Professional VPS website management with Docker, Nginx and automated deployment.
HostKit is a comprehensive CLI tool for managing Docker-based websites on your VPS with automated deployment via GitHub Actions. It simplifies the entire process from development to production deployment and provides enterprise-level features for security, monitoring and version management.
- Features
- System Requirements
- Installation
- Quick Start
- Command Reference
- GitHub Actions Integration
- Documentation
- Examples
- Troubleshooting
- Changelog
- Support
- Dual key generation (RSA 4096-bit + Ed25519) for maximum compatibility
- Multi-key support with multiple named SSH keys per website
- Command restriction - SSH users can only execute specific commands
- Automatic authorized_keys synchronization
- User isolation - each website gets its own dedicated system user
- Password authentication disabled for deployment users
- SSH connection logging and audit trails
- GitHub Actions ready with full CI/CD integration
- Docker-based deployments for consistent environments
- Docker Compose support - automatic detection and multi-service deployments
- Version management - keeps last 3 versions for rollbacks
- Zero-downtime deployments
- Automatic cleanup of old versions
- Manual deployment support via TAR files
- Seamless single-container and multi-container support
- Automatic reverse proxy configuration
- SSL/TLS with Let's Encrypt certificates
- Multi-domain support on a single VPS
- Automatic HTTP to HTTPS redirects
- Domain redirect support (www and other aliases)
- Intelligent certificate management with rate limit protection
- Certificate preservation to avoid Let's Encrypt rate limits
- Real-time status monitoring (SSL, container, port mapping)
- Easy log management and access
- ID-based referencing - use short IDs instead of domain names
- Comprehensive website information display
- Health checks for SSL expiry, container health, version info
- Container control (start, stop, restart)
- Per-website memory limits and reservations
- System memory overview with allocation visualization
- Automatic system reserve to protect OS performance
- Interactive memory allocation during registration
- Dynamic memory limit updates with container restart
- Real-time memory usage monitoring for running containers
- Interactive guided setup process
- Tab-completion for domains, IDs, and keys
- Input validation with retry logic
- Color-coded output for clear visual distinction
- Comprehensive help with categorized commands and examples
- Automatic version checking and updates
- Operating System: Ubuntu 22.04+ or Debian 11+
- Access: Root privileges required
- RAM: Minimum 2GB, recommended 4GB+
- Disk: Minimum 10GB free space
- Docker Engine
- Nginx
- Certbot (Let's Encrypt)
- jq (JSON parser)
- curl
git clone https://github.com/robert-kratz/hostkit.git
cd hostkitsudo bash install.shThe installation script will:
- Check all system requirements
- Install missing packages (nginx, certbot, docker, jq)
- Create necessary directories (
/opt/hostkit,/opt/domains) - Make
hostkitcommand globally available - Install bash completion
- Set necessary permissions
hostkit version
hostkit helpsudo hostkit registerYou will be guided through an interactive setup process:
- Enter domain name (e.g.,
example.com) - Choose port for Docker container (e.g.,
3000) - SSH user is automatically created (
deploy-example-com) - SSH keys are generated (RSA + Ed25519)
- Nginx reverse proxy is configured
- SSL certificate is requested (Let's Encrypt)
Important: At the end you will receive SSH keys - store them securely for GitHub Actions!
Navigate to: Settings → Secrets and variables → Actions
Add the following secrets:
| Secret Name | Value | Example |
|---|---|---|
VPS_HOST |
IP or domain of your VPS | 192.168.1.100 |
DEPLOY_USER |
SSH username | deploy-example-com |
DEPLOY_SSH_KEY |
Private SSH key | From hostkit show-keys |
DOMAIN |
Your domain | example.com |
Create .github/workflows/deploy.yml:
name: Deploy to VPS
on:
push:
branches: [main]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Build Docker Image
run: |
docker build -t ${{ secrets.DOMAIN }} .
docker save ${{ secrets.DOMAIN }} > image.tar
- name: Upload to VPS
uses: appleboy/scp-action@v0.1.7
with:
host: ${{ secrets.VPS_HOST }}
username: ${{ secrets.DEPLOY_USER }}
key: ${{ secrets.DEPLOY_SSH_KEY }}
source: "image.tar"
target: "/opt/domains/${{ secrets.DOMAIN }}/deploy/"
- name: Deploy
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.VPS_HOST }}
username: ${{ secrets.DEPLOY_USER }}
key: ${{ secrets.DEPLOY_SSH_KEY }}
script: |
sudo hostkit deploy ${{ secrets.DOMAIN }} /opt/domains/${{ secrets.DOMAIN }}/deploy/image.tar
rm -f /opt/domains/${{ secrets.DOMAIN }}/deploy/image.tarSee GitHub Actions Examples for more examples.
