A production-ready, multi-service platform infrastructure running on a resource-constrained Digital Ocean droplet (1GB RAM). This repository showcases Infrastructure-as-Code principles, microservices architecture, and enterprise-grade DevOps practices on a budget.
- Overview
- What This Project Does
- Architecture
- Live Services
- Technology Stack
- Project Structure
- Key Features
- Quick Start
- Resource Optimization
- Monitoring & Observability
- Documentation
- Contributing
Ronak-Verse is a complete platform infrastructure that hosts and manages multiple web applications, games, and microservices under the unified domain ronakverse.net. It demonstrates how to build, deploy, and maintain production-grade services on minimal hardware (1GB RAM) while implementing best practices in:
- Infrastructure as Code - All infrastructure defined in version control
- Containerization - Docker-based deployments for consistency and isolation
- Microservices Architecture - Service-oriented design with proper separation of concerns
- Observability - Comprehensive monitoring, metrics collection, and log aggregation
- Security - SSL/TLS encryption, firewall configuration, and intrusion prevention
- Resource Efficiency - Optimized configurations for memory-constrained environments
This repository serves as both a functional platform and a showcase of modern DevOps engineering capabilities.
Ronak-Verse manages a complete hosting environment that:
- Hosts Multiple Applications - Deploys and manages 6 different web applications and services
- Provides Shared Infrastructure - PostgreSQL, Redis, and RabbitMQ available to all applications
- Monitors Everything - Collects metrics and logs from all services via Prometheus, Grafana, and Loki
- Handles Traffic - Nginx reverse proxy with SSL/TLS termination and domain-based routing
- Automates Deployment - One-command deployments for infrastructure and applications
- Optimizes Resources - Memory limits, connection pooling, and efficient caching for 1GB RAM environment
+-----------------------------------------------------------+
| Internet (HTTPS Traffic) |
+----------------------------+------------------------------+
|
v
+---------------------+
| Nginx Reverse Proxy |
| (SSL/TLS) |
+----------+----------+
|
+--------------------+--------------------+
| | |
v v v
+---------------+ +--------------------+ +-------------+
| Static Apps | | Puzzle Services | | Monitoring |
+---------------+ +--------------------+ +-------------+
| - Gateway | | - React Frontend | | - Grafana |
| - Portfolio | | - API Gateway | +-------------+
| - TwoCars | | - Auth Service |
| - TypeIt | | - Block Service |
| - WindBorne | | - Blog Service |
+-------+-------+ | - Notification Svc |
| +----------+---------+
| |
v v
+----------------------------------------------+
| Shared Infrastructure |
+----------------------------------------------+
| - PostgreSQL (5432) |
| - Redis (6379) |
| - RabbitMQ (5672) |
+----------------------+-----------------------+
|
v
+----------------------------------------------+
| Observability Stack |
+----------------------------------------------+
| - Prometheus (9090) |
| - Loki (3100) |
| - Promtail |
| - Exporters |
+----------------------------------------------+
All services connected via Docker bridge network
(ronak-verse-network)
| Service | Domain | Description |
|---|---|---|
| Gateway | ronakverse.net | Main landing page |
| Portfolio | portfolio.ronakverse.net | Personal portfolio website |
| Puzzle | puzzle.ronakverse.net | Microservices-based note-taking app |
| TwoCars | twocars.ronakverse.net | JavaScript arcade game |
| TypeItToLoseIt | typeit.ronakverse.net | Typing speed game |
| WindBorne | windborne.ronakverse.net | Weather station coverage analyzer |
| Grafana | metrics.ronakverse.net | Monitoring dashboard |
- Containerization: Docker, Docker Compose
- Reverse Proxy: Nginx (HTTP/2, WebSocket support)
- SSL/TLS: Let's Encrypt (Certbot with DigitalOcean DNS API)
- Orchestration: Bash deployment scripts
- Database: PostgreSQL 16 (Alpine) - Multi-tenant with per-service databases
- Cache: Redis 7 (Alpine) - LRU eviction, AOF persistence
- Message Queue: RabbitMQ 3 (Management Alpine) - Event-driven communication
- Metrics Collection: Prometheus (15-second scrape interval)
- Visualization: Grafana (auto-provisioned dashboards)
- Log Aggregation: Loki (30-day retention)
- Log Shipping: Promtail (automatic Docker container discovery)
- Exporters: PostgreSQL Exporter, Redis Exporter
- Frontend: React (Puzzle), Static HTML/CSS/JS (Gateway, Portfolio, Games)
- Backend: Microservices architecture (Go/Node.js)
- API: RESTful APIs with WebSocket support
- Firewall: UFW (ports 22, 80, 443)
- Intrusion Prevention: fail2ban (SSH protection)
- Container Isolation: Docker bridge networking
- Secrets Management: Environment variables, Docker secrets
Ronak-Verse/
|
+-- Configuration & Setup Scripts
