2. Beginner Path

This is documentation for all non-pros that goes into greater detail and explains underlying concepts.

Installation

This chapter is about getting started, installing Infinity Tools and learning about subdomains.

Installation

1: Getting Started

Welcome! This guide is designed for people who have some IT interest but don't work professionally in IT. Whether you're exploring Infinity Tools for personal use or considering it for a small business, this guide will walk you through everything step-by-step in plain language.

What Do I Need to Use Infinity Tools?

To use Infinity Tools, you need a Linux server - that's a computer running Linux that's always connected to the internet. Most people don't have a server at home, so you'll rent one from a cloud provider (like renting a computer in the cloud).

You'll Need:

  1. A Linux Server - We'll help you get one from a cloud provider
  2. A Credit Card - To pay for the server (usually $5-10/month)
  3. Basic Computer Skills - If you can use email and browse the web, you're good!
  4. About 30 Minutes - To get everything set up

Don't worry if terms like "Linux" or "server" sound scary - we'll explain everything as we go!

What is a Linux Server?

Think of a server like a computer that runs 24/7 on the internet. Instead of having a screen and keyboard, you control it remotely using your regular computer. The server runs special software (Linux) that's designed to host websites and applications.

Why rent a server?

Choosing a Cloud Provider

Cloud providers are companies that rent out servers. We'll focus on two beginner-friendly options that are affordable and easy to use.

Option 1: Hetzner Cloud (Recommended)

Why Hetzner:

Perfect for: Beginners who want the best price-performance ratio

What you'll get:

Option 2: DigitalOcean

Why DigitalOcean:

Perfect for: Beginners who want lots of help and tutorials

What you'll get:

Other Options

You can also use:

Our recommendation: Start with Hetzner if you want the best price, or DigitalOcean if you want extra hand-holding.

Getting Your First Server

Step 1: Create an Account

  1. Visit Hetzner Cloud or DigitalOcean
  2. Click "Sign Up" or "Create Account"
  3. Enter your email and create a password
  4. Verify your email address
  5. Add a payment method (credit card)

Don't worry: You won't be charged until you create a server, and you can stop it anytime.

Step 2: Create Your Server

For Hetzner Cloud:

  1. Login to your Hetzner Cloud account
  2. Click "New Project" (if you don't have one)
    • Name it something like "My Infinity Tools"
  3. Click "Add Server"
  4. Choose Location:
    • Pick a location close to you (Germany, Finland, USA, etc.)
  5. Choose Image:
    • Select Ubuntu 22.04 or Ubuntu 24.04 (recommended)
    • Don't worry about other options - Ubuntu is perfect for beginners
  6. Choose Server Type:
    • Select CX11 (€4.51/month) - this is enough to start
    • This gives you: 1 CPU, 2GB RAM, 20GB storage
  7. Networking:
    • Leave default settings (IPv4 enabled)
  8. SSH Keys:
    • We'll skip this for now (covered in next article)
  9. Name Your Server:
    • Something like "infinity-tools-server"
  10. Click "Create & Buy Now"

After creation: You'll see your server's IP address (looks like: 123.45.67.89) - write this down!

For DigitalOcean:

  1. Login to your DigitalOcean account
  2. Click "Create" → "Droplets"
  3. Choose Image:
    • Select Ubuntu 22.04 LTS or Ubuntu 24.04 LTS
  4. Choose Plan:
    • Select BasicRegular$6/month (1GB RAM, 1 CPU)
    • Or $12/month (2GB RAM) for better performance
  5. Choose Datacenter Region:
    • Pick a location close to you
  6. Authentication:
    • Choose "Password" for now (we'll set up SSH keys later)
    • Create a strong password - save this password!
  7. Finalize:
    • Name your droplet (e.g., "infinity-tools")
    • Click "Create Droplet"

After creation: You'll see your server's IP address - write this down!

Step 3: Configure Your Server

Once your server is created, you need to do a few basic setup steps:

Enable Basic Firewall (Important!)

Your server needs basic protection. Here's how (we'll cover connecting to your server properly in the next article, but for now):

For Hetzner:

For DigitalOcean:

Why this matters: A firewall protects your server from unwanted access. We'll configure this properly later.

What You'll Need Next

Before you can install Infinity Tools, you'll need:

1. A Domain Name (Optional but Recommended)

What is a domain name? It's like an address for your website (e.g., mywebsite.com).

Why you need it: Infinity Tools can automatically set up secure connections (HTTPS) if you have a domain name. Without one, you can still use it, but browsers will show security warnings.

Where to get one:

What to do:

  1. Buy a domain name (e.g., myinfinitytools.com)
  2. Point it to your server's IP address (we'll show you how in the next article)

Don't have a domain? That's okay! You can always add one later or use your server's IP address directly.

2. Basic Information

Server IP Address: You got this when you created your server (looks like: 123.45.67.89)

Server Password (DigitalOcean): The password you created when setting up the droplet

Cloud Provider Account: Keep your login credentials handy

Understanding Server Costs

Monthly Costs:

What's Included:

Compared to SaaS:

Security Basics

Keep Your Server Safe:

  1. ✅ Always use strong passwords
  2. ✅ Keep your server updated
  3. ✅ Use a firewall (we'll set this up)
  4. ✅ Don't share your server passwords
  5. ✅ Enable automatic security updates

Infinity Tools will help with most of this automatically!

You're Ready!

You now have:

What's Next?

The next article will cover:

Don't worry if some of this feels new! We'll walk through everything step-by-step, and Infinity Tools will handle most of the technical stuff automatically.

Quick Tips

If you get stuck:

Safety first:

Remember:

Next: Connecting to Your Server and Installing Infinity Tools (Article 2)

Installation

2: Installing Infinity Tools

Welcome back! In Chapter 1, you set up your Linux server. Now we'll connect to it and install Infinity Tools. Don't worry - we'll walk through every step together!

What We'll Do in This Chapter

By the end of this chapter, you will:

Time needed: About 15-20 minutes

What is SSH? (Simple Explanation)

SSH stands for "Secure Shell" - but you don't need to remember that! Think of SSH as a secure tunnel that connects your computer to your server. It's like having a remote control for your server that you can use from your regular computer.

Why we need it: Since your server is "in the cloud" (not physically in front of you), we need a way to control it. SSH is that way - it's safe, secure, and the standard way to manage servers.

Don't worry! SSH might sound technical, but we'll show you exactly how to use it. It's actually quite simple once you see it in action!

Step 1: Connect to Your Server with SSH

The first thing we need to do is connect to your server. The steps are slightly different depending on whether you use Windows, Mac, or Linux. Choose your computer type below:

For Windows Users

Windows 10 and 11 have SSH built-in (it's a program called "SSH" that comes with Windows). Here's how to use it:

Option A: Using Windows Terminal or Command Prompt

  1. Open Command Prompt or PowerShell:
    • Press the Windows key
    • Type "cmd" or "PowerShell"
    • Click on "Command Prompt" or "Windows PowerShell"
  2. Connect to your server:
    • Type this command (replace YOUR_IP_ADDRESS with your actual server IP):
ssh root@YOUR_IP_ADDRESS

For Hetzner: root stays root (Hetzner uses root by default)
For DigitalOcean: root stays root (most DigitalOcean images use root)

Example: If your server IP is 123.45.67.89, you would type:

ssh root@123.45.67.89
  1. You'll see a security warning:
    • The first time you connect, Windows will ask "Are you sure you want to continue connecting?"
    • Type yes and press Enter
    • This is normal and safe - it's just Windows double-checking
  2. Enter your password:
    • For Hetzner: If you did not provide an SSH key (we did not cover that here), Hetzner sends you a one time password via email. You will have to change it immediately after your first log-in (Linux will force you to change it).
    • For DigitalOcean: Enter the password you created when setting up your droplet
    • Important: When you type the password, you won't see any characters appear (not even dots). This is normal for security! Just type and press Enter.
  3. You're connected!
    • If successful, you'll see something like: root@infinity-tools-server:~#
    • This means you're now controlling your server!

Option B: Using PuTTY (Alternative for Windows)

If you prefer a graphical interface, you can use PuTTY:

  1. Download PuTTY: Go to putty.org and download PuTTY
  2. Open PuTTY: Double-click the downloaded file
  3. Enter your server details:
    • Host Name: Your server IP address
    • Port: 22 (leave as default)
    • Connection Type: SSH
  4. Click "Open"
  5. Enter your username: root
  6. Enter your password when prompted
  7. You're connected!

More Resources for Windows:

For Mac Users

Mac has SSH built-in (it's in the Terminal app). Here's how to use it:

  1. Open Terminal:
    • Press Command + Space (Command is the ⌘ key)
    • Type "Terminal"
    • Press Enter
  2. Connect to your server:
    • Type this command (replace YOUR_IP_ADDRESS with your actual server IP):
ssh root@YOUR_IP_ADDRESS

Example: If your server IP is 123.45.67.89, you would type:

ssh root@123.45.67.89
  1. You'll see a security warning:
    • The first time you connect, Mac will ask "Are you sure you want to continue connecting?"
    • Type yes and press Enter
  2. Enter your password:
    • For Hetzner: If you did not provide an SSH key (we did not cover that here), Hetzner sends you a one time password via email. You will have to change it immediately after your first log-in (Linux will force you to change it).
    • For DigitalOcean: Enter the password you created when setting up your droplet
    • Important: When you type the password, you won't see any characters appear. This is normal! Just type and press Enter.
  3. You're connected!
    • If successful, you'll see something like: root@infinity-tools-server:~#
    • You're now controlling your server!

More Resources

For Linux Users

Linux has SSH built-in. If you use Linux, you probably already knew that. Here's how to use it:

  1. Open Terminal:
    • Press Ctrl + Alt + T (on most Linux systems)
    • Or search for "Terminal" in your applications menu
  2. Connect to your server:
    • Type this command (replace YOUR_IP_ADDRESS with your actual server IP):
ssh root@YOUR_IP_ADDRESS

Example: If your server IP is 123.45.67.89, you would type:

ssh root@123.45.67.89
  1. You'll see a security warning:
    • The first time you connect, it will ask "Are you sure you want to continue connecting?"
    • Type yes and press Enter
  2. Enter your password:
    • For Hetzner: If you did not provide an SSH key (we did not cover that here), Hetzner sends you a one time password via email. You will have to change it immediately after your first log-in (Linux will force you to change it).
    • Important: When you type the password, you won't see any characters appear. This is normal! Just type and press Enter.
  3. You're connected!
    • If successful, you'll see something like: root@infinity-tools-server:~#
    • You're now controlling your server!

Troubleshooting: Can't Connect?

Common issues and solutions:

Step 2: Get the Infinity Tools Installer

You'll receive the Infinity Tools installer as a file that you need to transfer to your server. This file is usually named something like infinity-tools-installer.run.

Where to Get the Installer

The installer file will be provided to you through:

Important: Make sure you have the installer file on your computer before proceeding!

Step 3: Transfer the Installer to Your Server

Now we need to get the installer file from your computer to your server. We'll use an FTP client - a program that helps you transfer files between computers.

What is an FTP Client?

An FTP client is a program that lets you upload files from your computer to your server. Think of it like copying a file from one folder to another, but over the internet.

Why we need it: Your server is in the cloud, so we need a way to send files to it. FTP clients make this easy and secure.