git add .
git commit -m "Initial deployment"
git push origin mainGitHub Actions will automatically:
- Build Docker image
- Upload image as TAR to VPS
- Execute HostKit deployment
- Start container
sudo hostkit list
sudo hostkit info example.comYour website is now live at https://example.com
# Register a new website
hostkit register
# List all registered websites with IDs
hostkit list
# Show detailed information about a website
hostkit info <domain|id>
# Remove a website and cleanup all resources
hostkit remove <domain|id># Start a website container
hostkit start <domain|id>
# Stop a website container
hostkit stop <domain|id>
# Restart a website container
hostkit restart <domain|id>
# View container logs (last 50 lines by default)
hostkit logs <domain|id>
# Follow logs in real-time
hostkit logs <domain|id> -f
# View specific number of log lines
hostkit logs <domain|id> 100# Deploy a new version
hostkit deploy <domain|id> [tar-file]
# List available versions
hostkit versions <domain|id>
# Switch to a specific version
hostkit switch <domain|id> <version>
# Rollback to previous version
hostkit rollback <domain|id># Check SSL certificate status for all domains
hostkit ssl-status
# Check SSL certificate status for specific domain
hostkit ssl-status <domain>
# Renew all SSL certificates
hostkit ssl-renew
# Renew certificate for specific domain
hostkit ssl-renew <domain># List all deployment users with their websites
hostkit list-users
# Show default SSH keys for a domain (with copy-paste commands)
hostkit show-keys <domain|id>
# Regenerate default SSH keys for a domain
hostkit regenerate-keys <domain|id>
# Show detailed information about a user
hostkit user-info <username># List all SSH keys for a website (including additional keys)
hostkit list-keys <domain|id>
# Create a new additional SSH key
hostkit add-key <domain|id> <key-name>
# Display SSH key content for copying to CI/CD
hostkit show-key <domain|id> <key-name>
# Remove a specific SSH key
hostkit remove-key <domain|id> <key-name>For detailed information about multi-key management, see SSH_KEY_MANAGEMENT.md.
# Set memory limits for a website
hostkit set-memory <domain|id>
# Show system memory overview and allocation
hostkit memory-statsThe memory management system:
- Shows total system memory and reserves 20% for the operating system (min 512MB, max 2GB)
- Displays available memory for containers with visual progress bar
- Allows you to set memory limit (hard limit) and reservation (soft limit)
- Automatically calculates recommended reservation (50% of limit)
- Validates allocation to prevent over-allocation
- Optionally restarts running containers to apply new limits
- Displays real-time memory usage in
hostkit infocommand
# Update HostKit to the latest version
hostkit update
# Show current version
hostkit version
# Show help for all commands
hostkit help
# Uninstall HostKit
hostkit uninstallHostKit is fully optimized for GitHub Actions. Here are the most important workflows:
Automatic deployment on push to main:
name: Deploy to VPS
on:
push:
branches: [main]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Build Docker Image
run: |
docker build -t ${{ secrets.DOMAIN }} .
docker save ${{ secrets.DOMAIN }} > image.tar
- name: Upload to VPS
uses: appleboy/scp-action@v0.1.7
with:
host: ${{ secrets.VPS_HOST }}
username: ${{ secrets.DEPLOY_USER }}
key: ${{ secrets.DEPLOY_SSH_KEY }}
source: "image.tar"
target: "/opt/domains/${{ secrets.DOMAIN }}/deploy/"
- name: Deploy
uses: appleboy/ssh-action@v1.0.3
with:
host: ${{ secrets.VPS_HOST }}
username: ${{ secrets.DEPLOY_USER }}
key: ${{ secrets.DEPLOY_SSH_KEY }}
script: |
sudo hostkit deploy ${{ secrets.DOMAIN }} /opt/domains/${{ secrets.DOMAIN }}/deploy/image.tar
rm -f /opt/domains/${{ secrets.DOMAIN }}/deploy/image.tarSeparate deployments for different branches:
on:
push:
branches:
- develop # Staging
- main # ProductionZero-downtime with automatic rollback:
- name: Health Check
run: |
if ! curl -f https://${{ secrets.DOMAIN }}/health; then
hostkit switch ${{ secrets.DOMAIN }} $PREVIOUS_VERSION
exit 1
fiFor complete examples, see GitHub Actions Examples.
