cloud-server/README.md

# Cloud Server Docker Contianers

## Device -- Raspberry Pi 4

## Information
This folder contains all of the services running on the Pi

## Contents:
**`~/Docker`**  
├── **`cloudflared/`**  
├── **`dashy/`**  
├── **`glances/`**  
├── **`homarr/`**  
├── **`nextcloud/`**  
├── **`nginx/`**  
├── **`portainer/`**  
├── **`README.md`**  
└── **`syncthing/`**  

## Current Ports:
- **`81`** --> nginx proxy manager web ui
- **`2222`** --> gitea ssh
- **`3000`** --> gitea web ui
- **`7575`** --> homarr
- **`8000`** --> portainer
- **`8080`** --> nextcloud web ui
- **`8123`** --> home assistant web ui
- **`8181`** --> dashy
- **`8282`** --> ha bridge web ui
- **`8384`** --> syncthing web ui
- **`9443`** --> portainer web ui
- **`22000`** --> synthing
- **`50000`** --> ha bridge
- **`61208`** --> glances web ui

## Current Web Paths:
- **`szumko.net`** --> Home Assistant
- **`szumko.net/data`** --> glances **\*Currently Disabled**
- **`pihole.szumko.net`** --> Pihole
- **`git.szumko.net`** --> Gitea
- **`cloud.szumko.net`** --> nextcloud

## Adding Subdomains:
1. Go to cloudflare account and add a dns record for the subdomain
2. Go to **`~/docker/cloudflared/config.yml`** and add the ingress pointing to NPM
3. Create a proxy host in NPM pointing to container_name:port (must be on **`homelab`** internal network)

## Adding Paths:
1. Add path in NPM (must be on **`homelab`**)

## UFW Settings
```
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip

To                         Action      From
--                         ------      ----
22                         ALLOW IN    192.168.0.0/24             # LAN SSH
22 on tailscale0           ALLOW IN    Anywhere                   # Tailscale SSH
Anywhere                   ALLOW IN    192.168.0.0/24             # LAN General Access
81 on tailscale0           ALLOW IN    Anywhere                   # Tailscale NPM
53 on tailscale0           ALLOW IN    Anywhere                   # Tailscale DNS
3000 on tailscale0         ALLOW IN    Anywhere                   # Tailscale AGH
3001 on tailscale0         ALLOW IN    Anywhere                   # Tailscale Gitea
2222 on tailscale0         ALLOW IN    Anywhere                   # Tailscale Gitea
9443 on tailscale0         ALLOW IN    Anywhere                   # Tailscale Portainer
61208 on tailscale0        ALLOW IN    Anywhere                   # Tailscale Glances
22 (v6) on tailscale0      ALLOW IN    Anywhere (v6)              # Tailscale SSH
81 (v6) on tailscale0      ALLOW IN    Anywhere (v6)              # Tailscale NPM
53 (v6) on tailscale0      ALLOW IN    Anywhere (v6)              # Tailscale DNS
3000 (v6) on tailscale0    ALLOW IN    Anywhere (v6)              # Tailscale AGH
3001 (v6) on tailscale0    ALLOW IN    Anywhere (v6)              # Tailscale Gitea
2222 (v6) on tailscale0    ALLOW IN    Anywhere (v6)              # Tailscale Gitea
9443 (v6) on tailscale0    ALLOW IN    Anywhere (v6)              # Tailscale Portainer
61208 (v6) on tailscale0   ALLOW IN    Anywhere (v6)              # Tailscale Glances
```