From a97febcc20bdf62eb979cc22714fb5d05189c507 Mon Sep 17 00:00:00 2001 From: Jamie Miller Date: Sat, 10 Jan 2026 12:20:19 +0000 Subject: [PATCH] Docs: consolidate service inventories into two tables (Internal Docker Services, External Non-Docker Services); remove narrative duplication; fix Crafty Controller labeling; update Last Updated --- README.md | 171 +++++++++++++++++++++++++++++++----------------------- 1 file changed, 97 insertions(+), 74 deletions(-) diff --git a/README.md b/README.md index af2075c..32aac62 100644 --- a/README.md +++ b/README.md @@ -16,66 +16,66 @@ This infrastructure manages a comprehensive self-hosted environment including me ### Service Categories #### Management & Infrastructure -- **Glances**: System monitoring dashboard -- **Portainer**: Container management UI -- **Watchtower**: Automatic container updates -- **Homepage**: Service dashboard -- **Docker Proxy**: Secure Docker socket proxy -- **Nginx Proxy Manager (NPM)**: Reverse proxy with SSL +- Glances: System monitoring dashboard +- Portainer: Container management UI +- Watchtower: Automatic container updates +- Homepage: Service dashboard +- Docker Proxy: Secure Docker socket proxy +- Nginx Proxy Manager (NPM): Reverse proxy with SSL #### Media & Arr Stack -- **Prowlarr**: Indexer manager -- **Radarr**: Movie management -- **Sonarr**: TV show management -- **Lidarr**: Music management -- **Bazarr**: Subtitle management -- **Jellyseerr**: Media request management -- **Jellyfin**: Media server with hardware transcoding -- **qBittorrent**: Download client -- **Flaresolverr**: Cloudflare bypass -- **Slskd**: Soulseek client -- **Soulsync**: Music sync automation +- Prowlarr: Indexer manager +- Radarr: Movie management +- Sonarr: TV show management +- Lidarr: Music management +- Bazarr: Subtitle management +- Jellyseerr: Media request management +- Jellyfin: Media server with hardware transcoding +- qBittorrent: Download client +- Flaresolverr: Cloudflare bypass +- Slskd: Soulsearch client +- Soulsync: Music sync automation #### Document & AI Suite -- **Paperless-ngx**: Document management system +- Paperless-ngx: Document management system - MariaDB database - Redis broker - Tika for text extraction - Gotenberg for PDF rendering -- **Paperless-AI**: AI-powered document analysis -- **OnlyOffice**: Document collaboration server -- **Stirling-PDF**: PDF manipulation tools -- **Open WebUI**: LLM interface -- **LiteLLM**: LLM proxy/gateway with PostgreSQL +- Paperless-AI: AI-powered document analysis +- OnlyOffice: Document collaboration server +- Stirling-PDF: PDF manipulation tools +- Open WebUI: LLM interface +- LiteLLM: LLM proxy/gateway with PostgreSQL #### Photo & Data Management -- **Immich**: Photo management and backup +- Immich: Photo management and backup - PostgreSQL with vector extensions - Redis cache - - Optimized storage: SSD for thumbnails/profiles, NAS for full resolution -- **Syncthing**: File synchronization (Obsidian vaults) + - SSD/NAS storage for thumbnails/profiles and full resolution +- Syncthing: File synchronization (Obsidian vaults) #### Development -- **Gitea**: Self-hosted Git service with MySQL +- Gitea: Self-hosted Git service with MySQL #### Genealogy -- **GrampsWeb**: Web interface for genealogy research +- GrampsWeb: Web interface for genealogy research - Two instances: Jamie and Helen family trees - Shared Redis broker #### Utilities -- **Speedtest Tracker**: Network performance monitoring with MariaDB -- **RustDesk**: Remote desktop (hbbs + hbbr servers) -- **RedBot**: Discord bot -- **iperf3**: Network performance testing -- **Newt**: Custom application +- Speedtest Tracker: Network performance monitoring with MariaDB +- RustDesk: Remote desktop (hbbs + hbbr servers) +- RedBot: Discord bot +- iperf3: Network performance testing +- Newt: Custom application #### Finance -- **WYGIWYH**: Financial tracking with PostgreSQL +- WYGIWYH: Financial tracking with PostgreSQL #### Music & Scrobbling -- **Maloja**: Music scrobbling server -- **Multi-Scrobbler**: Cross-platform scrobbler +- Maloja: Music scrobbling server +- Multi-Scrobbler: Cross-platform scrobbler ## Storage Structure @@ -119,7 +119,7 @@ This infrastructure manages a comprehensive self-hosted environment including me ### Required Environment Variables (.env file) -```bash +``` # System PUID=1000 PGID=1000 @@ -178,29 +178,25 @@ REDBOT_TOKEN=your_discord_bot_token ## Installation -1. **Clone/Download this repository** - -2. **Create required directories** +1. Clone/Download this repository +2. Create required directories ```bash # See directory_structure.sh for automated setup chmod +x directory_structure.sh ./directory_structure.sh ``` - -3. **Create .env file** +3. Create .env file ```bash cp .env.example .env # Edit .env with your values nano .env ``` - -4. **Set correct permissions** +4. Set correct permissions ```bash sudo chown -R $PUID:$PGID /docker sudo chown -R $PUID:$PGID /mnt/Nas-Storage/data ``` - -5. **Start services** +5. Start services ```bash docker compose up -d ``` @@ -232,20 +228,6 @@ Default ports (configure reverse proxy for SSL/domains): - NPM Admin: 81 - Maloja: 42010 - Multi-Scrobbler: 9078 - - WYGIWYH: 9008 - - External Non-Docker Services (Inline): See list below - - - npm (Nginx Proxy Manager) — 192.168.0.10 — Web UI; admin: 81 - - adguard (AdGuard Home) — 192.168.0.11 — DNS/ad-blocking; UI: 3000 - - vaultwarden (Vaultwarden) — 192.168.0.12 — Password manager; Web UI: 80/8080 - - crafty (Crafty Controller) — 192.168.0.13 — Home automation central - - nextcloud — 192.168.0.14 — File sync and collaboration; UI: 443 - - homeassistant — 192.168.0.15 — Home automation; UI: 8123 - - foundryvtt — 192.168.0.16 — Foundry Virtual Tabletop; UI: 30000 - - openmediavault — 192.168.0.17 — NAS management; UI: 80/443 - - wordpress-irodori — 192.168.0.18 — WordPress site; UI: 80 - - wordpress-dustin — 192.168.0.19 — WordPress site; UI: 80 - ## Maintenance @@ -264,15 +246,16 @@ Default ports (configure reverse proxy for SSL/domains): Watchtower automatically updates containers daily. To manually update: -```bash +``` docker compose pull + docker compose up -d ``` ### Logs View logs for any service: -```bash +``` docker compose logs -f [service_name] ``` @@ -288,28 +271,28 @@ Jellyfin is configured for Intel GPU transcoding: - Group: `104` (render group) Verify GPU access: -```bash +``` ls -l /dev/dri/renderD128 ``` ## Security Considerations -1. **Secrets Management**: Store `.env` securely, never commit to version control -2. **Network Segmentation**: Database network is internal-only -3. **Container Security**: `no-new-privileges:true` on supported services -4. **Reverse Proxy**: Use NPM for SSL termination and authentication -5. **Updates**: Watchtower keeps containers updated +1. Secrets Management: Store `.env` securely, never commit to version control +2. Network Segmentation: Database network is internal-only +3. Container Security: `no-new-privileges:true` on supported services +4. Reverse Proxy: Use NPM for SSL termination and authentication +5. Updates: Watchtower keeps containers updated ## Troubleshooting ### Service won't start -```bash +``` docker compose logs [service_name] docker compose restart [service_name] ``` ### Database connection issues -```bash +``` # Check database is healthy docker compose ps # Verify network connectivity @@ -317,7 +300,7 @@ docker compose exec [service] ping [db_service] ``` ### Permission errors -```bash +``` # Verify ownership ls -la /docker/[service]/ # Fix if needed @@ -325,19 +308,59 @@ sudo chown -R $PUID:$PGID /docker/[service]/ ``` ### Storage full -```bash +``` # Check Docker disk usage docker system df # Clean up unused resources docker system prune -a ``` -## External Non-Docker Services (Inline)\nThis section lists non-Docker services running on Proxmox LXCs and VMs with host IPs and brief descriptions. Ports may vary; verify in each VM/Container.\n\n- npm (Nginx Proxy Manager) — 192.168.0.10 — Web UI; admin: 81\n- adguard — 192.168.0.11 — DNS/ad-blocking; UI: 3000\n- vaultwarden — 192.168.0.12 — Password manager; UI: 80/8080\n- crafty — 192.168.0.13 — Home automation central\n- nextcloud — 192.168.0.14 — File sync and collaboration; UI: 443\n- homeassistant — 192.168.0.15 — Home automation UI: 8123\n- foundryvtt — 192.168.0.16 — Foundry VTT; UI: 30000\n- openmediavault — 192.168.0.17 — NAS management; UI: 80/443\n- wordpress-irodori — 192.168.0.18 — WordPress site; UI: 80\n- wordpress-dustin — 192.168.0.19 — WordPress site; UI: 80\n\nIf you want, I can tighten these with exact ports from your Proxmox/VM configs and add links to each service's docs.\n\n## Migration/Restoration\n\nYour homelab includes a number of LXC and VM-based services running outside Docker. This section documents their host IPs, brief descriptions, and typical access ports. Note that ports can be customized; confirm in your Proxmox/VM configs.