Comprehensive documentation can be found in the docs/ directory:
| Document | Description |
|---|---|
| Docker Compose Guide | NEW! Multi-container deployments with Compose |
| GitHub Actions Examples | Complete CI/CD workflows and best practices |
| SSH Key Management | Multi-key system, key rotation, CI/CD integration |
| SSH Key Workflows | Practical examples and use cases |
| Input Validation | Validation system and retry logic |
| Security Enhancements | Security features and best practices |
| Uninstall Guide | Uninstallation options and cleanup |
| Migration Guide | Upgrade from web-manager to hostkit |
# 1. Register website
sudo hostkit register
# Input: example.com, Port 3000
# 2. Show SSH key for GitHub
sudo hostkit show-keys example.com
# 3. Add as GitHub Secret
# Settings → Secrets → DEPLOY_SSH_KEY
# 4. Create workflow (see above)
# .github/workflows/deploy.yml
# 5. Push and deploy
git push origin main# GitHub Actions Key
sudo hostkit add-key example.com github-actions
# GitLab CI Key
sudo hostkit add-key example.com gitlab-ci
# Manual Deployment Key
sudo hostkit add-key example.com manual-deploy
# Show all keys
sudo hostkit list-keys example.com
# Show specific key for GitHub
sudo hostkit show-key example.com github-actions# Show available versions
sudo hostkit versions example.com
# Switch to previous version
sudo hostkit switch example.com 20250107-143022
# Check status
sudo hostkit info example.com# List with IDs
sudo hostkit list
# Output: 0 | example.com | running | ...
# Use ID instead of domain
sudo hostkit info 0
sudo hostkit logs 0 -f
sudo hostkit restart 0
sudo hostkit list-keys 0Solution:
# 1. Check keys
sudo hostkit show-keys example.com
# 2. Check authorized keys
sudo cat /home/deploy-example-com/.ssh/authorized_keys
# 3. Regenerate keys if necessary
sudo hostkit regenerate-keys example.comSolution:
# 1. Check logs
sudo hostkit logs example.com 100
# 2. Check container status
sudo hostkit info example.com
# 3. Check Docker manually
sudo docker ps -a
sudo docker logs example-comSolution:
# 1. Check status
sudo hostkit ssl-status example.com
# 2. Renew manually
sudo hostkit ssl-renew example.com
# 3. Reload Nginx
sudo systemctl reload nginxSolution:
# 1. Check port usage
sudo netstat -tulpn | grep :3000
# 2. Register website with different port
sudo hostkit register
# Choose different port (e.g., 3001)Solution:
# 1. Check TAR file
ls -lh /opt/domains/example.com/deploy/
# 2. Deploy manually for testing
sudo hostkit deploy example.com /opt/domains/example.com/deploy/image.tar
# 3. Check Docker image directly
sudo docker load -i /opt/domains/example.com/deploy/image.tarFor more help, see Security Enhancements.
- Memory Management System - Per-website memory limits with interactive allocation
- System Memory Overview - Visual memory allocation with progress bars
- Automatic System Reserve - Protects OS performance by reserving 20% RAM
- Real-time Memory Monitoring - Shows current memory usage for running containers
- Dynamic Memory Updates - Change limits with optional container restart
- New
hostkit set-memorycommand to configure memory limits per website - New
hostkit memory-statscommand to show system-wide memory allocation
- Memory allocation during website registration
- Memory limits enforced on container start
- Memory usage displayed in
hostkit infocommand - Docker memory limits and reservations (soft limits) support
- Validation to prevent memory over-allocation
- Multi-key SSH management with multiple named keys per website
- ID-based commands using IDs (0, 1, 2...) instead of domain names
- Info command with comprehensive website information and SSL status
- SSL monitoring with expiry date and status in list
- Uninstall system with granular uninstallation options
- Tab completion with intelligent auto-completion for all commands
- Input validation with retry logic to prevent script aborts
- Enhanced help with categorized commands and examples
- Command renaming from
web-managertohostkit
- Comprehensive GitHub Actions examples
- SSH key management guide
- Workflow examples and best practices
- Migration guide for existing installations
- Added automatic version checking and update functionality
- New
hostkit updatecommand for self-updating - New
hostkit versioncommand to show current version - Automatic daily checks for new versions with user notifications
- Safe update process with automatic backups
- Enhanced installation script with all required dependencies
- Initial release
- Basic website management functionality
- GitHub Actions integration
- SSL certificate automation
- Docker container management
- Documentation: docs/
- Issues: GitHub Issues
- Discussions: GitHub Discussions
Contributions are welcome! Please follow these steps:
- Fork the repository
- Create a feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
This project is licensed under the MIT License - see LICENSE file for details.
Developed and maintained by Robert Julian Kratz
Copyright (c) 2025 Robert Julian Kratz
Repository: https://github.com/robert-kratz/hostkit
Website: https://rjks.us