Vish/homelab-optimized
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sanitized mirror from private repository - 2026-04-18 11:19:59 UTC
Some checks failed
Documentation / Build Docusaurus (push) Failing after 5m14s
Details
Documentation / Deploy to GitHub Pages (push) Has been skipped
Details

Browse Source
This commit is contained in:
Gitea Mirror Bot
2026-04-18 11:19:59 +00:00
commit fb00a325d1
1418 changed files with 359990 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

309
archive/joplin/00-Comprehensive-Homelab-Documentation.md Normal file
View File

@@ -0,0 +1,309 @@
# 🏠 Vish's Homelab Documentation
Welcome to the comprehensive documentation for Vish's homelab infrastructure! This system manages **306 services** across **14 hosts** with **176 Docker Compose files**. Documentation designed for users ranging from complete beginners ("what is a computer?") to experienced HPC engineers.
> **🌐 External Access Available**
> Many services are accessible externally via **vish.gg** and **thevish.io** domains with automatic DDNS updates every 5 minutes.
## 🚀 Quick Navigation
### 📖 Getting Started
- **🚀 Quick Start Guide** - Get up and running fast
- **🏗️ Infrastructure Overview** - System architecture and hosts
- **🌐 Network Configuration** - Tailscale, 10GbE, and connectivity
- **💻 Hardware Specifications** - Complete device inventory
### 🔧 Services Documentation
- **⭐ Popular Services** - Most commonly used services
- **📋 Complete Service Index** - All 159 individual services
- **📂 Services by Category** - Organized by function
- **🌐 External Access Services** - Publicly available services
### 🛠️ Infrastructure & Networking
- **🔌 Port Forwarding** - External access configuration
- **🔗 Tailscale Setup** - Mesh VPN with split-brain DNS
- **✈️ Travel Connectivity** - Mobile and laptop setup
- **👨‍👩‍👧‍👦 Family Network** - Separate network bridge
### 🚨 Emergency & Recovery
- **🚨 Disaster Recovery** - Router failure and network issues
- **🔐 Offline Password Access** - When Vaultwarden is down
- **🔧 Common Issues** - Frequent problems and solutions
## 🖥️ System Overview
### 🏠 Primary Infrastructure
| Host | IP Address | Services | Primary Function | External Access |
|------|------------|----------|------------------|-----------------|
| **Atlantis** | 192.168.0.200 | 45 services | Primary NAS, Jitsi Meet | Portainer, Jitsi |
| **Calypso** | 192.168.0.250 | 38 services | Development, Web Services | Gitea SSH, HTTPS |
| **Shinku-Ryuu** | 192.168.0.201 | 32 services | Gaming, Entertainment | - |
| **Guava** | 192.168.0.202 | 28 services | Monitoring, Utilities | - |
| **Concord-NUC** | 192.168.0.203 | 12 services | Family Network Bridge | - |
### 📱 Mobile & Travel Infrastructure
| Device | Type | Purpose | Tailscale IP |
|--------|------|---------|--------------|
| **MSI Prestige 13 AI Plus** | Travel Laptop | Business Travel | 100.x.x.x |
| **GL.iNet Comet GL-RM1** | KVM Router | Remote Server Access | 100.x.x.x |
| **GL.iNet Slate 7 GL-BE3600** | WiFi 7 Router | High-Speed Travel | 100.x.x.x |
| **GL.iNet Beryl AX GL-MT3000** | Compact Router | Extended Travel | 100.x.x.x |
| **GL.iNet Mango GL-MT300N-V2** | Mini Router | Emergency Backup | 100.x.x.x |
| **GL.iNet GL-S200** | IoT Gateway | Device Management | 100.x.x.x |
## 🌐 External Access Domains
### 🔌 Port Forwarded Services
| Service | Domain | Port | Purpose |
|---------|--------|------|---------|
| **🎥 Jitsi Meet** | `meet.thevish.io` | 4443 | Video conferencing |
| **📝 Gitea SSH** | `git.vish.gg` | 2222 | Git repository access |
| **🐳 Portainer** | `pw.vish.gg` | 9443 | Container management |
| **🌍 Web Services** | `vish.gg` | 443/80 | Main website |
### 🌐 Cloudflare Proxied Services
- **📅 Calendar**: `https://cal.vish.gg`
- **💬 Matrix Chat**: `https://matrix.thevish.io`
- **📓 Joplin Notes**: `https://joplin.thevish.io`
- **🔗 Reddit Alt**: `https://reddit.vish.gg`
- **🌍 Main Sites**: `https://www.vish.gg`, `https://www.thevish.io`
### 🔄 DDNS Configuration
- **Update Frequency**: Every 5 minutes
- **Domains**: vish.gg and thevish.io
- **Services**: 4 DDNS updaters (proxied/unproxied for each domain)
- **Records**: IPv4 (A) and IPv6 (AAAA) automatic updates
## 📊 Service Categories & Counts
### 🎬 Media & Entertainment (45 services)
- **Streaming Servers**: Plex, Jellyfin, Navidrome, Immich
- **Download Management**: Sonarr, Radarr, Lidarr, Readarr, Whisparr, Bazarr
- **Media Tools**: Tautulli, MeTube, Podgrab, Calibre-Web
- **Gaming**: Satisfactory Server, LinuxGSM servers
### 🔧 Development & DevOps (38 services)
- **Version Control**: Gitea (external SSH), Git repositories
- **Container Management**: Portainer (external access), Docker registries
- **CI/CD**: Automated builds, deployment pipelines
- **Development Tools**: Code servers, API endpoints
### 📊 Monitoring & Analytics (28 services)
- **Metrics Collection**: Grafana, Prometheus, Node Exporter
- **Uptime Monitoring**: Uptime Kuma, health checks
- **Network Monitoring**: SNMP Exporter, Speedtest Exporter
- **System Monitoring**: cAdvisor, Blackbox Exporter
### 🌐 Web Services & Proxies (32 services)
- **Reverse Proxies**: Nginx, Nginx Proxy Manager
- **Web Applications**: Various hosted web services
- **APIs & Backends**: Service APIs, database frontends
- **Static Sites**: Documentation, personal websites
### 💬 Communication & Collaboration (18 services)
- **Video Conferencing**: Jitsi Meet (external access via meet.thevish.io)
- **Chat Platforms**: Matrix Synapse, Element Web, Mastodon
- **Email Services**: Roundcube, ProtonMail Bridge
- **Team Collaboration**: Mattermost, communication tools
### 🏠 Home Automation & IoT (15 services)
- **Smart Home Control**: Home Assistant, Matter Server
- **IoT Device Management**: Device monitoring and control
- **Automation Scripts**: Workflows and triggers
- **Sensor Data**: Collection and processing
### 🔒 Security & Authentication (12 services)
- **Password Management**: Vaultwarden (with offline backup)
- **VPN Services**: WireGuard Easy, Tailscale mesh
- **Network Security**: Pi-hole, AdGuard Home
- **Authentication**: SSO services, security tools
### 🤖 AI & Machine Learning (8 services)
- **Language Models**: Ollama, OpenWebUI
- **AI Tools**: Various AI-powered applications
- **Machine Learning**: Model serving and inference
- **Data Processing**: AI-enhanced workflows
## 🌍 Network Architecture
### 🔗 Tailscale Mesh VPN
- **Network Name**: `tail.vish.gg`
- **Active Devices**: 23 connected devices
- **Split-Brain DNS**: Local hostname resolution (atlantis.tail.vish.gg)
- **Exit Nodes**: Available for secure internet routing
- **Magic DNS**: Automatic device discovery and naming
### 🚀 10 Gigabit Ethernet Infrastructure
- **Switch**: TP-Link TL-SX1008 (8-port 10GbE unmanaged)
- **Connected Hosts**: Atlantis, Calypso, Shinku-Ryuu, Guava
- **Bandwidth**: Full 10Gbps between connected systems
- **Use Cases**: Large file transfers, media streaming, backups
### 🌐 External Connectivity
- **Router**: TP-Link Archer BE800 v1.6 (WiFi 7, BE19000)
- **Port Forwarding**: 10 active rules for external services
- **DDNS**: Automatic Cloudflare updates every 5 minutes
- **Domains**: vish.gg and thevish.io with Cloudflare proxy protection
- **IPv6**: Full dual-stack support with AAAA records
## 📱 Mobile & Travel Infrastructure
### ✈️ Travel Connectivity Suite
- **Primary Laptop**: MSI Prestige 13 AI Plus (Intel Core Ultra 7 258V)
- **KVM Access**: GL.iNet Comet GL-RM1 for remote server management
- **WiFi 7 Router**: GL.iNet Slate 7 GL-BE3600 for high-speed connectivity
- **Compact Router**: GL.iNet Beryl AX GL-MT3000 for extended travel
- **Emergency Backup**: GL.iNet Mango GL-MT300N-V2 mini router
- **IoT Gateway**: GL.iNet GL-S200 for device management
### 🔒 Travel Security Features
- **VPN Tunneling**: All traffic routed through Atlantis exit node
- **Remote Mounting**: Secure file access via SSHFS
- **Disposable Data**: Minimal local storage, cloud-first approach
- **Encrypted Communications**: All connections via Tailscale mesh
### 📱 Mobile Device Support
- **Platforms**: iOS, Android, macOS, Linux, iPadOS, Debian, Rocky Linux
- **Tailscale Integration**: All devices connected to mesh network
- **Family Devices**: Separate network integration via Concord-NUC
- **Guest Access**: Isolated network access for visitors
## 👨‍👩‍👧‍👦 Family Network Integration
### 🌉 Network Bridge Setup
- **Bridge Device**: Concord-NUC (Intel NUC13ANHi7)
- **Family Network**: 2 Gbps down / 400 Mbps up
- **Homelab Network**: 20 Gbps up/down fiber
- **Services**: Plex streaming, Immich photo sync, Synology file sharing
### 🎬 Shared Services
- **Media Streaming**: Plex server accessible from family network
- **Photo Management**: Immich for family photo backup and sharing
- **File Sharing**: Synology NAS accessible for document sharing
- **Bandwidth Optimization**: QoS and traffic shaping
## 🚨 Disaster Recovery & Emergency Procedures
### 🔧 Router Failure Recovery
- **Backup Configuration**: TP-Link settings exported monthly
- **Manual Reconfiguration**: Step-by-step port forwarding restoration
- **Network Isolation**: Tailscale mesh continues independent operation
- **Service Priority**: Critical services restoration order documented
### 🔐 Offline Password Access
- **Vaultwarden Backup**: Local database exports and encrypted storage
- **Emergency Access**: Offline password retrieval procedures
- **Mobile Backup**: Cached credentials on mobile devices
- **Recovery Methods**: Multiple access paths documented
### 📱 Travel Emergency Procedures
- **Connectivity Loss**: Multiple router fallback options
- **Device Failure**: Remote server access via KVM
- **Data Recovery**: Cloud backup and sync procedures
- **Communication**: Alternative contact methods
## 🛠️ Getting Started by Experience Level
### For Complete Beginners 🟢
- **Start Here**: Quick Start Guide
- **Learn Basics**: What is Docker, containers, networking
- **First Services**: Set up Plex or Jellyfin for media streaming
- **Remote Access**: Configure Tailscale for secure connections
- **Popular Apps**: Explore Popular Services
### For Intermediate Users 🟡
- **Service Exploration**: Browse Complete Service Index
- **External Access**: Set up Port Forwarding
- **Travel Setup**: Configure Mobile Connectivity
- **Monitoring**: Implement Grafana and Prometheus dashboards
- **Automation**: Basic Docker Compose customizations
### For Advanced Users 🔴
- **Architecture Review**: Study Hardware Architecture
- **Disaster Recovery**: Implement Emergency Procedures
- **Network Engineering**: Advanced VLANs, routing, and security
- **Automation**: Infrastructure as Code with Ansible
- **Scaling**: Multi-host deployments and load balancing
### For HPC Engineers 🔴
- **Performance Optimization**: 10GbE network utilization
- **Container Orchestration**: Kubernetes cluster deployment
- **Monitoring Stack**: Advanced metrics and alerting
- **Security Hardening**: Enterprise-grade security implementations
- **Integration Patterns**: Complex service interdependencies
## 📚 Documentation Organization
### 📖 Documentation Types
- **🟢 Beginner Guides** - Step-by-step with explanations
- **🟡 Configuration Guides** - Setup and customization details
- **🔴 Advanced Topics** - Complex deployments and troubleshooting
- **🔧 Reference Docs** - Technical specifications and APIs
- **🚨 Emergency Guides** - Crisis management and recovery
### 🔍 How to Find Information
- **By Service**: Use Service Index for specific applications
- **By Category**: Browse Service Categories for related services
- **By Function**: Check Popular Services for common use cases
- **By Problem**: Search Common Issues for solutions
- **By Access Method**: Review External Access for remote services
## 🔄 Recent Major Updates
### November 2025 Updates
- **✅ Port Forwarding Documentation** - Complete external access configuration
- **✅ Domain Integration** - All vish.gg and thevish.io domains documented
- **✅ Travel Infrastructure** - GL.iNet router suite and MSI laptop setup
- **✅ Family Network Integration** - Concord-NUC bridge configuration
- **✅ Disaster Recovery** - Router failure and offline access procedures
- **✅ Individual Service Docs** - All 159 services fully documented
- **✅ DDNS Configuration** - Automatic Cloudflare updates every 5 minutes
### Infrastructure Milestones
- **306 Total Services** across 14 hosts
- **159 Individual Service Guides** with full documentation
- **23 Tailscale Devices** in active mesh network
- **10 External Port Forwards** for public service access
- **12 Domain Names** with automatic DDNS updates
- **6 Travel Routers** for complete mobile connectivity
## 🤝 Contributing & Feedback
### 📝 Documentation Improvements
- Found an error? Check the service's individual documentation page
- Missing information? Review the troubleshooting sections
- Want to add content? Follow the established documentation patterns
- Need help? Check the emergency procedures and common issues
### 🔄 Keeping Documentation Current
- Service configurations are auto-generated from Docker Compose files
- Infrastructure changes are documented within 24 hours
- External access information is verified monthly
- Hardware specifications are updated with each change
## 📊 Quick Statistics
> **📈 Homelab Statistics**
> - **Total Services**: 306 across all hosts
> - **Documented Services**: 159 individual guides
> - **External Domains**: 12 with automatic DDNS
> - **Network Devices**: 23 in Tailscale mesh
> - **Port Forwards**: 10 active external access rules
> - **Travel Routers**: 6 GL.iNet devices for mobility
> - **Documentation Pages**: 200+ comprehensive guides
> - **Last Updated**: 2025-11-17
## 🔗 External Links & Resources
- **Git Repository**: `https://git.vish.gg/Vish/homelab`
- **Jitsi Meet**: `https://meet.thevish.io`
- **Portainer**: `https://pw.vish.gg:9443`
- **Main Website**: `https://vish.gg`
- **Tailscale Network**: `tail.vish.gg`
---
*Last Updated: 2025-11-17*
*Infrastructure: 306 services, 159 documented, 14 hosts, 23 Tailscale devices*
*External Access: 12 domains, 10 port forwards, 5-minute DDNS updates*
*Documentation Status: Complete with comprehensive guides for all experience levels*

