selfhosted
/
selfhosted-apps-docker
mirror of https://github.com/DoTheEvo/selfhosted-apps-docker.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

update

This commit is contained in:
DoTheEvo 2023-06-18 14:31:32 +02:00
parent 45ce2391e3
commit 2e04d43415
8 changed files with 442 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

232
NUT-Network UPS Tools/readme.md Normal file
View File

@ -0,0 +1,232 @@
# NUT - Network UPS Tools
###### guide-by-example
![logo](https://i.imgur.com/TAIgm4Y.png)
# Purpose & Overview
UPS - uninterruptible power supply managment. Huge drivers support.
* [Official site](https://networkupstools.org/index.html)
* [Github](https://github.com/networkupstools/nut)
* [Archlinux Wiki](https://wiki.archlinux.org/title/Network_UPS_Tools)
The main objective is to be able to shutdown properly larger amount of devices
when power goes out and ups battery starts to get low.
Nut is collection of programs and drivers, mostly written in C.
For webgui it uses apache webserver.
[Techno Tim youtube video](https://www.youtube.com/watch?v=vyBP7wpN72c)
As per the video I am testing this running on rpi.
[Here's](https://github.com/DoTheEvo/selfhosted-apps-docker/tree/master/arch_raspberry_pi)
arch on rpi setup.
---
![interface-pic](https://i.imgur.com/ekA7Hms.png)
# Files and directory structure
```
/home/
└── ~/
└── docker/
└── rustdesk/
├── 🗁 rustdesk_data/
├── 🗋 .env
└── 🗋 docker-compose.yml
```
* `rustdesk_data/` - persistent data, contains sqlite database and the keys
* `.env` - a file containing environment variables for docker compose
* `docker-compose.yml` - a docker compose file, telling docker how to run the containers
You only need to provide the two files.</br>
The directory is created by docker compose on the first run.
# docker-compose
Using [S6-overlay](https://github.com/rustdesk/rustdesk-server#s6-overlay-based-images)
based image.<br>
It's a simpler, single container approach. The
[complexity](https://github.com/rustdesk/rustdesk-server#classic-image)
of rustdesk's `hbbs` server and `hbbr` relay hidden.
No network section since no http traffic that would need reverse proxy, yet.<br>
So just mapped ports on to docker host to do their thing.
`docker-compose.yml`
```yml
services:
rustdesk:
image: rustdesk/rustdesk-server-s6:1.1.7-1
container_name: rustdesk
hostname: rustdesk
restart: unless-stopped
env_file: .env
ports:
- "21116:21116"
- "21115:21115"
- "21116:21116/udp"
- "21117:21117"
- "21118:21118"
- "21119:21119"
volumes:
- ./rustdesk_data:/data
```
`.env`
```bash
# GENERAL
TZ=Europe/Bratislava
# RUSTDESK
RELAY=rust.example.com:21117
ENCRYPTED_ONLY=1
# KEY_PRIV=<put here content of ./rustdesk_data/id_ed25519>
# KEY_PUB=<put here content of ./rustdesk_data/id_ed25519.pub>
```
In the `.env` file encryption is enabled, so that only clients that have
correct public key will be allowed access to the rustdesk server.<br>
The keys are generated on the first run of the compose and can be found in
the `rustdesk_data` directory.
Once generated they should be added to the `.env` file for easier migration.
The public key needs to be distributed with the clients apps installation.
# Port forwarding
as can be seen in the compose
* **21115 - 21119** TCP need to be forwarded to docker host<br>
* **21116** is TCP **and UDP**
21115 is used for the NAT type test,
21116/UDP is used for the ID registration and heartbeat service,
21116/TCP is used for TCP hole punching and connection service,
21117 is used for the Relay services,
and 21118 and 21119 are used to support web clients.<br>
[source](https://rustdesk.com/docs/en/self-host/install/)
---
![interface-pic](https://i.imgur.com/CK6pRyq.png)
# The installation on clients
* Download and install the client apps from [the official site](https://rustdesk.com/).
* Three dots > ID/Relay Server
* `ID Server`: rust.example.com
