Basics

This repository is for my documenting my homelab. Most documentation is found in the Wiki tab of this repository.

I use docker for all of my services that I run with a docker compose file. I use ssh through a peer to peer vpn service called Tailscale. Tailscale has functionality to store ssh keys and makes managing them very simple and easy with github accounts.

The homelab is run off of a dedicated server running a headless instance of Arch Linux. Arch linux is my Distro of preference however if I were to run a server that is required for reliability I would most likely prefer RedHat or similar for a stable environment over rolling release Arch.

Nginx is currently used to share my publicly facing services with a subdomain of mintyserver.net eg https://git.mintyserver.net. I use a docker image from linuxserver.io called swag. This contains some nice packages fo nginx such as fail2ban for spam authentication protection and letsencrypt for http ssl certificates. Not all services are reverse proxied such as my pihole as they are only needed to be accessed by me and therefore only accessible via local or vpn connections.

TODO

• Create an individual user for each container in order to increase isolation between containers
  • Create a new user for each container
  • change ownership of each config file to the correct user of the container
  • change ownership of /mnt/massdrive to a new user and give group permissions to container users that need access only
• Investigate a sync service for music playlists between yt spotify musicbrainz and lastfm
• Check out caddy and try it as an alternitive to nginx