| +-- basic-config.sh # Initial VM setup (Docker, firewall, fail2ban)
| +-- init.sh # Master initialization script
| +-- nginx.sh # Nginx installation and configuration
| +-- getSSL.sh # SSL certificate acquisition (Let's Encrypt)
| +-- nginx.conf # Nginx reverse proxy configuration
|
+-- database/ # Shared Infrastructure Layer
| +-- docker-compose.yml # PostgreSQL, Redis, RabbitMQ definitions
| +-- deploy.sh # Infrastructure deployment script
| +-- postgresql.conf # PostgreSQL optimization (1GB RAM tuned)
| +-- rabbitmq.conf # RabbitMQ configuration
| +-- .env.example # Environment variables template
|
+-- observability/ # Monitoring & Logging Stack
| +-- docker-compose.yml # Prometheus, Grafana, Loki, Promtail
| +-- deploy.sh # Observability stack deployment
| +-- prometheus.yml # Metrics collection targets
| +-- loki-config.yml # Log aggregation configuration
| +-- promtail-config.yml # Log shipping configuration
| +-- grafana-datasources.yml # Auto-provisioned data sources
| +-- grafana-dashboards/ # Pre-built dashboard definitions
| +-- .env.example # Environment variables template
|
+-- services/ # Application Services
| +-- Gateway/ # Main website (ronakverse.net)
| | +-- deploy.sh
| | +-- Dockerfile
| |
| +-- Portfolio/ # Portfolio site (portfolio.ronakverse.net)
| | +-- deploy.sh
| | +-- Dockerfile
| |
| +-- TwoCars/ # Game: TwoCars (twocars.ronakverse.net)
| | +-- deploy.sh
| | +-- Dockerfile
| |
| +-- TypeItToLoseIt/ # Game: TypeIt (typeit.ronakverse.net)
| | +-- deploy.sh
| | +-- Dockerfile
| |
| +-- Puzzle/ # Microservices app (puzzle.ronakverse.net)
| | +-- deploy.sh # Deploys all microservices
| | +-- migrations/ # Database migration scripts
| | +-- auth-db.sql
| | +-- blocks-db.sql
| | +-- blog-db.sql
| |
| +-- WindBorne/ # Coverage Analyzer (windborne.ronakverse.net)
| +-- deploy.sh
| +-- Dockerfile
|
+-- Documentation
+-- README.md # This file - Project overview
+-- DEPLOYMENT_GUIDE.md # Comprehensive deployment instructions
The Puzzle application demonstrates a complete microservices implementation:
- API Gateway - Request routing and aggregation
- Auth Service - User authentication and authorization (dedicated DB:
puzzle_auth_db) - Block Service - Note block management (dedicated DB:
puzzle_blocks_db) - Blog Service - Blog functionality (dedicated DB:
puzzle_blog_db) - Notification Service - Real-time notifications
- Frontend - React SPA served via Nginx
Each service is independently deployable, scalable, and maintains its own database.
Full visibility into system health and performance:
- Real-time Metrics - Prometheus scrapes all services every 15 seconds
- Centralized Logging - Promtail automatically ships logs from all Docker containers to Loki
- Beautiful Dashboards - Grafana provides unified view of metrics and logs
- Service Monitoring - Track health of PostgreSQL, Redis, RabbitMQ, and all applications
- Self-Monitoring - Observability stack monitors itself
Everything is version-controlled and reproducible:
- One-command deployments (
./deploy.sh) - Docker Compose for service orchestration
- Configuration files for all services
- Automated health checks and restart policies
Production-ready security practices:
- HTTPS enforcement (HTTP to HTTPS redirect)
- SSL/TLS certificates with automatic renewal
- UFW firewall (minimal attack surface)
- fail2ban (SSH brute force protection)
- Container isolation via Docker networking
- Non-root container execution
Carefully tuned for 1GB RAM droplet:
- Memory limits on all containers
- PostgreSQL: 200MB limit, 50 max connections
- Redis: 50MB with LRU eviction policy
- RabbitMQ: 80MB limit, 64MB memory watermark
- Connection pooling and efficient caching
- 30-day metric and log retention
Services are designed for minimal manual intervention:
- Automatic database migrations
- Auto-discovery of Docker containers for log shipping
- Auto-provisioned Grafana datasources and dashboards
- Health checks ensure services are ready before marking as healthy
- Automatic restart on failure
- Digital Ocean droplet (1GB RAM minimum, 2GB recommended)
- Ubuntu 22.04 LTS
- Domain name with DNS configured (e.g.,
*.ronakverse.net) - SSH access to the server
# 1. SSH into your droplet
ssh root@your-droplet-ip
# 2. Clone this repository
cd /root
git clone https://github.com/Ronak-Malkan/Ronak-Verse.git
cd Ronak-Verse
# 3. Run basic configuration (installs Docker, UFW, fail2ban)
./basic-config.sh
# 4. Deploy infrastructure (PostgreSQL, Redis, RabbitMQ)
cd database
cp .env.example .env
nano .env # Configure passwords
./deploy.sh
# 5. Deploy observability stack (Prometheus, Grafana, Loki)
cd ../observability
cp .env.example .env
nano .env # Configure passwords
./deploy.sh
# 6. Deploy applications (example: Puzzle)
cd ../services/Puzzle
./deploy.sh
# 7. Configure Nginx
cd /root/Ronak-Verse
./nginx.sh
# 8. Obtain SSL certificates
./getSSL.shFor detailed deployment instructions, see DEPLOYMENT_GUIDE.md.
