Difficulty Level: 🟢 Beginner
Risk Level: 🟢 Low - Guidelines for safe and efficient server management
Essential best practices, helpful tips, and recommendations for maintaining a healthy, secure, and efficient server environment.
# Connect to server
ssh your-server
# Quick health check
docker compose ps
df -h
free -h
# Check for issues
docker compose logs --tail=20
# Done!
exit
What to look for:
Every Monday morning:
# 1. Check system health
~/docker/maintenance/health-check.sh
# 2. Review backup status
ls -lh ~/docker/backups/ | tail -10
# 3. Check for available updates
sudo apt update
docker images
# 4. Review security
sudo last -n 20
sudo grep "Failed password" /var/log/auth.log | tail -10
First of every month:
Update everything:
sudo apt update && sudo apt upgrade -y
docker compose pull
docker compose up -d
Clean up old backups:
# Keep only last 30 days
find ~/docker/backups -name "*.tar.gz" -mtime +30 -delete
Review disk space:
ncdu /home
docker system df
Test a backup restoration (on test environment if possible)
Review access logs for any suspicious activity
✅ DO:
~/.ssh/authorized_keys❌ DON'T:
# Good password practices
- Use unique passwords for each service
- Minimum 16 characters
- Mix of letters, numbers, symbols
- Store in a password manager
# Change passwords if:
- You suspect a breach
- An employee/contractor leaves
- Every 6-12 months (recommended)
# Review who has access
sudo last | head -20
# Check active sessions
who
# Review sudo usage
sudo grep sudo /var/log/auth.log | tail -20
⚠️ IMPORTANT: Immediately revoke access for anyone who no longer needs it!
# Check for security updates
sudo apt update
sudo apt list --upgradable
# Apply security updates
sudo apt upgrade -y
# Check Docker images
docker images
💡 TIP: Subscribe to security mailing lists for Ubuntu and your applications to stay informed about critical updates.
3 copies of your data
2 different storage types
1 off-site copy
Implementation:
1st copy: Production data (server)
2nd copy: Local backups (~/docker/backups)
3rd copy: Off-site backups (downloaded to your computer)
# Automated (via cron)
Daily: Full backup at 2 AM
Weekly: Download to local computer
Monthly: Archive to external drive
# Manual before changes
Before: Any major update or configuration change
Before: Container upgrades
Before: System updates
# Monthly restoration test
# Use a test environment or verify backup integrity
# Quick verification
tar -tzf ~/docker/backups/n8n_data-YYYYMMDD-HHMMSS.tar.gz > /dev/null
echo "Backup integrity: OK"
⚠️ IMPORTANT: An untested backup is not a backup! Test restoration quarterly.
# Keep backups organized
~/docker/backups/
├── daily/ # Last 7 days
├── weekly/ # Last 4 weeks
├── monthly/ # Last 12 months
└── archive/ # Important milestones
# Automate cleanup
# Delete backups older than 30 days
find ~/docker/backups/daily -name "*.tar.gz" -mtime +30 -delete
# Check container resource usage
docker stats --no-stream
# Monitor specific container
docker stats n8n --no-stream
# Check container logs
docker compose logs --tail=50 --follow
Expected resource usage:
n8n: ~200-500 MB RAM (normal operation)
MySQL: ~400-800 MB RAM (depends on data)
Traefik: ~50-100 MB RAM
💡 TIP: If a container is using significantly more resources than usual, check its logs for issues.
# Update images regularly
cd ~/docker
docker compose pull
# Check for unused images
docker images
# Clean up old images (saves space)
docker image prune -a
# See what Docker is using
docker system df
# Prevent logs from growing too large
# Add to docker-compose.yml for each service: (already in place)
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "3"
# View logs efficiently
docker compose logs --tail=100 n8n
docker compose logs --since=1h
docker compose logs --follow
# Graceful restart (preferred)
docker compose restart n8n
# Full restart with cleanup
docker compose down
docker compose up -d
# Nuclear option (only if needed)
docker compose down
docker system prune -a
docker compose up -d
⚠️ IMPORTANT: Always check logs after restarting:
docker compose logs
# Check disk usage
df -h
du -sh ~/docker/*
# Find large files
ncdu /home
# Clean Docker cache
docker system prune -a --volumes # ⚠️ Careful with --volumes!
