├── pb_hooks ├── .gitkeep └── health.pb.js ├── .gitignore ├── CHECKS ├── CONTRIBUTING.md ├── Dockerfile ├── LICENSE ├── CODE_OF_CONDUCT.md └── README.md /pb_hooks/.gitkeep: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | pocketbase.exe 2 | pocketbase 3 | /pb_data -------------------------------------------------------------------------------- /CHECKS: -------------------------------------------------------------------------------- 1 | WAIT=10 2 | ATTEMPTS=3 3 | /api/health HTTP/1.1 4 | Host: pocketbase 5 | User-Agent: Dokku/1.0 6 | -------------------------------------------------------------------------------- /pb_hooks/health.pb.js: -------------------------------------------------------------------------------- 1 | routerAdd("GET", "/api/health", (c) => { 2 | return c.json(200, { "status": "ok" }); 3 | }); 4 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing 2 | 3 | Thank you for your interest in contributing to Dokku Pocketbase! We welcome contributions from the community to help improve and expand the capabilities of Pocketbase on Dokku. 4 | 5 | ## Getting Started 6 | 7 | To get started, follow these steps: 8 | 9 | 1. Fork the repository on GitHub. 10 | 2. Clone your fork to your local machine. 11 | 3. Create a new branch for your changes. 12 | 4. Make your changes and commit them to your branch. 13 | 5. Push your branch to your fork on GitHub. 14 | 6. Open a pull request to the main repository. 15 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | # syntax=docker/dockerfile:1 2 | FROM alpine:3.20 3 | 4 | # Build arguments 5 | ARG POCKETBASE_VERSION=0.28.2 6 | ARG TARGETOS=linux 7 | ARG TARGETARCH=amd64 8 | 9 | # Environment variables 10 | ENV POCKETBASE_VERSION=${POCKETBASE_VERSION} 11 | 12 | # Set working directory 13 | WORKDIR /app 14 | 15 | # Hadolint ignore=DL3018 16 | RUN apk add --no-cache ca-certificates && \ 17 | wget -O pocketbase.zip "https://github.com/pocketbase/pocketbase/releases/download/v${POCKETBASE_VERSION}/pocketbase_${POCKETBASE_VERSION}_${TARGETOS}_${TARGETARCH}.zip" && \ 18 | unzip pocketbase.zip && \ 19 | rm pocketbase.zip && \ 20 | chmod +x pocketbase 21 | 22 | 23 | # Copy hooks 24 | COPY ./pb_hooks /app/pb_hooks 25 | 26 | # Dokku-specific: Use $PORT environment variable 27 | ENV PORT=5000 28 | 29 | # Start Pocketbase 30 | CMD ["sh", "-c", "/app/pocketbase serve --http=0.0.0.0:$PORT"] -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2022 Alexander J. Rodriguez D. 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | # Contributor Covenant Code of Conduct 2 | 3 | ## Our Pledge 4 | 5 | We as members, contributors, and leaders pledge to make participation in our 6 | community a harassment-free experience for everyone, regardless of age, body 7 | size, visible or invisible disability, ethnicity, sex characteristics, gender 8 | identity and expression, level of experience, education, socio-economic status, 9 | nationality, personal appearance, race, religion, or sexual identity 10 | and orientation. 11 | 12 | We pledge to act and interact in ways that contribute to an open, welcoming, 13 | diverse, inclusive, and healthy community. 14 | 15 | ## Our Standards 16 | 17 | Examples of behavior that contributes to a positive environment for our 18 | community include: 19 | 20 | * Demonstrating empathy and kindness toward other people 21 | * Being respectful of differing opinions, viewpoints, and experiences 22 | * Giving and gracefully accepting constructive feedback 23 | * Accepting responsibility and apologizing to those affected by our mistakes, 24 | and learning from the experience 25 | * Focusing on what is best not just for us as individuals, but for the 26 | overall community 27 | 28 | Examples of unacceptable behavior include: 29 | 30 | * The use of sexualized language or imagery, and sexual attention or 31 | advances of any kind 32 | * Trolling, insulting or derogatory comments, and personal or political attacks 33 | * Public or private harassment 34 | * Publishing others' private information, such as a physical or email 35 | address, without their explicit permission 36 | * Other conduct which could reasonably be considered inappropriate in a 37 | professional setting 38 | 39 | ## Enforcement Responsibilities 40 | 41 | Community leaders are responsible for clarifying and enforcing our standards of 42 | acceptable behavior and will take appropriate and fair corrective action in 43 | response to any behavior that they deem inappropriate, threatening, offensive, 44 | or harmful. 