131
archive/joplin/00-Homelab-Documentation-Index.md Normal file
View File

@@ -0,0 +1,131 @@
# 🏠 Vish's Homelab Documentation
Welcome to the comprehensive documentation for Vish's homelab infrastructure! This documentation is designed to serve users ranging from complete beginners ("what is a computer?") to experienced HPC engineers.
## 📚 Documentation Structure
### 🚀 Getting Started
- **[01-What-is-a-Homelab](01-What-is-a-Homelab.md)** - Complete beginner's introduction
- **[02-Quick-Start-Guide](02-Quick-Start-Guide.md)** - Get up and running fast
- **[03-Architecture-Overview](03-Architecture-Overview.md)** - Understanding the infrastructure
- **[04-Prerequisites](04-Prerequisites.md)** - What you need to know/have
### 🏗️ Infrastructure
- **[10-Host-Overview](10-Host-Overview.md)** - All physical and virtual machines
- **[11-Network-Architecture](11-Network-Architecture.md)** - How everything connects
- **[12-Storage-Systems](12-Storage-Systems.md)** - Data storage and management
- **[13-Security-Model](13-Security-Model.md)** - How the lab is secured
### 🐳 Services
- **[19-Individual-Service-Docs](19-Individual-Service-Docs.md)** - **NEW!** Detailed guides for all 159 services
- **[20-Service-Categories](20-Service-Categories.md)** - Services organized by function
- **[21-Service-Index](21-Service-Index.md)** - Complete alphabetical list
- **[22-Popular-Services](22-Popular-Services.md)** - Most commonly used services
- **[23-Service-Dependencies](23-Service-Dependencies.md)** - How services interact
### 🔧 Administration
- **[30-Deployment-Guide](30-Deployment-Guide.md)** - How to deploy new services
- **[31-Monitoring-Alerting](31-Monitoring-Alerting.md)** - Keeping track of everything
- **[32-Backup-Recovery](32-Backup-Recovery.md)** - Protecting your data
- **[33-Maintenance-Tasks](33-Maintenance-Tasks.md)** - Regular upkeep
### 🚨 Troubleshooting
- **[40-Common-Issues](40-Common-Issues.md)** - Frequent problems and solutions
- **[41-Diagnostic-Tools](41-Diagnostic-Tools.md)** - How to investigate problems
- **[42-Emergency-Procedures](42-Emergency-Procedures.md)** - When things go very wrong
- **[43-Performance-Tuning](43-Performance-Tuning.md)** - Optimizing your setup
### 🎓 Advanced Topics
- **[50-Ansible-Automation](50-Ansible-Automation.md)** - Infrastructure as Code
- **[51-Custom-Configurations](51-Custom-Configurations.md)** - Tailoring to your needs
- **[52-Integration-Patterns](52-Integration-Patterns.md)** - Connecting services together
- **[53-Scaling-Strategies](53-Scaling-Strategies.md)** - Growing your homelab
## 🏠 Infrastructure Overview
This homelab consists of **159 fully documented services** running across **13 different hosts**:
### 📊 Host Summary
| Host Type | Count | Primary Purpose |
|-----------|-------|-----------------|
| **Synology NAS** | 3 | Storage, Media, Core Services |
| **Intel NUC** | 1 | Edge Computing, IoT Hub |
| **Proxmox VMs** | 3 | Isolated Workloads, Testing |
| **Raspberry Pi** | 2 | Lightweight Services, Sensors |
| **Remote VMs** | 2 | External Services, Backup |
| **Physical Hosts** | 2 | High-Performance Computing |
### 🎯 Service Categories
| Category | Services | Examples |
|----------|----------|----------|
| **Media & Entertainment** | 25+ | Plex, Jellyfin, Immich, Arr Suite |
| **Development & DevOps** | 20+ | GitLab, Gitea, Portainer, Dozzle |
| **Productivity** | 15+ | Paperless-NGX, Firefly III, Calibre |
| **Communication** | 10+ | Matrix, Mastodon, Jitsi, Mattermost |
| **Monitoring** | 15+ | Grafana, Prometheus, Uptime Kuma |
| **Security & Privacy** | 10+ | Vaultwarden, Wireguard, Pi-hole |
| **AI & Machine Learning** | 5+ | Ollama, LlamaGPT, Whisper |
| **Gaming** | 8+ | Minecraft, Factorio, Satisfactory |
## 🎯 Quick Navigation
### For Beginners
1. Start with [01-What-is-a-Homelab](01-What-is-a-Homelab.md)
2. Review [04-Prerequisites](04-Prerequisites.md)
3. Follow the [02-Quick-Start-Guide](02-Quick-Start-Guide.md)
4. Explore [22-Popular-Services](22-Popular-Services.md)
### For Intermediate Users
1. Review [03-Architecture-Overview](03-Architecture-Overview.md)
2. Check [20-Service-Categories](20-Service-Categories.md)
3. Learn about [30-Deployment-Guide](30-Deployment-Guide.md)
4. Set up [31-Monitoring-Alerting](31-Monitoring-Alerting.md)
### For Advanced Users
1. Dive into [50-Ansible-Automation](50-Ansible-Automation.md)
2. Explore [51-Custom-Configurations](51-Custom-Configurations.md)
3. Review [52-Integration-Patterns](52-Integration-Patterns.md)
4. Consider [53-Scaling-Strategies](53-Scaling-Strategies.md)
## 🆘 Need Help?
- **Common Issues**: Check [40-Common-Issues](40-Common-Issues.md)
- **Service Not Working**: See [41-Diagnostic-Tools](41-Diagnostic-Tools.md)
- **Performance Problems**: Review [43-Performance-Tuning](43-Performance-Tuning.md)
- **Emergency**: Follow [42-Emergency-Procedures](42-Emergency-Procedures.md)
## 📝 Contributing
This documentation is a living document. If you find errors, have suggestions, or want to add content:
1. Check the [21-Service-Index](21-Service-Index.md) for existing documentation
2. Review [30-Deployment-Guide](30-Deployment-Guide.md) for deployment patterns
3. Follow the documentation style guide in each section
## 🏷️ Conventions Used
- **🟢 Beginner-Friendly**: Suitable for newcomers
- **🟡 Intermediate**: Requires basic Docker/Linux knowledge
- **🔴 Advanced**: Requires significant technical expertise
- **⚠️ Caution**: Potentially destructive operations
- **💡 Tip**: Helpful hints and best practices
- **🔧 Technical**: Deep technical details
---
*Last Updated: November 2024*
*Infrastructure: 159 fully documented services across 13 hosts*
*Documentation Status: Complete with individual service guides*
## 📋 Document Organization for Joplin
This documentation is organized with numbered prefixes for easy sorting in Joplin:
- **00-09**: Index and overview documents
- **10-19**: Infrastructure and architecture
- **20-29**: Services and applications
- **30-39**: Administration and deployment
- **40-49**: Troubleshooting and maintenance
- **50-59**: Advanced topics and automation
Each document is self-contained but cross-references related topics for easy navigation.

