As this is a new community hoping to continue the old. I thought I would take the opportunity to make some requests.

I have an intel NUC as a server with

  • sonarr
  • radarr
  • prowlarr
  • transmission with vpn
  • jellyfin
  • daap
  • home assistant
  • organizr

Wish list

  • some kind of dns resolution so I can access jellyfin.server.local
  • vpn to access server remotely with dynamic dns
  • some help with ansible so I can stop using my docker compose file manually.

I have done some reading and in all honesty just haven’t had the drive to try for fear of breaking something that’s working ok.

  • Bldck@beehaw.org
    2·
    1 year ago

    Here are the containers I use

    Portainer

    This is run directly on the host machine… not through portainer itself. This is the only container I run directly through docker. Full guide from portainer

    docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest

    Make sure to update the volume to be where you want to store the data (especially if you’re using a mounted NAS/DAS

    Cloudflare DDNS

    version: '2'
services:
  cloudflare-ddns:
    image: oznu/cloudflare-ddns:latest
    restart: always
    container_name: cloudflare-root
    environment:
      - API_KEY={redacted}
      - ZONE=name.tld
      - PROXIED=true # I proxy everything through cloud flare so my home IP isn't exposed
      # This sets IP address for the root name.tld
  cloudflare-ddns-abs:
    image: oznu/cloudflare-ddns:latest
    restart: always
    container_name: cloudflare-xyz
    environment:
      - API_KEY={redacted}
      - ZONE=name.tld
      - PROXIED=true
      - SUBDOMAIN=xyz 
      # This container doesn't handle multiple subdomains, nor wildcards...
      # So I have to run a different container for each service that's on its own subdomain. PITA

    Cloudflare zero trust

    1. Here’s the guide from Cloudflare. It’s all managed in their dashboard
    2. I just have a one service exposed to the WAN that needs auth.
    3. Create an application
    4. For the access policy, I just use OTP with a long session duration since I’m the only user

    nginx proxy manager

    Management and setup in the app is fairly straightforward, but depends on your local setup.

    Here’s part of the stack I use:

    version: "3"
services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    restart: unless-stopped
    ports:
      - '80:80'      # Public HTTP Port
      - '443:443' # Public HTTPS Port
      - '81:81'       # Admin Web Port
    • Conor@discuss.tchncs.deOP
      2·
      1 year ago

      Wow @Bldck. Thank you!!!

      After reading a bit more on what you said I got a bit more invigorated and just ordered a second hand Lenovo thinkcentre. I am going to start fresh with it.

      I will use this 100% and report back.