From b9d897c6651a223b92a8daf2abb4e658a0834673 Mon Sep 17 00:00:00 2001 From: Alex Szumko Date: Fri, 2 Jan 2026 08:19:04 +0000 Subject: [PATCH] Mac mini server intial commit --- .gitignore | 62 ++++++++++++++++++++++++++++++++++ README.md | 0 adguard/.gitignore | 13 +++++++ adguard/README.md | 0 adguard/docker-compose.yml | 14 ++++++++ cloudflared/.gitignore | 20 +++++++++++ cloudflared/README.md | 42 +++++++++++++++++++++++ cloudflared/config.git.yml | 17 ++++++++++ cloudflared/docker-compose.yml | 19 +++++++++++ gitea/.gitignore | 27 +++++++++++++++ gitea/docker-compose.yml | 38 +++++++++++++++++++++ glances/.gitignore | 10 ++++++ glances/README.md | 35 +++++++++++++++++++ glances/docker-compose.yml | 15 ++++++++ nginx/.gitignore | 14 ++++++++ nginx/README.md | 32 ++++++++++++++++++ nginx/docker-compose.yml | 21 ++++++++++++ portainer/.gitignore | 13 +++++++ portainer/README.md | 27 +++++++++++++++ portainer/docker-compose.yml | 11 ++++++ 20 files changed, 430 insertions(+) create mode 100644 .gitignore create mode 100644 README.md create mode 100644 adguard/.gitignore create mode 100644 adguard/README.md create mode 100644 adguard/docker-compose.yml create mode 100644 cloudflared/.gitignore create mode 100644 cloudflared/README.md create mode 100644 cloudflared/config.git.yml create mode 100644 cloudflared/docker-compose.yml create mode 100644 gitea/.gitignore create mode 100644 gitea/docker-compose.yml create mode 100644 glances/.gitignore create mode 100644 glances/README.md create mode 100644 glances/docker-compose.yml create mode 100644 nginx/.gitignore create mode 100644 nginx/README.md create mode 100644 nginx/docker-compose.yml create mode 100644 portainer/.gitignore create mode 100644 portainer/README.md create mode 100644 portainer/docker-compose.yml diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..eff735f --- /dev/null +++ b/.gitignore @@ -0,0 +1,62 @@ +### Environment files (secrets) +*.env +.env +.env.* + +### Container data (DO NOT VERSION) +/portainer/config +/portainer/config/* +**/data/ +**/db/ +**/mysql/ +**/redis/ +**/postgres/ +**/mariadb/ +**/volumes/ +**/storage/ +**/config/ # Prevents permission denied warnings (Portainer, Syncthing, Nextcloud, etc.) +**/appdata/ +**/cache/ +**/tls/ +**/certs/ +**/letsencrypt/ +**/uploads/ + +### Cloudflared & networking secrets +**/cert.pem +**/*.pem +**/*.key +**/*.crt +**/*.json + +### Syncthing internal data +**/index* +**/syncthing/config/ + +### Logs & backups +*.log +*.bak +*.backup +*~ +*.tmp + +### Editor / IDE files +*.swp +*.swo +*.swn +*.swm +*.DS_Store +Thumbs.db +.vscode/ +.idea/ +*.code-workspace + +### Docker-related junk +docker-compose.override.yml +*.pid +*.sock + +### Misc hidden / temp files +*.retry +*.orig +*.old diff --git a/README.md b/README.md new file mode 100644 index 0000000..e69de29 diff --git a/adguard/.gitignore b/adguard/.gitignore new file mode 100644 index 0000000..2314f0b --- /dev/null +++ b/adguard/.gitignore @@ -0,0 +1,13 @@ +work/ +work/** +config/ +config/** +.env +.env.* +.DS_Store +Thumbs.db +*.swp +*.swo +*~ +.vscode/ +docker-compose.override.yml diff --git a/adguard/README.md b/adguard/README.md new file mode 100644 index 0000000..e69de29 diff --git a/adguard/docker-compose.yml b/adguard/docker-compose.yml new file mode 100644 index 0000000..be5612a --- /dev/null +++ b/adguard/docker-compose.yml @@ -0,0 +1,14 @@ +services: + adguardhome: + image: 'adguard/adguardhome:latest' + container_name: 'adguard' + hostname: 'adguard' + restart: 'unless-stopped' + volumes: + - '/etc/localtime:/etc/localtime:ro' + - './work:/opt/adguardhome/work' + - './config:/opt/adguardhome/conf' + ports: + - '53:53/tcp' + - '53:53/udp' + - '3000:3000' diff --git a/cloudflared/.gitignore b/cloudflared/.gitignore new file mode 100644 index 0000000..fc60d1e --- /dev/null +++ b/cloudflared/.gitignore @@ -0,0 +1,20 @@ +# Ignore sensitive files +cloudflared/*.json +# Ignore all JSON files-> ignores .json +cert.pem +config.yml +.env + +# Ignore docker-compose override files (local configurations) +docker-compose.override.yml + +# Ignore log files +*.log + +# Ignore backup or swap files created by editors +*.bak +*.swp + +# Ignore any temporary files or directories created during runtime +tmp/ +*.pid diff --git a/cloudflared/README.md b/cloudflared/README.md new file mode 100644 index 0000000..ee4cbde --- /dev/null +++ b/cloudflared/README.md @@ -0,0 +1,42 @@ +# Cloudflare Tunnel Info + +## Instructions: +- Make sure config.yml is updated with changes from config.git.yml + +## Contents: +**`cloudflared`** +│ ├── **`.json`** +│ ├── **`cert.pem`** +│ ├── **`config.git.yml`** +│ ├── **`config.yml`** +│ ├── **`docker-compose.yml`** +│ ├── **`.env`** +│ ├── **`.gitignore`** +│ └── **`README.md`** + +### File Descriptions: +- **`.json`**: Cloudflare tunnel credentials file +- **`cert.pem`**: Cloudflare certificate file +- **`config.git.yml`**: Version-controlled template for `config.yml` +- **`config.yml`**: Configuration file for Cloudflare tunnel ingress methods +- **`docker-compose.yml`**: Docker Compose file for running the Cloudflare tunnel +- **`.env`**: Environment variables, including the tunnel ID +- **`.gitignore`**: Git ignore file +- **`README.md`**: Documentation + +### Environment Variables: +- **`tunnel_id`**: Cloudflare tunnel ID (stored in `.env`). + +### Ignored Files: +- **`.json`**: Sensitive file containing the Cloudflare tunnel credentials +- **`cert.pem`**: Cloudflare certificate file +- **`config.yml`**: Configuration file with sensitive data +- **`.env`**: Environment file containing sensitive data + +### Current Ingress Methods: +- **szumko.net** --> dashy dashboard +- **cloud.szumko.net** --> nextcloud +- **git.szumko.net** --> Gitea +- **ha.szumko.net** --> Home Assistant +- **pihole.szumko.net** --> Pihole Admin +- **lib.szumko.net** --> Calibre diff --git a/cloudflared/config.git.yml b/cloudflared/config.git.yml new file mode 100644 index 0000000..811d5cb --- /dev/null +++ b/cloudflared/config.git.yml @@ -0,0 +1,17 @@ +tunnel: # your tunnel ID +credentials-file: /etc/cloudflared/.json + +ingress: + - hostname: szumko.net + service: http://nginx-app-1:80 + - hostname: pihole.szumko.net + service: http://nginx-app-1:80 + - hostname: git.szumko.net + service: http://nginx-app-1:80 + - hostname: cloud.szumko.net + service: http://nginx-app-1:80 + - hostname: ha.szumko.net + service: http://nginx-app-1:80 + - hostname: lib.szumko.net + service: http://nginx-app-1:80 + - service: http_status:404 diff --git a/cloudflared/docker-compose.yml b/cloudflared/docker-compose.yml new file mode 100644 index 0000000..2dc5965 --- /dev/null +++ b/cloudflared/docker-compose.yml @@ -0,0 +1,19 @@ +services: + cloudflared: + container_name: 'Cloudflared' + image: cloudflare/cloudflared:latest + restart: unless-stopped + user: '1000:1000' + networks: + - 'default' + - 'tunnel' + volumes: + - ./config.yml:/etc/cloudflared/config.yml + - ./${TUNNEL_ID}.json:/etc/cloudflared/${TUNNEL_ID}.json # Use environment variable for tunnel ID + command: tunnel --no-autoupdate --config /etc/cloudflared/config.yml run + env_file: + - .env # Reference the .env file to inject environment variables + +networks: + tunnel: + external: true diff --git a/gitea/.gitignore b/gitea/.gitignore new file mode 100644 index 0000000..1cba5f9 --- /dev/null +++ b/gitea/.gitignore @@ -0,0 +1,27 @@ +# Ignore environment file