backups (S3-compatible / SFTP)&lt;/li&gt;
&lt;/ul&gt;
&lt;hr&gt;
&lt;h4 id="technologies"&gt;Technologies&lt;/h4&gt;
&lt;div class="row"&gt;
&lt;div class="col-4 col-lg-2 pt-2" style="text-align: center;"&gt;&lt;img src="https://ru-admin.github.io/icons/nextcloud.svg" alt="Nextcloud"&gt;&lt;div&gt;Nextcloud&lt;/div&gt;&lt;/div&gt;
&lt;div class="col-4 col-lg-2 pt-2" style="text-align: center;"&gt;&lt;img src="https://ru-admin.github.io/icons/docker-original.svg" alt="Docker"&gt;&lt;div&gt;Docker&lt;/div&gt;&lt;/div&gt;
&lt;div class="col-4 col-lg-2 pt-2" style="text-align: center;"&gt;&lt;img src="https://ru-admin.github.io/icons/postgresql.svg" alt="PostgreSQL"&gt;&lt;div&gt;PostgreSQL&lt;/div&gt;&lt;/div&gt;
&lt;div class="col-4 col-lg-2 pt-2" style="text-align: center;"&gt;&lt;img src="https://ru-admin.github.io/icons/nginx.svg" alt="Nginx"&gt;&lt;div&gt;Nginx&lt;/div&gt;&lt;/div&gt;
&lt;div class="col-4 col-lg-2 pt-2" style="text-align: center;"&gt;&lt;img src="https://ru-admin.github.io/icons/linux-original.svg" alt="Linux"&gt;&lt;div&gt;Linux&lt;/div&gt;&lt;/div&gt;
&lt;/div&gt;
&lt;hr&gt;
&lt;h4 id="results"&gt;Results&lt;/h4&gt;
&lt;p&gt;✅ &lt;strong&gt;Data ownership:&lt;/strong&gt; files stay on company servers, no third-party providers&lt;br&gt;
✅ &lt;strong&gt;In-browser editing:&lt;/strong&gt; office documents open and edit directly in the browser&lt;br&gt;
✅ &lt;strong&gt;Safety net:&lt;/strong&gt; version history and trash bin protect against accidental data loss&lt;br&gt;
✅ &lt;strong&gt;Unified platform:&lt;/strong&gt; single solution for files, calendar, notes, and email&lt;br&gt;
✅ &lt;strong&gt;Automated backups:&lt;/strong&gt; incremental backup via Borg Backup on a set schedule&lt;/p&gt;</description></item><item><title>Self-Hosted Corporate Messenger (Matrix)</title><link>https://ru-admin.github.io/posts/self-hosted/matrix-messenger/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://ru-admin.github.io/posts/self-hosted/matrix-messenger/</guid><description>&lt;h2 id="self-hosted-secure-messenger-for-enterprise-communications"&gt;Self-Hosted Secure Messenger for Enterprise Communications&lt;/h2&gt;
&lt;hr&gt;
&lt;h4 id="client"&gt;Client&lt;/h4&gt;
&lt;p&gt;Mid-size business with strict data privacy and security requirements&lt;/p&gt;
&lt;hr&gt;
&lt;h4 id="challenge"&gt;Challenge&lt;/h4&gt;
&lt;p&gt;The company required full control over its internal communications — no third-party servers, no data leakage risks. The solution had to support end-to-end encryption, voice and video calls, file sharing, and seamless integration with existing corporate infrastructure, all manageable by an internal team.&lt;/p&gt;
&lt;hr&gt;
&lt;h4 id="solution"&gt;Solution&lt;/h4&gt;
&lt;h6 id="1-server-stack"&gt;1. Server Stack&lt;/h6&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;Matrix Synapse&lt;/strong&gt; as the core messaging server&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;PostgreSQL 16&lt;/strong&gt; for persistent data storage&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Caddy&lt;/strong&gt; as reverse proxy with automatic SSL/TLS&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Docker Compose&lt;/strong&gt; for service orchestration&lt;/li&gt;
&lt;/ul&gt;
&lt;h6 id="2-client-applications"&gt;2. Client Applications&lt;/h6&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;Element Web&lt;/strong&gt; for browser access&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Element Desktop&lt;/strong&gt; for Windows/macOS/Linux&lt;/li&gt;
&lt;li&gt;&lt;strong&gt;Element Mobile&lt;/strong&gt; for iOS/Android&lt;/li&gt;
&lt;li&gt;Consistent interface across all platforms&lt;/li&gt;
&lt;/ul&gt;
&lt;h6 id="3-voice--video-calls"&gt;3. Voice &amp;amp; Video Calls&lt;/h6&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;Coturn&lt;/strong&gt; (TURN/STUN server) for NAT traversal&lt;/li&gt;
&lt;li&gt;Group video call support&lt;/li&gt;
&lt;li&gt;UDP ports 49160–49200 for media traffic&lt;/li&gt;
&lt;li&gt;Automatic configuration via environment variables&lt;/li&gt;
&lt;/ul&gt;
&lt;h6 id="4-administration"&gt;4. Administration&lt;/h6&gt;
&lt;ul&gt;
&lt;li&gt;&lt;strong&gt;Synapse Admin&lt;/strong&gt; web UI for user and room management&lt;/li&gt;
&lt;li&gt;Usage statistics and monitoring&lt;/li&gt;
&lt;li&gt;Accessible on a dedicated port (8888)&lt;/li&gt;
&lt;/ul&gt;
&lt;h6 id="5-security"&gt;5. Security&lt;/h6&gt;
&lt;ul&gt;
&lt;li&gt;End-to-end encrypted messages&lt;/li&gt;
&lt;li&gt;Automatic SSL/TLS certificates via Caddy&lt;/li&gt;
&lt;li&gt;Public registration disabled&lt;/li&gt;
&lt;li&gt;Optional federation with other Matrix servers&lt;/li&gt;
&lt;li&gt;Healthchecks on all services&lt;/li&gt;
&lt;/ul&gt;
&lt;h6 id="6-automation"&gt;6. Automation&lt;/h6&gt;
&lt;ul&gt;
&lt;li&gt;Single Bash script for full stack initialization&lt;/li&gt;
&lt;li&gt;Automatic Synapse config generation&lt;/li&gt;
&lt;li&gt;Automated admin user creation via &lt;code&gt;expect&lt;/code&gt;&lt;/li&gt;
&lt;li&gt;Docker Compose with dependency ordering and healthchecks&lt;/li&gt;
&lt;/ul&gt;
&lt;hr&gt;
&lt;h4 id="technologies"&gt;Technologies&lt;/h4&gt;
&lt;div class="row"&gt;
&lt;div class="col-4 col-lg-2 pt-2" style="text-align: center;"&gt;&lt;img src="https://ru-admin.github.io/icons/docker-original.svg" alt="Docker"&gt;&lt;div&gt;Docker&lt;/div&gt;&lt;/div&gt;
&lt;div class="col-4 col-lg-2 pt-2" style="text-align: center;"&gt;&lt;img src="https://ru-admin.github.io/icons/postgresql.svg" alt="PostgreSQL"&gt;&lt;div&gt;PostgreSQL&lt;/div&gt;&lt;/div&gt;
&lt;div class="col-4 col-lg-2 pt-2" style="text-align: center;"&gt;&lt;img src="https://ru-admin.github.io/icons/caddy.svg" alt="Caddy"&gt;&lt;div&gt;Caddy&lt;/div&gt;&lt;/div&gt;
&lt;div class="col-4 col-lg-2 pt-2" style="text-align: center;"&gt;&lt;img src="https://ru-admin.github.io/icons/bash.svg" alt="Bash"&gt;&lt;div&gt;Bash&lt;/div&gt;&lt;/div&gt;
&lt;div class="col-4 col-lg-2 pt-2" style="text-align: center;"&gt;&lt;img src="https://ru-admin.github.io/icons/linux-original.svg" alt="Linux"&gt;&lt;div&gt;Linux&lt;/div&gt;&lt;/div&gt;
&lt;div class="col-4 col-lg-2 pt-2" style="text-align: center;"&gt;&lt;img src="https://ru-admin.github.io/icons/element.svg" alt="Element"&gt;&lt;div&gt;Element + Matrix + Synapse&lt;/div&gt;&lt;/div&gt;
&lt;/div&gt;
&lt;hr&gt;
&lt;h4 id="results"&gt;Results&lt;/h4&gt;
&lt;p&gt;✅ &lt;strong&gt;Data ownership:&lt;/strong&gt; full control over messages and user data — no third-party servers&lt;br&gt;
✅ &lt;strong&gt;Scale:&lt;/strong&gt; 100+ concurrent users&lt;br&gt;
✅ &lt;strong&gt;Features:&lt;/strong&gt; text, voice, video, file sharing up to 1.5 GB, E2E encryption&lt;br&gt;
✅ &lt;strong&gt;Speed:&lt;/strong&gt; full deployment in 5 minutes with a single script&lt;br&gt;
✅ &lt;strong&gt;Reliability:&lt;/strong&gt; automatic SSL certificates, healthchecks, auto-restart&lt;/p&gt;</description></item><item><title>Self-Hosted Project Management with Plane</title><link>https://ru-admin.github.io/posts/self-hosted/plane-so/</link><pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate><guid>https://ru-admin.github.io/posts/self-hosted/plane-so/</guid><description>&lt;h2 id="self-hosted-project-management-with-plane-so"&gt;Self-Hosted Project Management with Plane So&lt;/h2&gt;
&lt;hr&gt;
&lt;h4 id="client"&gt;Client&lt;/h4&gt;
&lt;p&gt;A company seeking its own project management tool hosted on their office infrastructure&lt;/p&gt;
&lt;hr&gt;
&lt;h4 id="challenge"&gt;Challenge&lt;/h4&gt;
&lt;p&gt;The client wanted an open-source alternative to Jira/Linear for project and task management, deployed on their own server within an existing Coolify environment. Requirements included: installing the latest version of Plane CE, ensuring proper operation behind Traefik reverse proxy, extracting the database as a separate Coolify service for convenient archiving, and setting up regular backups for all data.&lt;/p&gt;</description></item></channel></rss>