403
archive/joplin/01-Complete-Service-Index.md Normal file
View File

@@ -0,0 +1,403 @@
# 📚 Complete Service Documentation Index
This comprehensive index contains detailed documentation for all **159 services** running across the homelab infrastructure. Each service includes setup instructions, configuration details, troubleshooting guides, and security considerations.
> **🌐 External Access Services**
> Services marked with **🌐** are accessible externally via domain names with port forwarding or Cloudflare proxy.
## 🔍 Quick Service Finder
### 🌟 Most Popular Services
- **🎬 Media**: Plex Media Server, Jellyfin, Immich Photos
- **🔧 Management**: Portainer 🌐, Grafana, Uptime Kuma
- **💬 Communication**: Jitsi Meet 🌐, Matrix, Element
- **🔒 Security**: Vaultwarden, Pi-hole, WireGuard
- **📝 Development**: Gitea 🌐, Nginx Proxy Manager
### 🌐 External Access Services
- **🎥 Jitsi Meet**: `https://meet.thevish.io:4443` - Video conferencing
- **📝 Gitea**: `https://git.vish.gg` (SSH: port 2222) - Git repository
- **🐳 Portainer**: `https://pw.vish.gg:9443` - Container management
- **🌍 Web Services**: `https://vish.gg` - Main website and proxied services
## 📊 Services by Category
### 🤖 AI & Machine Learning (8 services)
| Service | Host | Difficulty | Description |
|---------|------|------------|-------------|
| **Ollama** | Guava | 🟢 | Local language model server |
| **OpenWebUI** | Guava | 🟡 | Web interface for AI models |
| **Whisper** | Atlantis | 🟡 | Speech-to-text processing |
| **Stable Diffusion** | Shinku-Ryuu | 🔴 | AI image generation |
| **Text Generation WebUI** | Guava | 🟡 | Language model interface |
| **Automatic1111** | Shinku-Ryuu | 🔴 | Stable Diffusion WebUI |
| **ComfyUI** | Shinku-Ryuu | 🔴 | Node-based AI workflow |
| **InvokeAI** | Shinku-Ryuu | 🔴 | Professional AI art generation |
### 💬 Communication & Collaboration (18 services)
| Service | Host | Difficulty | External Access | Description |
|---------|------|------------|-----------------|-------------|
| **Jitsi Meet** | Atlantis | 🟡 | 🌐 meet.thevish.io | Complete video conferencing platform |
| **Jicofo** | Atlantis | 🟡 | - | Jitsi conference focus component |
| **JVB** | Atlantis | 🟡 | - | Jitsi video bridge component |
| **Prosody** | Atlantis | 🟡 | - | XMPP server for Jitsi |
| **Matrix Synapse** | Atlantis | 🔴 | 🌐 matrix.thevish.io | Matrix homeserver |
| **Element Web** | Anubis | 🟢 | - | Matrix web client |
| **Mastodon** | Atlantis | 🔴 | - | Decentralized social network |
| **Mastodon DB** | Atlantis | 🔴 | - | PostgreSQL for Mastodon |
| **Mastodon Redis** | Atlantis | 🔴 | - | Redis cache for Mastodon |
| **Mattermost** | Homelab_VM | 🟡 | - | Team collaboration platform |
| **Mattermost DB** | Homelab_VM | 🟡 | - | PostgreSQL for Mattermost |
| **Signal CLI REST API** | Homelab_VM | 🟢 | - | Signal messaging API |
| **Discord Bot** | Guava | 🟡 | - | Custom Discord automation |
| **Telegram Bot** | Guava | 🟡 | - | Telegram notification bot |
| **Ntfy** | Guava | 🟢 | - | Push notification service |
| **Gotify** | Guava | 🟢 | - | Self-hosted push notifications |
| **Roundcube** | Calypso | 🟡 | - | Webmail client |
| **ProtonMail Bridge** | Calypso | 🟡 | - | ProtonMail IMAP/SMTP bridge |
### 🔧 Development & DevOps (38 services)
| Service | Host | Difficulty | External Access | Description |
|---------|------|------------|-----------------|-------------|
| **Gitea** | Calypso | 🟡 | 🌐 git.vish.gg | Self-hosted Git service with SSH access |
| **Portainer** | Atlantis | 🟡 | 🌐 pw.vish.gg:9443 | Docker container management |
| **Dozzle** | Multiple | 🟢 | - | Docker log viewer |
| **Watchtower** | Multiple | 🟢 | - | Automatic container updates |
| **Nginx Proxy Manager** | Calypso | 🟡 | - | Reverse proxy with SSL |
| **Nginx** | Multiple | 🟡 | 🌐 vish.gg | Web server and reverse proxy |
| **Traefik** | Guava | 🔴 | - | Modern reverse proxy |
| **Docker Registry** | Atlantis | 🟡 | - | Private container registry |
| **Harbor** | Shinku-Ryuu | 🔴 | - | Enterprise container registry |
| **Jenkins** | Guava | 🔴 | - | CI/CD automation server |
| **GitLab Runner** | Multiple | 🟡 | - | CI/CD job execution |
| **Drone CI** | Guava | 🟡 | - | Container-native CI/CD |
| **Woodpecker CI** | Guava | 🟡 | - | Lightweight CI/CD |
| **Act Runner** | Multiple | 🟡 | - | GitHub Actions runner |
| **Code Server** | Multiple | 🟡 | - | VS Code in browser |
| **Jupyter** | Guava | 🟡 | - | Interactive computing |
| **API Services** | Multiple | 🟡 | - | Custom API endpoints |
| **Database Services** | Multiple | 🟡 | - | Various database systems |
| **Redis** | Multiple | 🟡 | - | In-memory data store |
| **PostgreSQL** | Multiple | 🟡 | - | Relational database |
| **MongoDB** | Multiple | 🟡 | - | Document database |
| **Elasticsearch** | Guava | 🔴 | - | Search and analytics |
| **Kibana** | Guava | 🔴 | - | Elasticsearch visualization |
| **Logstash** | Guava | 🔴 | - | Log processing pipeline |
| **MinIO** | Atlantis | 🟡 | - | S3-compatible object storage |
| **HashiCorp Vault** | Guava | 🔴 | - | Secrets management |
| **HashiCorp Consul** | Guava | 🔴 | - | Service discovery |
| **HashiCorp Nomad** | Guava | 🔴 | - | Workload orchestration |
| **Terraform** | Guava | 🔴 | - | Infrastructure as code |
| **Ansible** | Guava | 🟡 | - | Configuration management |
| **AWX** | Guava | 🔴 | - | Ansible web interface |
| **Semaphore** | Guava | 🟡 | - | Ansible web UI |
| **Rundeck** | Guava | 🔴 | - | Job scheduler and runbook automation |
| **n8n** | Guava | 🟡 | - | Workflow automation |
| **Huginn** | Guava | 🟡 | - | Agent-based automation |
| **Zapier Alternative** | Guava | 🟡 | - | Workflow automation |
| **Webhook Services** | Multiple | 🟢 | - | HTTP webhook handlers |
| **Cron Services** | Multiple | 🟢 | - | Scheduled task execution |
### 🎬 Media & Entertainment (45 services)
| Service | Host | Difficulty | External Access | Description |
|---------|------|------------|-----------------|-------------|
| **Plex Media Server** | Calypso | 🟡 | - | Premium media streaming |
| **Jellyfin** | Chicago_VM | 🟡 | - | Open-source media server |
| **Emby** | Shinku-Ryuu | 🟡 | - | Media server alternative |
| **Kodi** | Multiple | 🟢 | - | Media center software |
| **Immich Server** | Raspberry-Pi-5 | 🟡 | - | Photo management server |
| **Immich Database** | Calypso | 🟡 | - | PostgreSQL for Immich |
| **Immich Redis** | Calypso | 🟡 | - | Redis cache for Immich |
| **Immich ML** | Calypso | 🟡 | - | AI features for Immich |
| **PhotoPrism** | Anubis | 🟡 | - | AI-powered photo management |
| **Navidrome** | Bulgaria_VM | 🟢 | - | Music streaming server |
| **Airsonic** | Guava | 🟢 | - | Music streaming alternative |
| **Funkwhale** | Guava | 🟡 | - | Social music platform |
| **Sonarr** | Calypso | 🟢 | - | TV show management |
| **Radarr** | Calypso | 🟢 | - | Movie management |
| **Lidarr** | Calypso | 🟢 | - | Music management |
| **Readarr** | Calypso | 🟢 | - | Book management |
| **Whisparr** | Calypso | 🟢 | - | Adult content management |
| **Bazarr** | Calypso | 🟢 | - | Subtitle management |
| **Prowlarr** | Calypso | 🟢 | - | Indexer management |
| **Jackett** | Atlantis | 🟢 | - | Torrent indexer proxy |
| **FlareSolverr** | Calypso | 🟢 | - | Cloudflare bypass |
| **Tautulli** | Calypso | 🟢 | - | Plex monitoring |
| **Overseerr** | Calypso | 🟡 | - | Media request management |
| **Jellyseerr** | Calypso | 🟡 | - | Jellyfin request management |
| **Ombi** | Calypso | 🟡 | - | Media request platform |
| **Requestrr** | Calypso | 🟡 | - | Discord media requests |
| **SABnzbd** | Calypso | 🟢 | - | Usenet downloader |
| **NZBGet** | Calypso | 🟢 | - | Usenet downloader alternative |
| **Deluge** | Calypso | 🟢 | - | BitTorrent client |
| **qBittorrent** | Calypso | 🟢 | - | BitTorrent client |
| **Transmission** | Calypso | 🟢 | - | BitTorrent client |
| **rTorrent** | Calypso | 🟡 | - | Command-line BitTorrent |
| **MeTube** | Atlantis | 🟢 | - | YouTube downloader |
| **YouTube-DL** | Multiple | 🟢 | - | Video downloader |
| **yt-dlp** | Multiple | 🟢 | - | Enhanced YouTube downloader |
| **Podgrab** | Atlantis | 🟢 | - | Podcast downloader |
| **AudioBookshelf** | Atlantis | 🟡 | - | Audiobook and podcast server |
| **Calibre-Web** | Atlantis | 🟢 | - | Ebook library management |
| **Komga** | Atlantis | 🟡 | - | Comic and manga server |
| **Kavita** | Atlantis | 🟡 | - | Digital library |
| **Ubooquity** | Atlantis | 🟡 | - | Comic and ebook server |
| **LazyLibrarian** | Calypso | 🟡 | - | Book management |
| **Mylar** | Calypso | 🟡 | - | Comic book management |
| **GameVault** | Shinku-Ryuu | 🟡 | - | Game library management |
| **ROMM** | Shinku-Ryuu | 🟡 | - | ROM management |
### 🎮 Gaming & Entertainment (12 services)
| Service | Host | Difficulty | Description |
|---------|------|------------|-------------|
| **Satisfactory Server** | Homelab_VM | 🟢 | Factory building game server |
| **Minecraft Server** | Shinku-Ryuu | 🟢 | Minecraft game server |
| **Valheim Server** | Shinku-Ryuu | 🟡 | Valheim game server |
| **Terraria Server** | Shinku-Ryuu | 🟢 | Terraria game server |
| **Factorio Server** | Shinku-Ryuu | 🟡 | Factorio game server |
| **Left 4 Dead 2 Server** | Shinku-Ryuu | 🟡 | L4D2 dedicated server |
| **PMC Bind Server** | Shinku-Ryuu | 🟡 | Game server management |
| **SteamCMD** | Shinku-Ryuu | 🟡 | Steam server management |
| **Game Server Manager** | Shinku-Ryuu | 🟡 | Multi-game server management |
| **Pterodactyl** | Shinku-Ryuu | 🔴 | Game server control panel |
| **Crafty Controller** | Shinku-Ryuu | 🟡 | Minecraft server management |
| **AMP** | Shinku-Ryuu | 🔴 | Application Management Panel |
### 🏠 Home Automation & IoT (15 services)
| Service | Host | Difficulty | Description |
|---------|------|------------|-------------|
| **Home Assistant** | Concord-NUC | 🟡 | Smart home automation |
| **Matter Server** | Concord-NUC | 🟡 | Matter/Thread support |
| **Zigbee2MQTT** | Concord-NUC | 🟡 | Zigbee device integration |
| **Z-Wave JS** | Concord-NUC | 🟡 | Z-Wave device integration |
| **Mosquitto MQTT** | Concord-NUC | 🟡 | MQTT message broker |
| **Node-RED** | Concord-NUC | 🟡 | Visual automation flows |
