Installation

Estimated time: 30–60 minutes  ·  Requires: Ubuntu 24.04 LTS, sudo access

Requirements

Tronexus runs on a single machine. The minimum hardware to run the full stack with local GPU inference:

ComponentMinimumNotes
OSUbuntu 24.04 LTSFresh install recommended
RAM8 GB16–32 GB recommended
GPU VRAM4 GB NVIDIARTX 3070 or better, 8GB+ VRAM; CPU-only is possible but slow
Storage50 GB SSD256 NVMe preferred; models take space
NetworkAny broadbandDNS/DDNS is optional
No GPU? Tronexus will still install and run. Ollama operates in CPU mode — inference will be slower but functional for development and light use.
Dedicated inference server? If you have a separate GPU machine (e.g. a gaming PC or workstation), you can point Tronexus at its Ollama endpoint. See Remote Inference below.

Quick Install

On a fresh Ubuntu 24.04 machine, run:

curl -fsSL https://tronexus.dev/install.sh | sudo bash

The installer will:

  • Verify Ubuntu 24.04 LTS
  • Update system packages
  • Apply Ubuntu security hardening (UFW, fail2ban, SSH, sysctl, auto-updates)
  • Install Docker if not present
  • Clone the Tronexus stack to /opt/tronexus
  • Run the configuration wizard
  • Start all containers
  • Install the monitoring cron job
SSH hardening note: The installer disables password authentication for SSH and sets PermitRootLogin no. Ensure you have an SSH key configured before running the installer, or you may lose access.

Configuration Wizard

The installer runs an interactive terminal wizard to collect all required configuration values. You will be prompted for:

PromptExampleNotes
Domainyourdomain.comYour base domain. All subdomains derive from this.
TimezoneEurope/AmsterdamUsed by n8n and monitoring.
Postgres usernametronexusDatabase user.
Postgres passwordLeave blank to auto-generate a secure password.
Google OAuth Client IDxxx.apps.googleusercontent.comFrom Google Cloud Console. Required for Auth API.
Google OAuth Client SecretFrom Google Cloud Console.
pgAdmin email[email protected]Login for the pgAdmin UI.
pgAdmin passwordLeave blank to auto-generate.
Telegram bot tokenOptional. From @BotFather. Enables monitoring alerts.
Telegram chat IDOptional. Your personal chat ID.
Remote inference host192.168.1.xOptional. IP of a separate Ollama server.

All secrets (JWT, LiteLLM key, WebUI key, n8n key) are generated automatically and written to /opt/tronexus/.env. The file is chmod 600.

Auth Bootstrap

After the stack is running, create the first application and admin API key:

sudo bash /opt/tronexus/scripts/bootstrap-auth.sh

This creates a default app called tronexus and prints an admin API key. Store the key in your password manager — it is displayed once and never stored in plain text.

The App ID is automatically written to .env as AUTH_APP_ID.

Pull Your First Model

Once the stack is running, pull an LLM via Ollama:

# Mistral 7B (recommended starting point, ~4GB)
docker exec tronexus-ollama ollama pull mistral

# Llama 3 8B (stronger, ~5GB)
docker exec tronexus-ollama ollama pull llama3

# List available models
docker exec tronexus-ollama ollama list

Models are stored in the ollama_data Docker volume and persist across restarts.

DNS Setup

Tronexus uses the following subdomains. Create DNS A records pointing to your server's public IP for each:

SubdomainService
yourdomain.comOpen WebUI — AI chat interface
auth-api.yourdomain.comTronexus Auth API
n8n.yourdomain.comn8n workflow automation
pgadmin.yourdomain.compgAdmin database UI

Caddy will automatically obtain and renew TLS certificates via Let's Encrypt once DNS is pointing correctly.

Using DDNS? Services like deSEC provide free dynamic DNS. Set a CNAME for each subdomain pointing to your DDNS hostname.

Remote Inference Server

If you have a separate machine with a GPU, you can run Ollama there and point Tronexus at it. This offloads inference from your main server.

On the inference machine, install and expose Ollama:

# Install Ollama
curl -fsSL https://ollama.com/install.sh | sh

# Edit the systemd service to listen on all interfaces
sudo mkdir -p /etc/systemd/system/ollama.service.d
cat << EOF | sudo tee /etc/systemd/system/ollama.service.d/override.conf
[Service]
Environment="OLLAMA_HOST=0.0.0.0"
EOF

sudo systemctl daemon-reload
sudo systemctl restart ollama

Then set INFERENCE_HOST in your .env to the IP of the inference machine and restart:

echo "INFERENCE_HOST=192.168.1.x" >> /opt/tronexus/.env
cd /opt/tronexus && docker compose restart litellm