├── storage ├── homelab.png ├── 1_proxmox-repos.jpeg ├── 2_proxmox-iommu.jpeg ├── part1_thumbnail.webp ├── 3_proxmox-wipe-disk.jpeg ├── 4_proxmox-mirror-nvme.jpeg └── README.md ├── apps ├── images │ ├── airvpn.png │ ├── 00_proxmox.png │ ├── 22_frigate-nvr.png │ ├── 02_file-browser.png │ ├── 31_omada-is-slow.png │ ├── 01_glance-dashboard.png │ ├── 18_nextcloud-cloud.png │ ├── 26_cloudflare-ddns.png │ ├── 09_plex-media-server.png │ ├── 27_grafana-dashboards.png │ ├── 28_teslamate-grafana.png │ ├── 06_cockpit-server-tool.png │ ├── 07_octoprint-3d-printing.png │ ├── 08_jellyfin-media-server.png │ ├── 10_tautulli-plex-stats.png │ ├── 19_immich-photo-backup.png │ ├── 20_docmost-personal-wiki.png │ ├── 21_home-assistant-smart.png │ ├── 24_pi-hole-dns-sinkhole.png │ ├── 25_nginx-proxy-manager.png │ ├── 12_radarr-movie-management.png │ ├── 13_sonarr-shows-management.png │ ├── 14_lidarr-music-management.png │ ├── 15_prowlarr-index-manager.png │ ├── 16_qbittorrent-peer-client.png │ ├── 29_influxdb2-data-explorer.png │ ├── 30_proetheus-query-execute.png │ ├── 04_hoarder-bookmark-manager.png │ ├── 05_portainer-docker-manager.png │ ├── 11_overseerr-media-requests.png │ ├── 17_nzbget-newsletter-client.png │ ├── 23_zigbee2mqtt-smart-devices.png │ └── 03_vaultwarden-password-manager.png └── README.md ├── proxy ├── images │ ├── twingate-alias.jpeg │ ├── local-ip-wildcard.png │ ├── twingate-techhut.jpg │ ├── technotim-security-guide.jpg │ ├── odama-port-forwarding-443.jpeg │ └── disable-proxy-media-streaming.png ├── compose.yaml └── README.md ├── media ├── images │ └── qbittorrent_tun0.jpeg ├── .env ├── plex │ ├── README.md │ └── compose.yaml ├── jellyfin │ ├── compose.yaml │ └── README.md ├── compose.yaml └── README.md ├── monitoring ├── unraid │ ├── unraid-data-preview.png │ ├── telegraf.conf │ └── README.md ├── grafana │ └── datasource.yml ├── prometheus │ └── prometheus.yml ├── telegraf │ └── telegraf.conf ├── proxmox │ └── README.md ├── compose.yaml └── README.md ├── automations ├── Dockerfile ├── compose.yml └── README.md ├── surveillance ├── compose.yaml ├── README.md └── frigate │ └── config.yml ├── cloud ├── README.md └── compose.yaml ├── timezones.properties ├── old_hardware.md ├── homeassistant ├── dashboard │ └── README.md ├── localtuya │ └── README.md ├── zigbee │ └── README.md └── README.md ├── README.md └── glance.yml /storage/homelab.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/storage/homelab.png -------------------------------------------------------------------------------- /apps/images/airvpn.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/airvpn.png -------------------------------------------------------------------------------- /apps/images/00_proxmox.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/00_proxmox.png -------------------------------------------------------------------------------- /apps/images/22_frigate-nvr.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/22_frigate-nvr.png -------------------------------------------------------------------------------- /storage/1_proxmox-repos.jpeg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/storage/1_proxmox-repos.jpeg -------------------------------------------------------------------------------- /storage/2_proxmox-iommu.jpeg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/storage/2_proxmox-iommu.jpeg -------------------------------------------------------------------------------- /storage/part1_thumbnail.webp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/storage/part1_thumbnail.webp -------------------------------------------------------------------------------- /apps/images/02_file-browser.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/02_file-browser.png -------------------------------------------------------------------------------- /apps/images/31_omada-is-slow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/31_omada-is-slow.png -------------------------------------------------------------------------------- /proxy/images/twingate-alias.jpeg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/proxy/images/twingate-alias.jpeg -------------------------------------------------------------------------------- /storage/3_proxmox-wipe-disk.jpeg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/storage/3_proxmox-wipe-disk.jpeg -------------------------------------------------------------------------------- /apps/images/01_glance-dashboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/01_glance-dashboard.png -------------------------------------------------------------------------------- /apps/images/18_nextcloud-cloud.