readme

Makefile

@@ -1,6 +1,6 @@
 include .env
 
-SERVICES = actualbudget gitea homepage linkding nextcloud photoprism restic syncthing traefik
+SERVICES = actualbudget gitea homepage linkding nextcloud photoprism restic syncthing traefik uptime-kuma
 
 # Default target: upload .env files for all services
 upload: $(addprefix upload-,$(SERVICES))

README.md

@@ -0,0 +1,172 @@
+# 🌐 Self-hosted
+
+## 🛠️ Setup instructions
+### 🛠️ Configuration Setup
+1. **Create `.env` File:** Add a `.env` file in your local repository with the following variables:
+
+```
+REMOTE_USER=
+REMOTE_HOST=
+REMOTE_PATH=
+```
+These variables will be utilized by the `Makefile` to synchronize configurations from your local environment to the server without exposing sensitive information in your Git repository.
+
+### Set up Tailscale
+Tailscale provides a seamless way to connect your devices to your internal network securely.
+
+#### 🛠️ Installation and Configuration Steps
+
+1. Add Tailscale’s package signing key and repository:
+    
+```
+curl -fsSL https://pkgs.tailscale.com/stable/debian/bookworm.noarmor.gpg | sudo tee /usr/share/keyrings/tailscale-archive-keyring.gpg >/dev/null
+curl -fsSL https://pkgs.tailscale.com/stable/debian/bookworm.tailscale-keyring.list | sudo tee /etc/apt/sources.list.d/tailscale.list
+```
+    
+2. Install Tailscale:
+    
+```
+sudo apt-get update
+sudo apt-get install tailscale
+```
+    
+3. Connect your machine to your Tailscale network and authenticate in your browser:
+    
+```
+sudo tailscale up
+```
+    
+4. Find your Tailscale IPv4 address by running:
+    
+```
+tailscale ip -4
+```
+
+#### 🛠️ Preparing the System
+
+Update System and Install Dependencies: Update the package list and install essential dependencies.
+
+```
+sudo apt update
+sudo apt install ca-certificates curl gnupg lsb-release
+```
+
+#### 🔑 Adding Docker Repository
+
+1. Add Docker's GPG key
+
+```
+sudo mkdir -p /etc/apt/keyrings
+curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
+sudo chmod a+r /etc/apt/keyrings/docker.gpg
+```
+
+2. Add Docker Repository
+
+```
+echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+```
+
+#### 🚀 Installing Docker and Docker Compose
+
+```
+sudo apt update
+sudo apt install docker-ce docker-ce-cli containerd.io
+sudo docker --version && docker compose version
+```
+
+### Set up Docker
+
+#### 🔄 Removing Old Docker Versions
+
+**1. Remove Existing Docker Packages:** Ensure you have a clean slate by removing any existing Docker packages.
+```
+sudo apt remove docker docker-engine docker.io containerd runc
+```
+
+**2. Delete Existing Repositories:** Remove any existing Docker repositories to avoid conflicts.
+```
+sudo rm /etc/apt/sources.list.d/docker.list
+```
+
+
+
+## 📦 Adding a new service
+1. **Create Service Directory:** Inside your repository, create a new directory under `/service` for your new self-hosted service.
+
+2. **Add Configuration Files:**
+- Place the `docker-compose.yml `file inside the newly created service directory.
+- If additional configuration files like .env or app.ini are required for your service, add them to the same directory.
+
+3. **Synchronize Configuration:** To upload the `.env` file (or any other necessary configuration files) to the server, run the following command:
+
+```bash
+make upload-{service_name}
+```
+Replace `{service_name}` with the name of your service directory. This command will sync the configurations to the specified server path using the variables defined in your `.env` file.
+
+## 🛠️ Storage
+
+### 📦 Mounting a New Volume Using Hetzner's Storage Box
+ This guide walks you through the process of mounting a Storage Box folder (`nextcloud_data`) to a specific mount point (`/mnt/nextcloud_data`) on your server.
+
+#### 📝 Prerequisites
+Create a sub-account in Hetzner's Robot Control Panel with SSH and Samba support enabled.
+Note down the sub-account username and the generated password provided by Hetzner.
+
+#### 🚀 Steps to Mount the Storage Box
+
+1. **SSH into the Storage Box:** Connect to your Storage Box via SSH using the sub-account username and the provided password.
+
+```bash
+ssh -p23 SB_USERNAME@SB_USERNAME.your-storagebox.de
+```
+
+2. **Create a Directory:** Inside the Storage Box, create a new directory named `nextcloud_data`.
+
+```bash
+mkdir nextcloud_data
+```
+
+3. **Update /etc/fstab:** Add an entry to the `/etc/fstab` file on your server to automatically mount the Storage Box folder to `/mnt/nextcloud_data.` Replace `YOUR_PATH` with `nextcloud_data` and `YOUR_MOUNT_POINT` with `/mnt/nextcloud_data`.
+
+```
+//SB_USERNAME.your-storagebox.de/YOUR_PATH /YOUR_MOUNT_POINT cifs seal,vers=3,iocharset=utf8,rw,credentials=/etc/secure_config/cifs-nextcloud-credentials.txt,uid=1000,gid=1000,file_mode=0660,dir_mode=0770 0 0
+```
+
+4. **Create Credentials File:** Add a credentials file (`cifs-nextcloud-credentials.txt`) in `/etc/secure_config` directory on your server with the sub-account username and password.
+
+```
+username=SB_SUBACCOUNT_USERNAME
+password=SB_SUBACCOUNT_PASSWORD
+```
+
+5. **Mount and test:** Mount the Storage Box folder using the mount -a command and verify the mount status.
+```bash
+mount -a
+```
+
+6. **Verify Mount Point:** Ensure that the Storage Box is correctly mounted by checking the mount point using the df -h command.
+
+```bash
+df -h
+```
+
+#### Troubleshooting
+
+**mount: /mnt/nextcloud_data: mount(2) system call failed: No route to host. dmesg(1) may have more information after failed mount system call.**
+Make sure Samba support is enabled.
+
+### Volume encryption
+To be added
+
+## 🧰 Maintenance
+
+### Backup
+To be added
+
+### Monitoring
+To be added
+
+## 🐞 Troubleshooting
+To be added