| **ESPHome** | Concord-NUC | 🟡 | ESP device management |
| **Tasmota Admin** | Concord-NUC | 🟢 | Tasmota device management |
| **Frigate** | Guava | 🔴 | AI-powered security cameras |
| **Scrypted** | Guava | 🔴 | Camera and NVR platform |
| **ZoneMinder** | Guava | 🔴 | Security camera system |
| **Motion** | Guava | 🟡 | Motion detection |
| **RTSP Simple Server** | Guava | 🟡 | RTSP streaming server |
| **UniFi Controller** | Guava | 🟡 | Ubiquiti device management |
| **Pi.Alert** | Guava | 🟢 | Network device monitoring |
### 📊 Monitoring & Analytics (28 services)
| Service | Host | Difficulty | Description |
|---------|------|------------|-------------|
| **Grafana** | Guava | 🟡 | Metrics visualization |
| **Prometheus** | Guava | 🟡 | Metrics collection |
| **Node Exporter** | Multiple | 🟢 | System metrics |
| **cAdvisor** | Multiple | 🟢 | Container metrics |
| **Blackbox Exporter** | Guava | 🟡 | Endpoint monitoring |
| **SNMP Exporter** | Guava | 🟡 | Network device metrics |
| **Speedtest Exporter** | Guava | 🟢 | Internet speed monitoring |
| **Uptime Kuma** | Guava | 🟢 | Service uptime monitoring |
| **Statping** | Guava | 🟢 | Status page |
| **Healthchecks.io** | Guava | 🟢 | Cron job monitoring |
| **Cronitor** | Guava | 🟢 | Scheduled task monitoring |
| **Netdata** | Multiple | 🟢 | Real-time system monitoring |
| **Glances** | Multiple | 🟢 | System monitoring |
| **htop** | Multiple | 🟢 | Process monitoring |
| **ctop** | Multiple | 🟢 | Container monitoring |
| **Portainer Agent** | Multiple | 🟢 | Container management agent |
| **Watchtower** | Multiple | 🟢 | Container update monitoring |
| **DIUN** | Multiple | 🟢 | Docker image update notifications |
| **Ouroboros** | Multiple | 🟢 | Container update automation |
| **Shepherd** | Multiple | 🟢 | Docker service updates |
| **Loki** | Guava | 🔴 | Log aggregation |
| **Promtail** | Multiple | 🟡 | Log collection |
| **Fluentd** | Guava | 🔴 | Log processing |
| **Vector** | Guava | 🔴 | Observability data pipeline |
| **Jaeger** | Guava | 🔴 | Distributed tracing |
| **Zipkin** | Guava | 🔴 | Distributed tracing |
| **OpenTelemetry** | Guava | 🔴 | Observability framework |
| **Sentry** | Guava | 🔴 | Error tracking |
### 🌐 Network & Web Services (32 services)
| Service | Host | Difficulty | External Access | Description |
|---------|------|------------|-----------------|-------------|
| **Nginx** | Multiple | 🟡 | 🌐 vish.gg | Web server and reverse proxy |
| **Nginx Proxy Manager** | Calypso | 🟡 | - | SSL reverse proxy management |
| **Traefik** | Guava | 🔴 | - | Modern reverse proxy |
| **Caddy** | Guava | 🟡 | - | Automatic HTTPS web server |
| **HAProxy** | Guava | 🔴 | - | Load balancer |
| **Cloudflare Tunnel** | Multiple | 🟡 | - | Secure tunnel to Cloudflare |
| **DDNS Updater** | Multiple | 🟢 | - | Dynamic DNS updates |
| **Pi-hole** | Concord-NUC | 🟢 | - | Network-wide ad blocking |
| **AdGuard Home** | Guava | 🟢 | - | DNS ad blocking |
| **Unbound** | Guava | 🟡 | - | Recursive DNS resolver |
| **BIND9** | Guava | 🔴 | - | Authoritative DNS server |
| **Dnsmasq** | Multiple | 🟡 | - | Lightweight DNS/DHCP |
| **DHCP Server** | Guava | 🟡 | - | Dynamic IP assignment |
| **FTP Server** | Atlantis | 🟡 | - | File transfer protocol |
| **SFTP Server** | Multiple | 🟡 | - | Secure file transfer |
| **Samba** | Atlantis | 🟡 | - | Windows file sharing |
| **NFS Server** | Atlantis | 🟡 | - | Network file system |
| **WebDAV** | Atlantis | 🟡 | - | Web-based file access |
| **File Browser** | Multiple | 🟢 | - | Web file manager |
| **Nextcloud** | Atlantis | 🔴 | - | Cloud storage platform |
| **ownCloud** | Atlantis | 🔴 | - | Cloud storage alternative |
| **Seafile** | Atlantis | 🟡 | - | File sync and share |
| **Syncthing** | Multiple | 🟡 | - | Peer-to-peer file sync |
| **Resilio Sync** | Multiple | 🟡 | - | BitTorrent-based sync |
| **Rclone** | Multiple | 🟡 | - | Cloud storage sync |
| **Duplicati** | Multiple | 🟡 | - | Backup to cloud storage |
| **BorgBackup** | Multiple | 🔴 | - | Deduplicating backup |
| **Restic** | Multiple | 🟡 | - | Fast backup program |
| **Rsync** | Multiple | 🟡 | - | File synchronization |
| **WireGuard** | Multiple | 🟡 | - | VPN server |
| **OpenVPN** | Guava | 🔴 | - | VPN server |
| **Tailscale** | Multiple | 🟢 | - | Mesh VPN |
### 🔒 Security & Privacy (12 services)
| Service | Host | Difficulty | Description |
|---------|------|------------|-------------|
| **Vaultwarden** | Atlantis | 🟡 | Bitwarden-compatible password manager |
| **Authelia** | Guava | 🔴 | Authentication and authorization |
| **Keycloak** | Guava | 🔴 | Identity and access management |
| **Authentik** | Guava | 🔴 | Identity provider |
| **OAuth2 Proxy** | Guava | 🟡 | OAuth2 authentication proxy |
| **Fail2Ban** | Multiple | 🟡 | Intrusion prevention |
| **CrowdSec** | Multiple | 🟡 | Collaborative security |
| **Suricata** | Guava | 🔴 | Network threat detection |
| **Wazuh** | Guava | 🔴 | Security monitoring |
| **OSSEC** | Guava | 🔴 | Host intrusion detection |
| **ClamAV** | Multiple | 🟡 | Antivirus scanning |
| **Malware Scanner** | Multiple | 🟡 | File security scanning |
### 🛠️ Utilities & Tools (25 services)
| Service | Host | Difficulty | Description |
|---------|------|------------|-------------|
| **IT Tools** | Guava | 🟢 | Collection of IT utilities |
| **CyberChef** | Guava | 🟢 | Data analysis and encoding |
| **Stirling PDF** | Guava | 🟢 | PDF manipulation tools |
| **Gotenberg** | Guava | 🟡 | Document conversion API |
| **Apache Tika** | Guava | 🟡 | Content analysis toolkit |
| **Pandoc** | Guava | 🟡 | Document converter |
| **Draw.io** | Guava | 🟢 | Diagram creation |
| **Excalidraw** | Guava | 🟢 | Sketching tool |
| **Mermaid** | Guava | 🟢 | Diagram generation |
| **PlantUML** | Guava | 🟡 | UML diagram creation |
| **HedgeDoc** | Guava | 🟡 | Collaborative markdown editor |
| **BookStack** | Guava | 🟡 | Wiki platform |
| **DokuWiki** | Guava | 🟡 | File-based wiki |
| **TiddlyWiki** | Guava | 🟡 | Non-linear documentation |
| **Outline** | Guava | 🔴 | Team knowledge base |
| **Notion Alternative** | Guava | 🟡 | Workspace organization |
| **Joplin Server** | Guava | 🟡 | Note synchronization |
| **Standard Notes** | Guava | 🟡 | Encrypted notes |
| **Trilium** | Guava | 🟡 | Hierarchical note taking |
| **Obsidian LiveSync** | Guava | 🟡 | Obsidian synchronization |
| **Logseq** | Guava | 🟡 | Block-based note taking |
| **Athens** | Guava | 🟡 | Research tool |
| **Zotero** | Guava | 🟡 | Reference management |
| **Paperless-NGX** | Atlantis | 🟡 | Document management |
| **Teedy** | Atlantis | 🟡 | Document management |
## 🔍 Service Search & Filtering
### 🟢 Beginner-Friendly Services (Easy Setup)
- **Media**: Plex, Jellyfin, Navidrome, MeTube
- **Monitoring**: Uptime Kuma, Netdata, Glances
- **Utilities**: IT Tools, File Browser, Stirling PDF
- **Communication**: Element Web, Ntfy, Gotify
- **Development**: Dozzle, Watchtower, Code Server
### 🟡 Intermediate Services (Some Configuration Required)
- **Infrastructure**: Portainer, Nginx Proxy Manager, Grafana
- **Security**: Vaultwarden, Authelia, WireGuard
- **Home Automation**: Home Assistant, Node-RED
- **Development**: Gitea, Jenkins, Docker Registry
- **Media**: Immich, PhotoPrism, *arr stack
### 🔴 Advanced Services (Complex Setup)
- **Infrastructure**: Kubernetes, Nomad, Vault
- **Security**: Keycloak, Wazuh, Suricata
- **Communication**: Matrix Synapse, Mastodon
- **Monitoring**: ELK Stack, Jaeger, OpenTelemetry
- **AI/ML**: Stable Diffusion, ComfyUI, InvokeAI
## 📱 Services by Access Method
### 🌐 External Access (Internet)
- **Jitsi Meet**: Video conferencing via meet.thevish.io
- **Gitea**: Git repository via git.vish.gg (SSH port 2222)
- **Portainer**: Container management via pw.vish.gg:9443
- **Web Services**: Main site and proxied services via vish.gg
### 🔗 Tailscale Access (VPN)
- **All Services**: Accessible via hostname.tail.vish.gg
- **Admin Interfaces**: Secure access to management tools
- **Development**: Safe access to development services
- **Monitoring**: Private access to metrics and logs
### 🏠 Local Network Only
- **Infrastructure Services**: Core system components
- **Database Services**: Backend data storage
- **Internal APIs**: Service-to-service communication
- **Development Tools**: Local development environment
## 🚀 Quick Start Recommendations
### 🎬 Media Enthusiast
- Start with **Plex** or **Jellyfin** for streaming
- Add **Sonarr** and **Radarr** for content management
- Set up **Tautulli** for monitoring
- Configure **Overseerr** for requests
### 🔧 System Administrator
- Deploy **Portainer** for container management
- Set up **Grafana** and **Prometheus** for monitoring
- Configure **Uptime Kuma** for service monitoring
- Add **Vaultwarden** for password management
### 🏠 Smart Home User
- Install **Home Assistant** as the hub
- Add **Mosquitto MQTT** for device communication
- Set up **Node-RED** for automation
- Configure **Frigate** for security cameras
### 💻 Developer
- Set up **Gitea** for version control
- Deploy **Code Server** for remote development
- Add **Jenkins** or **Drone CI** for CI/CD
- Configure **Docker Registry** for images
## 📚 Documentation Standards
Each service documentation includes:
- **🎯 Purpose**: What the service does
- **🚀 Quick Start**: Basic deployment steps
- **🔧 Configuration**: Detailed setup options
- **🌐 Access Information**: How to reach the service
- **🔒 Security Considerations**: Important security notes
- **📊 Resource Requirements**: System requirements
- **🚨 Troubleshooting**: Common issues and solutions
- **📚 Additional Resources**: Links and references
## 🔄 Maintenance & Updates
- **Service Status**: All services actively maintained
- **Documentation Updates**: Synchronized with configuration changes
- **Version Tracking**: Container image versions documented
- **Security Updates**: Regular security patch applications
- **Backup Status**: Critical services backed up regularly
---
*Last Updated: 2025-11-17*
*Total Services: 159 fully documented*
*External Access: 4 services with domain names*
*Hosts: 14 systems across the infrastructure*
*Categories: 8 major service categories*