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/18_nextcloud-cloud.png -------------------------------------------------------------------------------- /apps/images/26_cloudflare-ddns.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/26_cloudflare-ddns.png -------------------------------------------------------------------------------- /media/images/qbittorrent_tun0.jpeg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/media/images/qbittorrent_tun0.jpeg -------------------------------------------------------------------------------- /proxy/images/local-ip-wildcard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/proxy/images/local-ip-wildcard.png -------------------------------------------------------------------------------- /proxy/images/twingate-techhut.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/proxy/images/twingate-techhut.jpg -------------------------------------------------------------------------------- /storage/4_proxmox-mirror-nvme.jpeg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/storage/4_proxmox-mirror-nvme.jpeg -------------------------------------------------------------------------------- /apps/images/09_plex-media-server.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/09_plex-media-server.png -------------------------------------------------------------------------------- /apps/images/27_grafana-dashboards.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/27_grafana-dashboards.png -------------------------------------------------------------------------------- /apps/images/28_teslamate-grafana.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/28_teslamate-grafana.png -------------------------------------------------------------------------------- /apps/images/06_cockpit-server-tool.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/06_cockpit-server-tool.png -------------------------------------------------------------------------------- /apps/images/07_octoprint-3d-printing.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/07_octoprint-3d-printing.png -------------------------------------------------------------------------------- /apps/images/08_jellyfin-media-server.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/08_jellyfin-media-server.png -------------------------------------------------------------------------------- /apps/images/10_tautulli-plex-stats.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/10_tautulli-plex-stats.png -------------------------------------------------------------------------------- /apps/images/19_immich-photo-backup.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/19_immich-photo-backup.png -------------------------------------------------------------------------------- /apps/images/20_docmost-personal-wiki.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/20_docmost-personal-wiki.png -------------------------------------------------------------------------------- /apps/images/21_home-assistant-smart.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/21_home-assistant-smart.png -------------------------------------------------------------------------------- /apps/images/24_pi-hole-dns-sinkhole.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/24_pi-hole-dns-sinkhole.png -------------------------------------------------------------------------------- /apps/images/25_nginx-proxy-manager.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/25_nginx-proxy-manager.png -------------------------------------------------------------------------------- /apps/images/12_radarr-movie-management.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/12_radarr-movie-management.png -------------------------------------------------------------------------------- /apps/images/13_sonarr-shows-management.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/13_sonarr-shows-management.png -------------------------------------------------------------------------------- /apps/images/14_lidarr-music-management.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/14_lidarr-music-management.png -------------------------------------------------------------------------------- /apps/images/15_prowlarr-index-manager.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/15_prowlarr-index-manager.png -------------------------------------------------------------------------------- /apps/images/16_qbittorrent-peer-client.