Makefile

@@ -1,6 +1,6 @@
 include .env
 
-SERVICES = actualbudget gitea homepage linkding nextcloud photoprism restic syncthing traefik uptime-kuma
+SERVICES = actualbudget gitea homepage linkding nextcloud photoprism restic syncthing traefik
 
 # Default target: upload .env files for all services
 upload: $(addprefix upload-,$(SERVICES))

README.md

@@ -1,172 +0,0 @@
-# 🌐 Self-hosted
-
-## 🛠️ Setup instructions
-### 🛠️ Configuration Setup
-1. **Create `.env` File:** Add a `.env` file in your local repository with the following variables:
-
-```
-REMOTE_USER=
-REMOTE_HOST=
-REMOTE_PATH=
-```
-These variables will be utilized by the `Makefile` to synchronize configurations from your local environment to the server without exposing sensitive information in your Git repository.
-
-### Set up Tailscale
-Tailscale provides a seamless way to connect your devices to your internal network securely.
-
-#### 🛠️ Installation and Configuration Steps
-
-1. Add Tailscale’s package signing key and repository:
-    
-```
-curl -fsSL https://pkgs.tailscale.com/stable/debian/bookworm.noarmor.gpg | sudo tee /usr/share/keyrings/tailscale-archive-keyring.gpg >/dev/null
-curl -fsSL https://pkgs.tailscale.com/stable/debian/bookworm.tailscale-keyring.list | sudo tee /etc/apt/sources.list.d/tailscale.list
-```
-    
-2. Install Tailscale:
-    
-```
-sudo apt-get update
-sudo apt-get install tailscale
-```
-    
-3. Connect your machine to your Tailscale network and authenticate in your browser:
-    
-```
-sudo tailscale up
-```
-    
-4. Find your Tailscale IPv4 address by running:
-    
-```
-tailscale ip -4
-```
-
-#### 🛠️ Preparing the System
-
-Update System and Install Dependencies: Update the package list and install essential dependencies.
-
-```
-sudo apt update
-sudo apt install ca-certificates curl gnupg lsb-release
-```
-
-#### 🔑 Adding Docker Repository
-
-1. Add Docker's GPG key
-
-```
-sudo mkdir -p /etc/apt/keyrings
-curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
-sudo chmod a+r /etc/apt/keyrings/docker.gpg
-```
-
-2. Add Docker Repository
-
-```
-echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
-```
-
-#### 🚀 Installing Docker and Docker Compose
-
-```
-sudo apt update
-sudo apt install docker-ce docker-ce-cli containerd.io
-sudo docker --version && docker compose version
-```
-
-### Set up Docker
-
-#### 🔄 Removing Old Docker Versions
-
-**1. Remove Existing Docker Packages:** Ensure you have a clean slate by removing any existing Docker packages.
-```
-sudo apt remove docker docker-engine docker.io containerd runc
-```
-
-**2. Delete Existing Repositories:** Remove any existing Docker repositories to avoid conflicts.
-```
-sudo rm /etc/apt/sources.list.d/docker.list
-```
-
-
-
-## 📦 Adding a new service
-1. **Create Service Directory:** Inside your repository, create a new directory under `/service` for your new self-hosted service.
-
-2. **Add Configuration Files:**
-- Place the `docker-compose.yml `file inside the newly created service directory.
-- If additional configuration files like .env or app.ini are required for your service, add them to the same directory.
-
-3. **Synchronize Configuration:** To upload the `.env` file (or any other necessary configuration files) to the server, run the following command:
-
-```bash
-make upload-{service_name}
-```
-Replace `{service_name}` with the name of your service directory. This command will sync the configurations to the specified server path using the variables defined in your `.env` file.
-
-## 🛠️ Storage
-
-### 📦 Mounting a New Volume Using Hetzner's Storage Box
- This guide walks you through the process of mounting a Storage Box folder (`nextcloud_data`) to a specific mount point (`/mnt/nextcloud_data`) on your server.
-
-#### 📝 Prerequisites
-Create a sub-account in Hetzner's Robot Control Panel with SSH and Samba support enabled.
-Note down the sub-account username and the generated password provided by Hetzner.
-
-#### 🚀 Steps to Mount the Storage Box
-
-1. **SSH into the Storage Box:** Connect to your Storage Box via SSH using the sub-account username and the provided password.
-
-```bash
-ssh -p23 SB_USERNAME@SB_USERNAME.your-storagebox.de
-```
-
-2. **Create a Directory:** Inside the Storage Box, create a new directory named `nextcloud_data`.
-
-```bash
-mkdir nextcloud_data
-```
-
-3. **Update /etc/fstab:** Add an entry to the `/etc/fstab` file on your server to automatically mount the Storage Box folder to `/mnt/nextcloud_data.` Replace `YOUR_PATH` with `nextcloud_data` and `YOUR_MOUNT_POINT` with `/mnt/nextcloud_data`.
-
-```
-//SB_USERNAME.your-storagebox.de/YOUR_PATH /YOUR_MOUNT_POINT cifs seal,vers=3,iocharset=utf8,rw,credentials=/etc/secure_config/cifs-nextcloud-credentials.txt,uid=1000,gid=1000,file_mode=0660,dir_mode=0770 0 0
-```
-
-4. **Create Credentials File:** Add a credentials file (`cifs-nextcloud-credentials.txt`) in `/etc/secure_config` directory on your server with the sub-account username and password.
-
-```
-username=SB_SUBACCOUNT_USERNAME
-password=SB_SUBACCOUNT_PASSWORD
-```
-
-5. **Mount and test:** Mount the Storage Box folder using the mount -a command and verify the mount status.
-```bash
-mount -a
-```
-
-6. **Verify Mount Point:** Ensure that the Storage Box is correctly mounted by checking the mount point using the df -h command.
-
-```bash
-df -h
-```
-
-#### Troubleshooting
-
-**mount: /mnt/nextcloud_data: mount(2) system call failed: No route to host. dmesg(1) may have more information after failed mount system call.**
-Make sure Samba support is enabled.
-
-### Volume encryption
-To be added
-
-## 🧰 Maintenance
-
-### Backup
-To be added
-
-### Monitoring
-To be added
-
-## 🐞 Troubleshooting
-To be added

