michaelnet/README.md

1.5 KiB

Michael's Homelab

Hosts

Host OS Services
Cuddlefish CentOS Gitea
Rocktiplex Rocky Linux Fathom
Cloud8 Rocky Linux NextCloud

SELinux Notes

Docker volumes violate some SELinux policies. Use setenforce 0 to disable it temporarily, or make the following permanent change to /etc/sysconfig/selinux:

# SELINUX=enforcing
SELINUX=permissive

Dockerized Cloudflared Notes

If a docker-compose file looks like this:

services:
  gitea-server:
    image: gitea/gitea:1.19.3
    ...
  gitea-cloudflared:
    image: cloudflare/cloudflared
    ...

Then in this case the name of the target service is gitea-server, and (per Docker's networking shenanigans), should be specified directly by service name, e.g.

https://git.michaellisano.com -> http://gitea-server:3000

Backup Decryption Notes

Everything is encrypted with age.

All keys are generated using age-keygen and stored in a text file, e.g.

backup-key.txt

# created: 2023-06-24T18:01:36-07:00
# public key: age12345...
AGE-SECRET-KEY-xyz123...

Decrypting a file:

age -d -i backup-key.txt -o NAME.tar.gz NAME.tar.gz.enc