VPS infra for tile hosting and elevation API

[eddy-geek]

2 topics but basically mostly caddy and go-pmtiles at first:

• HTTP2- compatible storage for PMTiles hosting is more expensive than a good old VPS, that will scale less but keep costs limited. So the plan is to have the pmtile file(s) on the machines (~10 GB of slopes ~10 GB for slopes, but also in the future contour line if #3 doesn't pan out, and DEM Terraingrgb eg for Shading) and serve them:

  • both directly though Caddy
  • and in X/Y/Z with go-pmtiles API server (possibly required for #2)

• DEM & APIs. Several uses-cases here:

  • 8 to enable custom uses (terrainrgb z15?),

  • 7 - optional - exposing ORS API requires a dedicated API server (using the above is preferred as it puts less load on the server?)

[eddy-geek]

Resources

Caddy on docker

(comparisons with Traefik/nginx/... tends to be infavour of Caddy for certif handling)

• How to Deploy a Caddy Web Server With Docker - includes custom Caddyfile & Dockerfile
• Deploying Web Applications Quicker and Easier with Caddy 2 | Docker - as above + compose
• File sharing over https with Caddy and Podman // blog.yarwood.me.uk - includes systemd setup
• (A more complex high-availability "mesh" setup on docker Swarm- Why I migrated from Traefik to Caddy)

Docker compose on VPS

• Docker for multiple React Apps on a single VPS - reddit
• Docker Compose - Hosting some web services on a VPS - thbz.fr

With Github actions:

• CI/CD for VPS with GitHub Actions

With Podman :

• Podman Compose or Docker Compose? | Redhat suggests Docker compose v2 can work with podman v4.1
• Using Compose Files with Podman - Oracle - beginner install guide & tour into podman + docker compose

Actual setup

I chose podman + docker compose

# first part from the oracle tuto
sudo dnf install container-tools  # get podman v4.2.0 (not 4.3) and podman-docker
sudo curl -SL https://github.com/docker/compose/releases/download/v2.16.0/docker-compose-linux-$(uname -i) -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
sudo systemctl enable --now podman.socket
sudo systemctl status podman.socket

Before the more advanced examples, a simple file_server using external files should look like this for Caddyfile and docker-compose.yml

file_server /data/*

services:
    caddy:
        image: caddy:2
        container_name: caddy
        restart: unless-stopped
        ports:
            - 80:80
            - 443:443
        volumes:
            - ./Caddyfile:/etc/caddy/Caddyfile
            - srv:/srv
         user: "1000"

volumes:
    srv:

networks:
    default:
        name: caddy-net

With these 2 files in the current directory, run

sudo /usr/local/bin/docker-compose up -d -u $UID

It failed fro me despite additional user trick to allow read to Caddyfile as per podman#8057 / How to set user and group in Docker Compose - g-dem's blog)

So I went back to the no-docker solution

sudo dnf copr enable @caddy/caddy
sudo dnf install caddy
sudo mkdir -p /etc/caddy ; sudo cp Caddyfile /etc/caddy/
sudo systemctl enable caddy
sudo systemctl start caddy

but then I hit caddy#4058 about configuring certificates and got stuck.

[eddy-geek]

echo 'caddy ALL=(ALL) NOPASSWD:ALL' | sudo tee /etc/sudoers.d/92-caddy