The entire platform runs on a 1GB RAM Digital Ocean droplet with the following optimizations:
| Component | Memory Limit | Reserved | Purpose |
|---|---|---|---|
| PostgreSQL | 200MB | 150MB | Multi-tenant database |
| Redis | 50MB | 30MB | Cache & sessions |
| RabbitMQ | 80MB | 50MB | Message queue |
| Prometheus | 50MB | 30MB | Metrics storage |
| Grafana | 50MB | 30MB | Dashboards |
| Loki | 40MB | 25MB | Log aggregation |
| Exporters | 40MB | 20MB | Metrics collection |
Total Infrastructure: ~510MB reserved Available for Apps: ~490MB + swap
PostgreSQL (database/postgresql.conf):
shared_buffers = 128MB
effective_cache_size = 256MB
max_connections = 50
work_mem = 2MB
Redis (maxmemory policy):
maxmemory 50mb
maxmemory-policy allkeys-lru
RabbitMQ (memory watermark):
vm_memory_high_watermark.absolute = 64MB
Prometheus (retention):
storage.tsdb.retention.time=30d
Access at: https://metrics.ronakverse.net
Pre-configured Datasources:
- Prometheus (metrics from all services)
- Loki (logs from all Docker containers)
What's Monitored:
- Application health (all Puzzle microservices)
- Infrastructure metrics (PostgreSQL, Redis, RabbitMQ)
- System resources (CPU, memory, disk)
- Container status and resource usage
- HTTP request rates and response times
- Database query performance
- Queue depths and message rates
Scrapes metrics from:
puzzle-api-gateway:8080/metricspuzzle-auth-service:8001/metricspuzzle-block-service:8002/metricspuzzle-blog-service:8003/metricspuzzle-notification-service:8004/metrics- PostgreSQL Exporter (9187)
- Redis Exporter (9121)
- Grafana (3000)
- Prometheus self-monitoring
Automatic log collection from all containers with:
- Label extraction (application, service, container)
- Log level parsing (ERROR, WARN, INFO, DEBUG)
- JSON log parsing
- Multi-line log support
- DEPLOYMENT_GUIDE.md - Complete step-by-step deployment instructions
- database/README.md - Infrastructure layer documentation (if exists)
- observability/README.md - Observability stack documentation (if exists)
- Service-specific READMEs - Found in each
services/*/directory
+----------------------+
| Initial Setup |
| (basic-config.sh) |
+----------+-----------+
|
v
+----------------------+
| Infrastructure |
| (database/deploy) |
+----------+-----------+
|
v
+----------------------+
| Observability |
| (observability/) |
+----------+-----------+
|
v
+----------------------+
| Applications |
| (services/*/deploy) |
+----------+-----------+
|
v
+----------------------+
| Nginx + SSL |
| (nginx.sh, getSSL) |
+----------------------+
Each service can be updated independently:
# Update Puzzle microservices
cd /root/Ronak-Verse/services/Puzzle
./deploy.sh
# Update infrastructure
cd /root/Ronak-Verse/database
./deploy.sh
# Update monitoring
cd /root/Ronak-Verse/observability
./deploy.shDeployment scripts automatically:
- Pull latest code from GitHub
- Run database migrations (if applicable)
- Rebuild Docker images
- Restart containers with health checks
# Check all containers are running
docker ps
# View resource usage
docker stats
# Check disk space
df -h# Review logs in Grafana
open https://metrics.ronakverse.net
# Check for SSL certificate expiry
sudo certbot certificates
# Review Prometheus alerts
curl http://localhost:9090/api/v1/alerts# Backup databases
docker exec ronak-verse-postgres pg_dumpall -U postgres > backup-$(date +%Y%m%d).sql
# Review and rotate logs
docker system prune -f
# Update Docker images
docker-compose pull && docker-compose up -d# Check logs
docker logs container_name
# Check resources
docker stats
# Restart container
docker restart container_name# Check memory usage
free -h
# Add swap if needed (2GB)
sudo fallocate -l 2G /swapfile
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile# Check if backend is running
docker ps | grep service_name
# Check nginx logs
sudo tail -f /var/log/nginx/error.log
# Test backend directly
curl http://localhost:PORTFor more troubleshooting tips, see DEPLOYMENT_GUIDE.md.
This is a personal infrastructure project, but suggestions and improvements are welcome!
- Fork the repository
- Create a feature branch (
git checkout -b feature/improvement) - Commit your changes (
git commit -am 'Add improvement') - Push to the branch (
git push origin feature/improvement) - Open a Pull Request
MIT License - See LICENSE file for details
Ronak Malkan
- Portfolio: portfolio.ronakverse.net
- GitHub: @Ronak-Malkan
- Digital Ocean - Reliable and affordable cloud hosting
- Let's Encrypt - Free SSL/TLS certificates
- Docker - Containerization platform
- Prometheus/Grafana - Observability stack
- Nginx - High-performance web server
Built with passion for DevOps, Infrastructure, and Cloud Engineering