1  # Personal Blog Containerized Stack - Directus as Headless CMS
 2  ## A self-hostable Blog stack for docker\podman (standalone) based on [directus.io](https://directus.io) as Headless CMS
 3  ## This stack is adapted for aarch64 (dietpi)
 4  
 5  > **Note:** The stack is not "production" ready: ports are exposed (dev purposes), front - Caddy routing isn't set up. Caddyfile is an example with debug logs enabled, it is also mounted as a volume by the container. The setup is actively undergoing testing and may change, with regard for retaining the volumes.
 6  
 7  Components and flow:
 8  ```
 9  Host (external)
10     │
11     ▼
12  Caddy (80 443)
13     │
14     └── svc (network)
15           ├ Directus
16           ├ Postgres (imresamu/postgis)
17           ├ Redis
18           ├ MinIO (pgsty/minio)
19           ├ CrowdSec (See note)
20           └ Backups (daily, BACKUP_DIR: ./backups/)
21  ```
22  
23  Repo: [rad:z3zkdYZbPsRiqF2CmoBaXyXbfENLs](https://app.radicle.xyz/nodes/iris.radicle.xyz/rad:z3zkdYZbPsRiqF2CmoBaXyXbfENLs)
24  
25  ### Setup
26  1) Clone the repo into a dir or mount accessible by the containers...
27     Backups, uploads and extensions volumes will be mounted there.
28  
29  2) Fill in the .env file (`hcms-directus.env.example`) according to [this.](https://directus.io/docs/self-hosting/deploying).
30     Note: Some of the services prefer longer secrets and keys, towards 32 bytes or over.
31     Save and rename the file to `hcms-directus.env`
32  
33  3) Bring up the stack by usual means, e.g.: 
34  
35  `docker compose --file=hcms-directus_compose.yaml --env-file=hcms-directus.env up --build`
36  
37      3.1) **CrowdSec setup:**
38      After the stack builds, once healthy, generate the bouncer API key:
39  
40      `docker exec -it <crowdsec_container> cscli bouncers add caddy`
41  
42   The printed key goes into .env: `CROWDSEC_BOUNCER_KEY=...`
43  
44  4) Restart the whole stack (e.g. `...compose stop; ...compose up -d`)