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/16_qbittorrent-peer-client.png -------------------------------------------------------------------------------- /apps/images/29_influxdb2-data-explorer.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/29_influxdb2-data-explorer.png -------------------------------------------------------------------------------- /apps/images/30_proetheus-query-execute.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/30_proetheus-query-execute.png -------------------------------------------------------------------------------- /monitoring/unraid/unraid-data-preview.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/monitoring/unraid/unraid-data-preview.png -------------------------------------------------------------------------------- /proxy/images/technotim-security-guide.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/proxy/images/technotim-security-guide.jpg -------------------------------------------------------------------------------- /apps/images/04_hoarder-bookmark-manager.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/04_hoarder-bookmark-manager.png -------------------------------------------------------------------------------- /apps/images/05_portainer-docker-manager.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/05_portainer-docker-manager.png -------------------------------------------------------------------------------- /apps/images/11_overseerr-media-requests.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/11_overseerr-media-requests.png -------------------------------------------------------------------------------- /apps/images/17_nzbget-newsletter-client.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/17_nzbget-newsletter-client.png -------------------------------------------------------------------------------- /apps/images/23_zigbee2mqtt-smart-devices.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/23_zigbee2mqtt-smart-devices.png -------------------------------------------------------------------------------- /proxy/images/odama-port-forwarding-443.jpeg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/proxy/images/odama-port-forwarding-443.jpeg -------------------------------------------------------------------------------- /apps/images/03_vaultwarden-password-manager.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/apps/images/03_vaultwarden-password-manager.png -------------------------------------------------------------------------------- /proxy/images/disable-proxy-media-streaming.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/TechHutTV/homelab/HEAD/proxy/images/disable-proxy-media-streaming.png -------------------------------------------------------------------------------- /monitoring/grafana/datasource.yml: -------------------------------------------------------------------------------- 1 | apiVersion: 1 2 | 3 | datasources: 4 | - name: Prometheus 5 | type: prometheus 6 | url: http://prometheus:9090 7 | isDefault: true 8 | access: proxy 9 | editable: true 10 | -------------------------------------------------------------------------------- /automations/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM docker.n8n.io/n8nio/n8n 2 | 3 | USER root 4 | 5 | RUN apk add --no-cache \ 6 | ffmpeg \ 7 | python3 \ 8 | py3-pip \ 9 | curl \ 10 | && pip3 install --break-system-packages yt-dlp 11 | 12 | USER node 13 | -------------------------------------------------------------------------------- /monitoring/prometheus/prometheus.yml: -------------------------------------------------------------------------------- 1 | global: 2 | scrape_interval: 15s 3 | scrape_timeout: 10s 4 | evaluation_interval: 15s 5 | alerting: 6 | alertmanagers: 7 | - static_configs: 8 | - targets: [] 9 | scheme: http 10 | timeout: 10s 11 | api_version: v2 12 | scrape_configs: 13 | - job_name: prometheus 14 | honor_timestamps: true 15 | scrape_interval: 15s 16 | scrape_timeout: 10s 17 | metrics_path: /metrics 18 | scheme: http 19 | static_configs: 20 | - targets: 21 | - localhost:9090 22 | - job_name: node_exporter 23 | static_configs: 24 | - targets: 25 | # - dockerlab:9100 26 | # - Nextcloud:9100 27 | # - unRAID:9100 28 | -------------------------------------------------------------------------------- /monitoring/telegraf/telegraf.conf: -------------------------------------------------------------------------------- 1 | [[inputs.docker]] 2 | endpoint = "unix:///var/run/docker.sock" 3 | container_names = [] 4 | timeout = "5s" 5 | perdevice = false 6 | perdevice_include = ["cpu", "blkio", "network"] 7 | total = true 8 | total_include = ["cpu", "blkio", "network"] 