actualbudget/README.md

@@ -0,0 +1,11 @@
+# actual budget
+
+Set up env
+
+```
+ACTUAL_HTTPS_KEY=''
+ACTUAL_HTTPS_CERT=''
+```
+
+## Improvements
+- Set up https via Tailscale https://tailscale.com/kb/1153/enabling-https?ref=traefik.io

docs/backup.md

@@ -0,0 +1 @@
+# backup strategy

docs/encryption.md

@@ -0,0 +1,3 @@
+# Encryption
+
+https://wilw.dev/notes/volume-encryption

docs/mounting-new-volumes.md

@@ -0,0 +1,48 @@
+# Mounting new volumes
+
+1. ssh to storagebox
+
+```
+ssh -p23 u382808@u382808.your-storagebox.de
+```
+
+2. Create a new directory
+
+```
+mkdir photoprism_import_data
+```
+
+3. Navigate to [Hetzner cloud storage](https://robot.hetzner.com/storage). Create a new sub-account. Allow Samba, SSH, external reachability.
+
+4. ssh to server
+
+5. Create new credentials in `/etc/secure_config`:
+
+```
+username=(storagebox username)
+password=(storagebox password)
+```
+
+6. Make mount directory
+
+```
+sudo mkdir /mnt/photoprism_import_data
+```
+
+6. Update /etc/fstab
+
+```
+//u382808-sub3.your-storagebox.de/u382808-sub3 /mnt/photoprism_import_data cifs seal,vers=3,iocharset=utf8,rw,credentials=/etc/secure_config/.cifs-credentials-photoprism-import.txt,uid=1000,gid=1001,forceuid,forcegid,file_mode=0770,dir_mode=0770 0 0
+```
+
+7. Mount
+
+```
+mount -a
+```
+
+8. Verify that the storage box is mounted correctly:
+
+```
+df -h
+```

docs/vpn.md

@@ -0,0 +1,8 @@
+# VPN
+
+Tailscale
+
+https://login.tailscale.com/admin/dns
+magicdns
+stork-vibe.ts.net
+https://tailscale.com/kb/1081/magicdns