Here are some beginner-friendly FTP clients. Choose one that works with your computer:

For Windows Users

FileZilla (Recommended - Free)

How to get FileZilla:

  1. Go to filezilla-project.org
  2. Click "Download FileZilla Client"
  3. Download the Windows version
  4. Install it like any other program

WinSCP (Alternative - Free)

For Mac Users

Cyberduck (Recommended- Free)

FileZilla (Alternative - Free)

For Linux Users

FileZilla (Recommended - Free)

How to install FileZilla on Linux:

How to Use Cyberduck (Step-by-Step)

We'll use Cyberduck as an example, but other FTP clients work similarly:

  1. Open Cyberduck
  2. Connect to your server:
    • Click 

      image.png

       in the toolbar. This dialogue opens:

      image.png

    • Select "SFTP" in the dropdown menu on top
    • Server: enter your server's IP address here, something like 192.168.1.0
    • Port: this should be automatically set to 22 – that's just how it's supposed to be
    • Username: the username you have used for SSH, so root@IP_ADDRESS
    • Password: your SSH password
    • Connect
  3. After connection:
    • You should see something like this:

      image.png

  4. Navigate to the right folder:
    • On the right side (your server), double-click on / to go to the root folder
    • Then double-click on root to go to your home folder
  5. Upload the installer:
    • On the left side (your computer), find the installer file
    • Right-click on the installer file
    • Select "Upload" or drag it to the right side
    • Wait for the upload to complete

Verify the Upload

After uploading, let's make sure the file is on your server. Go back to your SSH connection and type:

ls -lh infinity-tools*.run

You should see the installer file listed. If you see it, you're ready to continue!

Troubleshooting File Transfer

Can't connect to server:

Upload fails:

File not found after upload:

Step 4: Install Infinity Tools

Now comes the exciting part - installing Infinity Tools! The installer will set everything up for you automatically.

Make the Installer Executable

First, we need to tell Linux that this file can be run (executed). Type this command:

chmod +x infinity-tools*.run

What this does: Makes the installer file executable (able to run)

Run the Installer

Now let's install Infinity Tools! Type this command:

sudo ./infinity-tools*.run

What's happening:

During installation, you'll see:

How long does it take? Usually 1-3 minutes, depending on your server's speed.

What Gets Installed

The installer automatically:

Success Message

When installation completes, you'll see a message like:

✅ INSTALLATION SUCCESSFUL!

📝 Quick Start:
   • Run: sudo infinity-tools
   • Or:  cd /opt/InfinityTools && sudo bash start-tools.sh

If you see this message, congratulations! Infinity Tools is now installed on your server!

Step 5: Verify Installation

Let's make sure everything installed correctly. Type this command:

which infinity-tools

You should see: /usr/local/bin/infinity-tools

This confirms the shortcut was created successfully!

Step 6: Run Infinity Tools for the First Time

Now for the moment you've been waiting for - let's start Infinity Tools!

Starting Infinity Tools

Type this command:

sudo infinity-tools

What happens:

What You'll See

When Infinity Tools starts, you'll see a beautiful menu with options like:

How to navigate: Use your arrow keys to move up and down, and press Enter to select an option.

First Steps in Infinity Tools

When you first start Infinity Tools, here's what to do:

  1. Check System Readiness:
    • Infinity Tools might automatically check if your system is ready
    • It will tell you if anything needs to be fixed
  2. Install Docker (if needed):
    • Docker is required for most applications
    • Go to "🏗️ INFRASTRUCTURE & CORE SYSTEMS" → "Install Docker"
    • Follow the prompts - Infinity Tools will handle everything!
  3. Explore the Menu:
    • Take some time to look around
    • Don't worry - you can't break anything by just browsing!
    • Each section has helpful descriptions

Congratulations! 🎉

You've successfully:

You're now ready to use Infinity Tools!

What's Next?

Now that Infinity Tools is installed and running, you can:

Quick Reference

Connecting to your server:

ssh root@YOUR_IP_ADDRESS

Starting Infinity Tools:

sudo infinity-tools

Where Infinity Tools is installed:

/opt/InfinityTools/

If you need to run it manually:

cd /opt/InfinityTools
sudo bash start-tools.sh

Tips for Success

Troubleshooting

I Can't Connect to My Server

The Installer Won't Run

Infinity Tools Won't Start

I Lost Connection During Installation

Security Note

Important: Your server is now accessible via SSH. To keep it secure:

Infinity Tools can help with security too - check out the Security & Networking section in the menu!

You did it! Infinity Tools is now installed and ready to use. In the next chapters, you'll learn how to install your first applications and configure everything you need.

Next: Setting up your Foundation

Installation

Excourse: Domains and Subdomains

Infinity Tools helps you self-host everything—including your future WordPress site. Before you install Traefik or any applications, take a moment to decide how your domain should point to your server. In this chapter you'll set up your main domain (even if WordPress isn't running yet) and map out the subdomains each Infinity Tools app will use.

Why this chapter now? Getting DNS ready right after installing Infinity Tools (Chapter 2) means Traefik can issue certificates instantly, your apps come online with friendly URLs, and you won't have to pause mid-install to fix domain problems.

Decide Where Your Main Domain Should Go

Your main domain (also called the apex domain or root domain) is what people type to reach your primary site—for example, myinfinitytools.com. Most beginners following this guide want the main domain to load a WordPress site that they will install with Infinity Tools in Chapter 11.

No WordPress Yet? That's OK.

Even though WordPress isn't installed yet, point your main domain to the server where Infinity Tools runs. Until WordPress is live you'll see Traefik's default page (or a simple placeholder), which is perfectly fine.

You'll create two records now:

Later, when you install WordPress with Traefik integration, Infinity Tools will automatically use these records to serve your new site over HTTPS.

What is a Subdomain?

A subdomain is like a separate address within your main website. Think of it as different rooms in the same house - each room has its own purpose, but they're all part of the same building.

Examples of subdomains:

Important Note:

From a security standpoint, it is considered poor practice to use obvious subdomain names (like “admin” or “files”) for sensitive services such as administration panels or data storage. Such names reveal potentially valuable targets to attackers during reconnaissance and were chosen here for illustration purposes.

Breaking Down a Subdomain

Let's look at vault.myinfinitytools.com:

Why Do We Need Subdomains?

Subdomains help organize your services and make them easier to access:

Without subdomains: You'd have to use ports like mydomain.com:8080 or mydomain.com:3000 - much harder to remember!

Plan Your Subdomains

Start a simple list of the services you plan to run with Infinity Tools. These examples match the chapters you'll follow later. You can always add more subdomains later.

Security Services

File and Storage Services

Web and Content Services

Monitoring and Analytics

How to Create Subdomains

The process varies by hosting provider, but the steps are always: point @ and www to your Infinity Tools server, then create matching records for every subdomain Traefik will serve.

Step 1: Get Your Server's IP Address

First, you need to know your server's IP address. You can find this in your server provider's dashboard or by running this command on your server:

curl ifconfig.me

This will show you your server's public IP address (something like 123.456.789.012).

Step 2: Access Your DNS Management

Log into your domain registrar or hosting provider and look for:

Provider-Specific Instructions

Below are examples from popular registrars and DNS hosts. Interfaces may change, but the record types stay the same. Each provider follows the same basic pattern:

Note: The example IP 203.0.113.42 is for illustration only — replace it with your actual server IP.

Hetzner Cloud

If you manage DNS in Hetzner:

  1. Log into the Hetzner Cloud Console.
  2. Go to DNS and select your domain.
  3. Click Add record → choose A → set Name to @ and Value to your server IP → Save.
  4. Add a CNAME record with Name www pointing to @.
  5. Repeat Add recordA for each service subdomain (e.g., vault, files) and set the same server IP.

Example: To prepare WordPress for the main domain and Vaultwarden on vault.myinfinitytools.com:

Cloudflare

If you proxy traffic through Cloudflare:

  1. Log into the Cloudflare Dashboard.
  2. Select your domain and open DNS → Records.
  3. Click Add record → choose A → set Name to @, IPv4 address to your server IP, TTL Auto, Proxy status Off (DNS only) while testing → Save.
  4. Add a CNAME record for www pointing to @.
  5. Add individual A records for each service subdomain (e.g., files, vault) pointing to the same IP. You can enable the orange-cloud proxy after confirming Traefik and certificates work.

Namecheap

If you registered your domain with Namecheap:

  1. Log into your Namecheap account.
  2. Open Domain List → click Manage next to your domain.
  3. Go to the Advanced DNS tab.
  4. Under Host Records, click Add New Record → choose A Record → set Host to @, Value to your server IP, TTL AutomaticSave.
  5. Add a CNAME Record with Host www and Value @.
  6. Add more A Records for each service subdomain (e.g., vault, files) pointing to the same IP.

GoDaddy

If you're using GoDaddy DNS:

  1. Log into your GoDaddy account.
  2. Open My Products → locate your domain → click DNS.
  3. Click Add in the Records section, choose A, set Name to @, Value to your server IP, TTL 1 HourSave.
  4. Add a CNAME record with Name www pointing to @.
  5. Add more A records for each service subdomain (Name = vault, files, etc.; Value = server IP).

Porkbun

If you manage DNS with Porkbun:

  1. Log into the Porkbun Domain Management panel.
  2. Click Details next to your domain.
  3. In Quick DNS Config, click Edit.
  4. Add an A record with Host @ and Answer = your server IP.
  5. Add a CNAME record with Host www and Answer @.
  6. Add more A records for each service subdomain (Host = vault, files, etc.; Answer = server IP).
  7. Click Save Changes.

Google Domains / Squarespace Domains

If your domain is managed in Google Domains (now Squarespace):

  1. Sign in at domains.google.
  2. Select your domain and open the DNS tab.
  3. Under Custom records, click + Add record.
  4. Choose A, set Name to @, Data to your server IP, TTL to the default → Save.
  5. Add a CNAME with Name www and Data @.
  6. Add more A records for each service subdomain (vault, files, etc.) pointing to the same IP.

OVHcloud

If you manage DNS at OVH:

  1. Log into the OVHcloud Manager.
  2. Go to Domains → select your domain → DNS zone.
  3. Click Add an entry → choose A → set Sub-domain to @ and Target to your server IP → confirm.
  4. Add another entry: Type CNAME, Sub-domain www, Target yourdomain.com. (OVH will append the dot automatically).
  5. Add additional A entries for each service subdomain (vault, files, etc.) pointing to the same IP.

Understanding DNS Propagation

After creating a subdomain, it takes time for the change to spread across the internet. This is called DNS propagation.

How Long Does It Take?

How to Check if It's Working

You can test if your subdomain is working by visiting it in your browser:

Testing with Command Line

You can also test from your server:

# Test if subdomain resolves
nslookup vault.yourdomain.com

# Test if it points to your server
dig vault.yourdomain.com

Create Your Domain Checklist

Before installing applications, map out every DNS record you want in place. This keeps your launch organized and helps you avoid downtime on your main site.

Essential Records

These are the records most beginners configure on day one:

Optional Subdomains

Add these after your core services are live:

Best Practices

Naming Conventions

Security Considerations

Troubleshooting

Subdomain Not Working

If your subdomain isn't working:

  1. Check the DNS record - Make sure it points to the right IP
  2. Wait for propagation - Give it 30 minutes to an hour
  3. Check for typos - Make sure the subdomain name is correct
  4. Test with different tools - Try nslookup or online DNS checkers

Common Mistakes

Quick Reference

Find your server IP:

curl ifconfig.me

Verify your main domain record:

nslookup yourdomain.com

Test subdomain resolution:

nslookup vault.yourdomain.com

Test from browser:

https://vault.yourdomain.com

Tip: Until WordPress or another app is installed you'll likely see Traefik's default page at your main domain. That's expected.

You're Ready!

Now you understand how to prepare both your main domain and subdomains! This knowledge will be essential as you install applications like Vaultwarden, Nextcloud, and connect your WordPress site.

