Looking At Coolify

While reading Robb Knight’s post about setting up GoToSocial in Coolify, I got curious as to what this Coolify project actually is. I’m a happy user of Dokku, but being one with magpie tendencies, plus always on the lookout for ways to make the little apps I make for myself easier to deploy, I thought I’d check it out.

So I spun up a Coolify instance on a new Hetzner server this morning and tried deploying a simple Go app, complete with automatic deployments when I push changes to a Forgejo repository. And yeah, I must say it works pretty well. I haven’t done anything super sophisticated, such as setting up a database or anything. But it’s almost as easy as deploying something with Dokku, and I’m please that I was able get it working with my Forgejo setup1.

Anyway, this post is just a few things I want to make a note about for next time I want to setup a Coolify instance. It’s far from a comprehensive set-up guide: there’s plenty of documentation on the project website. But here are a few things I’d like to remember.

Changing the Proxy to Caddy: Soon after setting up your Coolify instance, you probably want to change the proxy to Caddy, just so that you can easily get Lets Encrypt certificates. Do this before you setup a domain as you’ll need direct access to Coolify via the port.

Go to “Servers → localhost” and in the “Proxy” tab, stop the current proxy. You then have the option of changing it to Caddy.

Setting Up a Domain For Coolify Itself: Once you’ve change the proxy, you’d probably want to setup a domain so as to avoid accessing it via IP address and port number. You can do so by going to “Settings,” and within “Instance Settings” changing “Domain”.

If you prepend your domain with https, a certificate will be setup for you. I’m guessing it’s using Lets Encrypt for this, which is fine. I’d probably do likewise if I had to set it up manually.

Deploying From a Private Forgejo Repository: To deploy from a private Forgejo repository, follow the Gitea integration instructions on setting up a private key. This is basically creating a new key in “Keys And Tokens”, and adding it as a key in Forgejo.

The Add Key modal showing options to generate an RSA or elliptical curve key
The Add Key modal

As far as I’m aware, it’s not possible to change an application source from a public Git repo to a private one. I tried that and I got a few deploy errors, most likely because I didn’t set the key. I had to delete it and start from scratch.

Setting a Domain For a Project: Setting up a domain is pretty simple: just add a new A record pointing to the IP address of the service the application is running on. Much like the Coolify domain, prefacing your domain with https will provision a TLS certificate for you (docs):

The Domain settings for the deployable project resource
The Domain settings for the deployable project resource

Unlike Dokku, your app doesn’t need to support the PORT environment variable. You should be able to start listening on a port and simply setup a mapping in the project page. The default seems to be port 3000, just in case you’re not interested in changing it:

Automatic Deployments From Forgejo: Coolio looks to have some nice integrations with Github, but that doesn’t help me and my use of Forgejo. So the setup is a little more manual: adding some web-hook to automatically deploy when pushing commits to Forgejo. In Coolify, you’d want to use the Gittea web-hook:

The web-hook settings for the deployable project resource, with the Gittea web-hook highlight
The Gittea web-hook is the one to use

You’ll need to generate the web-hook secret yourself. Running head -c 64 /dev/urandom | base64 or similar should give you something somewhat secure.

Setting up the web-hook on Forgejo’s side was a little confusing. Clicking “Add Webhook” just brought up a list of integrations, which I’m guessing are geared towards particular form of web-hook payloads. You want to select the “Forgejo” one.

Project web-hooks in Forgejo, with the Gittea domain from Coolify set as the target URL, the secret set, and everything else left as the default
How the web-hook looks on Forgejo's side

Use the URL that Coolify is showing for the Gittea web-hook, leave the method as “POST” and set the secret you generated. The rest you can configure based on your preferences.

So that it. So far I’m liking it quite a bit, and I look forward to going a bit further than simple Go apps that serve a static message (some of the pre-canned applications look interesting). I’d like to try it for a bit longer before I consider it as a replacement for Dokku, but I suspect that may eventually happen.

A screenshot of a browser window with a plain text message saying: 'Hello World. This is deployed via Coolify via a private repo that is auto-deployed.'
Hello Coolify

  1. I say “it’s almost as easy” as Dokku, but one thing going for Coolify is that I don’t need to SSH into a Linux box to do things. When it comes to creating and operating these apps, doing it from a dashboard is a nicer experience. ↩︎

Now this is cool: Hetzner has opened up a region in Singapore. The tyranny of distance is starting to abate.

