sipo/Teren-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ad0f7a7a01
Teren-app/QUICK_START_VPN.md
Simon Pocrnjič df6c3133ec docker setup
2026-01-14 17:33:31 +01:00

3.1 KiB
Raw Blame History

Quick Start: VPN-Only Access Setup

⚠️ IMPORTANT: This application is configured for VPN-ONLY access. It will NOT be publicly accessible.

Quick Setup Steps

1. Install Docker (on VPS)

curl -fsSL https://get.docker.com | sh
sudo usermod -aG docker $USER

2. Clone & Configure

git clone YOUR_GITEA_REPO/Teren-app.git
cd Teren-app
cp docker-compose.yaml.example docker-compose.yaml
cp .env.production.example .env

3. Edit Configuration

vim .env

Required changes:

  • WG_SERVERURL = Your VPS public IP (e.g., 123.45.67.89)
  • WG_UI_PASSWORD = Strong password for WireGuard dashboard
  • DB_DATABASE, DB_USERNAME, DB_PASSWORD = Database credentials
  • PGADMIN_EMAIL, PGADMIN_PASSWORD = pgAdmin credentials

4. Start WireGuard First

# Enable kernel module
sudo modprobe wireguard

# Start WireGuard
docker compose up -d wireguard

# Wait 10 seconds
sleep 10

# Check status
docker compose logs wireguard

5. Setup VPN Client (on your laptop/desktop)

Access WireGuard Dashboard: http://YOUR_VPS_IP:51821

  1. Login with password from step 3
  2. Click "New Client"
  3. Name it (e.g., "MyLaptop")
  4. Download config or scan QR code

Install WireGuard Client:

Import config and CONNECT

6. Verify VPN Works

# From your local machine (while connected to VPN)
ping 10.13.13.1

Should get responses

7. Secure WireGuard Dashboard

Edit docker-compose.yaml:

# Find wireguard service, change:
ports:
  - "51821:51821/tcp"
# To:
ports:
  - "10.13.13.1:51821:51821/tcp"

docker compose down
docker compose up -d wireguard

8. Start All Services

# Make sure you're connected to VPN!
docker compose up -d

9. Initialize Application

# Generate app key
docker compose exec app php artisan key:generate

# Run migrations
docker compose exec app php artisan migrate --force

# Cache config
docker compose exec app php artisan config:cache

10. Access Your Services

While connected to VPN:

Service URL
Laravel App http://10.13.13.1
Portainer http://10.13.13.1:9000
pgAdmin http://10.13.13.1:5050
WireGuard UI http://10.13.13.1:51821

Firewall Configuration

sudo ufw allow 22/tcp       # SSH
sudo ufw allow 51820/udp    # WireGuard VPN
sudo ufw enable

That's it!

Adding More VPN Clients

  1. Connect to VPN
  2. Open: http://10.13.13.1:51821
  3. Click "New Client"
  4. Download config
  5. Import on new device

Troubleshooting

Can't connect to VPN:

docker compose logs wireguard
sudo ufw status

Can't access app after VPN connection:

ping 10.13.13.1
docker compose ps
docker compose logs nginx

Check which ports are exposed:

docker compose ps
sudo netstat -tulpn | grep 10.13.13.1

Full Documentation

See DEPLOYMENT_GUIDE.md for complete setup instructions, SSL configuration, automated deployments, and troubleshooting.