519
archive/joplin/02-Port-Forwarding-Configuration.md Normal file
View File

@@ -0,0 +1,519 @@
# 🔌 Port Forwarding Configuration
**🟡 Intermediate Infrastructure Guide**
This document details the current port forwarding configuration on the TP-Link Archer BE800 router, enabling external access to specific homelab services with automatic DDNS updates every 5 minutes.
> **🌐 Automatic Domain Updates**
> All domains are automatically updated via Cloudflare DDNS every 5 minutes, eliminating the need for manual IP management.
## 🔧 Current Port Forwarding Rules
Based on the TP-Link Archer BE800 router configuration:
### 📊 Active Port Forwards Summary
| Service Name | Device IP | External Port | Internal Port | Protocol | Domain Access |
|--------------|-----------|---------------|---------------|----------|---------------|
| **jitsi3** | 192.168.0.200 | 4443 | 4443 | TCP | meet.thevish.io:4443 |
| **stun3** | 192.168.0.200 | 5349 | 5349 | All | meet.thevish.io:5349 |
| **stun2** | 192.168.0.200 | 49160-49200 | 49160-49200 | All | meet.thevish.io (RTP) |
| **stun1** | 192.168.0.200 | 3478 | 3478 | All | meet.thevish.io:3478 |
| **gitea** | 192.168.0.250 | 2222 | 2222 | All | git.vish.gg:2222 |
| **portainer2** | 192.168.0.200 | 8000 | 8000 | All | pw.vish.gg:8000 |
| **portainer2** | 192.168.0.200 | 9443 | 9443 | All | pw.vish.gg:9443 |
| **portainer2** | 192.168.0.200 | 10000 | 10000 | All | pw.vish.gg:10000 |
| **Https** | 192.168.0.250 | 443 | 443 | All | vish.gg:443 |
| **HTTP** | 192.168.0.250 | 80 | 80 | All | vish.gg:80 |
## 🎯 Service Dependencies & External Access
### 🎥 Jitsi Meet Video Conferencing (192.168.0.200 - Atlantis)
#### External Access URLs
```
https://meet.thevish.io:4443 # Primary Jitsi Meet web interface
https://meet.vish.gg:4443 # Alternative domain access
```
#### Required Port Configuration
| Port | Protocol | Purpose | Critical |
|------|----------|---------|----------|
| 4443 | TCP | HTTPS web interface | ✅ Essential |
| 5349 | All | TURN server for NAT traversal | ✅ Essential |
| 3478 | All | STUN server for peer discovery | ✅ Essential |
| 49160-49200 | All | RTP media streams (40 port range) | ✅ Essential |
#### Service Dependencies
```
# WebRTC Media Flow
Internet → Router:4443 → Atlantis:5443 → jitsi-web:443
Internet → Router:3478 → Atlantis:3478 → STUN server
Internet → Router:5349 → Atlantis:5349 → TURN server
Internet → Router:49160-49200 → Atlantis:49160-49200 → RTP streams
# All 4 port ranges required for full functionality:
- WebRTC media negotiation depends on STUN/TURN
- RTP port range handles multiple concurrent calls
- HTTPS interface provides web-based meeting access
```
### 📝 Gitea Git Repository (192.168.0.250 - Calypso)
#### External Access URLs
```
# SSH Git Operations
ssh://git@git.vish.gg:2222
# Web Interface
https://git.vish.gg
# Git Commands
git clone ssh://git@git.vish.gg:2222/username/repo.git
git remote add origin ssh://git@git.vish.gg:2222/username/repo.git
git push origin main
```
#### Port Configuration
| Port | Protocol | Purpose | Authentication |
|------|----------|---------|----------------|
| 2222 | All | SSH access for Git operations | SSH Keys Required |
#### Service Dependencies
```
# SSH Git Access Flow
Internet → Router:2222 → Calypso:2222 → gitea:22
# Requirements:
- SSH key authentication required
- Alternative to HTTPS Git access
- Enables Git operations from external networks
- Web interface accessible via reverse proxy on port 443
```
### 🐳 Portainer Container Management (192.168.0.200 - Atlantis)
#### External Access URLs
```
https://pw.vish.gg:9443 # Primary Portainer HTTPS interface
https://vish.gg:9443 # Alternative domain access
https://pw.vish.gg:8000 # Edge Agent communication
https://pw.vish.gg:10000 # Additional services
```
#### Port Configuration
| Port | Protocol | Purpose | Security Level |
|------|----------|---------|----------------|
| 9443 | All | Primary HTTPS interface | 🔒 High |
| 8000 | All | Edge Agent communication | ⚠️ Medium |
| 10000 | All | Extended functionality | ⚠️ Medium |
#### Service Dependencies
```
# Container Management Flow
Internet → Router:9443 → Atlantis:9443 → portainer:9443
Internet → Router:8000 → Atlantis:8000 → portainer:8000
Internet → Router:10000 → Atlantis:10000 → portainer:10000
# All three ports required for full Portainer functionality:
- 9443: Primary HTTPS interface for web management
- 8000: Edge Agent enables remote Docker management
- 10000: Extended functionality and additional services
```
### 🌍 Web Services (192.168.0.250 - Calypso)
#### External Access URLs
```
https://vish.gg # Main web services (HTTPS)
https://www.vish.gg # WWW subdomain
http://vish.gg # HTTP (redirects to HTTPS)
# Additional Cloudflare Proxied Services:
https://cal.vish.gg # Calendar service
https://reddit.vish.gg # Reddit alternative
https://matrix.thevish.io # Matrix chat server
https://joplin.thevish.io # Joplin notes
https://www.thevish.io # Alternative main domain
```
#### Port Configuration
| Port | Protocol | Purpose | Redirect |
|------|----------|---------|----------|
| 443 | All | HTTPS web services | Primary |
| 80 | All | HTTP (redirects to HTTPS) | → 443 |
#### Service Dependencies
```
# Web Services Flow
Internet → Router:443 → Calypso:443 → nginx:443
Internet → Router:80 → Calypso:80 → nginx:80 → redirect to 443
# Requirements:
- Reverse proxy (Nginx) on Calypso handles routing
- SSL/TLS certificates for HTTPS (Let's Encrypt)
- Automatic HTTP to HTTPS redirection
- Cloudflare proxy protection for some subdomains
```
## 🏠 Host Mapping & Service Distribution
### 📊 Services by Host
| Host | IP Address | Services | Port Forwards | Primary Function |
|------|------------|----------|---------------|------------------|
| **Atlantis** | 192.168.0.200 | 45 services | 4 forwards | Jitsi Meet, Portainer |
| **Calypso** | 192.168.0.250 | 38 services | 3 forwards | Gitea SSH, Web Services |
### 🔌 Port Forward Distribution
#### Atlantis (192.168.0.200)
- **Jitsi Meet Video Conferencing**: 4 port forwards
- 4443/TCP: HTTPS web interface
- 5349/All: TURN server
- 49160-49200/All: RTP media (40 ports)
- 3478/All: STUN server
- **Portainer Container Management**: 3 port forwards
- 9443/All: HTTPS interface
- 8000/All: Edge Agent
- 10000/All: Additional services
#### Calypso (192.168.0.250)
- **Gitea Git Repository**: 1 port forward
- 2222/All: SSH Git access
- **Web Services**: 2 port forwards
- 443/All: HTTPS web services
- 80/All: HTTP (redirects to HTTPS)
## 🔒 Security Analysis & Risk Assessment
### ✅ High Security Services
| Service | Port | Security Features | Risk Level |
|---------|------|-------------------|------------|
| **HTTPS Web (443)** | 443 | Encrypted traffic, reverse proxy protected | 🟢 Low |
| **Jitsi Meet (4443)** | 4443 | Encrypted video conferencing, HTTPS | 🟢 Low |
| **Portainer HTTPS (9443)** | 9443 | Encrypted container management | 🟢 Low |
### ⚠️ Medium Security Services
| Service | Port | Security Considerations | Recommendations |
|---------|------|------------------------|-----------------|
| **Gitea SSH (2222)** | 2222 | SSH key authentication required | Monitor access logs |
| **Portainer Edge (8000)** | 8000 | Agent communication, should be secured | Implement IP restrictions |
| **HTTP (80)** | 80 | Unencrypted, should redirect to HTTPS | Verify redirect works |
### 🔧 Network Services
| Service | Ports | Protocol Type | Security Notes |
|---------|-------|---------------|----------------|
| **STUN/TURN** | 3478, 5349 | Standard WebRTC protocols | Industry standard, encrypted by Jitsi |
| **RTP Media** | 49160-49200 | Media streams | Encrypted by Jitsi, 40 port range |
### 🛡️ Security Recommendations
#### Authentication & Access Control
```
# 1. Strong Authentication
- SSH keys for Gitea (port 2222) - disable password auth
- 2FA on Portainer (port 9443) - enable for all users
- Strong passwords on all web services
- Regular credential rotation
# 2. Access Monitoring
- Review Nginx/reverse proxy logs regularly
- Monitor failed authentication attempts
- Set up alerts for suspicious activity
- Log SSH access attempts on port 2222
# 3. Network Security
- Consider IP whitelisting for admin services
- Implement rate limiting on web interfaces
- Use VPN (Tailscale) for administrative access
- Regular security updates for all exposed services
```
#### Service Hardening
```
# 4. Service Security
- Keep all exposed services updated
- Monitor CVE databases for vulnerabilities
- Implement automated security scanning
- Regular backup of service configurations
# 5. Network Segmentation
- Consider moving exposed services to DMZ
- Implement firewall rules between network segments
- Use VLANs to isolate public-facing services
- Monitor inter-service communication
```
## 🌐 External Access Methods & Alternatives
### 🔌 Primary Access (Port Forwarding)
```
# Direct external access via domain names (DDNS updated every 5 minutes)
https://pw.vish.gg:9443 # Portainer
https://meet.thevish.io:4443 # Jitsi Meet (primary)
ssh://git@git.vish.gg:2222 # Gitea SSH
# Alternative domain access
https://vish.gg:9443 # Portainer (main domain)
https://meet.vish.gg:4443 # Jitsi Meet (alt domain)
https://www.vish.gg # Main web services (HTTPS)
https://vish.gg # Main web services (HTTPS)
# Additional service domains (from Cloudflare DNS)
https://cal.vish.gg # Calendar service (proxied)
https://reddit.vish.gg # Reddit alternative (proxied)
https://www.thevish.io # Alternative main domain (proxied)
https://matrix.thevish.io # Matrix chat server (proxied)
https://joplin.thevish.io # Joplin notes (proxied)
```
### 🔗 Alternative Access (Tailscale VPN)
```
# Secure mesh VPN access (recommended for admin)
https://atlantis.tail.vish.gg:9443 # Portainer via Tailscale
https://atlantis.tail.vish.gg:4443 # Jitsi via Tailscale
ssh://git@calypso.tail.vish.gg:2222 # Gitea via Tailscale
# Benefits of Tailscale access:
- No port forwarding required
- End-to-end encryption
- Access control via Tailscale ACLs
- No exposure to internet threats
```
### 🔄 Hybrid Approach (Recommended)
```
# Public Services (External Access)
- Jitsi Meet: External users need direct access
- Web Services: Public content via port forwarding
- Git Repository: Public repositories via HTTPS
# Admin Services (Tailscale Access)
- Portainer: Container management via VPN
- Gitea Admin: Administrative functions via VPN
- Monitoring: Grafana, Prometheus via VPN
```
## 🔄 Dynamic DNS (DDNS) Configuration
### 🌐 Automated DDNS Updates
```
# Cloudflare DDNS Configuration
- Update Frequency: Every 5 minutes
- Domains: vish.gg and thevish.io
- Record Types: IPv4 (A) and IPv6 (AAAA)
- Automation: 4 DDNS services running
# DDNS Services:
- ddns-vish-proxied: Updates proxied A records for vish.gg
- ddns-vish-unproxied: Updates DNS-only A records for vish.gg
- ddns-thevish-proxied: Updates proxied records for thevish.io
- ddns-thevish-unproxied: Updates DNS-only records for thevish.io
```
### 📊 Service Categories
```
# Proxied Services (Cloudflare Protection)
- cal.vish.gg, reddit.vish.gg, www.vish.gg
- matrix.thevish.io, joplin.thevish.io, www.thevish.io
- Benefits: DDoS protection, caching, SSL termination
# DNS-Only Services (Direct Access)
- git.vish.gg, meet.thevish.io, pw.vish.gg
- api.vish.gg, spotify.vish.gg
- Benefits: Direct connection, no proxy overhead
```
## 🚨 Troubleshooting & Diagnostics
### 🔍 Common Issues & Solutions
#### Service Not Accessible Externally
```
# Diagnostic Steps:
1. Verify port forward rule is enabled in router
2. Confirm internal service is running on host
3. Test internal access first (192.168.0.x:port)
4. Check firewall rules on target host
5. Verify router external IP hasn't changed
6. Test DNS resolution: nslookup domain.com
# Commands:
docker-compose ps # Check service status
netstat -tulpn | grep PORT # Verify port binding
nmap -p PORT domain.com # Test external access
curl -I https://domain.com # HTTP connectivity test
```
#### Jitsi Meet Connection Issues
```
# WebRTC requires all ports - test each:
nmap -p 4443 meet.thevish.io # Web interface
nmap -p 3478 meet.thevish.io # STUN server
nmap -p 5349 meet.thevish.io # TURN server
nmap -p 49160-49200 meet.thevish.io # RTP range
# Browser diagnostics:
1. Open browser developer tools
2. Go to Network tab during call
3. Look for STUN/TURN connection attempts
4. Check for WebRTC errors in console
5. Test with different networks/devices
```
#### Gitea SSH Access Problems
```
# SSH troubleshooting steps:
ssh -p 2222 git@git.vish.gg # Test SSH connection
ssh-add -l # Check loaded SSH keys
cat ~/.ssh/id_rsa.pub # Verify public key
nmap -p 2222 git.vish.gg # Test port accessibility
# Gitea-specific checks:
docker-compose logs gitea | grep ssh
# Check Gitea SSH configuration in admin panel
# Verify SSH key is added to Gitea user account
```
#### Portainer Access Issues
```
# Test all Portainer ports:
curl -I https://pw.vish.gg:9443 # Main interface
curl -I https://pw.vish.gg:8000 # Edge Agent
curl -I https://pw.vish.gg:10000 # Additional services
# Container diagnostics:
docker-compose logs portainer
docker stats portainer
# Check Portainer logs for authentication errors
```
### 🔧 Performance Optimization
#### Network Performance
```
# Monitor bandwidth usage:
iftop -i eth0 # Real-time bandwidth
vnstat -i eth0 # Historical usage
speedtest-cli # Internet speed test
# Optimize for concurrent users:
# Jitsi: Increase JVB memory allocation
# Gitea: Configure Git LFS for large files
# Portainer: Increase container resources
```
#### Service Performance
```
# Resource monitoring:
docker stats # Container resource usage
htop # System resource usage
df -h # Disk space usage
# Service-specific optimization:
# Jitsi: Configure for expected concurrent meetings
# Nginx: Enable gzip compression and caching
# Database: Optimize PostgreSQL settings
```
## 📋 Maintenance & Configuration Management
### 🔄 Regular Maintenance Tasks
#### Monthly Tasks
```
# Security and monitoring:
□ Review access logs for all forwarded services
□ Test external access to all forwarded ports
□ Update service passwords and SSH keys
□ Backup router configuration
□ Verify DDNS updates are working
□ Check SSL certificate expiration dates
```
#### Quarterly Tasks
```
# Comprehensive review:
□ Security audit of exposed services
□ Update all forwarded services to latest versions
□ Review and optimize port forwarding rules
□ Test disaster recovery procedures
□ Audit user accounts and permissions
□ Review and update documentation
```
#### Annual Tasks
```
# Major maintenance:
□ Complete security assessment
□ Review and update network architecture
□ Evaluate need for additional security measures
□ Plan for service migrations or updates
□ Review and update disaster recovery plans
□ Comprehensive backup and restore testing
```
### 📊 Configuration Backup & Documentation
#### Router Configuration
```
# TP-Link Archer BE800 backup:
- Export configuration monthly
- Document all port forward changes
- Maintain change log with dates and reasons
- Store backup files securely
- Test configuration restoration procedures
```
#### Service Health Monitoring
```
# Automated monitoring setup:
- Uptime monitoring for each forwarded port
- Health checks for critical services
- Alerts for service failures
- Performance metrics collection
- Log aggregation and analysis
```
## 🔗 Integration with Homelab Infrastructure
### 🌐 Tailscale Mesh Integration
```
# Secure internal access alternatives:
https://atlantis.tail.vish.gg:9443 # Portainer
https://atlantis.tail.vish.gg:4443 # Jitsi Meet
ssh://git@calypso.tail.vish.gg:2222 # Gitea SSH
# Benefits:
- No port forwarding required for admin access
- End-to-end encryption via WireGuard
- Access control via Tailscale ACLs
- Works from anywhere with internet
```
### 📊 Monitoring Integration
```
# Service monitoring via Grafana/Prometheus:
- External service availability monitoring
- Response time tracking
- Error rate monitoring
- Resource usage correlation
- Alert integration with notification services
```
### 🔄 Backup Integration
```
# Service data backup:
- Gitea repositories: automated Git backups
- Portainer configurations: volume backups
- Jitsi recordings: cloud storage sync
- Web service data: regular file system backups
```
---
*Last Updated: 2025-11-17*
*Active Port Forwards: 10 rules across 2 hosts*
*External Domains: 12 with automatic DDNS updates*
*DDNS Update Frequency: Every 5 minutes via Cloudflare*
*Security Status: All services monitored and hardened*