actualbudget/README.md

@@ -1,11 +0,0 @@
-# actual budget
-
-Set up env
-
-```
-ACTUAL_HTTPS_KEY=''
-ACTUAL_HTTPS_CERT=''
-```
-
-## Improvements
-- Set up https via Tailscale https://tailscale.com/kb/1153/enabling-https?ref=traefik.io

docs/backup.md

@@ -1 +0,0 @@
-# backup strategy

docs/encryption.md

@@ -1,3 +0,0 @@
-# Encryption
-
-https://wilw.dev/notes/volume-encryption

docs/mounting-new-volumes.md

@@ -1,48 +0,0 @@
-# Mounting new volumes
-
-1. ssh to storagebox
-
-```
-ssh -p23 u382808@u382808.your-storagebox.de
-```
-
-2. Create a new directory
-
-```
-mkdir photoprism_import_data
-```
-
-3. Navigate to [Hetzner cloud storage](https://robot.hetzner.com/storage). Create a new sub-account. Allow Samba, SSH, external reachability.
-
-4. ssh to server
-
-5. Create new credentials in `/etc/secure_config`:
-
-```
-username=(storagebox username)
-password=(storagebox password)
-```
-
-6. Make mount directory
-
-```
-sudo mkdir /mnt/photoprism_import_data
-```
-
-6. Update /etc/fstab
-
-```
-//u382808-sub3.your-storagebox.de/u382808-sub3 /mnt/photoprism_import_data cifs seal,vers=3,iocharset=utf8,rw,credentials=/etc/secure_config/.cifs-credentials-photoprism-import.txt,uid=1000,gid=1001,forceuid,forcegid,file_mode=0770,dir_mode=0770 0 0
-```
-
-7. Mount
-
-```
-mount -a
-```
-
-8. Verify that the storage box is mounted correctly:
-
-```
-df -h
-```

