turtlebasket
/
michaelnet
mirror of https://github.com/turtlebasket/michaelnet
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
🐶🔥 This is fine.
21 Commits
1 Branch
0 Tags
50 KiB
Shell 55.6%
Nix 44.4%
 
 
Go to file
michael 77923ae7de update ytpod service 2023-10-16 00:51:26 -07:00
backup doc update 2023-07-27 23:50:53 -07:00
cuddlefish motds 2023-09-30 14:46:08 -07:00
rocktiplex update ytpod service 2023-10-16 00:51:26 -07:00
thonkpad more nix stuff 2023-10-01 08:45:16 -07:00
.gitignore add nixhost vm scripts 2023-10-01 08:43:11 -07:00
README.md more nix stuff 2023-10-01 08:45:16 -07:00

README.md

Michael's Homelab

Host List

Devices

Host OS Purpose / Services
Thonkpad (portable) Fedora Misc. Projects
Cuddlefish CentOS Gitea
Rocktiplex Rocky Linux Fathom, Status Proxy, RSF Analytics
Cloud8 (under repair) Rocky Linux NextCloud

Virtualized Hosts

VM Kind Machine OS Purpose / Services
NixHost KVM Thonkpad NixOS NixOS Testbed

Off-site

Host Provider OS Purpose / Services
Backup1 TNAHosting Ubuntu Docker Volume Backups

Docker

Most services are run as Docker containers.

SELinux Notes

Docker volumes violate some SELinux policies. Use setenforce 0 to disable it temporarily, or make the following permanent change to /etc/sysconfig/selinux:

# SELINUX=enforcing
SELINUX=permissive

Dockerized Cloudflared Notes

If a docker-compose file looks like this:

services:
  gitea-server:
    image: gitea/gitea:1.19.3
    # ...
  gitea-cloudflared:
    image: cloudflare/cloudflared
    # ...

Then in this case the name of the target service is gitea-server, and (per Docker's networking shenanigans), should be specified directly by service name, e.g.

https://git.michaellisano.com -> http://gitea-server:3000

Backups

Everything is encrypted with age.

All keys are generated using age-keygen and stored in a text file, e.g.

backup-key.txt

# created: 2023-06-24T18:01:36-07:00
# public key: age12345...
AGE-SECRET-KEY-xyz123...

Decrypting a file:

age -d -i backup-key.txt -o NAME.tar.gz NAME.tar.gz.enc