What you learned:

Next step: Move on to Chapter 3 (Setting Up Your Foundation). Keep this checklist handy—each time you install an app, add or confirm the subdomain you planned.

What You Learned

You now have the foundation knowledge needed to set up professional-looking, organized services on your server!

Next: Chapter 3 - Setting Up Your Foundation.

Foundations

These apps are more or less essential. You need Traefik for many other apps to run properly; you should also seriously think about backup if you do anything mission critical with this server or store data on it.

Foundations

3: Setting Up Your Foundation

Before you can install your first application, we need to set up the basic infrastructure that Infinity Tools needs to work properly. Don't worry - Infinity Tools will handle most of this automatically!

This chapter also covers foundational apps that most Infinity Tools require—the most essential of them is Traefik, on which many other apps rely. You do not strictly need the back-tool Borgmatic, however, we highly recommend that you install it to automatically create backups of your data. And to use Borgmatic, you have to install Apprise, a notification system, which is why we also cover it in this chapter.

What We'll Set Up

In this chapter, we'll prepare:

Time needed: About 10-15 minutes

What is Docker? (Simple Explanation)

Docker is like a shipping container system for software. Just like how shipping containers make it easy to move goods around the world, Docker makes it easy to run applications on any computer.

Why we need it:

Think of it like this: Instead of installing WordPress directly on your server (which can be complicated), Docker runs WordPress in a container that has everything it needs already set up. If you install Portainer, you get a convenient web app to see what's going on with your Docker containers and administrate them.

Step 1: Run the Readiness Check

Infinity Tools has a built-in system that checks if everything is ready and installs what's missing. Let's run it!

Start Infinity Tools

First, make sure you're connected to your server via SSH, then start Infinity Tools:

sudo infinity-tools

What You'll See in the GUI

When you start Infinity Tools, you'll see a beautiful, modern interface with:

Don't worry if it looks complex! The GUI is designed to guide you through everything step by step.

What Happens Next

Infinity Tools will automatically run a "readiness check" that:

You'll see messages like:

♾️  INFINITY TOOLS READINESS CHECK

Ensuring all prerequisites are met...

This will check and install:
• Docker & Docker Compose
• Docker Network for services
• GUM for modern UI
• Dialog for compatibility
• System requirements

If Docker Needs to be Installed

If Docker isn't installed yet, you'll see a message asking if you want to install it:

🐳 DOCKER INSTALLATION REQUIRED

Infinity Tools requires Docker to run containerized services.

Docker will be installed and configured automatically.
This includes Docker Engine and Docker Compose.

⚠️  This requires internet connection and may take a few minutes.

Install Docker now?

Answer "Yes" to continue. The installation will take a few minutes.

Docker Network Setup

After Docker is installed, you'll be asked about setting up a network:

🌐 DOCKER NETWORK SETUP

Infinity Tools services need a Docker network to communicate.

This network allows containers to find each other by name
and enables features like Traefik reverse proxy.

Default network name: proxy

Press Enter to use the default network name "proxy" (recommended).

Step 2: Verify Everything is Working

After the readiness check completes, you should see:

✅ READINESS CHECK COMPLETE

All prerequisites are satisfied!
Infinity Tools is ready to use.

What Was Installed

If everything went well, you now have:

Step 3: Understanding What Happened

Docker Installation

Docker was installed and configured to:

Docker Network

The "proxy" network was created to:

Step 4: Optional - Basic Security Setup

Now that the basics are ready, you can optionally set up basic security. This is recommended but not required to get started.

What is a Firewall?

A firewall is like a security guard for your server. It controls which connections are allowed in and out.

Why it's important: Without a firewall, your server is like a house with all doors unlocked - anyone can try to access it.

Setting Up the Firewall

In the Infinity Tools menu, you'll see a "Security & Networking" section. You can set up the firewall later, but here's what it does:

For now: You can skip this and set it up later. Your server is reasonably safe as long as you keep your passwords strong.

Step 5: Understanding Your System

What's Running Now

Right now, your server has:

What's Next

You're now ready to install your first application! The most important one to install first is Traefik - it handles secure connections and routing for all your other applications.

Troubleshooting

Docker Installation Failed

If Docker installation fails:

Network Creation Failed

If the Docker network creation fails:

Can't Connect to Server

If you lose connection during setup:

Quick Reference

Check if Docker is running:

sudo systemctl status docker

Check Docker networks:

docker network ls

View Docker containers:

docker ps

Restart Docker if needed:

sudo systemctl restart docker

You're Ready!

Congratulations! You now have:

Next step: Install Traefik - the reverse proxy that will handle secure connections and routing for all your applications.

What You Learned

You're now ready to install your first application! In the next chapter, we'll install Traefik, which is essential for running other applications securely.

Next: Installing Traefik - Your Reverse Proxy (Chapter 4)

Foundations

4: Traefik - Reverse Proxy (essential)

Now that your infrastructure is ready, it's time to install Traefik - the most important service you'll set up. Traefik handles secure connections and routing for all your other applications.

What is Traefik? (Simple Explanation)

Traefik is like a smart traffic director for your server. Think of it as a receptionist at a large office building who:

Why Traefik is essential:

Why Install Traefik First?

Traefik should be installed before any other application because:

Without Traefik: You'd have to manually configure SSL certificates and routing for each application - a complex and time-consuming process.

What You'll Need

Before installing Traefik, make sure you have:

About Domain Names

What is a domain name? It's like your website's address (e.g., mywebsite.com).

Why you need one: Traefik uses your domain name to create SSL certificates and route traffic. Without one, you can still use Traefik, but you'll get security warnings in your browser.

Examples of domain names:

Don't have a domain? That's okay! You can still install Traefik and add a domain later, or use your server's IP address directly.

Step 1: Start Infinity Tools

Make sure you're connected to your server via SSH, then start Infinity Tools:

sudo infinity-tools

Step 2: Navigate to Traefik Installation

In the Infinity Tools menu, you'll see several sections. Look for:

Use your arrow keys to navigate to this section and press Enter.

Using the Infinity Tools GUI

The Infinity Tools interface makes everything easy to find and use:

Look for the turquoise cursor - it shows exactly what you're about to select!

Step 3: Install Traefik

In the Security & Networking menu, you'll see:

Select "Install Traefik" and press Enter.

What Happens During Installation

Traefik installation will:

This usually takes 1-2 minutes.

Step 4: Configure Traefik

During installation, you'll be asked a few questions:

Email Address for SSL Certificates

You'll see a prompt like:

Enter email address for SSL certificates:
[admin@example.com]

What to enter: Use a valid email address you check regularly. This is used for SSL certificate notifications and warnings.

Examples:

Domain Name (Optional)

If you have a domain name, you'll be asked:

Enter your domain name (or press Enter to skip):
[myinfinitytools.com]

If you have a domain: Enter it here (e.g., myinfinitytools.com)

If you don't have a domain: Press Enter to skip - you can add this later

IPv6 Configuration

You might be asked about IPv6 support:

Do you want to enable IPv6 support?
Y) Yes - Enable both IPv4 and IPv6
N) No - IPv4 only (recommended for beginners)

For beginners: Choose "N" (No) - IPv4 only is simpler and works fine for most use cases.

Step 5: Wait for Installation

After answering the questions, Traefik will install and start. You'll see messages like:

📦 Installing Traefik...
🔧 Creating configuration...
🌐 Starting Traefik container...
✅ Traefik installed successfully!

Step 6: Verify Traefik is Working

After installation completes, let's make sure Traefik is running properly.

Check Traefik Status

In the Infinity Tools menu, go to:

You should see Traefik listed as "RUNNING" or "ACTIVE".

Using the Status Dashboard

The Status & Health section gives you a complete overview of your system:

Look for the green checkmarks - they indicate everything is working properly!

Check Docker Containers

You can also check by going to:

Look for a container named "traefik" - it should be running.

Understanding the Docker Info Screen

The Docker Info section shows you:

Green status means everything is working! Red or yellow means there might be an issue.

Step 7: Understanding What Was Created

Traefik installation creates several important files and configurations:

Configuration Files

Traefik stores its configuration in:

SSL Certificates

SSL certificates are stored in:

Docker Container

Traefik runs as a Docker container that:

Step 8: Test Traefik (If You Have a Domain)

If you configured a domain name, you can test Traefik by visiting your domain in a web browser.

What You Should See

When you visit your domain, you should see:

If You Don't Have a Domain

You can still test Traefik by visiting your server's IP address:

What's Next?

Congratulations! You now have Traefik installed and running. This means:

Ready for Applications

Now you can install any of the applications in Infinity Tools:

When you install these applications, they'll automatically work with Traefik to provide secure, domain-based access.

Troubleshooting

Traefik Won't Start

If Traefik fails to start:

SSL Certificate Issues

If SSL certificates aren't working:

Can't Access Traefik

If you can't access Traefik:

Quick Reference

Check Traefik status:

docker ps | grep traefik

View Traefik logs:

docker logs traefik

Restart Traefik:

docker restart traefik

Check SSL certificates:

ls -la /opt/speedbits/traefik/letsencrypt/

You're Ready!

Traefik is now installed and running! This is the foundation that makes all your other applications work securely and efficiently.

What you accomplished:

Next step: You can now install any application from the Infinity Tools menu. Each application will automatically work with Traefik to provide secure, domain-based access.

What You Learned

You now have a solid foundation for running secure, professional applications on your server!

Next: Installing Your First Application (Coming Soon)

Foundations

5 Apprise - Notifications (optional, but essential for backups with Borgmatic)

Apprise sends notifications about your server and applications (e.g., backup success/failure). It supports email, Slack, Telegram, and 90+ providers. For detailed provider setup, see the official Apprise documentation.

Why Apprise?

Prerequisites

Step 1: Start Infinity Tools

sudo infinity-tools

Step 2: Install Apprise

  1. Go to 📱 APPLICATIONS
  2. Select Apprise
  3. Choose Install Apprise

Using the Infinity Tools GUI

Step 2.1: Choose SSL Mode

You’ll see three options. Here’s what each means and when to use it:

Simple rule of thumb: Use Traefik if you have a domain; use Standalone HTTPS for quick local use; avoid HTTP on the internet.

Step 2.2: If You Choose Traefik

  1. Enter your subdomain, e.g., notify.yourdomain.com
  2. Ensure the subdomain’s DNS A record points to your server (see Chapter 4.5)
  3. Infinity Tools will configure HTTPS automatically via Let’s Encrypt

After install: Your endpoint will be https://notify.yourdomain.com/notify

Step 2.3: If You Choose Standalone

  1. Pick a port (suggested defaults appear on screen)
    • HTTPS (self‑signed): e.g., 8099https://SERVER_IP:8099/notify
    • HTTP: e.g., 8098http://SERVER_IP:8098/notify
  2. Accept the browser warning if using self‑signed HTTPS

Where to Find the URL After Install

What Happens

Step 3: Configure a Notification

Set your first notification target (example: email). You can add more later.

Example: Email (SMTP)

Collect: SMTP host, username, password, from address.

Test a Notification

  1. Find your Apprise endpoint (e.g., http://apprise:8000/notify or your domain)
  2. Send a test: 
    curl -X POST "http://apprise:8000/notify" \
  -d "title=Test" \
  -d "body=Hello from Apprise" \
  -d "url=YOUR_PROVIDER_URL"
  3. Confirm you received the notification

Where It’s Used

Troubleshooting

You're Ready

Apprise is now running. Next, install Borgmatic (Chapter 6) so your backups can send notifications.

Foundations

6: Borgmatic - Backup System (optional, but you should have backup)

Borgmatic is an automated backup system that keeps your data safe by creating encrypted, compressed backups of all your applications and databases. It's like having a digital safety net that automatically saves copies of everything important. For comprehensive configuration options and advanced features, please refer to the official Borgmatic documentation.

