michaelnet/README.md

2.4 KiB

Michael's Homelab

Host List

Devices

Host OS Purpose / Services
Thonkpad (portable) Fedora Misc. Projects
Cuddlefish CentOS Gitea
Rocktiplex Rocky Linux Fathom, Status Proxy, RSF Analytics
Cloud8 (under repair) Rocky Linux NextCloud

Virtualized Hosts

VM Kind Machine OS Purpose / Services
NixHost KVM Thonkpad NixOS NixOS Testbed

Off-site

Host Provider OS Purpose / Services
Backup1 TNAHosting Ubuntu Docker Volume Backups

Docker

Most services are run as Docker containers.

SELinux Notes

Docker volumes violate some SELinux policies. Use setenforce 0 to disable it temporarily, or make the following permanent change to /etc/sysconfig/selinux:

# SELINUX=enforcing
SELINUX=permissive

Dockerized Cloudflared Notes

If a docker-compose file looks like this:

services:
  gitea-server:
    image: gitea/gitea:1.19.3
    # ...
  gitea-cloudflared:
    image: cloudflare/cloudflared
    # ...

Then in this case the name of the target service is gitea-server, and (per Docker's networking shenanigans), should be specified directly by service name, e.g.

https://git.michaellisano.com -> http://gitea-server:3000

Backups

Everything is encrypted with age.

All keys are generated using age-keygen and stored in a text file, e.g.

backup-key.txt

# created: 2023-06-24T18:01:36-07:00
# public key: age12345...
AGE-SECRET-KEY-xyz123...

Decrypting a file:

age -d -i backup-key.txt -o NAME.tar.gz NAME.tar.gz.enc