docs/vpn.md

@@ -1,8 +0,0 @@
-# VPN
-
-Tailscale
-
-https://login.tailscale.com/admin/dns
-magicdns
-stork-vibe.ts.net
-https://tailscale.com/kb/1081/magicdns

gitea/README.md

@@ -1,8 +0,0 @@
-# Gitea
-
-Set up env
- 
-```
-DB_USER=''
-DB_PASSWORD=''
-```

homepage/config/bookmarks.yaml

@@ -1,9 +1,9 @@
 - Development:
     - Backblaze:
-        href: https://secure.backblaze.com/b2_buckets.htm
-        icon: si-backblaze
+        - icon: si-backblaze
+          href: https://secure.backblaze.com/b2_buckets.htm
     - Tailscale:
-        href: https://login.tailscale.com/admin/machines/100.104.163.2
+        - href: https://login.tailscale.com/admin/machines/100.104.163.2
 
 - Daily:
     - Protonmail:

nextcloud/README.md

@@ -1,3 +0,0 @@
-# nextcloud
-
-To be added

photoprism/README.md

@@ -1,23 +1,10 @@
 # photoprism
 
-## Configuration
-
-Setup `.env`:
-
-```
-PHOTOPRISM_DATABASE_PASSWORD=''
-``
-
 ## Troubleshooting
 
 Mariadb refuses access to photoprism
-
 https://github.com/photoprism/photoprism/issues/1173
 
-```
-
-```
-
 ## PhotoSync
 
 Server: 100.104.163.2
@@ -27,4 +14,4 @@ Password:
 Directory: originals
 Use SSL: off
 
-Setup an Autotransfer trigger in PhotoSync to automatically upload new photos and videos when I attach charger
+Setup an Autotransfer trigger in PhotoSync to automatically upload new photos and videos when I attach charger.

restic/README.md

@@ -1,37 +1,43 @@
-# restic
+# Restic Backup and Restore Guide
 
-## Future improvements
-- Set up with Docker secrets
-- Add notification
+## 📚 Useful Commands
 
-## Useful commands
+### 🔄 Restoring Files from a Running Docker Compose Container
 
-Restoring files on a host where the container is already running via Docker Compose:
+**1. Identify Latest Snapshot for the Host:** Execute the following command to find the latest snapshot for the current host and note down the ID.
 
 ```
 # Find the latest snapshot for the current host (note the ID)
 docker-compose exec app restic snapshots -H <HOSTNAME>
-# Restore the given file on the host
+```
+
+**2. Restore Specific File:** Use the snapshot ID to restore the desired file on the host.
+
+```
 docker-compose exec app restic restore --include /path/to/file <ID>
 ```
 
-List snapshots
+### 📋 Listing Snapshots
 ```
 docker compose run --rm backup snapshots
 ```
 
-View files uploaded in Backblaze
+### 🌐 Accessing Backblaze Files Locally
+
+In local, download via `brew install b2-tools`
 
-- In local, download via `brew install b2-tools`
-- In server
 
 ## Known issues
+
+### 🚫 Ciphertext Verification Failure
 ```
 Fatal: config or key 2327d55bb96f4cab846b07cc8ffe5906c88c3e657f326a506ccfcf95cd8fd1e7 is damaged: ciphertext verification failed
 ```
 
 [Related issue](https://github.com/djmaze/resticker/issues/48)
 
+### ⚠️ Pruning and Backup Operations
+
 Do not run both prune and backup at the same time. When initializing, need to run individually.
 
 ```

traefik/README.md

@@ -1,5 +1,7 @@
 # Traefik
 
+## Create Docker network
+
 ```
 docker network create \
   --driver=bridge \
@@ -7,5 +9,3 @@ docker network create \
   --internal=false \
   traefik_network
 ```
-
-Add test 1wehbesg

uptime-kuma/docker-compose.yml

@@ -0,0 +1,12 @@
+version: '3.8'
+
+services:
+  uptime-kuma:
+    image: louislam/uptime-kuma:1
+    container_name: uptime-kuma
+    restart: always
+    ports:
+      - "${HOST}:4005:3001"
+    volumes:
+      - ${PWD}/data:/app/data
+      - /var/run/docker.sock:/var/run/docker.sock:ro