A repeatable, production-lean homelab stack deployed across two cloud VMs using Docker Compose and Caddy (reverse proxy + automatic HTTPS).
This repo is written as a copy/paste friendly tutorial:
- build cloud infra
- configure DNS + TLS
- bootstrap VMs
- deploy VM1 + VM2 stacks
- operate, upgrade, and back up the services
- Memos (notes / knowledge capture)
- Linkding (bookmark manager)
- Caddy reverse proxy (HTTPS + routing)
- Paperless-ngx (document management)
- Vaultwarden (Bitwarden-compatible password manager)
- Postgres (Paperless DB)
- Redis (Paperless broker/cache)
- Caddy reverse proxy (HTTPS + routing)
- Backups sidecar + Postgres pg_dump job
homelab-cloud-stack/ ├─ README.md ├─ .gitignore ├─ docs/ │ ├─ 00-overview.md │ ├─ 01-architecture.md │ ├─ 02-prereqs.md │ ├─ 03-dns-and-domains.md │ ├─ 04-bootstrap.md │ ├─ 05-vm1-stack.md │ ├─ 06-vm2-stack.md │ ├─ 07-operations.md │ ├─ 08-troubleshooting.md │ └─ 09-backups.md ├─ scripts/ ├─ vm1/ │ ├─ stack/ │ │ ├─ docker-compose.yml │ │ └─ .env.example │ └─ caddy/ │ └─ Caddyfile └─ vm2/ ├─ stack/ │ ├─ docker-compose.yml │ └─ .env.example └─ caddy/ └─ Caddyfile
Follow the docs in order:
docs/00-overview.mddocs/01-architecture.mddocs/02-prereqs.mddocs/03-dns-and-domains.mddocs/04-bootstrap.mddocs/05-vm1-stack.mddocs/06-vm2-stack.mddocs/07-operations.mddocs/09-backups.mddocs/08-troubleshooting.md
- Two Linux VMs (Ubuntu recommended)
- A DNS provider where you can manage A/AAAA records
- Public inbound ports open:
80/tcpand443/tcpto each VM serving HTTPS
- Docker + Docker Compose plugin installed on both VMs
Full prereqs are in docs/02-prereqs.md.
- This repo intentionally does not include secrets.
- Copy
.env.example→.envon each VM and fill your values. - Keep signups closed and use invite flow for Vaultwarden unless you explicitly want open registration.
- Treat backups as a first-class requirement (the docs include a backup + restore flow).