* `Key`: *\<content of id_ed25519.pub\>*
* The green dot at the bottom should be green saying "ready".
![settings-pic](https://i.imgur.com/lX6egMH.png)
**On windows** one
[can deploy](https://rustdesk.com/docs/en/self-host/install/#put-config-in-rustdeskexe-file-name-windows-only)
client with **pre-sets** by renaming the installation file to:
`rustdesk-host=<host-ip-or-name>,key=<public-key-string>.exe`
example: `rustdesk-host=rust.example.com,key=3AVva64bn1ea2vsDuOuQH3i8+2M=.exe`
If by chance the public key contains symbols not usable in windows filenames,
down the container, delete the files `id_ed25519` and `id_ed25519.pub`,
up the container and try with the new keys.
# Extra info
* You really really **really want to be using domain and not your public IP**
when installing clients and setting ID server. That `rust.example.com`
can be changed to point at a different IP any time you want. Hard set IP not.
* Can do `tcpdump -n udp port 21116` on a docker host to **see heartbeat** udp traffic.
Seems machines report-in every \~13 seconds.
* on **windows** a **service** named `rustdesk` is enabled.
Disable it if the machine should be accessible only on demand,
when someone first runs rustdesk manually.<br>
In powershell - `Set-Service rustdesk -StartupType Disabled`
* One can relatively easily
**hardcode server url and pub key in to an executable** using
[github actions.](https://rustdesk.com/docs/en/self-host/hardcode-settings/)<br>
Tested it and it works. But seems you can only do workflow run of nightly build,
meaning all the latest stuff added is included, which means higher chance of bugs.<br>
Make sure you do step *"Enable upload permissions for workflows"*,
before you run the workflow.
* Questions about issues with selfhosting are **not answered** on github -
[#763](https://github.com/rustdesk/rustdesk/discussions/763),
next to try is their [discord](https://discord.com/invite/nDceKgxnkV) or
[subreddit](https://www.reddit.com/r/rustdesk/).
* [FAQ](https://github.com/rustdesk/rustdesk/wiki/FAQ)
* How does [rustdesk work?](https://github.com/rustdesk/rustdesk/wiki/How-does-RustDesk-work%3F)
![logo](https://i.imgur.com/ptfVMtJ.png)
# Trouble shooting
---
#### If just one machine is having issues.
uninstall, plus delete:
* `C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\RustDesk`
* `%AppData%\RustDesk`
Restart. Reinstall.<br>
Do not use the installer you used before, **download** from the site latest.
---
#### Error - Failed to connect to relay server
* I had wrong url set as `RELAY` in the `.env`
* if url is correct I would test if port 21117 tcp forwards
---
#### Investigate port forwarding
Install netcat and tcpdump on the docker host.
* docker compose down rustdesk container so that ports are free to use
* start a small netcat server listening on whichever port we test<br>
`sudo nc -u -vv -l -p 21116`<br>
the `-u` means udp traffic, delete to do tcp
* on a machine somewhere else in the world, not on the same network, try
`nc -u <public-ip> 21116`
If you write something and press enter, it should appear on the other machine, confirming
that port forwarding works.<br>
Also useful command can be `tcpdump -n udp port 21116`<br>
When port forwarding works, one should see heartbeat chatter,
as machines with installed rustdesk are announcing themselves every \~13 seconds.
---
# Manual image update:
- `docker-compose pull`</br>
- `docker-compose up -d`</br>
- `docker image prune`
# Backup and restore
#### Backup
Using [borg](https://github.com/DoTheEvo/selfhosted-apps-docker/tree/master/borg_backup)
that makes daily snapshot of the entire directory.
#### Restore
* down the bookstack containers `docker-compose down`</br>
* delete the entire bookstack directory</br>
* from the backup copy back the bookstack directory</br>
* start the containers `docker-compose up -d`