45 | 46 | Community leaders have the right and responsibility to remove, edit, or reject 47 | comments, commits, code, wiki edits, issues, and other contributions that are 48 | not aligned to this Code of Conduct, and will communicate reasons for moderation 49 | decisions when appropriate. 50 | 51 | ## Scope 52 | 53 | This Code of Conduct applies within all community spaces, and also applies when 54 | an individual is officially representing the community in public spaces. 55 | Examples of representing our community include using an official e-mail address, 56 | posting via an official social media account, or acting as an appointed 57 | representative at an online or offline event. 58 | 59 | ## Enforcement 60 | 61 | Instances of abusive, harassing, or otherwise unacceptable behavior may be 62 | reported to the community leaders responsible for enforcement at 63 | alexr1712[at]gmail.com. 64 | All complaints will be reviewed and investigated promptly and fairly. 65 | 66 | All community leaders are obligated to respect the privacy and security of the 67 | reporter of any incident. 68 | 69 | ## Enforcement Guidelines 70 | 71 | Community leaders will follow these Community Impact Guidelines in determining 72 | the consequences for any action they deem in violation of this Code of Conduct: 73 | 74 | ### 1. Correction 75 | 76 | **Community Impact**: Use of inappropriate language or other behavior deemed 77 | unprofessional or unwelcome in the community. 78 | 79 | **Consequence**: A private, written warning from community leaders, providing 80 | clarity around the nature of the violation and an explanation of why the 81 | behavior was inappropriate. A public apology may be requested. 82 | 83 | ### 2. Warning 84 | 85 | **Community Impact**: A violation through a single incident or series 86 | of actions. 87 | 88 | **Consequence**: A warning with consequences for continued behavior. No 89 | interaction with the people involved, including unsolicited interaction with 90 | those enforcing the Code of Conduct, for a specified period of time. This 91 | includes avoiding interactions in community spaces as well as external channels 92 | like social media. Violating these terms may lead to a temporary or 93 | permanent ban. 94 | 95 | ### 3. Temporary Ban 96 | 97 | **Community Impact**: A serious violation of community standards, including 98 | sustained inappropriate behavior. 99 | 100 | **Consequence**: A temporary ban from any sort of interaction or public 101 | communication with the community for a specified period of time. No public or 102 | private interaction with the people involved, including unsolicited interaction 103 | with those enforcing the Code of Conduct, is allowed during this period. 104 | Violating these terms may lead to a permanent ban. 105 | 106 | ### 4. Permanent Ban 107 | 108 | **Community Impact**: Demonstrating a pattern of violation of community 109 | standards, including sustained inappropriate behavior, harassment of an 110 | individual, or aggression toward or disparagement of classes of individuals. 111 | 112 | **Consequence**: A permanent ban from any sort of public interaction within 113 | the community. 114 | 115 | ## Attribution 116 | 117 | This Code of Conduct is adapted from the [Contributor Covenant][homepage], 118 | version 2.0, available at 119 | https://www.contributor-covenant.org/version/2/0/code_of_conduct.html. 120 | 121 | Community Impact Guidelines were inspired by [Mozilla's code of conduct 122 | enforcement ladder](https://github.com/mozilla/diversity). 123 | 124 | [homepage]: https://www.contributor-covenant.org 125 | 126 | For answers to common questions about this code of conduct, see the FAQ at 127 | https://www.contributor-covenant.org/faq. Translations are available at 128 | https://www.contributor-covenant.org/translations. 129 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Pocketbase Dokku 2 | 3 | ![Pocketbase Logo](https://user-images.githubusercontent.com/8460736/188195613-01a44972-24eb-459c-a437-cdfa34b1bf73.png) 4 | 5 | [Pocketbase](https://pocketbase.io) is a powerful, open-source backend designed for SaaS and mobile applications, all implemented with a single file. 6 | 7 | ## Pocketbase Documentation 8 | 9 | For comprehensive Pocketbase usage and implementation details, visit the [Pocketbase Documentation](https://pocketbase.io/docs). 10 | 11 | ## Pocketbase Live Demo 12 | 13 | Experience the capabilities of Pocketbase through the [Live Demo](https://pocketbase.io/demo/). 14 | 15 | ## How to Install Pocketbase on Dokku 16 | 17 | To install Pocketbase on a Dokku server, follow these detailed steps: 18 | 19 | 1. **Clone the Repository**: Download the repository onto your local machine. 