What is Borgmatic? (Simple Explanation)

Borgmatic is like a smart, automated filing system that makes copies of all your important data. Think of it as having a personal assistant who:

Why Borgmatic is essential:

Think of it like this: If your server was a house, Borgmatic would be like having a professional photographer who takes a complete photo of every room every day, stores the photos safely, and can help you rebuild the house exactly as it was if something happens.

Interdependencies

Required: Borgmatic uses Apprise for notifications (success/failure/security alerts). Install Apprise first via 📱 APPLICATIONS → Apprise → Install.

Prerequisites

Before installing Borgmatic, make sure you have:

Why These Prerequisites Matter

Infinity Tools: Provides the management interface for Borgmatic

Docker: Runs Borgmatic in a secure container

Traefik: Provides secure access to backup management

Storage space: Backups need somewhere to be stored

Step 1: Start Infinity Tools

Make sure you're connected to your server via SSH, then start Infinity Tools:

sudo infinity-tools

Using the Infinity Tools GUI

When you start Infinity Tools, you'll see the main menu. Look for the 💾 BACKUP MANAGEMENT section - this is where Borgmatic is located.

Step 2: Navigate to Borgmatic

In the Infinity Tools menu:

  1. Use your arrow keys to navigate to 💾 BACKUP MANAGEMENT
  2. Press Enter to open the Backup Management menu
  3. Look for Borgmatic in the list
  4. Select it and press Enter

Understanding the Backup Management Section

The Backup Management section contains tools for protecting your data:

Look for the turquoise cursor - it shows what you're about to select!

Step 3: Install Borgmatic

When you select Borgmatic, you'll see installation options. Choose Install Borgmatic.

What Happens During Installation

Borgmatic installation will:

This usually takes 3-5 minutes.

Step 4: Configure Borgmatic

During installation, you'll be asked several questions:

Backup Schedule

You'll see a prompt like:

📅 Backup Schedule Configuration
=============================
How often should files be backed up?

1) Daily (default) - Once per day at 2:00 AM
2) Twice daily - Every 12 hours
3) Weekly - Once per week on Sunday

For beginners: Choose "1" (Daily) - This provides good protection without using too much storage.

Retention Policy

You'll be asked how long to keep backups:

📦 Retention Policy
================
How long should backups be kept?

1) Conservative (default) - 7 daily, 4 weekly, 6 monthly
2) Aggressive - 14 daily, 8 weekly, 12 monthly
3) Minimal - 3 daily, 2 weekly, 3 monthly

For beginners: Choose "1" (Conservative) - This keeps enough backups for recovery without using too much space.

Compression Settings

You'll be asked about compression:

🗜️  Compression Configuration
===========================
Choose compression algorithm:

1) zstd (default) - Best balance of speed and compression
2) lz4 - Fastest compression, larger files
3) zlib - Good compression, moderate speed
4) lzma - Best compression, slower

For beginners: Choose "1" (zstd) - This provides good compression without being too slow.

Security Passphrase

You'll be asked to create a passphrase for your backups:

🔐 Security Configuration
======================
Enter a strong passphrase for backup encryption:
[Enter your passphrase]

Important: This passphrase encrypts your backups. Choose something strong and save it safely!

Passphrase tips:

Example: MyBackup@2024!Secure#Data

Step 5: Wait for Installation

After answering the questions, Borgmatic will install and start. You'll see messages like:

📦 Installing Borgmatic...
🔧 Creating backup configurations...
🔐 Setting up encryption...
🛡️  Creating security monitoring...
📅 Setting up schedules...
✅ Borgmatic installed successfully!

Step 6: Understanding What Was Created

Borgmatic installation creates a sophisticated backup system with two types of backups:

File Backups

These backup all your application files:

Database Backups

These backup all your databases:

Security Features

Borgmatic includes advanced security:

Step 7: Verify Borgmatic is Working

Let's make sure Borgmatic is running properly.

Check Status in Infinity Tools

In the Infinity Tools menu, go to:

You should see Borgmatic listed as "RUNNING" or "ACTIVE".

Using the Status Dashboard

The Status & Health section shows you:

Look for the green checkmarks - they indicate everything is working properly!

Check Backup Status

You can also check by going to:

This will show you:

Step 8: Understanding Backup Storage

Borgmatic stores your backups in a special location:

Backup Location

Your backups are stored in:

Backup Structure

Your backup repository contains:

Step 9: Test Your First Backup

Let's run a test backup to make sure everything works:

Manual Backup Test

In the Infinity Tools menu, go to:

This will start a backup immediately and show you the progress.

What You'll See

During the backup, you'll see messages like:

Starting SpeedBits file backup...
Creating archive speedbits-files-server-2024-01-15-143000...
Backing up /opt/speedbits/vaultwarden...
Backing up /opt/speedbits/traefik...
File backup completed successfully

Understanding Backup Progress

The backup process shows:

What's Next?

Congratulations! You now have an automated backup system protecting all your data.

What You've Accomplished

Next Steps

Now you can:

Troubleshooting

Backup Not Running

If backups aren't running:

Backup Fails

If backups fail:

Can't Access Backups

If you can't access your backups:

Quick Reference

Check Borgmatic status:

docker ps | grep borgmatic

View backup logs:

docker logs borgmatic

Run manual backup:

docker exec borgmatic borgmatic --config /etc/borgmatic/borgmatic-files.yml create

List all backups:

docker exec borgmatic borg list /backups/borgmatic-repo

You're Ready!

Borgmatic is now installed and protecting your data! You have a professional-grade backup system that runs automatically and keeps your data safe.

What you accomplished:

Next step: You can now install your first application (Vaultwarden) knowing it will be automatically backed up and protected!

What You Learned

You now have enterprise-grade data protection running on your server!

Next: Installing Vaultwarden - Your Password Manager (Chapter 7)

Foundations

7: Portainer – Docker Management Made Easy (optional but convenient)

Portainer gives you a friendly web interface to manage your Docker containers, images, volumes, and networks. Instead of typing commands in the terminal, you can click buttons and see everything visually. Think of it as a control panel for all your Docker applications.

For advanced features, team management, and detailed documentation, see the official Portainer documentation.

Why Portainer?

Prerequisites

Note: Portainer works fine without Traefik - you can access it directly via IP address and port. Traefik just makes it more secure and easier to access with a friendly domain name.

Step 1: Start Infinity Tools

sudo infinity-tools

Step 2: Install Portainer

  1. Go to 📱 APPLICATIONS
  2. Select Portainer
  3. Choose Install Portainer

Using the Infinity Tools GUI

Step 2.1: Choose SSL Mode

You'll see two options. Here's what each means:

Simple rule of thumb: Use Traefik if you have a domain and want the best experience; use Standalone HTTPS if you're just getting started or don't have a domain yet.

Step 2.2: If You Choose Traefik

  1. Enter your subdomain, e.g., portainer.yourdomain.com
  2. Ensure the subdomain's DNS A record points to your server (see Chapter 4.5)
  3. Infinity Tools will configure HTTPS automatically via Let's Encrypt

After install: Your Portainer will be available at https://portainer.yourdomain.com

Step 2.3: If You Choose Standalone

  1. Pick a port (default: 9443)
  2. Your Portainer will be available at https://SERVER_IP:9443
  3. When you first visit, accept the browser security warning (click "Advanced" → "Proceed")

What Happens During Installation

Step 3: First-Time Setup (IMPORTANT!)

⚠️ CRITICAL: Portainer requires you to create admin credentials on your FIRST login. There is no default password!

Step 3.1: Open Portainer

  1. Open the access URL shown after installation in your browser
  2. If using Traefik: Wait 30-60 seconds for SSL certificate generation
  3. If using Standalone: Accept the browser security warning

Step 3.2: Create Admin Account

You'll see a screen: "Create the first administrator user"

  1. Username: Choose any username (many people use "admin")
  2. Password: Enter a STRONG password (minimum 12 characters)
  3. Click "Create user"

⚠️ WRITE DOWN YOUR CREDENTIALS IMMEDIATELY!

This is your ONLY chance to set the initial password. There is NO "forgot password" option on first setup. If you forget it, you'll need to reset Portainer completely (see Troubleshooting below).

Step 3.3: Connect to Docker

  1. After creating your account, you'll see: "Get Started"
  2. Click "Get Started"
  3. Select "Docker" environment
  4. Click "Connect"

✅ Done! You'll immediately see all your Docker containers, images, volumes, and networks.

What You Can Do in Portainer

Container Management

Image Management

Stack Deployment

Monitoring

Volume and Network Management

Security Recommendations

Portainer has FULL access to your Docker system, so it's important to protect it:

Troubleshooting

Forgot Your Password?

If you forgot your Portainer admin password, you'll need to reset it completely:

  1. Stop Portainer: 
    cd /opt/speedbits/portainer
docker compose down
  2. Delete the Portainer database: 
    rm -rf /opt/speedbits/portainer/data
  3. Restart Portainer: 
    cd /opt/speedbits/portainer
docker compose up -d
  4. Open Portainer again and create a new admin account

⚠️ WARNING: This deletes ALL Portainer settings (users, preferences, etc.), but your Docker containers are NOT affected.

Can't Access Portainer

Portainer Shows No Containers

Where to Find Portainer After Install

You're Ready!

Portainer is now installed and ready to use. You can manage all your Docker containers visually from your browser. This makes it much easier to work with your Infinity Tools applications!

Next steps: Use Portainer to monitor your containers, view logs, and manage your Docker environment. You can continue installing other Infinity Tools applications - Portainer will help you keep track of everything.

Apps

These are the productivity apps in Infinity Tools. Note that unlike in the previous chapter, there is no specific order to these apps. You can choose what you need. The chapter numbers are only for organizational purposes.

Apps

8: Vaultwarden - Password Manager

Vaultwarden is a self-hosted password manager that lets you store and manage all your passwords securely on your own server. It's compatible with all Bitwarden apps, so you can use it with your phone, computer, and web browser. For comprehensive usage instructions and advanced features, please refer to the official Vaultwarden documentation.

What is Vaultwarden?

Vaultwarden is like a digital safe for all your passwords. Instead of remembering dozens of different passwords, you only need to remember one master password to access all your accounts.

Why Vaultwarden is useful:

Think of it like this: Instead of writing passwords on sticky notes or using the same password everywhere, Vaultwarden keeps them all safe in one encrypted vault that only you can access.

Prerequisites

Before installing Vaultwarden, make sure you have:

Why These Prerequisites Matter

Traefik: Provides secure HTTPS access to your password manager

Docker: Runs Vaultwarden in a secure container

Domain name: Makes it easier to access and more secure

Email: Required for SSL certificates to keep your passwords safe

Step 1: Start Infinity Tools

Make sure you're connected to your server via SSH, then start Infinity Tools:

sudo infinity-tools

Using the Infinity Tools GUI

When you start Infinity Tools, you'll see the main menu. Look for the 📱 APPLICATIONS section - this is where all your apps are located.

Step 2: Navigate to Vaultwarden

In the Infinity Tools menu:

  1. Use your arrow keys to navigate to 📱 APPLICATIONS
  2. Press Enter to open the Applications menu
  3. Look for Vaultwarden in the list
  4. Select it and press Enter

Understanding the Application Menu

The Applications section shows you all available apps:

Look for the turquoise cursor - it shows what you're about to select!

Step 3: Install Vaultwarden

When you select Vaultwarden, you'll see installation options. Choose Install Vaultwarden.

What Happens During Installation

Vaultwarden installation will:

This usually takes 2-3 minutes.

