Skip to content

Instantly share code, notes, and snippets.

@optimistic5

optimistic5/FireflyIII-in-10-min.md

Last active April 21, 2024 19:58
Show Gist options
  • Save optimistic5/ca5a4a8593dcdb7360f712d37a0cc657 to your computer and use it in GitHub Desktop.
Save optimistic5/ca5a4a8593dcdb7360f712d37a0cc657 to your computer and use it in GitHub Desktop.
Download ZIP
[DEPRECATED] How to setup Firefly III in 10 min with NGINX and auto-renewal SSL
Raw
FireflyIII-in-10-min.md

I would like to tell how to setup Firefly III with auto-renewal SSL in docker-compose.

We will use jwilder.

This is NGINX which will be follow all containers and issue Let's encrypt certificates for them.

  1. Prepare server or rent VPS. I use hostens VPS, you can use my referral link, plus google some promotional code and it will be very cheap and good VPS.

I use Ubuntu 18.04.

You also need the domain name with А DNS record pointed to your server.

  1. Install docker and docker-compose

  2. Create folder nginx-proxy and docker-compose.yml inside this folder

mkdir nginx-proxy
cd nginx-proxy
vim docker-compose.yml
docker-compose.yml 
version: '3'
services:
  nginx-proxy:
    image: jwilder/nginx-proxy:alpine
    restart: always
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./current/public:/usr/share/nginx/html
      - ./certs:/etc/nginx/certs:ro
      - ./vhost:/etc/nginx/vhost.d
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - ./pass:/etc/nginx/htpasswd:ro
    labels:
      - "com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy=true"
  letsencrypt:
    image: jrcs/letsencrypt-nginx-proxy-companion
    restart: always
    environment:
      NGINX_PROXY_CONTAINER: nginx-proxy
      NGINX_DOCKER_GEN_CONTAINER: nginx-proxy
    volumes:
      - ./certs:/etc/nginx/certs:rw
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./vhost:/etc/nginx/vhost.d
      - ./current/public:/usr/share/nginx/html
networks:
  default:
    external:
      name: nginx-proxy
  1. Create external network first and than you can start this docker-compose
docker network create nginx-proxy
docker-compose up -d
  1. Return to your home folder and create firefly-iii folder. And docker-compose.yml in it. Copy content of official docker-compose.yml file and paste it.
cd
mkdir firefly-iii
cd firefly-iii
vim docker-compose.yml

change this block:

ports:
      - 80:8080

to this:

expose:
      - 8080

Also add this block in the end of file:

networks:
  default:
    external:
      name: nginx-proxy

It means that firefly instance will be running in one network with nginx-proxy.

Reference: official documentation about Firefly III in docker and cron.

  1. Create .env file near your docker-compose.yml file. Copy content of .env file from official link and paste it.
vim .env

Add this block to the .env file:

VIRTUAL_HOST=your_domain
VIRTUAL_PORT=8080
LETSENCRYPT_HOST=your_domain
LETSENCRYPT_EMAIL=info@your_domain

Replace your_domain with domain pointed to this server.

Please note, that these environment variables required for nginx-proxy jwilder.

firefly-iii and jwilder will work in the same network.

And in order to proxy firefly-iii jwilder need to see these envs.

Also edit TRUSTED_PROXIES variable to be TRUSTED_PROXIES=** Check other variables in file.

  1. You can now start your Firefly III instance
docker-compose up -d

Just after this command jwilder will proxy Firefly III instance with your domain and auto issue SSL for you. It also will check expiration date for SSL cert and auto-renew it when necessary.

BONUS

  1. Update to the latest version of Firefly III in one command!

This command will connect your VPS via SSH, update your Firefly III and delete unused docker images.

ssh YOU_SERVER_USER@YOUR_SERVER_IP "cd firefly-iii && docker-compose down && docker-compose pull && docker-compose up -d && docker system prune --all"

  1. Backup your DB every day.

8.1 In your docker-compose.yml change MYSQL_RANDOM_ROOT_PASSWORD=yes to MYSQL_ROOT_PASSWORD=SomeStrongPass.

Restart you docker-compose with docker-compose up -d --force-recreate

8.2 Create create_backup.sh file and chmod it with command chmod +x create_backup.sh. Create db-backup folder for backups.

8.3 Paste this to create_backup.sh file:

#!/bin/bash
ls -1 ~/firefly-iii/db-backup/backup_* | sort -r | tail -n +6 | xargs rm > /dev/null 2>&1
docker exec -it firefly-iii_fireflyiiidb_1 mysqldump -p'SomeStrongPass' firefly > ~/firefly-iii/db-backup/backup_$(date +"%m-%d-%y").sql

8.4 Setup cronjob.

crontab -e

Paste this: 0 0 * * * bash /home/vigrid/firefly-iii-v/create_backup.sh

add empty line in the end of file.

8.5 This will automaticaly creates backups every day and keeps last 6 backups.

@optimistic5
Copy link
Author

optimistic5 commented Mar 4, 2021
edited
Loading

Any suggestions for how to deal with this error?

I update my gist, please, check this chages

Both nginx and firefly wants to run on 80 port.
There are no need to expose port of firefly to your host, expose will be enough.

@nabeelmoeen
Copy link

hi, could you please also provide some direction on how to integrate FIDI into this setup, using the same docker setup; official site does have the documentation that I had working, but not sure how it should play out with the nginx-proxy addition into the mix, specially if I want to use the same domain name with a different port for FIDI.

thanks

@nabeelmoeen
Copy link

nabeelmoeen commented Sep 1, 2022
edited
Loading

i attemped to add the below to my .fidi.env
it get's the main FIDI page, but missing scripts so it doesn't render completely, and then gets stuck on https://domainname/token (bad gateway)

VIRTUAL_HOST=<same domain as FireflyIII>
VIRTUAL_PORT=8080
VIRTUAL_PATH=/fidi
VIRTUAL_DEST=/

@sTiKyt
Copy link

sTiKyt commented Oct 10, 2023

Great, by following those steps i broke my working instance...

@vpkopylov
Copy link

I created a fork of this gist. It uses the recent Firefly version and the structure is simplified. Also added some additional explanations and minor improvements.

@lucaslgr
Copy link

I want to run three application behind NGINX as a reverse proxy. Firefly III, PiHole and HomeAssistant. I've been trying it just with NGINX image and the other applications images, but I can't reach my goal.
Also, I want to run it just locally, in a local server, and I'll export the access to these applications through a VPN (Tailscale), so, I won't have a public domain, I just want to use virtual hosts that will work like domains for my local network and to the devices connected in my VPN.
Do you have some ideia whether is it possible using this approach with the nginx-proxy container?

Thanks in advance, great work!

@optimistic5
Copy link
Author

I marked this gist as deprecated due to the reason that currently mariadb is recommended DB.

@optimistic5
Copy link
Author

Do you have some ideia whether is it possible using this approach with the nginx-proxy container?

You can use official documentation for local setup. Add nginx-proxy (by the way image path now is nginxproxy/nginx-proxy and it should work.

@vpkopylov
Copy link

For backwards compatibility jjwilded/nginx-proxy now is an alias to nginxproxy/nginx-proxy, so there is no difference between them, but yes using nginxproxy/nginx-proxy is preferable, I updated my version of the gist, thanks @optimistic5

@lucaslgr
Copy link

thank you guys @optimistic5 @vpkopylov , I got it, I'm following the version forked by @vpkopylov

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment