An optimized, production-ready orchestrator to transform a fresh Ubuntu 24.04 VM (specifically for Oracle Cloud Infrastructure) into a powerful self-hosted hub for automation, web development, and secure storage.
- Overview of Services
- Prerequisites & OCI Provisioning
- OCI Network Configuration (Firewall)
- Cloning the Repository
- Installation & Setup
- Usage Guide
- Day 2 Operations (Updates & Backups)
- Troubleshooting & Debugging
This setup deploys a curated stack of powerful open-source tools:
- n8n: A fair-code workflow automation tool with over 400+ integrations. It allows you to build complex logic without writing code.
- Activepieces: A modern, no-code automation alternative focused on ease of use and business workflows.
- Huginn: A system for building agents that perform automated tasks for you online. They can read the web, watch for events, and take actions.
- Adminer: A lightweight, single-file database management tool for PostgreSQL and MariaDB.
- PHP 8.3 Webserver: A performance-tuned environment for hosting your own websites or custom scripts.
- SFTP Storage: Secure file access and management via a dedicated container.
This repository is optimized for Oracle Cloud Infrastructure (OCI) but works on any VPS running Ubuntu 24.04.
- Operating System:
Ubuntu 24.04orUbuntu 24.04 Minimal. - Shape:
- Always Free Compatible:
VM.Standard.A1.Flex(ARM-based Ampere) with at least 6GB RAM (recommended). - Minimum: Any shape with at least 1GB RAM. (The script automatically configures 4GB Swap if RAM is below 2GB).
- Always Free Compatible:
- Networking: Assign a Public IPv4 Address.
Before starting, point your domain to your server's IP address:
- A Record: Point your domain (e.g.,
example.com) to the server IP. - CNAME Record: Point
*to your domain (e.g.,*.example.com) to support subdomains liken8n.example.com.
OCI instances are protected by a Virtual Cloud Network (VCN) firewall. You must add Ingress Rules in the OCI Console (Networking > VCNs > Your VCN > Security Lists) to allow traffic:
| Stateless | Source | IP Protocol | Source Port Range | Destination Port Range | Description |
|---|---|---|---|---|---|
| No | 0.0.0.0/0 | TCP | All | 80, 443 | HTTP/HTTPS (Web Access) |
| No | 0.0.0.0/0 | TCP | All | 22 | SSH (Remote Access) |
| No | 0.0.0.0/0 | TCP | All | 2222 | SFTP (File Transfers) |
| No | 0.0.0.0/0 | TCP | All | 5678, 8081, 3000, 8080 | Port Mode Only (Service access) |
Connect to your VM via SSH and choose one of the following methods to clone the setup:
git clone https://github.com/kogulan/server-setup.git deploy
cd deploygit clone git@github.com:kogulan/server-setup.git deploy
cd deployRequired if the repository is private or for automated scripts.
git clone https://<YOUR_TOKEN>@github.com/kogulan/server-setup.git deploy
cd deploygh repo clone kogulan/server-setup deploy
cd deploy
β οΈ Warning: This method makes it harder to use theupdate.shscript later as it lacks Git history.
wget https://github.com/kogulan/server-setup/archive/refs/heads/main.zip
unzip main.zip -d deploy
cd deploy/server-setup-mainOnce cloned, run the orchestrator script:
sudo chmod +x setup.sh
sudo ./setup.sh- Domain/IP: Enter your domain name (e.g.,
myserver.com). - Access Mode:
- Subdomains:
n8n.myserver.com,ap.myserver.com, etc. (Requires CNAME record). - Ports:
myserver.com:5678,myserver.com:8081, etc.
- Subdomains:
- SSL Choice:
- Let's Encrypt: Free, automatic HTTPS (Requires Port 80 open).
- Self-Signed: Encrypted but triggers browser warnings (Use for IP-based access).
- None: Plain HTTP (Insecure).
| Service | Subdomain Mode | Port Mode | Default Host (Internal) |
|---|---|---|---|
| Main Website | https://yourdomain.com |
https://yourdomain.com |
- |
| n8n | https://n8n.yourdomain.com |
https://yourdomain.com:5678 |
n8n |
| Activepieces | https://ap.yourdomain.com |
https://yourdomain.com:8081 |
activepieces |
| Huginn | https://huginn.yourdomain.com |
https://yourdomain.com:3000 |
huginn |
| Adminer | https://db.yourdomain.com |
https://yourdomain.com:8080 |
adminer |
Connect using FileZilla or WinSCP:
- Host: Your Domain or IP
- Port:
2222 - Users:
webuser: Manages files in/web_root(Your website).filesuser: General secure storage.
Login to Adminer using the credentials provided at the end of setup.
- To manage the Website DB: Use System
MySQL, Servermariadb-db. - To manage Automation DBs: Use System
PostgreSQL, Serverpostgres-db.
Run the update script to backup data, update the OS, and pull the latest Docker images:
cd /opt/deploy
sudo ./update.shBackups are scheduled every Sunday at 2 AM, but you can trigger one manually:
sudo /opt/deploy/scripts/backup.shFiles are stored in /opt/deploy/backups/.
If you forget your passwords, run:
sudo /opt/deploy/scripts/show_credentials.sh- Connection Lost (n8n): Often caused by incorrect
N8N_WEBHOOK_URLin Port Mode. Check/opt/deploy/automation/.env. - SSL Failure: Ensure Port 80 is open and DNS is fully propagated. Check logs:
cat /var/log/letsencrypt/letsencrypt.log. - Timeout/Refused: Check OCI Ingress Rules first, then check local firewall:
sudo ufw status.
If a service is down, use these commands to find the cause:
1. Check Container Logs:
sudo docker logs n8n
sudo docker logs mariadb-db2. Check Service Status:
sudo docker compose -f /opt/deploy/automation/docker-compose.yml ps3. Check Disk Space:
df -h4. Monitor System Resources:
htop # (Install with sudo apt install htop)5. Check for Port Conflicts:
sudo lsof -i :80This setup implements basic hardening, including restricted directory permissions (700) and security headers. However, always ensure your VM is updated and avoid exposing database ports directly to the internet in OCI.
Created with β€οΈ for the OCI Community.