that contains sensitive information +.env + +# Ignore any log files that may be generated by services +*.log + +# Ignore temporary or backup files that might be created by editors +*.bak +*.swp + +# Ignore docker-compose override files (local configurations, not meant to be versioned) +docker-compose.override.yml + +# Ignore any database files that are mapped as volumes (persistent data) +config/ +data/ +mysql/ + +# Ignore any tmp or pid files that might be created during runtime +tmp/ +*.pid + +# Ignore any SQLite database files (if applicable) +*.sqlite + +# Ignore any generated Nextcloud data files (if they're stored here instead of in volumes) +*.db diff --git a/gitea/docker-compose.yml b/gitea/docker-compose.yml new file mode 100644 index 0000000..5ff6a36 --- /dev/null +++ b/gitea/docker-compose.yml @@ -0,0 +1,38 @@ +services: + server: + image: docker.gitea.com/gitea:latest-rootless + environment: + - GITEA__database__DB_TYPE=mysql + - GITEA__database__HOST=db:3306 + - GITEA__database__NAME=gitea + - GITEA__database__USER=${GITEA__database__USER} + - GITEA__database__PASSWD=${GITEA__database__PASSWD} + restart: always + volumes: + - ./data:/var/lib/gitea + - ./config:/etc/gitea + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro + ports: + - "3001:3000" + - "2222:2222" + networks: + - 'default' + - 'homelab' + depends_on: + - db + + db: + image: docker.io/library/mysql:8 + restart: always + environment: + - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} + - MYSQL_USER=${MYSQL_USER} + - MYSQL_PASSWORD=${MYSQL_PASSWORD} + - MYSQL_DATABASE=${MYSQL_DATABASE} + volumes: + - ./mysql:/var/lib/mysql + +networks: + homelab: + external: true diff --git a/glances/.gitignore b/glances/.gitignore new file mode 100644 index 0000000..22a7e88 --- /dev/null +++ b/glances/.gitignore @@ -0,0 +1,10 @@ +# Ignore sensitive data +.env # Environment variables file (contains sensitive info) + +# Ignore temporary or log files +*.log # Log files +*.bak # Backup files +*.swp # Swap files (e.g., from text editors) + +# Ignore any local overrides or extra Docker Compose files +docker-compose.override.yml # Local override for docker-compose (optional) diff --git a/glances/README.md b/glances/README.md new file mode 100644 index 0000000..a4ad408 --- /dev/null +++ b/glances/README.md @@ -0,0 +1,35 @@ +# Glances Info + +## Instructions: +- Access WebUI on port 61208 + +## Contents: +**`glances/`** +├── **`docker-compose.yml`** +├── **`.env`** +├── **`.gitignore`** +└── **`README.md`** + + +## File Descrptions: +- **`docker-compose.yml`**: Docker compose file +- **`.env`**: Environment Variables +- **`.gitignore`**: Git ignore file +- **`README.md`**: Documentation + +## Environmet Variables: +- None + +## Ignored Files: +- **`.env`**: Environment Variables + +## NPM Configurations +- ``` + location /data/ { + proxy_pass http://glances:61208/; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + add_header Access-Control-Allow-Origin *; + } diff --git a/glances/docker-compose.yml b/glances/docker-compose.yml new file mode 100644 index 0000000..f9ea94e --- /dev/null +++ b/glances/docker-compose.yml @@ -0,0 +1,15 @@ +services: + glances: + image: nicolargo/glances:latest-full + container_name: glances + environment: + - TZ=America/Detroit + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro + - /run/user/1000/podman/podman.sock:/run/user/1000/podman/podman.sock:ro + pid: host + privileged: true + ports: + - '61208:61208' + restart: unless-stopped + command: glances -w -B 0.0.0.0 diff --git a/nginx/.gitignore b/nginx/.gitignore new file mode 100644 index 0000000..a095a1f --- /dev/null +++ b/nginx/.gitignore @@ -0,0 +1,14 @@ +# Ignore sensitive data +.env # Environment variables file (contains sensitive info) + +# Ignore directories with persistent or sensitive data +data/ # Contains persistent data (e.g., databases, configuration files) +letsencrypt/ # Contains SSL certificates (do not track in Git) + +# Ignore temporary or log files +*.log # Log files +*.bak # Backup files +*.swp # Swap files (e.g., from text editors) + +# Ignore any local overrides or extra Docker Compose files +docker-compose.override.yml # Local override for docker-compose (optional) diff --git a/nginx/README.md b/nginx/README.md new file mode 100644 index 0000000..bb708a3 --- /dev/null +++ b/nginx/README.md @@ -0,0 +1,32 @@ +# Nginx Proxy Manager Info + +## Instructions: +- Use for controlling paths/subdomains in cloudflare tunnel +- Access WebUI on port 81 + +## Contents: +**`nginx/`** +├── **`data/`** +├── **`docker-compose.yml`** +├── **`.env`** +├── **`.gitignore`** +├── **`letsencrypt/`** +└── **`README.md`** + + + +## File Descrptions: +- **`data/`**: Nginx Data +- **`docker-compose.yml`**: Compose file +- **`.env`**: Environment Variables +- **`.gitignore`**: Git Ignore file +- **`letsencrypt/`**: Letsencrypt Data +- **`README.md`**: Documentation + +## Environmet Variables: +- None + +## Ignored Files: +- **`data/`**: Persistant Data +- **`.env`**: Environment Variables +- **`letsencrypt/`**: Potentially sensitive data diff --git a/nginx/docker-compose.yml b/nginx/docker-compose.yml new file mode 100644 index 0000000..2d22c40 --- /dev/null +++ b/nginx/docker-compose.yml @@ -0,0 +1,21 @@ +services: + nginx: + container_name: 'NPM' + image: 'docker.io/jc21/nginx-proxy-manager:latest' + restart: unless-stopped + ports: + - '80:80' + - '81:81' + # - '443:443' + networks: + - 'homelab' + - 'tunnel' + volumes: + - ./data:/data + - ./letsencrypt:/etc/letsencrypt + +networks: + homelab: + external: true + tunnel: + external: true diff --git a/portainer/.gitignore b/portainer/.gitignore new file mode 100644 index 0000000..1ff5888 --- /dev/null +++ b/portainer/.gitignore @@ -0,0 +1,13 @@ +# Ignore sensitive data +.env # Environment variables file (contains sensitive info) + +# Ignore persistent or sensitive data directories +config/ # Portainer config folder (contains sensitive data) + +# Ignore temporary or log files +*.log # Log files +*.bak # Backup files +*.swp # Swap files (e.g., from text editors) + +# Ignore any local overrides or extra Docker Compose files +docker-compose.override.yml # Local override for docker-compose (optional) diff --git a/portainer/README.md b/portainer/README.md new file mode 100644 index 0000000..8333ed3 --- /dev/null +++ b/portainer/README.md @@ -0,0 +1,27 @@ +# Portainer Info + +## Instructions: +- Use for managing containers with a UW +- Access WebUI on port 9443 + +## Contents: +**`portainer/`** +├── **`config/`** +├── **`docker-compose.yml`** +├── **`.env`** +├── **`.gitignore`** +└── **`README.md`** + +## File Descrptions: +- **`config/`**: Portainer Configuration Data +- **`docker-compose.yml`**: Docker compose file +- **`.env`**: Environment Variables +- **`.gitignore`**: Git ignore file +- **`README.md`**: Documentation + +## Environmet Variables: +- None + +## Ignored Files: +- **`config/`**: Persistant Data +- **`.env`**: Environment VariablesPortainer Info diff --git a/portainer/docker-compose.yml b/portainer/docker-compose.yml new file mode 100644 index 0000000..98a64d8 --- /dev/null +++ b/portainer/docker-compose.yml @@ -0,0 +1,11 @@ +services: + portainer: + container_name: portainer + image: portainer/portainer-ce:lts + restart: always + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - /home/szumkoal/docker/portainer/config:/data + ports: + - 9443:9443 + - 8000:8000