Step 4: Configure Vaultwarden

During installation, you'll be asked several questions:

SSL Configuration

You'll see a prompt like:

🌐 SSL Certificate Configuration
===============================
Do you want to use Traefik for SSL certificates and domain routing?

Y) Yes (default) - Use Traefik with Let's Encrypt SSL and domain
N) No - Standalone with self-signed certificate and direct port access

Choose "Y" (Yes) - This uses Traefik for secure HTTPS access (recommended).

Domain Configuration

You'll be asked for your domain name:

Enter the domain name for Vaultwarden:
[vault.example.com]

What to enter: Use a subdomain like vault.yourdomain.com or passwords.yourdomain.com

Examples:

User Signup Policy

You'll be asked about user signups:

👥 User Signup Policy
==================
Do you want to allow new users to sign up?

Y) Yes - Allow anyone to create an account
N) No - Only admin can create accounts (recommended)

For beginners: Choose "N" (No) - This keeps your password manager private and secure.

Step 5: Wait for Installation

After answering the questions, Vaultwarden will install and start. You'll see messages like:

📦 Installing Vaultwarden...
🔧 Creating configuration...
🌐 Setting up SSL certificates...
🔐 Generating admin token...
✅ Vaultwarden installed successfully!

Step 6: Get Your Admin Token

After installation, you'll see important information:

🔐 Vaultwarden Admin Information
===============================

Admin Token: abc123def456ghi789...
Web Vault: https://vault.yourdomain.com
Admin Panel: https://vault.yourdomain.com/admin

Save Your Admin Token

IMPORTANT: Save your admin token in a safe place! You'll need it to:

How to save it:

Step 7: Verify Vaultwarden is Working

Let's make sure Vaultwarden is running properly.

Check Status in Infinity Tools

In the Infinity Tools menu, go to:

You should see Vaultwarden listed as "RUNNING" or "ACTIVE".

Using the Status Dashboard

The Status & Health section shows you:

Look for the green checkmarks - they indicate everything is working properly!

Test Your Web Vault

Open your web browser and visit your Vaultwarden URL:

Step 8: Create Your First Account

Now it's time to set up your password manager!

Sign Up Process

  1. Visit your Vaultwarden URL in your browser
  2. Click "Create Account"
  3. Enter your email address
  4. Create a strong master password
  5. Confirm your password
  6. Click "Create Account"

Choosing a Strong Master Password

Your master password protects all your other passwords. Make it:

Example: MyDog@2024!Loves#Treats

Step 9: Understanding What Was Created

Vaultwarden installation creates several important files and configurations:

Data Storage

Your password data is stored in:

Web Access

Vaultwarden provides:

Security Features

Vaultwarden includes:

What's Next?

Congratulations! You now have your own password manager running securely on your server.

Next Steps

Getting Help

For detailed usage instructions, advanced features, and troubleshooting, please refer to the official Vaultwarden documentation.

Troubleshooting

Can't Access Vaultwarden

If you can't access your Vaultwarden:

SSL Certificate Issues

If you see security warnings:

Can't Create Account

If signup is disabled:

Quick Reference

Check Vaultwarden status:

docker ps | grep vaultwarden

View Vaultwarden logs:

docker logs vaultwarden

Restart Vaultwarden:

docker restart vaultwarden

Access admin panel:

https://vault.yourdomain.com/admin

You're Ready!

Vaultwarden is now installed and running! You have your own secure password manager that you control completely.

What you accomplished:

Next step: Download the Bitwarden apps for your devices and start using your new password manager!

What You Learned

You now have a professional-grade password manager running on your own server!

Next: Installing Your Next Application (Coming Soon)

Apps

9: Passbolt - Team Password Manager

Passbolt is a team-oriented, self-hosted password manager built on OpenPGP. It lets you securely store and share passwords with your team. For comprehensive usage instructions, browser extension setup, and advanced features, please refer to the official Passbolt documentation.

What is Passbolt? (Simple Explanation)

Passbolt helps teams store and share passwords securely. It uses strong encryption and a browser extension to keep your secrets safe and easy to use.

Why Passbolt is useful:

Prerequisites

Before installing Passbolt, make sure you have:

Why These Prerequisites Matter

Traefik: Provides secure HTTPS access

Docker: Runs Passbolt securely in containers

Borgmatic: Automatically backs up your Passbolt data and database

Subdomain: Easy, secure access for your team

Step 1: Start Infinity Tools

Connect via SSH and start Infinity Tools:

sudo infinity-tools

Using the Infinity Tools GUI

From the main menu, go to the 📱 APPLICATIONS section.

Step 2: Install Passbolt

  1. Open 📱 APPLICATIONS
  2. Select Passbolt
  3. Choose Install Passbolt

What Happens During Installation

Step 3: Configure Passbolt

SSL & Domain

You'll be asked whether to use Traefik and for your domain. Recommended:

Admin Account

After installation, you'll finish setup in the browser by creating the first admin user and installing the Passbolt browser extension.

Step 4: Open Passbolt

Once installation completes:

Step 5: Verify and Basics

Troubleshooting

Can't Access the Site

Database Issues

Quick Reference

Web UI: https://pass.yourdomain.com

Data directory: /opt/speedbits/passbolt/

Database credentials: /opt/speedbits/passbolt/db_password.txt

You're Ready!

Passbolt is now installed and ready for your team. Manage users and shared passwords from the web interface and browser extension.

Next: Add your team, create groups, and start sharing passwords securely. For how-to guides and best practices, see the official Passbolt documentation.

Apps

10: Syncthing - File Synchronization

Syncthing keeps folders on your devices in sync (PCs, servers, laptops). It’s private, fast, and peer‑to‑peer. For detailed usage and device pairing guides, see the official Syncthing documentation.

Dependency check

What is Syncthing? (Simple Explanation)

Syncthing lets you pick a folder (e.g., Documents) and keep it automatically synchronized between your devices. You choose which devices and folders to sync—nothing is uploaded to third‑party clouds.

Interdependencies

Optional but recommended: Traefik for secure HTTPS access with your domain (easier to reach your server). Borgmatic will back up Syncthing data as part of your regular backups.

Prerequisites

Step 1: Start Infinity Tools

sudo infinity-tools

Step 2: Install Syncthing

  1. Go to 📱 APPLICATIONS
  2. Select Syncthing
  3. Choose Install Syncthing

Using the Infinity Tools GUI

Step 2.1: Choose SSL Mode

You’ll be asked how you want to access Syncthing’s web interface:

Rule of thumb: Use Traefik if you have a domain. Otherwise use Standalone HTTPS for local networks.

Step 3: Open Syncthing

Step 4: First‑Time Basics

  1. Change the GUI password: In Settings → GUI, set a username/password
  2. Set the device name: Give your server a friendly name (e.g., “Home‑Server”)
  3. Create your first folder: Click “Add Folder” → pick a folder path (e.g., /opt/speedbits/syncthing/Documents)

Step 5: Pair a Device

  1. Install Syncthing on your computer/phone (see official downloads)
  2. On your device, copy the Device ID (a long string)
  3. On the server web UI, click “Add Remote Device” → paste the Device ID → give it a name
  4. Accept the pairing request on the other device
  5. Share a folder: Select your folder → “Share With Devices” → pick the device you added

Step 6: Verify It Works

Troubleshooting

Quick Reference

You’re ready to keep your files in sync across devices—privately and securely.

Apps

11: Nextcloud - Private Cloud

Nextcloud is a self-hosted cloud platform for files, photos, calendars, and more — think of it like your own private Dropbox or Google Drive. For full usage instructions and advanced features, please refer to the official Nextcloud documentation.

What is Nextcloud? (Simple Explanation)

Nextcloud lets you store and share files, view photos, sync calendars and contacts, and access everything from mobile and desktop apps — all running on your own server, under your control.

Prerequisites

Before installing Nextcloud, make sure you have:

Interdependencies: Backups for Nextcloud use Borgmatic (Chapter 6). Borgmatic notifications rely on Apprise (Chapter 5). If you skip backups now, you can add them later.

Step 1: Start Infinity Tools

Connect to your server via SSH and start Infinity Tools:

sudo infinity-tools

Using the Infinity Tools GUI

In the main menu, go to the 📱 APPLICATIONS section.

Step 2: Open Nextcloud in Applications

  1. Go to 📱 APPLICATIONS
  2. Select Nextcloud
  3. Choose Install Nextcloud

What the installer does

Step 3: Choose HTTPS Mode

When asked about SSL/HTTPS:

Use Traefik for SSL? (Y/n)

Step 4: Enter Your Domain (Traefik Mode)

Example domains:

If you’re not using a domain, the installer will ask you to pick a port for local access.

Step 5: Set Default Storage Quota

The installer offers to set a default per-user quota.

Step 6: Wait for Installation

First-time setup takes about 2–5 minutes. The installer will show progress while Nextcloud initializes.

Step 7: Save Your Admin Credentials

When installation finishes, you’ll see an admin username and password. Write them down and keep them safe.

You can also find them in /opt/speedbits/nextcloud/.env (root-only).

Step 8: Open Nextcloud

Step 9: Verify It’s Running

In Infinity Tools, go to 📊 STATUS & HEALTH → STATUS. You should see Nextcloud and its database running.

Troubleshooting

Can’t access the site

Running out of disk space

SSL warning in standalone HTTPS

Self-signed certificates show a browser warning. Click “Advanced → Proceed” to continue, or switch to Traefik with a real domain for trusted HTTPS.

Quick Reference

Check containers:

docker ps | grep -E "nextcloud|nextcloud-db"

View logs:

docker logs nextcloud

Restart service:

cd /opt/speedbits/nextcloud && docker compose restart

Helpful Resources

Apps

12: WordPress - Build Your Website

WordPress is the most popular platform for building websites and blogs. With Infinity Tools, you can install WordPress securely on your own server with just a few steps. For everything beyond installation and basic usage, see the official WordPress documentation.

What is WordPress? (Simple Explanation)

WordPress lets you create a website or blog using themes and plugins — no coding required. You manage posts, pages, and media from a friendly dashboard, and extend features with plugins (contact forms, SEO, e‑commerce, and more).

Prerequisites

Before installing WordPress, make sure you have:

Interdependencies: WordPress uses a database (MariaDB). Database backups integrate with Borgmatic (Chapter 6), and Borgmatic notifications rely on Apprise (Chapter 5).

Step 1: Start Infinity Tools

Connect to your server via SSH and start Infinity Tools:

sudo infinity-tools

Open Applications

  1. Go to 📱 APPLICATIONS
  2. Select WordPress
  3. Choose Install WordPress

Step 2: Choose HTTPS Mode

When prompted:

Use Traefik for SSL? (Y/n)

Step 3: Enter Your Domain (Traefik Mode)

Examples:

No domain? Pick a port when asked (for local access only).

Step 4: Optional Redis Cache

You can enable a performance cache called Redis. If you enable it during installation, Infinity Tools sets up a Redis container for you.

Install the free plugin Redis Object Cache to speed up WordPress:

Redis Object Cache plugin (wordpress.org)

Step 5: Wait for Installation

Setup usually takes a few minutes. WordPress, the database, and (optionally) Redis will be created.

Step 6: Open Your Site

Complete the WordPress setup wizard and create your admin account.

Step 7: Verify It’s Running

In Infinity Tools, go to 📊 STATUS & HEALTH → STATUS. You should see WordPress, the database, and (if used) Redis running.

Where Your Data Lives

Troubleshooting

Can’t access the site

Database connection error

Enable HTTPS in standalone mode

Standalone HTTPS uses a self‑signed certificate and may show a browser warning. Click “Advanced → Proceed”, or switch to Traefik for trusted HTTPS.

