🐶🔥 This is fine.
 
 
Go to file
michael d8d2a8c85f update readme 2023-10-27 10:29:27 -07:00
backup doc update 2023-07-27 23:50:53 -07:00
cuddlefish motds 2023-09-30 14:46:08 -07:00
rocktiplex update rsf service in rocktiplex 2023-10-19 11:14:13 -07:00
thonkpad update setup & run scripts 2023-10-27 10:22:20 -07:00
.gitignore add nixhost vm scripts 2023-10-01 08:43:11 -07:00
README.md update readme 2023-10-27 10:29:27 -07:00

README.md

Michael's Homelab

Welcome to the container farm...

Host List

Devices

Host OS Purpose / Services
Thonkpad (portable) Fedora Misc. Projects
Cuddlefish CentOS Gitea
Rocktiplex Rocky Linux Fathom, Status Proxy, RSF Analytics, ytpod
Cloud8 (under repair) Rocky Linux NextCloud

Virtualized Hosts

VM Kind Access Machine OS Purpose / Services
NixHost KVM SSH Thonkpad NixOS NixOS Testbed
WinHost KVM RDP Thonkpad Windows 10 Altium Designer

Off-site

Host Provider OS Purpose / Services
Backup1 TNAHosting Ubuntu Docker Volume Backups

Docker

Most services are run as Docker containers.

Volume Permission Notes

In a standard setup, we will have a docker usergroup. To make a user-created directory usable as a volume, run the following:

sudo chown -R my-user:docker my-dir

SELinux Notes

Docker volumes violate some SELinux policies. Use setenforce 0 to disable it temporarily, or make the following permanent change to /etc/sysconfig/selinux:

# SELINUX=enforcing
SELINUX=permissive

Dockerized Cloudflared Notes

If a docker-compose file looks like this:

services:
  gitea-server:
    image: gitea/gitea:1.19.3
    # ...
  gitea-cloudflared:
    image: cloudflare/cloudflared
    # ...

Then in this case the name of the target service is gitea-server, and (per Docker's networking shenanigans), should be specified directly by service name, e.g.

https://git.michaellisano.com -> http://gitea-server:3000

Backups

Everything is encrypted with age.

All keys are generated using age-keygen and stored in a text file, e.g.

backup-key.txt

# created: 2023-06-24T18:01:36-07:00
# public key: age12345...
AGE-SECRET-KEY-xyz123...

Decrypting a file:

age -d -i backup-key.txt -o NAME.tar.gz NAME.tar.gz.enc