\n\n- npm (Nginx Proxy Manager) — 192.168.0.10 — Web UI and reverse proxy management; typical host ports: 80/443 (service accessible via web browser), admin: 81.\n- adguard (AdGuard Home) — 192.168.0.11 — DNS/ad-blocking; UI at 3000.\n- vaultwarden (Vaultwarden) — 192.168.0.12 — Password manager; Web UI default port 80/8080.\n- crafty (Crafty Controller) — 192.168.0.13 — Home automation central; Web UI default port depends on config.\n- nextcloud — 192.168.0.14 — File sync and collaboration; UI at 443.\n- homeassistant — 192.168.0.15 — Home automation; UI at 8123.\n- foundryvtt — 192.168.0.16 — Virtual tabletop; UI at 30000 (default).\n- openmediavault (OMV) — 192.168.0.17 — NAS management; UI at 80/443.\n- wordpress-irodori — 192.168.0.18 — WordPress site; UI at 80.\n- wordpress-dustin — 192.168.0.19 — WordPress site; UI at 80.\n\nIf you want, I can tighten these with exact ports from your Proxmox/VM configs and add links to each service's docs.\n\n## Migration/Restoration +## Internal Docker Services\n\n| Service | Role / Component | Web UI Port | Notes | +|---|---|---:|---| +| Jellyfin | Media server with hardware transcoding | 8096 | - | +| Jellyseerr | Media request management | 5055 | - | +| Radarr | Movie management | 7878 | - | +| Sonarr | TV show management | 8989 | - | +| Lidarr | Music management | 8686 | - | +| Bazarr | Subtitle management | 6767 | - | +| Prowlarr | Indexer manager | 9696 | - | +| qBittorrent | Download client | 7070 | - | +| Paperless | Document management interface | 8100 | - | +| Stirling-PDF | PDF manipulation tools | 8090 | - | +| OnlyOffice | Document collaboration server | 8091 | - | +| Open WebUI | LLM interface | 3000 | - | +| Immich | Photo management | 2283 | - | +| Syncthing | File synchronization | 8384 | - | +| Gitea | Git service | 8418 | - | +| GrampsWeb Jamie | Genealogy UI | 5511 | - | +| GrampsWeb Helen | Genealogy UI | 5512 | - | +| Speedtest Tracker | Network performance | 8180 | - | +| NPM Admin | NPM admin UI | 81 | - | +| Maloja | Music scrobbling | 42010 | - | +| Multi-Scrobbler | Cross-platform scrobbler | 9078 | - | +| WYGIWYH | Financial tracking | 9008 | - | +| Portainer | Container management UI | 9443 | - | +| Homepage | Service dashboard | 7575 | - | + +## External Non-Docker Services\n\n| Service | IP | Role / Description | Web UI Port | Notes |\n|---|---|---|---:|---|\n| npm (Nginx Proxy Manager) | 192.168.0.10 | Web UI; admin: 81 | 80/443 | - |\n| adguard | 192.168.0.11 | DNS/ad-blocking | 3000 | - |\n| vaultwarden | 192.168.0.12 | Password manager | 80/8080 | - |\n| crafty (Crafty Controller) | 192.168.0.13 | Minecraft server management | 3000 | - |\n| nextcloud | 192.168.0.14 | File sync and collaboration | 443 | - |\n| homeassistant | 192.168.0.15 | Home automation | 8123 | - |\n| foundryvtt | 192.168.0.16 | Foundry VTT | 30000 | - |\n| openmediavault | 192.168.0.17 | NAS management | 80/443 | - |\n| wordpress-irodori | 192.168.0.18 | WordPress site | 80 | - |\n| wordpress-dustin | 192.168.0.19 | WordPress site | 80 | - |\n\nIf you want, I can tighten these with exact ports from your Proxmox/VM configs and add links to each service's docs.\n\n## Migration/Restoration + +Your homelab includes a number of LXCs/VMs outside Docker. This section documents their host IPs, brief descriptions, and typical access ports. Verify in your Proxmox/VM configs. + +- npm (Nginx Proxy Manager) — 192.168.0.10 — Web UI and reverse proxy management; typical host ports: 80/443, admin: 81 +- adguard (AdGuard Home) — 192.168.0.11 — DNS/ad-blocking; UI: 3000 +- vaultwarden (Vaultwarden) — 192.168.0.12 — Password manager; UI: 80/8080 +- crafty (Crafty Controller) — 192.168.0.13 — Home automation central +- nextcloud — 192.168.0.14 — File sync and collaboration; UI: 443 +- homeassistant — 192.168.0.15 — Home automation; UI: 8123 +- foundryvtt — 192.168.0.16 — Foundry VTT; UI: 30000 +- openmediavault (OMV) — 192.168.0.17 — NAS management; UI: 80/443 +- wordpress-irodori — 192.168.0.18 — WordPress site; UI: 80 +- wordpress-dustin — 192.168.0.19 — WordPress site; UI: 80 1. Install Docker and Docker Compose on new system 2. Restore `/docker/` directory structure 3. Restore `.env` file -4. Restore database volumes (if applicable) +4. Restore database volumes 5. Mount NAS storage at `/mnt/Nas-Storage/data/` 6. Run `docker compose up -d`