9 | 10 | # System monitoring input currently unused 11 | #[[inputs.exec]] 12 | #[[inputs.cpu]] 13 | #[[inputs.disk]] 14 | #[[inputs.diskio]] 15 | #[[inputs.kernel]] 16 | #[[inputs.mem]] 17 | #[[inputs.netstat]] 18 | #[[inputs.swap]] 19 | #[[inputs.system]] 20 | 21 | [[outputs.influxdb_v2]] 22 | urls = ["http://influxdb:8086"] 23 | token = "yourtoken" 24 | organization = "yourorg" 25 | bucket = "localbucket" 26 | -------------------------------------------------------------------------------- /media/.env: -------------------------------------------------------------------------------- 1 | # General UID/GIU and Timezone 2 | TZ=America/Los_Angeles 3 | PUID=1000 4 | PGID=1000 5 | 6 | # Input your VPN provider and type here 7 | VPN_SERVICE_PROVIDER=airvpn 8 | VPN_TYPE=wireguard 9 | 10 | # Mandatory, airvpn forwarded port 11 | FIREWALL_VPN_INPUT_PORTS=port 12 | 13 | # Copy all these varibles from your generated configuration file 14 | WIREGUARD_PUBLIC_KEY=key 15 | WIREGUARD_PRIVATE_KEY=key 16 | WIREGUARD_PRESHARED_KEY=key 17 | WIREGUARD_ADDRESSES=ip 18 | 19 | # Optional location varbiles, comma seperated list,no spaces after commas, make sure it matches the config you created 20 | SERVER_COUNTRIES=country 21 | SERVER_CITIES=city 22 | 23 | # Heath check duration 24 | HEALTH_VPN_DURATION_INITIAL=120s 25 | -------------------------------------------------------------------------------- /media/plex/README.md: -------------------------------------------------------------------------------- 1 | Work in progress. Dedicated Plex Stuff 2 | 3 | ## Permissions 4 | ``` 5 | sudo systemctl stop plexmediaserver 6 | ``` 7 | Stop the Plex service. `sudo systemctl plexmediaserver stop` Edit the Plex service configuration to reflext your user. `sudo systemctl edit plexmediaserver` Now add the user and group to your main user. You can run the `id` command if you're unsure. 8 | ``` 9 | [Service] 10 | User=user 11 | Group=group 12 | ``` 13 | ``` 14 | sudo systemctl daemon-reload 15 | ``` 16 | ``` 17 | sudo nano /etc/default/plexmediaserver 18 | ``` 19 | ``` 20 | PLEX_MEDIA_SERVER_USER 21 | ``` 22 | ``` 23 | sudo chown -R user:group /var/lib/plexmediaserver 24 | ``` 25 | ``` 26 | sudo systemctl start plexmediaserver 27 | ``` 28 | Source: [dausruddin.com](https://dausruddin.com/how-to-change-plex-user-running-under-in-ubuntu/) 29 | -------------------------------------------------------------------------------- /media/plex/compose.yaml: -------------------------------------------------------------------------------- 1 | # Currently untested as written 2 | services: 3 | plex: 4 | image: lscr.io/linuxserver/plex:latest 5 | container_name: plex 6 | network_mode: host 7 | environment: 8 | - PUID=1000 9 | - PGID=1000 10 | - TZ=America/Los_Angeles 11 | - VERSION=docker 12 | - PLEX_CLAIM= #optional 13 | ports: 14 | - 32400:32400 15 | devices: 16 | - /dev/dri:/dev/dri # QuickSync 17 | volumes: 18 | - ./plex:/config 19 | - /data:/data 20 | restart: unless-stopped 21 | 22 | overseerr: 23 | image: lscr.io/linuxserver/overseerr:latest 24 | container_name: overseerr 25 | environment: 26 | - PUID=1000 27 | - PGID=1000 28 | - TZ=America/Los_Angeles 29 | volumes: 30 | - ./overseer/config:/config 31 | - /data:/data 32 | ports: 33 | - 5055:5055 34 | restart: unless-stopped 35 | 36 | tautulli: 37 | image: lscr.io/linuxserver/tautulli:latest 38 | container_name: tautulli 39 | environment: 40 | - PUID=1000 41 | - PGID=1000 42 | - TZ=America/Los_Angeles 43 | volumes: 44 | - ./tautulli:/config 45 | ports: 46 | - 8181:8181 47 | restart: unless-stopped 48 | -------------------------------------------------------------------------------- /surveillance/compose.yaml: -------------------------------------------------------------------------------- 1 | # compose from main documents. to be edited 2 | version: "3.9" 3 | services: 4 | frigate: 5 | container_name: frigate 6 | privileged: true # this may not be necessary for all setups 7 | restart: unless-stopped 8 | image: ghcr.io/blakeblackshear/frigate:stable 9 | shm_size: "64mb" # update for your cameras based on calculation above 10 | devices: 11 | - /dev/bus/usb:/dev/bus/usb # Passes the USB Coral, needs to be modified for other versions 12 | - /dev/apex_0:/dev/apex_0 # Passes a PCIe Coral, follow driver instructions here https://coral.ai/docs/m2/get-started/#2a-on-linux 13 | - /dev/video11:/dev/video11 # For Raspberry Pi 4B 14 | - /dev/dri/renderD128:/dev/dri/renderD128 # For intel hwaccel, needs to be updated for your hardware 15 | volumes: 16 | - /etc/localtime:/etc/localtime:ro 17 | - /path/to/your/config:/config 18 | - /path/to/your/storage:/media/frigate 19 | - type: tmpfs # Optional: 1GB of memory, reduces SSD/SD Card wear 20 | target: /tmp/cache 21 | tmpfs: 22 | size: 1000000000 23 | ports: 24 | - "5000:5000" 25 | - "8554:8554" # RTSP feeds 26 | - "8555:8555/tcp" # WebRTC over tcp 27 | - "8555:8555/udp" # WebRTC over udp 28 | environment: 29 | FRIGATE_RTSP_PASSWORD: "PASSWORD" 30 | -------------------------------------------------------------------------------- /cloud/README.md: -------------------------------------------------------------------------------- 1 | Work in progress. 