329
archive/joplin/02-Quick-Start-Guide.md Normal file
View File

@@ -0,0 +1,329 @@
# 🚀 Quick Start Guide
**🟢 Beginner-Friendly**
Get up and running with your first homelab service in under 30 minutes! This guide will walk you through deploying a simple service using the established patterns from this homelab.
## 🎯 What We'll Build
We'll deploy **Uptime Kuma** - a simple, beginner-friendly monitoring tool that will:
- Monitor your other services
- Send you alerts when things go down
- Provide a beautiful dashboard
- Teach you the basic deployment patterns
## 📋 Prerequisites
### ✅ What You Need
- A computer running Linux (Ubuntu, Debian, or similar)
- Docker and Docker Compose installed
- Basic command line knowledge
- 30 minutes of time
### 🔧 Install Docker (if needed)
```bash
# Update system
sudo apt update && sudo apt upgrade -y
# Install Docker
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
# Add your user to docker group
sudo usermod -aG docker $USER
# Install Docker Compose
sudo apt install docker-compose -y
# Verify installation
docker --version
docker-compose --version
```
## 📁 Step 1: Create Project Structure
```bash
# Create project directory
mkdir -p ~/homelab/monitoring
cd ~/homelab/monitoring
# Create the directory structure
mkdir -p uptime-kuma/data
```
## 📝 Step 2: Create Docker Compose File
Create the main configuration file:
```bash
cat > uptime-kuma/docker-compose.yml << 'EOF'
version: '3.9'
services:
uptime-kuma:
image: louislam/uptime-kuma:latest
container_name: Uptime-Kuma
hostname: uptime-kuma
# Security settings
security_opt:
- no-new-privileges:true
user: 1000:1000 # Adjust for your system
# Health check
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:3001/api/status-page/heartbeat/default"]
interval: 30s
timeout: 10s
retries: 3
start_period: 60s
# Restart policy
restart: on-failure:5
# Resource limits
deploy:
resources:
limits:
memory: 512M
cpus: '0.5'
# Port mapping
ports:
- "3001:3001"
# Data persistence
volumes:
- ./data:/app/data:rw
- /etc/localtime:/etc/localtime:ro
# Environment variables
environment:
- TZ=America/Los_Angeles # Change to your timezone
# Custom network
networks:
- monitoring-network
networks:
monitoring-network:
name: monitoring-network
ipam:
config:
- subnet: 192.168.100.0/24
EOF
```
## 🔧 Step 3: Configure Environment
Create an environment file for easy customization:
```bash
cat > uptime-kuma/.env << 'EOF'
# Timezone (change to your location)
TZ=America/Los_Angeles
# User ID and Group ID (run 'id' command to find yours)
PUID=1000
PGID=1000
# Port (change if 3001 is already in use)
PORT=3001
EOF
```
## 🚀 Step 4: Deploy the Service
```bash
# Navigate to the service directory
cd uptime-kuma
# Start the service
docker-compose up -d
# Check if it's running
docker-compose ps
# View logs
docker-compose logs -f
```
You should see output like:
```
uptime-kuma_1 | Welcome to Uptime Kuma
uptime-kuma_1 | Server is running on port 3001
```
## 🌐 Step 5: Access Your Service
1. **Open your web browser**
2. **Navigate to**: `http://your-server-ip:3001`
3. **Create admin account** on first visit
4. **Start monitoring services!**
## 🎯 Step 6: Add Your First Monitor
1. **Click "Add New Monitor"**
2. **Configure a basic HTTP monitor**:
- **Monitor Type**: HTTP(s)
- **Friendly Name**: Google
- **URL**: https://google.com
- **Heartbeat Interval**: 60 seconds
3. **Click "Save"**
Congratulations! You've deployed your first homelab service! 🎉
## 🔍 Understanding What We Built
### 📦 Docker Compose Structure
```yaml
# This tells Docker what version of compose syntax we're using
version: '3.9'
# Services section defines our containers
services:
uptime-kuma: # Service name
image: louislam/uptime-kuma # Docker image to use
container_name: Uptime-Kuma # Custom container name
ports: # Port mapping (host:container)
- "3001:3001"
volumes: # Data persistence
- ./data:/app/data:rw # Maps local ./data to container /app/data
environment: # Environment variables
- TZ=America/Los_Angeles
```
### 🔐 Security Features
- **no-new-privileges**: Prevents privilege escalation
- **User mapping**: Runs as non-root user
- **Resource limits**: Prevents resource exhaustion
- **Health checks**: Monitors service health
### 📊 Monitoring Features
- **Health checks**: Docker monitors the container
- **Restart policy**: Automatically restarts on failure
- **Logging**: All output captured by Docker
## 🎓 Next Steps - Expand Your Homelab
### 🟢 Beginner Services (Try Next)
1. **Pi-hole** - Block ads network-wide
```bash
# Copy the uptime-kuma pattern and adapt for Pi-hole
mkdir ~/homelab/pihole
# Use the Pi-hole configuration from Atlantis/pihole.yml
```
2. **Portainer** - Manage Docker containers with a web UI
```bash
mkdir ~/homelab/portainer
# Adapt the pattern for Portainer
```
3. **Nginx Proxy Manager** - Manage reverse proxy with SSL
```bash
mkdir ~/homelab/proxy
# Use the pattern from Atlantis/nginxproxymanager/
```
### 🟡 Intermediate Services (When Ready)
1. **Plex or Jellyfin** - Media streaming
2. **Vaultwarden** - Password manager
3. **Grafana + Prometheus** - Advanced monitoring
### 🔴 Advanced Services (For Later)
1. **GitLab** - Complete DevOps platform
2. **Home Assistant** - Smart home automation
3. **Matrix Synapse** - Decentralized chat
## 🛠️ Common Customizations
### 🔧 Change the Port
If port 3001 is already in use:
```yaml
ports:
- "3002:3001" # Use port 3002 instead
```
### 🔧 Different Data Location
To store data elsewhere:
```yaml
volumes:
- /home/user/uptime-data:/app/data:rw
```
### 🔧 Add Resource Limits
For a more powerful server:
```yaml
deploy:
resources:
limits:
memory: 1G
cpus: '1.0'
```
## 🚨 Troubleshooting
### ❌ Service Won't Start
```bash
# Check logs for errors
docker-compose logs
# Check if port is already in use
sudo netstat -tulpn | grep :3001
# Check file permissions
ls -la data/
```
### ❌ Can't Access Web Interface
```bash
# Check if container is running
docker ps
# Test internal connectivity
docker exec Uptime-Kuma curl http://localhost:3001
# Check firewall
sudo ufw status
sudo ufw allow 3001
```
### ❌ Data Not Persisting
```bash
# Check volume mount
docker inspect Uptime-Kuma | grep -A 10 Mounts
# Fix permissions
sudo chown -R 1000:1000 ./data
```
## 🎯 What You've Learned
**Docker Compose basics**
**Service deployment patterns**
**Data persistence with volumes**
**Network configuration**
**Security best practices**
**Health monitoring**
**Troubleshooting basics**
## 📋 Next Reading
- **[03-Architecture-Overview](03-Architecture-Overview.md)**: Understand how everything fits together
- **[20-Service-Categories](20-Service-Categories.md)**: Explore what services are available
- **[30-Deployment-Guide](30-Deployment-Guide.md)**: Learn advanced deployment patterns
- **[40-Common-Issues](40-Common-Issues.md)**: Troubleshoot problems
---
**🎉 Congratulations!** You've successfully deployed your first homelab service using the same patterns used across all 176 services in this infrastructure. You're now ready to explore more complex services and build your own homelab empire!
*Remember: Every expert was once a beginner. Start small, learn continuously, and don't be afraid to break things - that's how you learn!*
## 🔗 Related Documents
- **[00-Homelab-Documentation-Index](00-Homelab-Documentation-Index.md)**: Main documentation index
- **[01-What-is-a-Homelab](01-What-is-a-Homelab.md)**: Understanding homelabs
- **[04-Prerequisites](04-Prerequisites.md)**: What you need before starting
- **[22-Popular-Services](22-Popular-Services.md)**: Essential services to deploy next