Quick Reference

Check containers:

docker ps | grep -E "wordpress|wp-db|redis"

View logs:

docker logs wordpress

Restart services:

cd /opt/speedbits/wordpress && docker compose restart

Helpful Resources

Apps

13: Matomo - Privacy‑Friendly Analytics

Matomo is a self‑hosted web analytics platform (an alternative to Google Analytics) that lets you track website visits while keeping full control of your data. For detailed usage and advanced features, please refer to the official Matomo documentation.

What is Matomo? (Simple Explanation)

Matomo shows you how people use your website: how many visitors you have, what pages they view, where they come from, and more — all without sending data to third parties.

Prerequisites

Before installing Matomo, make sure you have:

Interdependencies: Matomo uses a MariaDB database. Database backups are handled by Borgmatic (Chapter 6). Borgmatic notifications rely on Apprise (Chapter 5).

Step 1: Start Infinity Tools

Connect to your server via SSH and start Infinity Tools:

sudo infinity-tools

Open Applications

  1. Go to 📱 APPLICATIONS
  2. Select Matomo
  3. Choose Install Matomo

Step 2: Choose HTTPS Mode

When prompted:

Use Traefik for SSL? (Y/n)

Step 3: Enter Your Domain (Traefik Mode)

Examples:

No domain? The installer will ask you to pick a port for local access.

Step 4: Wait for Installation

First‑time setup takes a few minutes. Matomo and its database will be created and started.

Step 5: Open Matomo and Complete the Wizard

Follow the Matomo setup wizard:

  1. System check → Next
  2. Database setup → The installer shows your database credentials
  3. Create your admin account
  4. Add your first website to track
  5. Copy the tracking code (you’ll paste it into your website later)

Step 6: Verify It’s Running

In Infinity Tools, go to 📊 STATUS & HEALTH → STATUS. You should see Matomo and its database running.

Cron for Archiving (Recommended)

Add this to your server’s crontab to keep reports up‑to‑date:

*/5 * * * * docker exec matomo /usr/local/bin/php /var/www/html/console core:archive >/dev/null 2>&1

Troubleshooting

Can’t access the site

Database connection error

Quick Reference

Check containers:

docker ps | grep -E "matomo|matomo-db"

View logs:

docker logs matomo

Restart services:

cd /opt/speedbits/matomo && docker compose restart

Helpful Resources

Apps

14: Webmin - Visual Server Management

Webmin is a web-based interface for managing your Linux server. Instead of using the command line, you can manage users, services, files, system settings, and more through a friendly web browser interface. Think of it as a control panel for your entire server.

For advanced features, module documentation, and detailed guides, see the official Webmin documentation.

Why Webmin?

Prerequisites

Note: Webmin is typically accessed via SSH tunnel for security. The installation script will guide you through this. Traefik mode is optional and allows direct web access.

Step 1: Start Infinity Tools

sudo infinity-tools

Step 2: Install Webmin

  1. Go to 📱 APPLICATIONS
  2. Select Webmin
  3. Choose Install Webmin

Using the Infinity Tools GUI

Step 2.1: Choose SSL Mode

You'll see two options. Here's what each means:

Simple rule of thumb: Use Standalone for security (SSH tunnel), or Traefik if you want direct web access.

Step 2.2: If You Choose Traefik

  1. Enter your subdomain, e.g., webmin.yourdomain.com
  2. Ensure the subdomain's DNS A record points to your server (see Chapter 4.5)
  3. Infinity Tools will configure HTTPS automatically via Let's Encrypt

After install: Your Webmin will be available at https://webmin.yourdomain.com

Step 2.3: If You Choose Standalone

  1. Pick a port (default: 8443)
  2. You'll access Webmin via SSH tunnel (instructions shown after installation)

Step 2.4: Host Filesystem Access

You'll be asked about host filesystem access. This controls whether Webmin can browse files on your actual server (not just inside the container).

What Happens During Installation

Step 3: Access Webmin

If Using Traefik

  1. Wait 30-60 seconds for SSL certificate generation
  2. Open https://webmin.yourdomain.com in your browser
  3. Login with the credentials shown after installation

If Using Standalone (SSH Tunnel)

⚠️ IMPORTANT: Webmin requires an SSH tunnel for secure access. You cannot access it directly from the internet.

On your local computer (not the server), run:

ssh -L 8443:localhost:10000 your-username@your-server-ip

Replace:

Then in your browser, open:

https://localhost:8443

You'll see a security warning (normal for self-signed certificates). Click "Advanced" → "Proceed" to continue.

Step 4: Login to Webmin

After installation, you'll see credentials like:

⚠️ CRITICAL: Write down or save this password immediately! It will NOT be shown again. Use a password manager (like Vaultwarden from Chapter 7) to store it securely.

Login Steps

  1. Enter username: webminadmin
  2. Enter the password shown after installation
  3. Click "Login"

Note: Any user with sudo privileges can also login to Webmin using their system username and password.

Step 5: Understanding the File Manager

⭐ IMPORTANT: When you first open Webmin's File Manager, you're browsing files inside the Webmin container, not your actual server!

How to Access Host System Files

To browse files on your actual server (the host system), you need to navigate to the /host/ folder:

  1. Go to OtherFile Manager in Webmin
  2. You'll see the container's filesystem (usually empty or minimal)
  3. To access host files: Type /host/ in the path bar at the top
  4. Press Enter or click "Go"
  5. Now you'll see your actual server's filesystem!

Understanding the Path Structure

Examples

💡 Tip: Bookmark /host/ or add it to your favorites in Webmin for quick access!

File Access Modes

Depending on what you chose during installation:

What You Can Do in Webmin

System Management

File Management

Monitoring

Security Recommendations

Troubleshooting

Can't Access Webmin

Can't Login

Can't See Host Files

SSH Tunnel Not Working

Where to Find Webmin After Install

You're Ready!

Webmin is now installed and ready to use. You can manage your Linux server visually through the web interface. Remember:

Next steps: Explore Webmin's features, manage your server users, browse files, and configure system settings. Webmin makes server management much easier than using the command line!

Apps

15: BookStack - Documentation Platform / Wiki

BookStack is a beautiful, simple documentation and wiki platform. It helps you organize information into Books, Chapters, and Pages - just like a real book! You can write documentation, create knowledge bases, and share information with your team or the world.

For advanced features, API documentation, and customization options, see the official BookStack documentation.

Why BookStack?

Prerequisites

Note: BookStack works best with Traefik and a domain name. It's designed for sharing documentation, so having a friendly URL like docs.yourdomain.com makes it much easier to access.

Step 1: Start Infinity Tools

sudo infinity-tools

Step 2: Install BookStack

  1. Go to 📱 APPLICATIONS
  2. Select BookStack
  3. Choose Install BookStack

Using the Infinity Tools GUI

Step 2.1: Choose SSL Mode

You'll see two options. Here's what each means:

Simple rule of thumb: Use Traefik if you have a domain and want to share your documentation. Use Standalone HTTPS only for testing or private use.

Step 2.2: If You Choose Traefik

  1. Enter your subdomain, e.g., docs.yourdomain.com
  2. Ensure the subdomain's DNS A record points to your server (see Chapter 4.5)
  3. Enter your email address (for SSL certificate notifications)
  4. Infinity Tools will configure HTTPS automatically via Let's Encrypt

After install: Your BookStack will be available at https://docs.yourdomain.com

Step 2.3: If You Choose Standalone

  1. Pick a port (default: 8092)
  2. You'll access BookStack via https://SERVER_IP:8092
  3. Accept the browser security warning (it's safe for private use)

What Happens During Installation

Step 3: Access BookStack

If Using Traefik

  1. Wait 30-60 seconds for SSL certificate generation
  2. Open https://docs.yourdomain.com in your browser
  3. You'll see the BookStack welcome page

If Using Standalone

  1. Open https://SERVER_IP:8092 in your browser
  2. You'll see a security warning (normal for self-signed certificates)
  3. Click "Advanced" → "Proceed to site" to continue
  4. You'll see the BookStack welcome page

Step 4: First Login

⚠️ CRITICAL SECURITY STEP: BookStack comes with default admin credentials that MUST be changed immediately!

Default Credentials (First Time Only)

⚠️ CHANGE THESE IMMEDIATELY! These are public defaults - anyone can guess them!

Login Steps

  1. Click "Login" in the top right corner
  2. Enter email: admin@admin.com
  3. Enter password: password
  4. Click "Log In"

Change Your Password Immediately

  1. After logging in, click your name in the top right corner
  2. Select "My Profile"
  3. Click "Change Password"
  4. Enter your current password (password)
  5. Enter a strong new password (use a password manager!)
  6. Confirm the new password
  7. Click "Save"

💡 Tip: Use a password manager (like Vaultwarden from Chapter 7) to generate and store a strong password!

Step 5: Create Your First Book

Now that you're logged in, let's create your first documentation book!

Creating a Book

  1. Click "Create Book" (usually a big button on the home page)
  2. Enter a book name, e.g., "My Server Documentation"
  3. Add a description (optional but helpful)
  4. Click "Save Book"

Adding Chapters

  1. Inside your book, click "Add Chapter"
  2. Enter a chapter name, e.g., "Getting Started"
  3. Add a description (optional)
  4. Click "Save Chapter"

Creating Pages

  1. Inside a chapter, click "Add Page"
  2. Enter a page title
  3. Start writing! Use the editor toolbar to format text, add images, create lists, etc.
  4. Click "Save Page" when done

Using the Editor

The BookStack editor is like Word or Google Docs:

What You Can Do in BookStack

Content Organization

Content Features

Sharing & Export

Security Recommendations

Troubleshooting

Can't Access BookStack

Can't Login

Slow Loading

Lost Password

Where to Find BookStack After Install

Backing Up Your Documentation

Your BookStack content is stored in:

To backup:

cd /opt/speedbits
tar czf bookstack-backup.tar.gz bookstack/

To restore: Extract the backup and restart BookStack containers.

Email Configuration (Optional)

After installation, you'll be asked if you want to configure email (SMTP). This is optional but useful for:

You can skip this and configure it later from the Infinity Tools menu or web interface.

You're Ready!

BookStack is now installed and ready to use. You can start creating beautiful documentation! Remember:

Next steps: Create your first book, write some pages, upload images, and explore all the features. BookStack makes documentation fun and easy!

Apps

16: Uptime Kuma - Uptime Monitoring & Status Pages

Uptime Kuma is a beautiful, self-hosted monitoring tool that watches your websites, servers, and services 24/7. It tells you immediately when something goes down, shows you uptime statistics, and can even create public status pages (like status.github.com) to show your users that everything is working.

For advanced features, API documentation, and customization options, see the official Uptime Kuma documentation.

Why Uptime Kuma?

Prerequisites

Note: Uptime Kuma works great with Traefik and a domain name. Having a friendly URL like status.yourdomain.com makes it easy to access your monitoring dashboard and share status pages.

Step 1: Start Infinity Tools

sudo infinity-tools

Step 2: Install Uptime Kuma

  1. Go to 📱 APPLICATIONS
  2. Select Uptime Kuma
  3. Choose Install Uptime Kuma

Using the Infinity Tools GUI

Step 2.1: Choose SSL Mode

You'll see two options. Here's what each means:

Simple rule of thumb: Use Traefik if you have a domain and want secure access. Use Standalone HTTP only for testing or private use.

