As this is a new community hoping to continue the old. I thought I would take the opportunity to make some requests.

I have an intel NUC as a server with

  • sonarr
  • radarr
  • prowlarr
  • transmission with vpn
  • jellyfin
  • daap
  • home assistant
  • organizr

Wish list

  • some kind of dns resolution so I can access jellyfin.server.local
  • vpn to access server remotely with dynamic dns
  • some help with ansible so I can stop using my docker compose file manually.

I have done some reading and in all honesty just haven’t had the drive to try for fear of breaking something that’s working ok.

    1. Buy a domain name
    2. Set up a free cloudflare account
    3. Set up portainer to manage your docker-compose files (they call them stacks)
    4. Set up cloudflare dyndns service to regularly update your WAN ip for your domain name
    5. Set up cloudflare zero trust for authentication
    6. Set up Nginx proxy manager to route traffic to your NUC by IP and port

    Should take you less than a day to get all of that working

    • That was an awesome and concise list.

      Never though to use Portianer In That regard, feel a bit stupid now.

      I have tried noi X proxy manager but could only get 404 or single service working at a time.

      • Here are the containers I use

        Portainer

        This is run directly on the host machine… not through portainer itself. This is the only container I run directly through docker. Full guide from portainer

        docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest
        

        Make sure to update the volume to be where you want to store the data (especially if you’re using a mounted NAS/DAS

        Cloudflare DDNS

        version: '2'
        services:
          cloudflare-ddns:
            image: oznu/cloudflare-ddns:latest
            restart: always
            container_name: cloudflare-root
            environment:
              - API_KEY={redacted}
              - ZONE=name.tld
              - PROXIED=true # I proxy everything through cloud flare so my home IP isn't exposed
              # This sets IP address for the root name.tld
          cloudflare-ddns-abs:
            image: oznu/cloudflare-ddns:latest
            restart: always
            container_name: cloudflare-xyz
            environment:
              - API_KEY={redacted}
              - ZONE=name.tld
              - PROXIED=true
              - SUBDOMAIN=xyz 
              # This container doesn't handle multiple subdomains, nor wildcards...
              # So I have to run a different container for each service that's on its own subdomain. PITA
        

        Cloudflare zero trust

        1. Here’s the guide from Cloudflare. It’s all managed in their dashboard
        2. I just have a one service exposed to the WAN that needs auth.
        3. Create an application
        4. For the access policy, I just use OTP with a long session duration since I’m the only user

        nginx proxy manager

        Management and setup in the app is fairly straightforward, but depends on your local setup.

        Here’s part of the stack I use:

        version: "3"
        services:
          app:
            image: 'jc21/nginx-proxy-manager:latest'
            restart: unless-stopped
            ports:
              - '80:80'      # Public HTTP Port
              - '443:443' # Public HTTPS Port
              - '81:81'       # Admin Web Port