gitea/README.md

@@ -0,0 +1,8 @@
+# Gitea
+
+Set up env
+ 
+```
+DB_USER=''
+DB_PASSWORD=''
+```

homepage/config/bookmarks.yaml

@@ -1,11 +1,11 @@
 - Development:
     - Backblaze:
-        - icon: si-backblaze
-          href: https://secure.backblaze.com/b2_buckets.htm
+        href: https://secure.backblaze.com/b2_buckets.htm
+        icon: si-backblaze
     - Tailscale:
-        - href: https://login.tailscale.com/admin/machines/100.104.163.2
+        href: https://login.tailscale.com/admin/machines/100.104.163.2
 
 - Daily:
     - Protonmail:
         - icon: si-protonmail
-          href: https://protonmail.com/
+          href: https://protonmail.com/

nextcloud/README.md

@@ -0,0 +1,3 @@
+# nextcloud
+
+To be added

photoprism/README.md

@@ -1,10 +1,23 @@
 # photoprism
 
+## Configuration
+
+Setup `.env`:
+
+```
+PHOTOPRISM_DATABASE_PASSWORD=''
+``
+
 ## Troubleshooting
 
 Mariadb refuses access to photoprism
+
 https://github.com/photoprism/photoprism/issues/1173
 
+```
+
+```
+
 ## PhotoSync
 
 Server: 100.104.163.2
@@ -14,4 +27,4 @@ Password:
 Directory: originals
 Use SSL: off
 
-Setup an Autotransfer trigger in PhotoSync to automatically upload new photos and videos when I attach charger.
+Setup an Autotransfer trigger in PhotoSync to automatically upload new photos and videos when I attach charger

restic/README.md

@@ -1,43 +1,37 @@
-# Restic Backup and Restore Guide
+# restic
 
-## 📚 Useful Commands
+## Future improvements
+- Set up with Docker secrets
+- Add notification
 
-### 🔄 Restoring Files from a Running Docker Compose Container
+## Useful commands
 
-**1. Identify Latest Snapshot for the Host:** Execute the following command to find the latest snapshot for the current host and note down the ID.
+Restoring files on a host where the container is already running via Docker Compose:
 
 ```
 # Find the latest snapshot for the current host (note the ID)
 docker-compose exec app restic snapshots -H <HOSTNAME>
-```
-
-**2. Restore Specific File:** Use the snapshot ID to restore the desired file on the host.
-
-```
+# Restore the given file on the host
 docker-compose exec app restic restore --include /path/to/file <ID>
 ```
 
-### 📋 Listing Snapshots
+List snapshots
 ```
 docker compose run --rm backup snapshots
 ```
 
-### 🌐 Accessing Backblaze Files Locally
-
-In local, download via `brew install b2-tools`
+View files uploaded in Backblaze
 
+- In local, download via `brew install b2-tools`
+- In server
 
 ## Known issues
-
-### 🚫 Ciphertext Verification Failure
 ```
 Fatal: config or key 2327d55bb96f4cab846b07cc8ffe5906c88c3e657f326a506ccfcf95cd8fd1e7 is damaged: ciphertext verification failed
 ```
 
 [Related issue](https://github.com/djmaze/resticker/issues/48)
 
-### ⚠️ Pruning and Backup Operations
-
 Do not run both prune and backup at the same time. When initializing, need to run individually.
 
 ```

traefik/README.md

@@ -1,7 +1,5 @@
 # Traefik
 
-## Create Docker network
-
 ```
 docker network create \
   --driver=bridge \
@@ -9,3 +7,5 @@ docker network create \
   --internal=false \
   traefik_network
 ```
+
+Add test 1wehbesg

uptime-kuma/docker-compose.yml

@@ -1,12 +0,0 @@
-version: '3.8'
-
-services:
-  uptime-kuma:
-    image: louislam/uptime-kuma:1
-    container_name: uptime-kuma
-    restart: always
-    ports:
-      - "${HOST}:4005:3001"
-    volumes:
-      - ${PWD}/data:/app/data
-      - /var/run/docker.sock:/var/run/docker.sock:ro