Screenshot of Hetzner server location, showing Singapore as an option.

Oof! Warm weather usually means flies, and there are a lot of them this morning. Been doing the Aussie salute during my entire walk.

I’m enjoying House of the Dragon, but many of the characters suffer from “vox epica” syndrome. They speak in monotone, with long pauses between sentences. Obviously to underscore the drama, but it takes me out a little. Regular people wouldn’t talk like this.

Heard the fans on my work M1 MacBook Pro for the first time. I guess constantly generating as many JWTs as you possibly can for a whole minute would do that. 😛

This week’s earworm: Electric Light Orchestra, especially Livin’ Thing. 🎵

Kind of ironic to think that you spend so much effort working on a blog, only to be spending most of that time in the CMS admin section, rather than the blog itself. Or at least that’s where I find myself most of the time.

Currently trying to do a web search to find where the logs are for a piece of software that predominantly deal with logs. You can imagine how fruitful the results have been so far. 😀

Heed the advice of Jim Nielsen and watch out for websites that ask you to enable notifications to “prove you’re not a bot.” It’s usually just an attempt to push spam. Had to walk through turning this off for someone when they started receiving ads via notifications from some crappy site.

🔗 Thought Detox

Someone on Micro.blog posted a link to this little web-app years ago, where you can write your thoughts and they float away into the ether, never to be seen again. I didn’t grab a link to it at the time, which I regretted. Well, I’m not making that mistake twice.

Via Anil Dash

🧑‍💻 New post on TIL Computer: Feedback Of Conditional Updates In PostgreSQL

A good indication of how busy the work week is is the number of biscuits packets I bring home with me, rather than eat at lunch time. We’re at two packets this week.

Two individually wrapped Arnott's biscuits packets are placed on a green and grey bench.

It’s come to the point where my inability to approach or talk to people might start affecting my career progression.

At the station. A Mernda train came and went. Next one rocked up a few minutes later, another Mernda. “Another Mernda?” Not unheard of to have two consecutive trains for the same line. But it’s also not unheard of for me to completely miss my train because I wasn’t paying attention. 😄

The house guests have returned. Rico is settling in quite well, considering it his first time here. 🦜

A cockatiel with a yellow face and grey body is perched on a cage, while another white cockatiel stands in the background.

One of those days where I doubt my ability to do this job. 😞

Thought we were done with the swoop-o-meter for the year, didn’t we. Well, I guess there’s a little more spring left to go. That’s 5 noisy miners now. 👷‍♂️

Smack bang in the middle of the automation smiling curve for my current task. 😩

A meme depicting a smiling curve graph illustrates the relationship between problem size and satisfaction. The left size says 'Job really small. I'll just do it manually.' The right size says 'Argh, too big. I better automate.' In the centre is an arrow pointing to the lowest point on the curve with the annotation 'Automate half the job, but then realise it's probably quicker to just finish it manually.'

I’ve been waiting 5 minutes for the work VPN to log me in, and I’m still waiting. I guess the VPN client slept in today.

Oh, it just timed out. Must’ve hit the snooze.

Spent the morning upgrading my self-hosted Forgejo instance to the latest version. I started 30 minutes before heading out the door to an event, which is “always” a great idea. 🤦‍♂️

After removing the repo managed version of Forgejo, which never worked for me, I was able to download and install the latest Debian package. I did have to uninstall the previous version first, which was a little terrifying. I did create a Hetzner snapshot before I started, just so that I can revert back to a working version should I screw everything up. Fortunately I didn’t need the snapshot, but I did need to move “app.ini” out as installing the package would’ve overwritten it and apt was refusing to proceed.

I eventually got the packaged installed and Forgejo running again. Fortunately everything was still there when I check the frontend. But when I tried doing a push, Git was throwing an error indicating that it couldn’t find the repository. I was unable clone any repos either, either using SSH keys or HTTPS.

I not entirely sure what was causing this issue. It may have been the move of “app.ini”. I did this as root, and maybe Forgejo, which runs in a jailed account, had an issue with reading or writing to that file. I changed the owner back to “forgejo” and also went through the the pre-update actions upgrade guide, and either one of those must’ve fixed something as Git started working again.

Anyway, I now have an updated version of Forgejo running. And despite the weird Git thing, it went relatively smoothly. But there are a few lessons here: always read the upgrade guide, and don’t do something like this minutes before you need to be somewhere else.