20 | ```sh 21 | git clone https://github.com/your-repo/dokku-pocketbase.git 22 | ``` 23 | 2. **Navigate to Directory**: Change to the `dokku-pocketbase` directory. 24 | ```sh 25 | cd dokku-pocketbase 26 | ``` 27 | 3. **Create a Dokku App**: Set up a new Dokku app named `pocketbase` on your server. 28 | ```sh 29 | dokku apps:create pocketbase 30 | ``` 31 | 4. **Ensure Persistent Storage**: Create a directory for persistent storage. 32 | ```sh 33 | dokku storage:ensure-directory pocketbase 34 | ``` 35 | 5. **Mount Storage**: Attach the persistent storage to your Pocketbase app. 36 | ```sh 37 | dokku storage:mount pocketbase /var/lib/dokku/data/storage/pocketbase:/app/pb_data 38 | ``` 39 | 6. **Set Pocketbase Version**: (Optional) Specify the Pocketbase version. 40 | ```sh 41 | dokku config:set pocketbase POCKETBASE_VERSION=0.22.4 42 | ``` 43 | 7. **Add Dokku Remote**: Link your local repository to the Dokku remote. 44 | ```sh 45 | git remote add dokku dokku@:pocketbase 46 | ``` 47 | 8. **Deploy Pocketbase**: Push your application to the Dokku server. 48 | ```sh 49 | git push dokku main 50 | ``` 51 | 52 | Pocketbase will now be operational on your server. 53 | 54 | ## Production Environment Variables 55 | 56 | When deploying Pocketbase to a production environment on Dokku, it's crucial to configure the following environment variables. These ensure your application runs smoothly and securely. 57 | 58 | - `POCKETBASE_ADMIN_EMAIL`: Specifies the email address for the initial administrator account. This account is used to access the Pocketbase admin UI. 59 | - `POCKETBASE_ADMIN_PASSWORD`: Sets the password for the initial administrator account. Choose a strong, unique password. 60 | - `POCKETBASE_APP_NAME`: Defines the name of your application. This can be reflected in various parts of the Pocketbase system and UI. 61 | - `POCKETBASE_APP_URL`: The public URL where your application will be accessible (e.g., `https://your-app.dokku.example.com`). This is important for ensuring Pocketbase generates correct links and for CORS settings if you have a separate frontend. 62 | 63 | You can set these environment variables using the `dokku config:set` command. Here's an example for each: 64 | 65 | ```sh 66 | dokku config:set pocketbase POCKETBASE_ADMIN_EMAIL=admin@example.com 67 | dokku config:set pocketbase POCKETBASE_ADMIN_PASSWORD=yourSuperSecretPassword 68 | dokku config:set pocketbase POCKETBASE_APP_NAME="My Awesome App" 69 | dokku config:set pocketbase POCKETBASE_APP_URL=https://my-awesome-app.dokku.example.com 70 | ``` 71 | 72 | Make sure to replace the example values with your actual desired configuration. 73 | 74 | ## Customizing Pocketbase Version 75 | 76 | To select a different Pocketbase version, modify the Dockerfile or set the `POCKETBASE_VERSION` environment variable in your Dokku app. 77 | 78 | ## Upgrading Pocketbase 79 | 80 | Upgrade your Pocketbase instance to a new version with these commands: 81 | 82 | 1. Add Docker build argument: 83 | ```sh 84 | dokku docker-options:add pocketbase build '--build-arg POCKETBASE_VERSION=0.22.22' 85 | ``` 86 | 2. Rebuild your app: 87 | ```sh 88 | dokku ps:rebuild pocketbase 89 | ``` 90 | 91 | ## Pocketbase Backups 92 | 93 | From version 0.16+, Pocketbase includes built-in backup and restore APIs accessible via the Admin UI (Settings > Backups). 94 | 95 | ## Backup Strategy 96 | 97 | While Pocketbase offers a convenient built-in backup feature through its Admin UI (accessible via Settings > Backups), it's important to establish a robust backup strategy for your production data. 98 | 99 | Consider the following recommendations: 100 | 101 | - **Regularly Schedule Backups**: Automate your backups to run at regular intervals (e.g., daily or weekly) depending on your data change frequency and recovery point objectives (RPO). 102 | - **Secure Off-site Storage**: Store your backups in a separate and secure location, preferably off-site from your Dokku server. This could be a cloud storage service (like AWS S3, Google Cloud Storage, Backblaze B2) or another physical server. This protects your data in case of server-level failures. 103 | - **Test Restore Procedures**: Periodically test your backup restoration process to ensure your backups are valid and can be restored successfully. 104 | - **Refer to Official Documentation**: For detailed instructions on creating, managing, and restoring backups, always consult the official [Pocketbase Documentation](https://pocketbase.io/docs/backups/). The documentation provides the most up-to-date and comprehensive guidance. 