Step 2.2: If You Choose Traefik

  1. Enter your subdomain, e.g., status.yourdomain.com
  2. Ensure the subdomain's DNS A record points to your server (see Chapter 4.5)
  3. Infinity Tools will configure HTTPS automatically via Let's Encrypt

After install: Your Uptime Kuma will be available at https://status.yourdomain.com

Step 2.3: If You Choose Standalone

  1. Pick a port (default: 3001)
  2. You'll access Uptime Kuma via http://SERVER_IP:3001

Step 2.4: Docker Container Monitoring (Optional)

You'll be asked if you want to enable Docker container monitoring:

Step 2.5: Timezone (Optional)

You can set your timezone for monitoring logs and graphs. Examples:

Leave empty for UTC (default).

What Happens During Installation

Step 3: Access Uptime Kuma

If Using Traefik

  1. Wait 30-60 seconds for SSL certificate generation
  2. Open https://status.yourdomain.com in your browser
  3. You'll see the Uptime Kuma setup wizard

If Using Standalone

  1. Open http://SERVER_IP:3001 in your browser
  2. You'll see the Uptime Kuma setup wizard

Step 4: Create Your Admin Account

⚠️ CRITICAL: Uptime Kuma requires you to create admin credentials on your FIRST login. There is NO default password!

Setup Steps

  1. You'll see: "Create your admin account"
  2. Enter a username (choose any username you like)
  3. Enter a password:
    • Minimum: 8 characters
    • Recommended: 12+ characters
    • Best: 20+ characters (use a password manager!)
  4. ⚠️ WRITE DOWN YOUR CREDENTIALS IMMEDIATELY!
    • This is your ONLY chance to set the initial password
    • There is NO "forgot password" on first setup!
    • Use a password manager (like Vaultwarden from Chapter 7) to store it securely
  5. Click "Create"
  6. ✅ Done! You'll see the monitoring dashboard

If You Forget Your Password

Don't worry! You can reset it using the command line:

  1. Run: docker exec -it uptime-kuma npm run reset-password
  2. Enter your username
  3. Enter a new password
  4. Log in with your new password

Step 5: Add Your First Monitor

Now that you're logged in, let's start monitoring something!

Adding a Monitor

  1. Click "Add New Monitor" (big button on the dashboard)
  2. Choose monitor type:
    • HTTP(s) - Monitor websites and APIs
    • TCP Port - Monitor if a port is open (SSH, databases, etc.)
    • Ping - Check if a server responds
    • Docker Container - Monitor Docker containers (if enabled)
    • DNS - Check DNS records
    • And more!
  3. Enter the URL or IP address to monitor
  4. Set check interval (default: 60 seconds - how often to check)
  5. Click "Save"

Example: Monitor Your Website

  1. Type: HTTP(s)
  2. URL: https://yourdomain.com
  3. Check interval: 60 seconds
  4. Click "Save"

Uptime Kuma will now check your website every 60 seconds and show you if it's up or down!

Step 6: Set Up Notifications

To get alerts when something goes down, you need to configure notifications.

Setting Up Notifications

  1. Go to: SettingsNotifications
  2. Click "Setup Notification"
  3. Choose a provider:
    • Discord - Get alerts in Discord
    • Slack - Get alerts in Slack
    • Telegram - Get alerts via Telegram
    • Email - Get alerts via email
    • Apprise - Use Apprise for 80+ services (if you have Apprise installed)
    • And 80+ more!
  4. Follow the setup instructions for your chosen provider
  5. Test the notification
  6. Click "Save"

Using Apprise (If Installed)

If you have Apprise installed (Chapter 5), you can use it for notifications:

  1. Type: Apprise (Self-hosted)
  2. URL: http://apprise:8000/notify/{YOUR-KEY}
  3. This lets you use all 80+ Apprise notification services!

Step 7: Create a Status Page (Optional)

Status pages let you show your users that your services are working. They're public (no login required) and look professional.

Creating a Status Page

  1. Go to: Status Pages
  2. Click "New Status Page"
  3. Enter a name, e.g., "My Services Status"
  4. Choose which monitors to display publicly
  5. Customize the appearance (colors, logo, etc.)
  6. Click "Save"
  7. Share the public URL with your users!

What You Can Monitor

Monitor Types

What You'll See

Security Recommendations

Troubleshooting

Can't Access Uptime Kuma

Can't Create Admin Account

Monitors Not Working

Notifications Not Sending

Where to Find Uptime Kuma After Install

Backing Up Your Monitoring Data

Your Uptime Kuma data is stored in:

To backup:

cd /opt/speedbits
tar czf uptime-kuma-backup.tar.gz uptime-kuma/

To restore: Extract the backup and restart the Uptime Kuma container.

Or use Uptime Kuma's built-in backup: Go to Settings → Backup → Download Backup

You're Ready!

Uptime Kuma is now installed and ready to monitor your services! Remember:

Next steps: Add monitors for your websites and services, configure notifications, and create a status page. Uptime Kuma will help you keep everything running smoothly!

Apps

17: Netdata - Real-time Performance Monitoring

Netdata is a powerful, real-time monitoring tool that shows you exactly what's happening on your server right now. It displays beautiful graphs of CPU, memory, disk, network, and Docker containers - updating every single second! Think of it as a real-time health dashboard for your entire server.

For advanced features, API documentation, and customization options, see the official Netdata documentation.

Why Netdata?

Prerequisites

Note: Netdata works great with Traefik and a domain name. Having a friendly URL like monitor.yourdomain.com makes it easy to access your monitoring dashboard.

Step 1: Start Infinity Tools

sudo infinity-tools

Step 2: Install Netdata

  1. Go to 📱 APPLICATIONS
  2. Select Netdata
  3. Choose Install Netdata

Using the Infinity Tools GUI

Step 2.1: Choose SSL Mode

You'll see two options. Here's what each means:

Simple rule of thumb: Use Traefik if you have a domain and want secure access. Use Standalone HTTP only for testing or private use.

Step 2.2: If You Choose Traefik

  1. Enter your subdomain, e.g., monitor.yourdomain.com
  2. Ensure the subdomain's DNS A record points to your server (see Chapter 4.5)
  3. Infinity Tools will configure HTTPS automatically via Let's Encrypt

After install: Your Netdata will be available at https://monitor.yourdomain.com

Step 2.3: If You Choose Standalone

  1. Pick a port (default: 19999)
  2. You'll access Netdata via http://SERVER_IP:19999

Step 2.4: Multi-Server Monitoring (Optional)

You'll be asked if you want to stream metrics to a Netdata Director (parent server):

Step 2.5: Apprise Notifications (Optional)

If you have Apprise installed (Chapter 5), you can enable alert notifications:

What Happens During Installation

Step 3: Access Netdata

If Using Traefik

  1. Wait 30-60 seconds for SSL certificate generation
  2. Open https://monitor.yourdomain.com in your browser
  3. You'll see the Netdata dashboard immediately!

If Using Standalone

  1. Open http://SERVER_IP:19999 in your browser
  2. You'll see the Netdata dashboard immediately!

⚠️ IMPORTANT SECURITY NOTE: Netdata has NO username/password protection by default! Anyone who can access the URL can see your monitoring data. If using Traefik, strongly consider adding Basic Auth protection. If using standalone mode, keep it on a private network only!

Step 4: Understanding the Dashboard

When you first open Netdata, you'll see a beautiful dashboard with lots of graphs. Here's what everything means:

Main Sections

Reading the Graphs

Key Metrics to Watch

Step 5: Docker Container Monitoring

One of Netdata's best features is automatic Docker container discovery and monitoring!

What You'll See

How to Use It

  1. Click on "Docker" in the left sidebar
  2. You'll see all your containers listed
  3. Click on any container to see its detailed metrics
  4. Watch for containers using too much CPU or RAM

Step 6: Alert Notifications (If Enabled)

If you enabled Apprise notifications, Netdata will automatically send alerts when:

How Alerts Work

  1. Netdata detects a problem (e.g., CPU too high)
  2. Sends alert to Apprise
  3. Apprise forwards to your configured channels (Discord, Slack, Email, etc.)
  4. You get notified immediately!

Customizing Alerts

You can customize alert thresholds by editing configuration files:

nano /opt/speedbits/netdata-client/netdata/health.d/cpu_usage.conf

Change the warning/critical thresholds to your preferences.

Security Recommendations

Adding Basic Auth Protection

If using Traefik, you can add username/password protection:

  1. Run: sudo bash Infrastructure/websiteprotection.sh
  2. Select "netdata"
  3. Enter username and password
  4. Now your dashboard is protected!

Troubleshooting

Can't Access Netdata

No Docker Containers Showing

Alerts Not Working

High Resource Usage

Where to Find Netdata After Install

Useful Features

Historical Data

Netdata stores historical data so you can see trends over time:

Exporting Data

You can export graphs and data:

Custom Dashboards

Netdata allows you to create custom dashboards:

You're Ready!

Netdata is now installed and monitoring your server in real-time! Remember:

Next steps: Explore the dashboard, check your Docker containers, set up alerts, and use Netdata to keep your server running smoothly!

Apps

18: Netdata Director - Multi-Server Monitoring Hub

Netdata Director is a centralized monitoring dashboard that lets you monitor multiple servers from one place. Instead of opening separate dashboards for each server, you get one unified view showing all your servers' metrics, alerts, and performance data. Think of it as a command center for all your infrastructure!

⚠️ IMPORTANT: Netdata Director is a Pro+ feature that requires a license. For single-server monitoring, use regular Netdata (Chapter 17) which is free.

For advanced features, API documentation, and customization options, see the official Netdata documentation.

Why Netdata Director?

Director vs Regular Netdata

Regular Netdata (Free)

Netdata Director (Pro+)

Prerequisites

Note: Netdata Director works best with Traefik and a domain name. Having a friendly URL like monitoring.yourdomain.com makes it easy to access your centralized dashboard.

How It Works

Netdata Director uses a parent-child architecture:

Director (Parent)

Child Nodes

Step 1: Verify Pro+ License

Before installing, make sure you have a Pro+ license. The installation script will check for this automatically.

If you don't have a Pro+ license:

Step 2: Start Infinity Tools

sudo infinity-tools

Step 3: Install Netdata Director

  1. Go to 📱 APPLICATIONS
  2. Select Netdata Director
  3. Choose Install Netdata Director

Using the Infinity Tools GUI

Step 3.1: Choose SSL Mode

You'll see two options. Here's what each means:

Step 3.2: If You Choose Traefik

  1. Enter your subdomain, e.g., monitoring.yourdomain.com
  2. Ensure the subdomain's DNS A record points to your server (see Chapter 4.5)
  3. Infinity Tools will configure HTTPS automatically via Let's Encrypt

After install: Your Netdata Director will be available at https://monitoring.yourdomain.com

Step 3.3: Apprise Notifications (Optional)

If you have Apprise installed (Chapter 5), you can enable centralized alert notifications:

Step 3.4: Save Your Stream API Key

⚠️ CRITICAL: During installation, a Stream API Key will be generated. This key is used to connect child nodes to the Director.

What Happens During Installation

Step 4: Access Netdata Director

If Using Traefik

  1. Wait 30-60 seconds for SSL certificate generation
  2. Open https://monitoring.yourdomain.com in your browser
  3. You'll see the Director dashboard!

If Using Standalone

  1. Open http://SERVER_IP:19999 in your browser
  2. You'll see the Director dashboard!

⚠️ IMPORTANT SECURITY NOTE: Netdata Director has NO username/password protection by default! However, you CANNOT use Basic Auth because it blocks child nodes from streaming data. Instead, use firewall rules, VPN access, or Netdata Cloud for security.

Step 5: Connect Child Nodes

Now that Director is running, you need to connect your other servers (child nodes) to it.