# Clean package cache
sudo apt clean
sudo apt autoremove
Disk space thresholds:
# Check memory usage
free -h
# See what's using memory
top
# Press 'M' to sort by memory
# Check swap usage
swapon --show
Memory optimization tips:
# Check network connectivity
ping -c 4 google.com
# Check DNS resolution
nslookup n8n.yourdomain.website
# Test SSL certificate
curl -I https://n8n.yourdomain.website
# Check port accessibility
sudo netstat -tlnp | grep -E ':(80|443|1077)'
Create ~/docker/CHANGELOG.md:
# Server Change Log
## 2024-01-15
- Updated n8n to version 1.22.0
- Added Uptime Kuma monitoring
- Backed up all data before changes
## 2024-01-10
- Restarted Traefik to apply changes
## 2024-01-05
- System update: Ubuntu security patches
- No issues observed
Create ~/docker/doc/SETUP.md:
# Server Setup Documentation
## Server Details
- Provider: HostVDS
- Plan: 2 vCPU, 4GB RAM
- IP: XXX.XXX.XXX.XXX
- Domain: your-domain.com
## Installed Services
- n8n: Workflow automation
- MySQL: Database
- Traefik: Reverse proxy
## Important Dates
- Server created: 2024-01-01
- Last major update: 2024-01-15
- SSL renewal: Auto (Let's Encrypt)
## Emergency Contacts
- System Admin: [Contact info]
- Provider Support: [Contact info]
# Keep useful commands documented
nano ~/docker/maintenance/useful-commands.txt
# Example content:
# Backup all volumes
cd ~/docker && ./backup.sh
# Check disk space
df -h && docker system df
# View n8n logs
docker compose logs n8n --tail=100
# Restart all containers
docker compose restart
Step-by-step approach:
# Container won't start
docker compose logs [container-name]
docker compose restart [container-name]
# Out of disk space
docker system prune -a
sudo apt clean
# Can't access via browser
# Check if ports are open
sudo netstat -tlnp | grep -E ':(80|443)'
# SSL certificate issues
docker compose restart traefik
docker compose logs traefik
# Database connection issues
docker compose restart mysql
docker compose logs mysql
# Run containers in foreground to see output
docker compose up
# See real-time logs
docker compose logs --follow
# Check container details
docker inspect n8n
# Get a shell inside container
docker exec -it n8n /bin/sh
💡 TIP: Before making changes, always create a backup:
~/docker/maintenance/backup.sh
1. Running updates without backups
# WRONG
docker compose pull && docker compose up -d
# RIGHT
~/docker/maintenance/backup.sh
docker compose pull && docker compose up -d
docker compose logs
2. Ignoring disk space warnings
# If you see disk usage > 85%, act immediately!
# Don't wait until it hits 100%
3. Using docker system prune --volumes without thinking
# This DELETES all unused volumes (including backups!)
# Only use if you know what you're doing
4. Editing files without backups
# WRONG
nano docker-compose.yml
# RIGHT
cp docker-compose.yml docker-compose.yml.backup
nano docker-compose.yml
5. Leaving sensitive data in logs or history
# Clear sensitive commands from history
history -c
# Don't commit passwords to files
# Use environment variables instead
6. Running as root unnecessarily
# Use sudo only when needed
# Don't: sudo su - and stay as root
7. Not testing before implementing
# Test commands in a safe way first
# Read documentation before running unknown commands
Add these to ~/.bashrc:
# Edit aliases
nano ~/.bashrc
# Add these at the end:
alias dps='docker compose ps'
alias dlogs='docker compose logs'
alias dup='docker compose up -d'
alias ddown='docker compose down'
alias drestart='docker compose restart'
alias dbackup='cd ~/docker && ./backup.sh'
alias dhealth='cd ~/docker && ./health-check.sh'
alias diskspace='df -h && echo && docker system df'
alias update-check='sudo apt update && apt list --upgradable'
# Save and reload
source ~/.bashrc
# Now you can use short commands
dps # Instead of: docker compose ps
dlogs n8n # Instead of: docker compose logs n8n
dbackup # Instead of: cd ~/docker && ./backup.sh
diskspace # Check both system and Docker disk usage
# Complete health check
dps && diskspace && docker compose logs --tail=10
# Update everything
dbackup && docker compose pull && dup && dlogs
# Check for errors
docker compose logs | grep -i error
# See container resource usage
docker stats --no-stream --format "table {{.Name}}\t{{.CPUPerc}}\t{{.MemUsage}}"
# List all containers with their status
docker ps -a --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}"
# Keep your home directory clean
~/
├── docker/ # All Docker configs
│ ├── maintenance/ # All the script present in this documentation
│ │ ├── restore.sh # Restore a backup
│ │ ├── backup.sh # Backup your containers
│ │ └── etc...
│ ├── doc/ # Where you store your documentation
│ │ ├── SETUP.md # Document the updates and installations
│ │ ├── CHANGELOG.md # Document the changes
│ │ └── README.md # Document the important notes
│ ├── backups/ # Backup files
│ ├── storage/ # Docker's mounting directory
│ ├── docker-compose.yml # The docker configuration file
│ ├── CHANGELOG.md # Track changes
│ └── SETUP.md # Document setup
└── .ssh/ # SSH keys
If something feels wrong, it probably is. Stop and investigate.
Previous Guide: 09 - Emergency Procedures
Next Guide: 11 - Quick Reference & Cheat Sheet
Back to: Documentation Home