105 | 106 | A well-thought-out backup strategy is crucial for data durability and disaster recovery. 107 | 108 | ## Security Hardening 109 | 110 | Securing your Pocketbase instance is vital, especially in a production environment. Here are several recommendations to enhance the security of your deployment: 111 | 112 | - **Keep Pocketbase Updated:** Software vulnerabilities are discovered and patched over time. Regularly check the [Pocketbase releases page](https://github.com/pocketbase/pocketbase/releases) and update your instance to the latest version. You can update the `POCKETBASE_VERSION` build argument in your `Dockerfile` or set it as an environment variable in Dokku and rebuild your app. 113 | 114 | - **Strong Admin Credentials:** The Pocketbase admin account provides full access to your data and settings. 115 | - Use a strong, unique password for this account. 116 | - Set the admin email and password via environment variables (`POCKETBASE_ADMIN_EMAIL`, `POCKETBASE_ADMIN_PASSWORD`) as described in the "Production Environment Variables" section. This prevents them from being hardcoded or easily discovered. 117 | 118 | - **Secure API Rules:** Pocketbase allows you to define API rules for each collection, controlling who can access and modify data. 119 | - Apply the principle of least privilege: only grant the necessary permissions. 120 | - Carefully craft your API rules to prevent unauthorized data access or modification. Review these rules regularly, especially when your application logic changes. 121 | 122 | - **Enable HTTPS:** Encrypting traffic between your users and your Pocketbase instance is essential. 123 | - Dokku offers robust Let's Encrypt integration for free SSL/TLS certificates. This is the recommended way to enable HTTPS. 124 | - Refer to the [Dokku SSL documentation](https://dokku.com/docs/networking/ssl/) for detailed instructions on configuring HTTPS for your app. 125 | 126 | - **Review Pocketbase Settings:** Within the Pocketbase Admin UI (under Settings), review and configure the following: 127 | - **Application Name & URL:** Ensure these are set correctly. The Application URL (`POCKETBASE_APP_URL` environment variable) is particularly important for security features like OAuth2 and email verification. 128 | - **Allowed CORS Origins:** If your frontend is hosted on a different domain, specify the allowed origins to prevent cross-site request forgery (CSRF) and other web vulnerabilities. Be as specific as possible. 129 | - Other security-related settings as they become available in newer Pocketbase versions. 130 | 131 | - **Firewall:** Implement a firewall at the server level (e.g., using `ufw` on Ubuntu). 132 | - Restrict access to only necessary ports (typically 80 for HTTP and 443 for HTTPS). 133 | - This provides an additional layer of defense against network-based attacks. 134 | 135 | By implementing these hardening measures, you can significantly improve the security posture of your Pocketbase application on Dokku. 136 | 137 | ## Pocketbase Custom Business Logic 138 | 139 | Enhance Pocketbase by writing custom business logic in Go or JavaScript. Use the `pb_hooks` directory to create a portable backend. Learn more in the [Pocketbase as a Framework](https://pocketbase.io/docs/use-as-framework/) guide. 140 | 141 | ## Troubleshooting Pocketbase 142 | 143 | Consult the [Pocketbase Documentation](https://pocketbase.io/docs) or open an issue on our [GitHub repository](https://github.com/blockshiftnetwork/dokku-pocketbase/issues) for any installation or usage problems. 144 | 145 | # Custom Web and Mobile Solutions 146 | 147 | Seeking a custom web application or a bespoke solution for your business? The BlockShift team can assist with: 148 | 149 | - Custom Laravel/PHP application development 150 | - Vue.js or JavaScript solutions for web and mobile applications 151 | - Expert consulting services for existing applications 152 | 153 | ## Contact Us 154 | 155 | Ready to start your project? Visit [blockshift.us](https://blockshift.us/contact/) and discover more about our services. 156 | 157 | ## Contributing 158 | 159 | We welcome contributions! For details on how to get started, review our [Contributing Guide](/CONTRIBUTING.md). 160 | 161 | ## License Information 162 | 163 | This project is licensed under the MIT License. View the [LICENSE](LICENSE) file for more details. 164 | --------------------------------------------------------------------------------