On Each Server You Want to Monitor

  1. SSH into the server
  2. Run: sudo infinity-tools
  3. Go to 📱 APPLICATIONSNetdataInstall
  4. When asked about streaming, choose Yes
  5. Enter Director details:
    • Director hostname/IP: The Director server's IP or domain
    • Director port: 19999 (or your custom port)
    • Stream API key: The key you saved during Director installation
  6. Complete the installation

What Happens Next

Step 6: Using the Director Dashboard

Switching Between Servers

  1. Open the Director dashboard
  2. Look for a dropdown menu (usually top-left or top-right)
  3. Select a server from the dropdown
  4. Dashboard updates to show that server's metrics

What You'll See

Security Recommendations

Security Options

Since Basic Auth doesn't work with Director, use these alternatives:

Troubleshooting

Can't Access Director

Child Nodes Not Appearing

Lost API Key

Where to Find Netdata Director After Install

Useful Features

Data Retention

Director stores historical data for all servers:

Centralized Alerts

If Apprise is enabled, you'll get alerts from all servers:

You're Ready!

Netdata Director is now installed and ready to monitor multiple servers! Remember:

Next steps: Connect your first child node, verify it appears in the dashboard, and start monitoring all your servers from one place!

Apps

19: Installing WireGuard - Secure VPN Access

WireGuard is a modern, fast, and secure VPN (Virtual Private Network) that lets you access your server and its services securely from anywhere. Once connected, you can access internal services, manage your server, and browse securely - all encrypted and protected!

For advanced features, API documentation, and technical details, see the official WireGuard documentation.

Why WireGuard?

Prerequisites

Note: WireGuard works great with Traefik and a domain name. Having a friendly URL like vpn.yourdomain.com makes it easy to access the web management interface.

Step 1: Start Infinity Tools

sudo infinity-tools

Step 2: Install WireGuard

  1. Go to 📱 APPLICATIONS
  2. Select WireGuard
  3. Choose Install WireGuard

Using the Infinity Tools GUI

Step 2.1: Network Configuration

You'll be asked to configure two networks:

VPN Network (Default: 10.13.13)

Host Network (Default: 10.13.14)

💡 Tip: Unless you have a specific reason, accept the defaults (just press Enter).

Step 2.2: DNS Configuration

WireGuard will automatically detect your server's DNS settings. This ensures VPN clients use the same DNS as your server for consistency.

Usually, you can just accept the auto-detected DNS (press Enter).

Step 2.3: Choose SSL Mode

You'll see two options. Here's what each means:

Simple rule of thumb: Use Standalone for most cases. Use Traefik if you have a domain and want trusted SSL.

Step 2.4: VPN Port Configuration

You'll be asked for the UDP port for VPN connections:

Step 2.5: Server Endpoint

You'll be asked for your server's public IP address or domain name:

What Happens During Installation

Step 3: Open Firewall Port

⚠️ CRITICAL: You MUST open the VPN port in your firewall, or clients cannot connect!

Opening the Port

sudo ufw allow 51820/udp

Replace 51820 with your custom port if you chose a different one.

Why This Matters

Step 4: Access WireGuard Web Interface

If Using Traefik

  1. Wait 30-60 seconds for SSL certificate generation
  2. Open https://vpn.yourdomain.com in your browser
  3. You'll see the WireGuard login page

If Using Standalone

  1. Open https://SERVER_IP:8445 in your browser
  2. You'll see a security warning (normal for self-signed certificates)
  3. Click "Advanced" → "Proceed to site" to continue
  4. You'll see the WireGuard login page

Step 5: Login to Web Interface

⚠️ CRITICAL: During installation, a random password was generated and displayed. Save it immediately!

Default Credentials

If You Lost the Password

You can retrieve it from:

cat /opt/speedbits/wireguard/web-password.txt

Login Steps

  1. Enter username: admin
  2. Enter the password shown during installation
  3. Click "Login"
  4. You'll see the WireGuard dashboard!

Step 6: Create Your First VPN Client

Now that you're logged in, let's create your first VPN client!

Adding a Client

  1. Click "Add Client" or the "+" button
  2. Enter a name for your device, e.g., "My Phone", "Laptop", "Work PC"
  3. Configure settings (or use defaults):
    • Allowed IPs: Usually auto-filled (VPN network + Host network)
    • Use Server DNS: Usually enabled (recommended)
  4. Click "Save" or "Create"
  5. You'll see a QR code and download options!

What You'll Get

Step 7: Set Up WireGuard on Your Device

Windows

  1. Install WireGuard from Microsoft Store
  2. Open WireGuard app
  3. Click "Add Tunnel""Import from file"
  4. Select the downloaded .conf file
  5. Click "Activate" to connect

Android/iOS/macOS

  1. Install WireGuard app from Play Store/App Store
  2. Open WireGuard app
  3. Tap "+""Create from QR code"
  4. Scan the QR code from the web interface
  5. Tap "Activate" to connect

Linux

  1. Install WireGuard: sudo apt install wireguard
  2. Copy the .conf file to: /etc/wireguard/wg0.conf
  3. Start WireGuard: sudo wg-quick up wg0
  4. Enable auto-start: sudo systemctl enable wg-quick@wg0

Step 8: Understanding VPN Networks

WireGuard creates two networks for different purposes:

VPN Network (10.13.13.0/24)

This network is for WireGuard clients and Docker services:

Host Network (10.13.14.0/24)

This network is for accessing host services (services running directly on the server):

What You Can Access via VPN

Docker Services (VPN Network)

Host Services (Host Network)

Security Recommendations

Firewall Best Practices

After setting up WireGuard, you can close other public ports:

# Close Webmin public access (access via VPN instead)
sudo ufw delete allow 8443

# Close Apprise public access (access via VPN instead)
sudo ufw delete allow 8444

# Close WireGuard web UI public access (access via VPN instead)
sudo ufw delete allow 8445

Now access everything securely via VPN!

Troubleshooting

Can't Connect to VPN

Can't Access Web Interface

Can't Access Services via VPN

Lost Web UI Password

Where to Find WireGuard After Install

Managing VPN Clients

Adding More Clients

Simply repeat Step 6 for each device you want to connect. Each device gets its own unique IP address.

Disabling Clients

In the web interface, you can disable clients without deleting them. This is useful if you temporarily don't want a device to connect.

Viewing Connection Stats

The web interface shows connection statistics for each client, including data transferred and connection time.

You're Ready!

WireGuard is now installed and ready to use! Remember:

Next steps: Create your first client, set up WireGuard on your device, test the connection, and start accessing your services securely from anywhere!

Apps

20: Warpgate - Secure SSH Gateway

Warpgate is a secure SSH gateway (also called a "bastion host") that provides a web interface for managing SSH access to your server. Instead of connecting directly to your server, you connect through Warpgate, which adds an extra layer of security and makes it easier to manage who can access what.

For advanced features, API documentation, and technical details, see the official Warpgate documentation.

Why Warpgate?

Prerequisites

Note: Warpgate works great with Traefik and a domain name. Having a friendly URL like warpgate.yourdomain.com makes it easy to access the web management interface.

Step 1: Start Infinity Tools

sudo infinity-tools

Step 2: Install Warpgate

  1. Go to 📱 APPLICATIONS
  2. Select Warpgate
  3. Choose Install Warpgate

Using the Infinity Tools GUI

Step 2.1: Choose SSL Mode

You'll see two options. Here's what each means:

Simple rule of thumb: Use Traefik if you have a domain (recommended). Use Standalone if you don't have a domain.

Step 2.2: Domain Configuration (Traefik Mode)

If you chose Traefik, you'll be asked for your domain:

Step 2.3: Port Configuration (Standalone Mode)

If you chose Standalone, you'll be asked for a port:

What Happens During Installation

Step 3: Set Up Admin Account

After installation, Warpgate will run an interactive setup. You'll be prompted to create an admin account:

Admin Setup Prompts

  1. Admin username: Choose a username for the admin account (e.g., admin)
  2. Admin password: Choose a strong password (you'll use this to log into the web interface)
  3. Confirm password: Enter the password again to confirm

⚠️ IMPORTANT: Save these credentials immediately! You'll need them to access the web interface.

Step 4: Access Warpgate Web Interface

If Using Traefik

  1. Wait 30-60 seconds for SSL certificate generation
  2. Open https://warpgate.yourdomain.com in your browser
  3. You'll see the Warpgate login page

If Using Standalone

  1. Open https://SERVER_IP:8888 in your browser
  2. You'll see a security warning (normal for self-signed certificates)
  3. Click "Advanced" → "Proceed to site" to continue
  4. You'll see the Warpgate login page

Step 5: Login to Web Interface

  1. Enter the admin username you created during setup
  2. Enter the admin password you created during setup
  3. Click "Login"
  4. You'll see the Warpgate dashboard!

Step 6: Understanding Warpgate

Warpgate acts as a gateway (or "bastion") between you and your server:

How It Works

What You Can Do

Step 7: Add Your First Target (Server)

Before users can connect, you need to add a "target" (the server they'll connect to):

Adding a Target

  1. In the web interface, go to "Targets" or "Servers"
  2. Click "Add Target" or the "+" button
  3. Enter target details:
    • Name: A friendly name (e.g., "My Server")
    • Host: The server's IP address or hostname (usually localhost or 127.0.0.1 for the same server)
    • Port: SSH port (usually 22)
    • Username: The SSH username (e.g., your server username)
  4. Click "Save" or "Create"

For Same-Server Access

If Warpgate is running on the same server you want to access:

Step 8: Add Users

Now add users who can connect through Warpgate:

Adding a User

  1. In the web interface, go to "Users"
  2. Click "Add User" or the "+" button
  3. Enter user details:
    • Username: A username for Warpgate (e.g., "john")
    • Password: A password for this user
    • Email: Optional email address
  4. Click "Save" or "Create"

Granting Access

After creating a user, grant them access to targets:

  1. Go to the user's profile
  2. Find "Access" or "Targets" section
  3. Select which targets this user can access
  4. Save the changes

Step 9: Connect via SSH Through Warpgate

Now you can connect to your server through Warpgate:

SSH Connection

ssh -p 2222 warpgate-user@warpgate.yourdomain.com

Or if using standalone mode:

ssh -p 2222 warpgate-user@SERVER_IP

What Happens

  1. You connect to Warpgate on port 2222
  2. Warpgate asks for your Warpgate username and password
  3. After authentication, Warpgate shows you available targets
  4. You select which target (server) you want to connect to
  5. Warpgate connects you to that server

First-Time Connection

On your first connection, you'll see:

  1. Warpgate login prompt
  2. Enter your Warpgate username and password
  3. List of available targets
  4. Select a target to connect
  5. You're now connected to your server!

Step 10: Security Best Practices

Close Direct SSH Access

Once Warpgate is working, you can close direct SSH access to your server:

# Close port 22 (direct SSH)
sudo ufw delete allow 22/tcp

# Keep port 2222 open (Warpgate SSH)
sudo ufw allow 2222/tcp

⚠️ WARNING: Only do this after testing Warpgate! Make sure you can connect through Warpgate before closing port 22.

Firewall Configuration

User Management

Troubleshooting

Can't Access Web Interface

Can't Connect via SSH

Forgot Admin Password

Target Connection Fails

Where to Find Warpgate After Install

Managing Warpgate

Adding More Users

Simply repeat Step 8 for each user you want to add. Each user can have access to different targets.

Adding More Targets

Add more servers by repeating Step 7. Users can then be granted access to these new targets.

Viewing Sessions

The web interface shows active SSH sessions, including who's connected and what they're doing.

Session Recording

Warpgate can record SSH sessions for security auditing. Check the settings in the web interface to enable this.

You're Ready!

Warpgate is now installed and ready to use! Remember:

Next steps: Add your first target, create users, grant access, test SSH connection through Warpgate, and optionally close direct SSH access (port 22) for better security!

Other Features of Infinity Tools