azpsen/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix readme merge conflict

Browse Source
This commit is contained in:
azpsen 2025-01-06 13:19:22 -06:00
commit bfe190b57c
1 changed files with 57 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
readme.md
View File

@ -19,6 +19,11 @@ These are all the services hosted, what they are for, and any clients I use with
- [AudioBookShelf](https://www.audiobookshelf.org/) - Audiobook server
- The official mobile client works great
- [Calibre Web](https://github.com/janeczku/calibre-web) - Ebook management
- [Yomu](https://www.yomu-reader.com/) for iOS is nice and minimal and supports OPDS for use with Calibre Web
- [Gitea](https://about.gitea.com/) - Git server - in the process of replacing my GitHub account
- [Grocy](https://github.com/grocy/grocy) - Household management (Am I out of milk? Do I have AAA batteries? What can I make for dinner?)
- [iOS Client](https://apps.apple.com/us/app/grocy-mobile/id1567803209)
- [Homepage](https://gethomepage.dev/) - My default new tab page - has info and stats about all my services plus links
- [Immich](https://immich.app/) - Photo and video management
- Their official mobile apps are quite good
- [Jellyfin](https://jellyfin.org) - Media server for movies, TV shows, and music
@ -36,14 +41,13 @@ These are all the services hosted, what they are for, and any clients I use with
- [Homepage](https://gethomepage.dev/) - My default new tab page; has info about all my services plus links
- [Joplin](https://joplinapp.org/) - Notes (Obsidian alternative)
- [Kiwix](https://kiwix.org/en/) - Offline wiki hosting - I have Wikipedia, the Arch Linux wiki, and several others downloaded
- [LinkStack](https://linkstack.org/) - Self-hosted LinkTree alternative
- [LinkStack](https://linkstack.org/) - Self-hosted LinkTree alternative ([azpsen.com](https://azpsen.com)) - more for content creators, definitely overkill for what I need. I'll probably replace it with a simple static site at some point
- [Miniflux](https://miniflux.app/) - Minimalist RSS feed reader
- [NetNewsWire](https://netnewswire.com/) - Wonderful all-purpose iOS RSS client
- [Paperless-ngx](https://docs.paperless-ngx.com/) - Document management system for legal documents, IDs, bank statements, etc.
- [Swift Paperless](https://github.com/paulgessinger/swift-paperless) - iOS client
- [Tandoor](https://tandoor.dev/) - Recipe management, so I always know which zucchine muffin recipe is the good one
- [Untare](https://github.com/phantomate/Untare) - Mobile client (discontinued but it still works for now)
- [Yomu](https://www.yomu-reader.com/) for iOS is nice and minimal and supports OPDS for use with Calibre Web
- [vaultwarden](https://github.com/dani-garcia/vaultwarden) - Password manager
- [Bitwarden clients](https://bitwarden.com/download/)
- [Wizarr](https://github.com/Wizarrrr/wizarr?tab=readme-ov-file) - Jellyfin user invite manager
@ -59,9 +63,9 @@ These are all the services hosted, what they are for, and any clients I use with
- [AdGuard Home](https://adguard.com/en/adguard-home/overview.html) - DNS filtering - I use this with [tailscale](https://tailscale.com/) to block ads on my phone
- [cloudflared](https://github.com/cloudflare/cloudflared) - CloudFlare tunnel client for easy and secure external service access
- [gluetun](https://github.com/qdm12/gluetun) - Docker VPN client and kill-switch. Very useful, allows for per-container VPN connectivity.
- [gluetun](https://github.com/qdm12/gluetun) - Docker VPN client and kill-switch. Very useful, allows for per-container VPN routing.
Note that I run tailscale on bare metal so it is not listed here, but it is very useful for remote access to services I don't want visible on the open internet as well as SSH access.
Note that I run tailscale as a system service, not in a container, so it is not listed here, but it is very useful for secure remote access - both for SSH and for services that don't need to be publicly visible.
### Downloading
@ -73,10 +77,10 @@ Note that I run tailscale on bare metal so it is not listed here, but it is very
I use [LunaSea](https://www.lunasea.app/) as a mobile client for Radarr and Sonarr.
This configuration uses `.env` files to separate secrets from public information and maintain brevity in the main `docker-compose.yml`
## Environment
This configuration uses `.env` files to separate secrets from public information and keep the main `docker-compose.yml` a little shorter. It is set up to look for these files in `/docker/env`, with each service having its own `<service>.env` file.
Below are the variables that need to be set in the `.env` file for each service. Empty variables should be replaced with your values.
> **A Note on Email**
@ -100,13 +104,24 @@ Below are the variables that need to be set in the `.env` file for each service.
### cloudflared
`TUNNEL_TOKEN`: available in the cloudflare zero-trust tunnel dashboard, under `install and run a connector`
[Docs](https://github.com/cloudflare/cloudflared?tab=readme-ov-file)
```env
# cloudflared.env
# Available in the cloudflare zero-trust tunnel dashboard, under `install and run a connector`
TUNNEL_TOKEN=
```
### gluetun
The values below are specific to Mullvad VPN ([docs](https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/mullvad.md)). Other providers need different values, refer to the corresponding gluetun documentation.
