vpskit
Set up, secure and deploy on your VPS from your terminal. No third-party service, no data sent anywhere. Everything runs locally on your machine.
Website: vpskit.pro
Quick Start
bash <(curl -sL https://raw.githubusercontent.com/mariusdjen/vpskit/main/vpskit.sh)That's it. The script guides you through everything.
Requirements
| System | How to run |
|---|---|
| macOS | Open Terminal (built-in) and run the command above |
| Linux | Open Terminal (built-in) and run the command above |
| Windows | Install Git Bash or WSL, then run the command above |
Your VPS must run a supported distribution (Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS, Fedora) with root access.
Windows - detailed instructions
Git Bash
- Install Git for Windows
- Open Git Bash
- Run the command from Quick Start
WSL
- Enable WSL:
wsl --install(PowerShell as admin) - Open the Ubuntu terminal
- Run the command from Quick Start
PowerShell
curl.exe -sL https://raw.githubusercontent.com/mariusdjen/vpskit/main/vpskit.sh -o vpskit.sh
wsl bash vpskit.shWhat It Does
$ bash vpskit.sh
========================================
VPSKIT
Set up and secure your server
========================================
[>] Step 1/9 : System update [OK]
[>] Step 2/9 : User creation [OK]
[>] Step 3/9 : SSH key setup [OK]
[>] Step 4/9 : SSH hardening [OK]
[>] Step 5/9 : Firewall [OK]
[>] Step 6/9 : Docker [OK]
[>] Step 7/9 : Caddy (reverse proxy) [OK]
[>] Step 8/9 : Auto-updates [OK]
[>] Step 9/9 : Dashboard MOTD [OK]
=== YOUR SERVER IS READY! ===
ssh deploy@your-server-ipPart 1: Preparation (on your machine)
| Step | Description |
|---|---|
| SSH key | Checks if a key exists, creates one if needed |
| Server IP | Asks for your VPS IP address |
| Key transfer | Sends your public key to the server (last password you'll type) |
Part 2: Security and setup (on the VPS)
| Step | Description |
|---|---|
| System update | Updates the OS and installs git, curl, wget |
| User creation | Creates a non-root user with sudo access |
| SSH key | Copies the SSH key to the new user |
| SSH hardening | Disables root login and password authentication |
| Firewall | Enables UFW or firewalld (ports 22, 80, 443) |
| Fail2ban | Blocks IPs after 5 failed SSH attempts (1h ban) |
| Docker | Installs Docker and Docker Compose with log rotation |
| Caddy | Reverse proxy with automatic SSL (Let's Encrypt) |
| Auto-updates | Enables automatic security updates |
| Dashboard MOTD | Server status on every SSH login (CPU, RAM, disk, Docker) |
Part 3: Post-setup
- Displays the SSH connection command
- Offers to create an SSH shortcut (
ssh vpsinstead ofssh -i ~/.ssh/key user@ip)
Deploy an Application
After setup, deploy your apps with one command:
Run vpskit, then choose "Deploy an application".
The script asks for:
- Your Git repository URL (HTTPS or SSH, both work)
- The application name
- The domain name
- The application port (default: 3000)
- A
.envfile if needed
It automatically detects docker-compose.yml or Dockerfile in your repository.
What deploy.sh does
- Connects to the VPS (reuses the setup.sh session)
- Configures GitHub SSH access if needed (multi-account support)
- Clones the repository (or runs
git pullif already deployed) - Installs the
.envfile if provided - Detects and runs
docker-compose.ymlorDockerfile - Configures Caddy (reverse proxy + SSL + www redirect)
- Verifies that the application responds
Public and private repositories
- Public repo (HTTPS): cloned directly, no configuration needed
- Private repo: the script detects the failure, generates an SSH key and guides you step by step to add it on GitHub
Multiple GitHub accounts
The script supports multiple GitHub accounts on the same VPS. Each account gets its own SSH key. On the first deployment, the script generates the key and walks you through adding it on GitHub. On subsequent deployments, you pick which account to use.
Deploy a branch or tag
In interactive mode, the script lets you pick a branch or tag after entering the repository URL.
Update an existing application
Already deployed an app and want to pull the latest version? The script handles it:
Run vpskit, then choose "Deploy" > "Update an existing application".
The script lists your deployed apps, you pick one, and it:
- Saves the current commit (for rollback)
- Runs
git pullon the deployed branch - Rebuilds and restarts the Docker containers
- Keeps your
.envfile untouched
Rollback
If a deployment goes wrong, roll back to the previous version:
Run vpskit, then choose "Deploy" > "Roll back to previous version".
The script automatically saves the commit hash before each update. Rollback restores that commit and restarts the containers.
Server Status
Run vpskit, then choose "Check VPS status".
Shows the full status of your server and all deployed applications:
- Server info: OS, uptime, CPU, RAM, disk
- Per application: Docker status, domain, port, last commit
- Docker containers summary
Backup and Restore
Backup
Run vpskit, then choose "Backup / Restore".
For each application, the script saves:
- The
.envfile - Docker volumes (persistent data)
- The Caddyfile (domain configuration)
- Metadata (commit, domain, port, date)
Everything is downloaded to your machine as a vps-backup-DATE-APP.tar.gz file.
Restore
Run vpskit, then choose "Backup / Restore" > "Restore".
Security
Everything runs locally on your machine. No account, no cloud service, no data sent to any third party. The script connects directly to your server via SSH. Your keys stay on your machine.
Roadmap
- CI/CD mode (non-interactive deployment via command-line arguments)
- GitHub Actions integration
- Scheduled backups
- Multi-server management
Contributing
Contributions are welcome! See CONTRIBUTING.md.
License
MIT - Marius Djen