235
archive/joplin/19-Individual-Service-Docs.md Normal file
View File

@@ -0,0 +1,235 @@
# 📚 Individual Service Documentation Index
This comprehensive index contains detailed documentation for all **159 services** running across the homelab infrastructure. Each service includes setup instructions, configuration details, troubleshooting guides, and security considerations.
> **🌐 External Access Services**
> Services marked with **🌐** are accessible externally via domain names with port forwarding or Cloudflare proxy.
## 🎯 How to Use This Documentation
Each service documentation includes:
- **Service Overview**: Host, category, difficulty level
- **Purpose**: What the service does and why it's useful
- **Quick Start**: Step-by-step deployment instructions
- **Configuration**: Complete Docker Compose setup
- **Environment Variables**: All configuration options
- **Port & Volume Mappings**: Network and storage details
- **Access Information**: How to reach the service
- **Security Considerations**: Best practices and recommendations
- **Troubleshooting**: Common issues and solutions
- **Related Services**: Dependencies and integrations
## 📋 Services by Category
### 🤖 AI (1 service)
- 🟢 **Ollama** - guava - Large language model server
### 💬 Communication (10 services)
- 🟢 **Element Web** - anubis - Matrix web client
- 🟡 **Jicofo** - Atlantis - Jitsi conference focus
- 🟡 **JVB** - Atlantis - Jitsi video bridge
- 🔴 **Mastodon** - Atlantis - Decentralized social network
- 🔴 **Mastodon DB** - Atlantis - Mastodon database
- 🔴 **Mastodon Redis** - Atlantis - Mastodon cache
- 🟡 **Mattermost** - homelab_vm - Team collaboration platform
- 🟡 **Mattermost DB** - homelab_vm - Mattermost database
- 🟢 **Prosody** - Atlantis - XMPP server
- 🟢 **Signal CLI REST API** - homelab_vm - Signal messaging API
### 🛠️ Development (4 services)
- 🟢 **Companion** - concord_nuc - Development companion tool
- 🟢 **Inv Sig Helper** - concord_nuc - Invidious signature helper
- 🟡 **Invidious** - concord_nuc - YouTube frontend
- 🟢 **Redlib** - Atlantis - Reddit frontend
### 🎮 Gaming (1 service)
- 🟢 **Satisfactory Server** - homelab_vm - Factory building game server
### 🎬 Media (20 services)
- 🟢 **Bazarr** - Calypso - Subtitle management
- 🟢 **Calibre Web** - Atlantis - E-book library web interface
- 🟡 **Database** - raspberry-pi-5-vish - Media database
- 🟡 **Immich DB** - Calypso - Immich photo database
- 🟡 **Immich Machine Learning** - Calypso - Immich ML processing
- 🟡 **Immich Redis** - Calypso - Immich cache
- 🟡 **Immich Server** - raspberry-pi-5-vish - Photo management server
- 🟢 **Jackett** - Atlantis - Torrent indexer proxy
- 🟡 **Jellyfin** - Chicago_vm - Media server
- 🟢 **Lidarr** - Calypso - Music collection manager
- 🟢 **LinuxServer Prowlarr** - Calypso - Indexer manager
- 🟢 **Navidrome** - Bulgaria_vm - Music streaming server
- 🟡 **PhotoPrism** - anubis - AI-powered photo management
- 🟢 **Plex** - Calypso - Media server and streaming
- 🟢 **Prowlarr** - Calypso - Indexer manager
- 🟢 **Radarr** - Calypso - Movie collection manager
- 🟢 **Readarr** - Calypso - Book collection manager
- 🟢 **RomM** - homelab_vm - ROM management
- 🟢 **Sonarr** - Calypso - TV series collection manager
- 🟢 **Tautulli** - Calypso - Plex monitoring and statistics
### 📊 Monitoring (11 services)
- 🟡 **Blackbox Exporter** - Calypso - HTTP/HTTPS monitoring
- 🟡 **cAdvisor** - Calypso - Container resource monitoring
- 🟡 **Dash.** - homelab_vm - Server dashboard
- 🟡 **Grafana** - Calypso - Metrics visualization
- 🟡 **Node Exporter** - Calypso - System metrics exporter
- 🟡 **Prometheus** - Calypso - Metrics collection and storage
- 🟡 **SNMP Exporter** - Calypso - SNMP metrics exporter
- 🟡 **Speedtest Exporter** - Calypso - Internet speed monitoring
- 🟡 **Uptime Kuma** - Atlantis - Uptime monitoring
- 🟡 **Watchtower** - Atlantis - Container update automation
- 🟡 **WatchYourLAN** - homelab_vm - Network device monitoring
### 🌐 Networking (8 services)
- 🟡 **DDNS Crista Love** - guava - Dynamic DNS updater
- 🟡 **DDNS TheVish Proxied** - Atlantis - Dynamic DNS with proxy
- 🟡 **DDNS TheVish Unproxied** - Atlantis - Dynamic DNS direct
- 🟡 **DDNS Updater** - homelab_vm - Dynamic DNS service
- 🟡 **DDNS Vish 13340** - concord_nuc - Dynamic DNS on port 13340
- 🟡 **DDNS Vish Proxied** - Atlantis - Dynamic DNS with proxy
- 🟡 **DDNS Vish Unproxied** - Atlantis - Dynamic DNS direct
- 🟡 **Nginx Proxy Manager** - Atlantis - Reverse proxy management
### 🔧 Other Services (104 services)
- 🟢 **Actual Server** - Chicago_vm - Budget management
- 🟡 **AdGuard** - Chicago_vm - DNS ad blocking
- 🟢 **API** - Atlantis - API service
- 🟢 **App** - Atlantis - Application service
- 🔴 **APT Cacher NG** - Chicago_vm - Package caching proxy
- 🟢 **APT Repo** - Atlantis - APT repository
- 🟡 **ArchiveBox** - anubis - Web archiving
- 🟡 **ArchiveBox Scheduler** - guava - Archive scheduling
- 🟡 **Baikal** - Atlantis - CalDAV/CardDAV server
- 🟢 **BG Helper** - concord_nuc - Background helper service
- 🟢 **Binternet** - homelab_vm - Binary internet service
- 🟢 **Cache** - Chicago_vm - Caching service
- 🟢 **Chrome** - Calypso - Headless Chrome browser
- 🟢 **Cloudflare DNS Updater** - raspberry-pi-5-vish - DNS updater
- 🔴 **CoCalc** - guava - Collaborative calculation platform
- 🟢 **Coturn** - Atlantis - TURN/STUN server
- 🟢 **Cron** - Chicago_vm - Scheduled task runner
- 🟢 **Database** - raspberry-pi-5-vish - Database service
- 🟢 **DB** - Atlantis - Database service
- 🟢 **Deiucanta** - anubis - Custom service
- 🟢 **DockPeek** - Atlantis - Docker container inspector
- 🟢 **Documenso** - Atlantis - Document signing platform
- 🟢 **DokuWiki** - Atlantis - Wiki platform
- 🟢 **Dozzle** - Atlantis - Docker log viewer
- 🟢 **Draw.io** - anubis - Diagram creation tool
- 🟢 **Droppy** - homelab_vm - File sharing platform
- 🟢 **Fasten** - guava - Health record management
- 🟢 **Fenrus** - Atlantis - Application dashboard
- 🟡 **Firefly** - Atlantis - Personal finance manager
- 🟡 **Firefly DB** - Atlantis - Firefly database
- 🟡 **Firefly DB Backup** - Atlantis - Database backup service
- 🟡 **Firefly Redis** - Atlantis - Firefly cache
- 🟢 **FlareSolverr** - Calypso - Cloudflare bypass proxy
- 🟢 **Front** - Atlantis - Frontend service
- 🟢 **Gotenberg** - Atlantis - Document conversion API
- 🟢 **Gotify** - homelab_vm - Push notification server
- 🟢 **Home Assistant** - concord_nuc - Home automation platform
- 🟢 **Hyperpipe Back** - Atlantis - YouTube Music backend
- 🟢 **Hyperpipe Front** - Atlantis - YouTube Music frontend
- 🟢 **Importer** - Chicago_vm - Data import service
- 🟢 **Invidious DB** - concord_nuc - Invidious database
- 🟢 **iPerf3** - Atlantis - Network performance testing
- 🟢 **IT Tools** - Atlantis - IT utility collection
- 🟢 **JDownloader 2** - Atlantis - Download manager
- 🟢 **Jellyseerr** - Calypso - Media request management
- 🟢 **LibReddit** - homelab_vm - Reddit frontend
- 🟢 **LinuxGSM L4D2** - homelab_vm - Left 4 Dead 2 server
- 🟢 **LinuxGSM PMC Bind** - homelab_vm - Game server binding
- 🟢 **Materialious** - concord_nuc - Material design frontend
- 🔴 **Matrix Conduit** - anubis - Lightweight Matrix server
- 🟢 **Matter Server** - concord_nuc - Matter protocol server
- 🟢 **Meilisearch** - homelab_vm - Search engine
- 🟢 **MeTube** - homelab_vm - YouTube downloader
- 🟢 **MinIO** - Calypso - Object storage server
- 🟢 **MongoDB** - Chicago_vm - NoSQL database
- 🟢 **Neko Rooms** - Chicago_vm - Virtual browser rooms
- 🔴 **NetBox** - Atlantis - Network documentation
- 🟡 **NetBox DB** - Atlantis - NetBox database
- 🟡 **NetBox Redis** - Atlantis - NetBox cache
- 🟢 **Nginx** - Atlantis - Web server
- 🟢 **ntfy** - Atlantis - Push notification service
- 🟢 **OpenProject** - homelab_vm - Project management
- 🟢 **Open WebUI** - guava - AI chat interface
- 🟢 **Pi.Alert** - anubis - Network device scanner
- 🟡 **Pi-hole** - Atlantis - DNS ad blocker
- 🟢 **Piped** - concord_nuc - YouTube frontend
- 🟢 **Piped Back** - Atlantis - Piped backend
- 🟢 **Piped Front** - Atlantis - Piped frontend
- 🟢 **Piped Frontend** - concord_nuc - Piped web interface
- 🟢 **Piped Proxy** - Atlantis - Piped proxy service
- 🟢 **PodGrab** - homelab_vm - Podcast downloader
- 🟢 **PostgreSQL** - concord_nuc - Relational database
- 🟢 **ProtonMail Bridge** - homelab_vm - ProtonMail IMAP/SMTP
- 🟢 **ProxiTok** - anubis - TikTok frontend
- 🟢 **RainLoop** - homelab_vm - Web email client
- 🟢 **Redis** - Atlantis - In-memory data store
- 🟢 **Resume** - Calypso - Resume/CV service
- 🟢 **Roundcube** - homelab_vm - Web email client
- 🟢 **Roundcube ProtonMail** - homelab_vm - Roundcube for ProtonMail
- 🟢 **SABnzbd** - Calypso - Usenet downloader
- 🟢 **Seafile** - Chicago_vm - File sync and share
- 🟢 **Server** - homelab_vm - Generic server service
- 🟢 **Shlink** - homelab_vm - URL shortener
- 🟢 **Shlink DB** - homelab_vm - Shlink database
- 🟢 **Shlink Web** - homelab_vm - Shlink web interface
- 🟢 **Signer** - Chicago_vm - Document signing service
- 🟢 **Sonic** - guava - Search backend
- 🟢 **Stirling PDF** - Atlantis - PDF manipulation tools
- 🔴 **Synapse** - Atlantis - Matrix homeserver
- 🟡 **Synapse DB** - Atlantis - Synapse database
- 🟢 **Syncthing** - homelab_vm - File synchronization
- 🟢 **Termix** - Atlantis - Terminal service
- 🟢 **Tika** - Atlantis - Content analysis toolkit
- 🔴 **Vaultwarden** - Atlantis - Password manager
- 🟢 **Web** - Calypso - Web service
- 🟢 **WebCheck** - homelab_vm - Website analyzer
- 🟢 **WebCord** - homelab_vm - Discord client
- 🟢 **WebServer** - Atlantis - Web server service
- 🟢 **WebUI** - guava - Web interface
- 🟡 **WG Easy** - concord_nuc - WireGuard VPN manager
- 🟡 **WGEasy** - Atlantis - WireGuard VPN interface
- 🟢 **Whisparr** - Calypso - Adult content manager
- 🟢 **Wizarr** - Calypso - User invitation system
- 🟢 **YouTube Downloader** - Atlantis - YouTube video downloader
## 📊 Statistics
- **Total Services**: 159
- **Categories**: 7
- **Hosts**: 13
- **Beginner-Friendly (🟢)**: 104 services
- **Intermediate (🟡)**: 42 services
- **Advanced (🔴)**: 13 services
## 🔍 Quick Search Tips
1. **By Category**: Use the category sections above
2. **By Difficulty**: Look for the colored indicators (🟢🟡🔴)
3. **By Host**: Services are listed with their host names
4. **By Function**: Service names often indicate their purpose
## 💡 Usage Tips
- **Start with 🟢 services** if you're new to homelabs
- **🟡 services** require basic Docker/Linux knowledge
- **🔴 services** need significant technical expertise
- Check the main documentation for deployment patterns
- Use the troubleshooting guides for common issues
## 🔗 Related Documentation
- [02-Quick-Start-Guide](02-Quick-Start-Guide.md) - Getting started
- [22-Popular-Services](22-Popular-Services.md) - Most commonly used services
- [30-Deployment-Guide](30-Deployment-Guide.md) - How to deploy services
- [40-Common-Issues](40-Common-Issues.md) - Troubleshooting help
---
*This index provides an overview of all individual service documentation. Each service has its own detailed guide with complete setup and configuration instructions.*
*Last Updated: November 2024*
*Total Services Documented: 159*