33
README.md
View File

@ -49,10 +49,6 @@ Repo documents self hosted apps in similar format and also uses caddy for revers
- `docker-compose.yml` does **not** need any **editing** to get something up,
**changes** are to be done in the `.env` file.
- **Not using** `ports` directive if theres **only** web traffic for a container.<br>
Theres an expectation of running a **reverse proxy** which makes **mapping ports**
to a docker host **unnecessary**. Instead `expose` is used which is basically
just documentation.<br>
- For **persistent** storage **bind mount** `./whatever_data` is used.
No volumes, nor static path somewhere... just relative path next to compose file.
- **No version** declaration at the beginning of **compose**, as the practice was
@ -224,28 +220,27 @@ or enable freshly discovered feature for all future deployments.
### For docker noobs
First, docker is easy. Like really.<br>
Docker is easy. Really.<br>
Second, there are two main uses.
There are two main uses.
* A developer who daily works on apps and docker eases everything about it,
from setting up enviroment, to testing and deployment.
* A hosting approach, where you are not that concerned with detials of what
and how works in the container that is prepared for you by developers,
you just want it running
* For developers who daily work on apps and docker eases everything about it,
from setting up environment, to testing and deployment.
* A hosting approach, where you mostly care about getting containers, that are
prepared for you by developers, up and running.
This whole repo is obviously about the second use. So be careful that you wont
This repo is about the second use. So be careful that you wont
spend time on resources used to educate developers. Sure, if you get through
that you will know docker better, but theres always the danger that after sinking
4 hours learning, one still cant get plain nginx web server up and working
and loses motivation.<br>
And my personal preference in learning is getting something up as fast as possible
and then tinker with it and try to understand how it works.
that you will know docker better, but theres the danger that after sinking
4 hours reading and watching videos you still cant get a plain nginx web server
up and running and loses motivation.<br>
So when googling for guides, look for **docker compose**
rather than just **docker** tutorials and notice if they are talking some core
fundamentals or deployment.
rather than just **docker** tutorials.
[Beginners speedrun to selfhosting something in docker](beginners-speedrun-selfhosting/)
* [Good stuff](https://adamtheautomator.com/docker-compose-tutorial/)
* [This](https://youtu.be/DM65_JyGxCo) one is pretty good. That entire channel
has good stuff.

183
audiobookshelf/readme.md Normal file
View File

@ -0,0 +1,183 @@
# Audiobookshelf
###### guide-by-example
![logo](https://i.imgur.com/gSyMEvD.png)
# Purpose & Overview
WORK IN PROGRESS<br>
WORK IN PROGRESS<br>
WORK IN PROGRESS<br>
Selfhosted audiobook library.
* [Official site](https://www.audiobookshelf.org/)
* [Github](https://github.com/advplyr/audiobookshelf)
Jellyfin if a free media system, an alternative to proprietary Plex.<br>
The core server side is written in C#, web client in Javascript,
and a number of other clients written in various languages and frameworks.
Starting point for me was [this viggy96 repo](https://github.com/viggy96/container_config)
# Files and directory structure
```
/mnt/
└── bigdisk/
├── tv/
├── movies/
└── music/
/home/
└── ~/
└── docker/
└── jellyfin/
├── jellyfin-cache/
├── jellyfin-config/
├── transcodes/
├── .env
└── docker-compose.yml
```
* `/mnt/bigdisk/...` - a mounted media storage share
* `jellyfin-cache/` - cache
* `jellyfin-config/` - configuration
* `transcodes/` - transcoded video storage
* `.env` - a file containing environment variables for docker compose
* `docker-compose.yml` - a docker compose file, telling docker how to run the containers
You only need to provide the two files.</br>
The directories are created by docker compose on the first run.
# docker-compose
The media are mounted in read only mode.
`docker-compose.yml`
```yml
services:
jellyfin:
image: jellyfin/jellyfin:latest
container_name: jellyfin
hostname: jellyfin
restart: unless-stopped
env_file: .env
devices:
- /dev/dri
volumes:
- ./transcodes/:/transcodes
- ./jellyfin-config:/config
- ./jellyfin-cache:/cache
- /mnt/bigdisk/serialy:/media/video:ro
- /mnt/bigdisk/mp3/moje:/media/music:ro
ports:
- "8096:8096"
- "1900:1900/udp"
networks:
default:
name: $DOCKER_MY_NETWORK
external: true
```
`.env`
```bash
# GENERAL
DOCKER_MY_NETWORK=caddy_net
TZ=Europe/Bratislava
```
**All containers must be on the same network**.</br>
Which is named in the `.env` file.</br>
If one does not exist yet: `docker network create caddy_net`
# Reverse proxy
Caddy is used, details
[here](https://github.com/DoTheEvo/selfhosted-apps-docker/tree/master/caddy_v2).</br>
`Caddyfile`
```
jellyfin.{$MY_DOMAIN} {
reverse_proxy jellyfin:8096
}
```
# First run
![interface-pic](https://i.imgur.com/pZMi6bb.png)
# Specifics of my setup
* no long term use yet
* amd cpu and no gpu, so no experience with hw transcoding
* media files are stored and shared on trunas scale VM
and mounted directly on the docker host using [systemd mounts](https://forum.manjaro.org/t/root-tip-systemd-mount-unit-samples/1191),
instead of fstab or autofs.
`/etc/systemd/system/mnt-bigdisk.mount`
```ini
[Unit]
Description=12TB truenas mount
[Mount]
What=//10.0.19.19/Dataset-01
Where=/mnt/bigdisk
Type=cifs
Options=ro,username=ja,password=qq,file_mode=0700,dir_mode=0700,uid=1000
DirectoryMode=0700
[Install]
WantedBy=multi-user.target
```
`/etc/systemd/system/mnt-bigdisk.automount`
```ini
[Unit]
Description=12TB truenas mount
[Automount]
Where=/mnt/bigdisk
[Install]
WantedBy=multi-user.target
```
to automount on boot - `sudo systemctl enable mnt-bigdisk.automount`
# Troubleshooting
![error-pic](https://i.imgur.com/KQhmZTQ.png)
*We're unable to connect to the selected server right now. Please ensure it is running and try again.*
If you encounter this, try opening the url in browsers private window.<br>
If it works then clear the cookies in your browser.
# Update
Manual image update:
- `docker-compose pull`</br>
- `docker-compose up -d`</br>
- `docker image prune`
# Backup and restore
#### Backup
Using [borg](https://github.com/DoTheEvo/selfhosted-apps-docker/tree/master/borg_backup)
that makes daily snapshot of the entire directory.
#### Restore
* down the bookstack containers `docker-compose down`</br>
* delete the entire bookstack directory</br>
* from the backup copy back the bookstack directory</br>
* start the containers `docker-compose up -d`