[Docs](https://github.com/qdm12/gluetun)
The values below are specific to Mullvad VPN ([gluetun docs](https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/mullvad.md)). Other providers need different values, refer to the corresponding gluetun documentation.
```env
# gluetun.env
VPN_SERVICE_PROVIDER=mullvad
VPN_TYPE=wireguard
WIREGUARD_PRIVATE_KEY=
@ -118,11 +133,13 @@ The values for `WIREGUARD_PRIVATE_KEY` and `WIREGUARD_ADDRESSES` should be avail
### Immich
My current Immich docker setup includes a lot of repetition - when I want to update, I have to change the version in 3 places. I have plans to improve this, but for now this is what works. Also note that the way I set the upload location is not recommended by the Immich docs.
[Docs](https://immich.app/docs/install/docker-compose/)
For more information, see the Immich [docker-compose setup instructions](https://immich.app/docs/install/docker-compose/).
My current Immich docker setup has a lot of repetition - when I want to update, I have to change the version in 3 places. I have plans to improve this, but for now this is what works. Also note that the way I set the upload location is not recommended by the Immich docs.
```env
#immich.env
UPLOAD_LOCATION=/media/immich
IMMICH_VERSION="v1.123.0"
@ -143,9 +160,11 @@ POSTGRES_DB=immich
### Joplin
See the [docker-joplin-server docs](https://github.com/flosoft/docker-joplin-server) for more info.
[Docs](https://github.com/flosoft/docker-joplin-server)
```env
# joplin.env
APP_PORT=22300
APP_BASE_URL=
DB_CLIENT=pg
@ -155,7 +174,7 @@ POSTGRES_USER=
POSTGRES_PORT=5432
POSTGRES_HOST=joplin-db
# Optional SMTP options
# Optional SMTP settings
MAILER_ENABLED=1
MAILER_HOST=
MAILER_PORT=465
@ -168,9 +187,13 @@ MAILER_NOREPLY_EMAIL=
### LinkStack
This one just needs the public hostname and admin email. [Docs](https://linkstack.org/docker/).
[Docs](https://linkstack.org/docker/)
This one just needs the public hostname and admin email.
```env
# linkstack.env
HTTPS_SERVER_NAME=
SERVER_ADMIN=
```
@ -180,6 +203,8 @@ SERVER_ADMIN=
[Docs](https://miniflux.app/docs/docker.html)
```env
# miniflux.env
DATABASE_URL=postgres://miniflux:{...}@rss_db:5432/miniflux?sslmode=disable # replace {...} with your postgres password
RUN_MIGRATIONS=1
@ -193,6 +218,8 @@ POSTGRES_DB=miniflux
[Docs](https://docs.paperless-ngx.com/setup/#docker)
```env
# paperless.env
USERMAP_UID=1000
USERMAP_GID=1000
PUID=1000
@ -221,13 +248,20 @@ PAPERLESS_EMAIL_FROM=
### Speedtest Tracker
[Docs](https://docs.speedtest-tracker.dev/getting-started/installation/using-docker-compose). `APP_URL` is the public address, `APP_KEY` is generated with `echo -n 'base64:'; openssl rand -base64 32;`
[Docs](https://docs.speedtest-tracker.dev/getting-started/installation/using-docker-compose)
```env
# speedtest.env
PUID=1000
PGID=1000
# Generate with `echo -n 'base64:'; openssl rand -base64 32;` or use the speedtest-tracker website
APP_KEY=
# Public address or IP
APP_URL=
DB_CONNECTION=sqlite
APP_TIMEZONE=
DISPLAY_TIMEZONE=
@ -236,9 +270,11 @@ SPEEDTEST_SCHEDULE=0,15,30,45 * * * * # run speedtest every 15 minutes
### Tandoor
[Docs](https://docs.tandoor.dev/install/docker/).
[Docs](https://docs.tandoor.dev/install/docker/)
```env
# tandoor.env
# Random secret key, use for example `base64 /dev/urandom | head -c50` to generate one
SECRET_KEY=
@ -256,16 +292,20 @@ POSTGRES_PASSWORD=
### vaultwarden
[Docs](https://github.com/dani-garcia/vaultwarden). Note that the crypto API requires HTTPS, so local access is a bit of a challenge.
[Docs](https://github.com/dani-garcia/vaultwarden)
Note that the cryptography API used by vaultwarden requires HTTPS, so local access can be a bit of a challenge.
These values are only required if you need to use the vaultwarden admin page (for user management, SMTP, hardware 2FA, etc.). The `ADMIN_TOKEN` value gave me trouble - to make it work, I used the 'Using `argon2`' instructions from [Enabling admin page](https://github.com/dani-garcia/vaultwarden/wiki/Enabling-admin-page) in the docs. At `your-ip-or-url.com/admin`, the password you used for the hash will unlock it (e.g. `MySecretPassword` per their example).
Note: The `ADMIN_TOKEN` value should be enclosed in single quotes. If it is not, all instances of `$` in the value will need to be replaced with `$$` to prevent the value from being split by the parser.
```env
# vaultwarden.env
# Public domain or IP
DOMAIN=
# Dollar signs must be replaced with two dollar signs to properly escape variables in this token
ADMIN_TOKEN=
# Optional SMTP email settings