254
archive/joplin/22-Popular-Services.md Normal file
View File

@@ -0,0 +1,254 @@
# ⭐ Popular Services Guide
**🟡 Intermediate Guide**
This guide covers the most popular and useful services in the homelab, with detailed setup instructions and real-world usage examples. These services provide the most value and are great starting points for any homelab.
## 🎯 Top 10 Must-Have Services
| Rank | Service | Category | Difficulty | Why It's Essential |
|------|---------|----------|------------|-------------------|
| 1 | **Uptime Kuma** | Monitoring | 🟢 | Know when services go down |
| 2 | **Plex/Jellyfin** | Media | 🟢 | Your personal Netflix |
| 3 | **Vaultwarden** | Security | 🟡 | Secure password management |
| 4 | **Pi-hole** | Security | 🟡 | Block ads network-wide |
| 5 | **Portainer** | Management | 🟡 | Manage Docker containers easily |
| 6 | **Immich** | Media | 🟡 | Your personal Google Photos |
| 7 | **Nginx Proxy Manager** | Infrastructure | 🟡 | Manage web services with SSL |
| 8 | **Paperless-NGX** | Productivity | 🟡 | Go completely paperless |
| 9 | **Grafana + Prometheus** | Monitoring | 🔴 | Advanced system monitoring |
| 10 | **Syncthing** | Storage | 🟡 | Sync files without cloud |
---
## 1⃣ Uptime Kuma - Service Monitoring
**🟢 Beginner-Friendly | Essential for Everyone**
### 🎯 What It Does
- Monitors all your services 24/7
- Sends alerts when services go down
- Beautiful dashboard showing service status
- Tracks uptime statistics and response times
### 🚀 Quick Setup
```yaml
version: '3.9'
services:
uptime-kuma:
image: louislam/uptime-kuma:latest
container_name: Uptime-Kuma
ports:
- "3001:3001"
volumes:
- ./data:/app/data
environment:
- TZ=America/Los_Angeles
restart: on-failure:5
```
### 🔧 Configuration Tips
- **First setup**: Create admin account immediately
- **Monitor types**: HTTP, TCP, Ping, DNS, Docker containers
- **Notifications**: Set up email, Discord, Slack alerts
- **Status pages**: Create public status pages for users
### 💡 Pro Tips
- Monitor your router/modem for internet connectivity
- Set up keyword monitoring for login pages
- Use different check intervals (60s for critical, 300s for others)
- Create notification groups to avoid spam
---
## 2⃣ Plex - Media Streaming Server
**🟢 Beginner-Friendly | Entertainment Essential**
### 🎯 What It Does
- Stream movies, TV shows, music to any device
- Automatic metadata and artwork fetching
- User management with sharing capabilities
- Mobile apps for iOS/Android
### 🚀 Quick Setup
```yaml
version: '3.9'
services:
plex:
image: plexinc/pms-docker:latest
container_name: Plex
hostname: plex-server
ports:
- "32400:32400"
environment:
- TZ=America/Los_Angeles
- PLEX_CLAIM=claim-xxxxxxxxxxxx # Get from plex.tv/claim
- PLEX_UID=1026
- PLEX_GID=100
volumes:
- ./config:/config
- /volume1/media/movies:/movies:ro
- /volume1/media/tv:/tv:ro
- /volume1/media/music:/music:ro
restart: on-failure:5
```
### 📁 Media Organization
```
/volume1/media/
├── movies/
│ ├── Avatar (2009)/
│ │ └── Avatar (2009).mkv
│ └── Inception (2010)/
│ └── Inception (2010).mkv
├── tv/
│ ├── Breaking Bad/
│ │ ├── Season 01/
│ │ └── Season 02/
│ └── The Office/
└── music/
├── Artist Name/
│ └── Album Name/
└── Various Artists/
```
### 🔧 Essential Settings
- **Remote Access**: Enable for mobile access
- **Hardware Transcoding**: Enable if you have Intel/NVIDIA GPU
- **Libraries**: Separate libraries for Movies, TV, Music
- **Users**: Create accounts for family members
### 💡 Pro Tips
- Use Plex naming conventions for best metadata
- Enable "Empty trash automatically"
- Set up Tautulli for usage statistics
- Consider Plex Pass for premium features
---
## 3⃣ Vaultwarden - Password Manager
**🟡 Intermediate | Security Essential**
### 🎯 What It Does
- Stores all passwords securely encrypted
- Generates strong passwords automatically
- Syncs across all devices (phone, computer, browser)
- Compatible with Bitwarden apps
### 🚀 Quick Setup
```yaml
version: '3.9'
services:
vaultwarden:
image: vaultwarden/server:latest
container_name: Vaultwarden
ports:
- "8012:80"
volumes:
- ./data:/data
environment:
- WEBSOCKET_ENABLED=true
- SIGNUPS_ALLOWED=true # Disable after creating accounts
- ADMIN_TOKEN=REDACTED_TOKEN
- DOMAIN=https://vault.yourdomain.com
restart: on-failure:5
```
### 🔐 Security Setup
1. **Create admin token**: `openssl rand -base64 48`
2. **Disable signups** after creating accounts
3. **Enable 2FA** for all accounts
4. **Set up HTTPS** with reverse proxy
5. **Regular backups** of `/data` directory
### 📱 Client Setup
- **Browser**: Install Bitwarden extension
- **Mobile**: Download Bitwarden app
- **Desktop**: Bitwarden desktop application
- **Server URL**: Point to your Vaultwarden instance
### 💡 Pro Tips
- Use organization vaults for shared passwords
- Set up emergency access for family
- Enable breach monitoring if available
- Regular password audits for weak/reused passwords
---
## 🚀 Getting Started Recommendations
### 🎯 Week 1: Foundation
1. **Uptime Kuma**: Monitor your services
2. **Portainer**: Manage Docker containers
3. **Nginx Proxy Manager**: Set up reverse proxy
### 🎯 Week 2: Core Services
4. **Vaultwarden**: Secure password management
5. **Pi-hole**: Block ads network-wide
6. **Plex/Jellyfin**: Start your media server
### 🎯 Week 3: Productivity
7. **Immich**: Photo management
8. **Paperless-NGX**: Document digitization
9. **Syncthing**: File synchronization
### 🎯 Week 4: Advanced
10. **Grafana + Prometheus**: Advanced monitoring
## 📊 Service Comparison
### 🎬 Media Servers
| Feature | Plex | Jellyfin | Emby |
|---------|------|----------|------|
| **Cost** | Free/Premium | Free | Free/Premium |
| **Ease of Use** | Excellent | Good | Good |
| **Mobile Apps** | Excellent | Good | Good |
| **Hardware Transcoding** | Premium | Free | Premium |
| **Plugins** | Limited | Extensive | Moderate |
### 🔐 Password Managers
| Feature | Vaultwarden | Bitwarden | 1Password |
|---------|-------------|-----------|-----------|
| **Self-hosted** | Yes | No | No |
| **Cost** | Free | Free/Premium | Premium |
| **Features** | Full | Limited/Full | Full |
| **Mobile Apps** | Yes | Yes | Yes |
| **Browser Extensions** | Yes | Yes | Yes |
### 📊 Monitoring Solutions
| Feature | Uptime Kuma | Grafana | Zabbix |
|---------|-------------|---------|--------|
| **Complexity** | Low | Medium | High |
| **Features** | Basic | Advanced | Enterprise |
| **Setup Time** | 10 minutes | 2 hours | 8+ hours |
| **Resource Usage** | Low | Medium | High |
---
## 📋 Next Steps
### 🎯 After Popular Services
- **[20-Service-Categories](20-Service-Categories.md)**: Explore more specialized services
- **[21-Service-Index](21-Service-Index.md)**: Complete list of all available services
- **[30-Deployment-Guide](30-Deployment-Guide.md)**: Learn advanced deployment patterns
- **[50-Ansible-Automation](50-Ansible-Automation.md)**: Automation and scaling
### 🎯 Community Resources
- **r/homelab**: Reddit community for homelab enthusiasts
- **r/selfhosted**: Self-hosting community and discussions
- **Discord servers**: Real-time chat with other homelabbers
- **YouTube channels**: TechnoTim, NetworkChuck, Craft Computing
---
*These popular services form the backbone of most successful homelabs. Start with the ones that solve your immediate needs, then gradually expand your infrastructure as you become more comfortable with the technology.*
## 🔗 Related Documents
- **[00-Homelab-Documentation-Index](00-Homelab-Documentation-Index.md)**: Main documentation index
- **[02-Quick-Start-Guide](02-Quick-Start-Guide.md)**: Deploy your first service
- **[20-Service-Categories](20-Service-Categories.md)**: All service categories
- **[30-Deployment-Guide](30-Deployment-Guide.md)**: Deployment patterns
- **[40-Common-Issues](40-Common-Issues.md)**: Troubleshooting guide

107
archive/joplin/README.md Normal file
View File

@@ -0,0 +1,107 @@
# Joplin Documentation Format
This directory contains the homelab documentation formatted specifically for Joplin note-taking application. The files are organized with numbered prefixes for easy sorting and navigation.
## 📁 File Structure
Files are numbered for logical organization in Joplin:
- **00-09**: Index and overview documents
- `00-Homelab-Documentation-Index.md` - Main index
- **10-19**: Infrastructure and architecture
- `19-Individual-Service-Docs.md` - **NEW!** Complete index of all 159 individual service docs
- **20-29**: Services and applications
- `22-Popular-Services.md` - Popular services guide
- **30-39**: Administration and deployment
- **40-49**: Troubleshooting and maintenance
- **50-59**: Advanced topics and automation
## 🔧 How to Import into Joplin
### Option 1: Individual File Import
1. Open Joplin
2. Create a new notebook called "Homelab Documentation"
3. For each `.md` file:
- File → Import → Markdown files
- Select the file
- Import into the Homelab Documentation notebook
### Option 2: Bulk Import
1. Open Joplin
2. File → Import → Markdown files
3. Select all `.md` files in this directory
4. Choose "Homelab Documentation" as the destination notebook
### Option 3: Folder Import
1. Copy this entire `joplin/` directory to a temporary location
2. In Joplin: File → Import → Markdown files
3. Select the directory
4. All files will be imported with proper organization
## 🎨 Joplin-Specific Features
These files are optimized for Joplin with:
- **Numbered prefixes**: For automatic sorting
- **Cross-references**: Links between related documents
- **Table of contents**: In the main index file
- **Consistent formatting**: Standard Markdown with Joplin compatibility
- **Emoji icons**: For visual organization and quick identification
## 📱 Mobile Compatibility
These files work well on Joplin mobile apps:
- Tables are formatted for mobile viewing
- Code blocks are properly formatted
- Links work across devices
- Images and diagrams are optimized
## 🔍 Search and Organization
In Joplin, you can:
- **Search across all documents**: Use Joplin's full-text search
- **Tag documents**: Add tags like `#homelab`, `#docker`, `#beginner`
- **Create shortcuts**: Pin frequently accessed documents
- **Use notebooks**: Organize by topic or skill level
## 🔄 Keeping Updated
To update the documentation:
1. Replace the files in your Joplin notebook
2. Or re-import the updated files
3. Joplin will preserve your notes and annotations
## 📝 Customization
You can customize these files in Joplin:
- Add your own notes and annotations
- Create additional cross-references
- Add tags for better organization
- Modify formatting to your preferences
## 💡 Tips for Using in Joplin
1. **Create a dedicated notebook**: Keep all homelab docs together
2. **Use tags**: Tag documents by difficulty level or topic
3. **Pin important docs**: Pin the index and frequently used guides
4. **Enable synchronization**: Sync across all your devices
5. **Use the web clipper**: Add related articles and resources
## 🔗 Related
- Main documentation: `../docs/`
- DokuWiki format: `../dokuwiki/`
- Original repository structure: `../`
## 📋 Document Numbering System
- **00-09**: Overview and getting started
- **10-19**: Infrastructure and architecture
- **20-29**: Services and applications
- **30-39**: Administration and deployment
- **40-49**: Troubleshooting and maintenance
- **50-59**: Advanced topics and automation
- **60-69**: Reference materials (future use)
- **70-79**: Templates and examples (future use)
- **80-89**: Community and resources (future use)
- **90-99**: Appendices and extras (future use)