As this is a new community hoping to continue the old. I thought I would take the opportunity to make some requests.

I have an intel NUC as a server with

  • sonarr
  • radarr
  • prowlarr
  • transmission with vpn
  • jellyfin
  • daap
  • home assistant
  • organizr

Wish list

  • some kind of dns resolution so I can access jellyfin.server.local
  • vpn to access server remotely with dynamic dns
  • some help with ansible so I can stop using my docker compose file manually.

I have done some reading and in all honesty just haven’t had the drive to try for fear of breaking something that’s working ok.

  • Here are the containers I use

    Portainer

    This is run directly on the host machine… not through portainer itself. This is the only container I run directly through docker. Full guide from portainer

    docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest
    

    Make sure to update the volume to be where you want to store the data (especially if you’re using a mounted NAS/DAS

    Cloudflare DDNS

    version: '2'
    services:
      cloudflare-ddns:
        image: oznu/cloudflare-ddns:latest
        restart: always
        container_name: cloudflare-root
        environment:
          - API_KEY={redacted}
          - ZONE=name.tld
          - PROXIED=true # I proxy everything through cloud flare so my home IP isn't exposed
          # This sets IP address for the root name.tld
      cloudflare-ddns-abs:
        image: oznu/cloudflare-ddns:latest
        restart: always
        container_name: cloudflare-xyz
        environment:
          - API_KEY={redacted}
          - ZONE=name.tld
          - PROXIED=true
          - SUBDOMAIN=xyz 
          # This container doesn't handle multiple subdomains, nor wildcards...
          # So I have to run a different container for each service that's on its own subdomain. PITA
    

    Cloudflare zero trust

    1. Here’s the guide from Cloudflare. It’s all managed in their dashboard
    2. I just have a one service exposed to the WAN that needs auth.
    3. Create an application
    4. For the access policy, I just use OTP with a long session duration since I’m the only user

    nginx proxy manager

    Management and setup in the app is fairly straightforward, but depends on your local setup.

    Here’s part of the stack I use:

    version: "3"
    services:
      app:
        image: 'jc21/nginx-proxy-manager:latest'
        restart: unless-stopped
        ports:
          - '80:80'      # Public HTTP Port
          - '443:443' # Public HTTPS Port
          - '81:81'       # Admin Web Port