# Cloud Server Docker Contianers ## Device -- 2012 Mac Mini ## Information This Mac Mini acts as my network gateway and DNS, it additionally hosts my Gitea for right now ## Contents: **`~/Docker`** ├── **`adguard/`** ├── **`cloudflared/`** ├── **`gitea/`** ├── **`glances/`** ├── **`nginx/`** ├── **`portainer/`** └── **`README.md`** ## Current Ports: - **`53`** --> adgaurd DNS - **`81`** --> nginx proxy manager web ui - **`2222`** --> gitea ssh - **`3000`** --> adguard web UI - **`3001`** --> gitea web ui - **`8000`** --> portainer - **`9443`** --> portainer web ui - **`61208`** --> glances web ui ## Current Web Paths: - **`szumko.net`** --> Home Assistant - **`git.szumko.net`** --> Gitea - **`cloud.szumko.net`** --> nextcloud ## Adding Subdomains: 1. Go to cloudflare account and add a dns record for the subdomain 2. Go to **`~/docker/cloudflared/config.yml`** and add the ingress pointing to NPM 3. Create a proxy host in NPM pointing to container_name:port (must be on **`homelab`** internal network) ## Adding Paths: 1. Add path in NPM (must be on **`homelab`**) ## UFW Settings ``` Logging: on (low) Default: deny (incoming), allow (outgoing), deny (routed) New profiles: skip To Action From -- ------ ---- 22/tcp ALLOW IN 192.168.0.0/24 # LAN ssh 22/tcp on tailscale0 ALLOW IN Anywhere # Tailscle ssh 53,80,81,443,61208/tcp ALLOW IN 192.168.0.0/24 # LAN Access, 53 -> Adguard, 61208 -> glances 53,80,81,443,61208/udp ALLOW IN 192.168.0.0/24 # LAN Access, 53 -> Adguard, 61208 -> glances 53,80,81,443,61208/tcp on tailscale0 ALLOW IN Anywhere # Tailscale Access, 53 -> Adguard, 61208 -> glances 53,80,81,443,61208/udp on tailscale0 ALLOW IN Anywhere # Tailscale Access, 53 -> Adguard, 61208 -> glances 22/tcp (v6) on tailscale0 ALLOW IN Anywhere (v6) # Tailscale ssh (IPv6) 53,80,81,443,61208/tcp (v6) on tailscale0 ALLOW IN Anywhere (v6) # Tailscale Access (IPv6), 53 -> Adguard, 61208 -> glances 53,80,81,443,61208/udp (v6) on tailscale0 ALLOW IN Anywhere (v6) # Tailscale Access (IPv6), 53 -> Adguard, 61208 -> glances ```