2
beginners-speedrun-selfhosting/readme.md
View File

@ -65,7 +65,7 @@ You know little and want to start somewhere, FAST!
![docker_logo](https://i.imgur.com/6SS5lFj.png)
Docker - a thing that makes hosting super easy, people prepared *recipies*,
**Docker** - a thing that makes hosting super easy, people prepared *recipies*,
you copy paste them, maybe edit a bit, run them
* **install docker-compose** - `sudo pacman -S docker-compose`

2
jellyfin/readme.md
View File

@ -74,8 +74,8 @@ services:
- /mnt/bigdisk/serialy:/media/video:ro
- /mnt/bigdisk/mp3/moje:/media/music:ro
ports:
- "1900:1900/udp"
- "8096:8096"
- "1900:1900/udp"
networks:
default:

4
kopia_backup/readme.md
View File

@ -206,8 +206,8 @@ WantedBy=multi-user.target
# Kopia in Windows
While GUI version seems like a way to go.. well its not there yet.
The schedule it uses is running only under a user, theres no certainty it will run.
While GUI version seems like a way to go.. its not there yet.
The way the schedule is running - it uses is running only under a user, theres no certainty it will run.
So here goes cli version

5
vaultwarden/readme.md
View File

@ -68,9 +68,10 @@ services:
env_file: .env
volumes:
- ./vaultwarden_data/:/data/
ports:
- "3012:3012"
expose:
- 80:80
- 3012:3012
- "80"
networks:
default:

6
zammad/readme.md
View File

@ -250,3 +250,9 @@ so in nginx check /opt/zammad and its content with `ls -al`,
if its owned by zammad user.
if its root use `chown -R zammad:zammad /opt/zammad`
and down and up the stack.
-------
# Links
* [Zammad Helpdesk creating duplicate users when using SAML auth](https://www.reddit.com/r/selfhosted/comments/13esjnx/zammad_helpdesk_creating_duplicate_users_when/)