2 | 3 | # Self-Host the Cloud! 4 | Ditching services like Google Workspace, Dropbox, iCloud, Microsoft 365, Amazon Photos, and other cloud service provides is critical... 5 | 6 | ## Nextcloud 7 | Work in progress. 8 | 9 | ### NGINX Proxy Manager 10 | Under details set the scheme to http, your local IP for the server, and the port 11000 then enable Block Common Exploits and Websocket Support under details. Under SSL enable Force SSL and HTTP/2 support. Under advanced add the following lines. 11 | ``` 12 | client_body_buffer_size 512k; 13 | proxy_read_timeout 86400s; 14 | client_max_body_size 0; 15 | ``` 16 | 17 | ### Use a Network Share for Data Directory 18 | [source](https://github.com/nextcloud/all-in-one?tab=readme-ov-file#can-i-use-a-cifssmb-share-as-nextclouds-datadir) 19 | ``` 20 | sudo nano /etc/fstab 21 | //10.0.0.100/nextcloud /nextcloud cifs rw,mfsymlinks,seal,username=user,password=password,uid=33,gid=0,file_mode=0770,dir_mode=0770 0 0 22 | ``` 23 | ### Add Files to Data Directory Manually 24 | Nextcloud steps to add files manually to data directory. 25 | #### Fix permissions 26 | ``` 27 | chown -R www-data:www-data ./directory 28 | ``` 29 | #### Scan for new files 30 | ``` 31 | sudo docker exec --user www-data -it nextcloud-aio-nextcloud php occ files:scan --all 32 | ``` 33 | ### Find lost AIO Passphrase 34 | ``` 35 | docker exec nextcloud-aio-mastercontainer grep password /mnt/docker-aio-config/data/configuration.json 36 | ``` 37 | 38 | ## Immich 39 | Work in progress. 40 | -------------------------------------------------------------------------------- /monitoring/proxmox/README.md: -------------------------------------------------------------------------------- 1 | ## Proxmox Community Helper Scripts 2 | 3 | ### Setup InfluxDB2 4 | 5 | influxdb 6 | ```bash 7 | bash -c "$(wget -qLO - https://github.com/community-scripts/ProxmoxVE/raw/main/ct/influxdb.sh)" 8 | ``` 9 | Make sure you select version 2 of InfluxDB when installing. You can add Telegraf if you want, but I don't find this nessesary as I will be using the Proxmox Metric server to send data on all the containers. 10 | 11 | Now, navigate to http://IP:8086/ to begin the setup process. For the initial bucket I just named it default as I will make seperate buckets for various services. Grab your API token and save it somewhere safe. 12 | 13 | From here click on advanced and we're going to create a new bucket for proxmox. I'm calling this bucket proxmox and keeping the data for 90 days. 14 | 15 | ### Metric Server on Proxmox 16 | 17 | Getting this setup is easy, Head over the your instance of Proxmox VE and under Database scroll to the bottom until you reach Metric Server. Click on Add and then InfluxDB. From here input your server IP, switch it to HTTP or HTTPS if you setup a proxy, and all the appropreate information including the API token we saved earlier. 18 | 19 | ### Visualize with Grafana 20 | 21 | grafana 22 | ```bash 23 | bash -c "$(wget -qLO - https://github.com/community-scripts/ProxmoxVE/raw/main/ct/grafana.sh)" 24 | ``` 25 | Navigate to http://IP:3000/ and login with username admin and password admin. Then set your new password. 26 | 27 | Within Grafana head to Connections> Add new connection > and add InfluxDB with your creditentials. Also, be sure to change the laungage from InfluxQL to Flux. When you click save and test you should get the message "datasource is working. 4 buckets found". 28 | 29 | Dashbaord I'm using: 15356 30 | -------------------------------------------------------------------------------- /monitoring/unraid/telegraf.conf: -------------------------------------------------------------------------------- 1 | # This is a fork of https://github.com/skaterpunk/UUD 2 | # Working best with the golift/telegraf docker container 3 | 4 | [global_tags] 5 | [agent] 6 | interval = "10s" 7 | round_interval = true 8 | metric_batch_size = 1000 9 | metric_buffer_limit = 10000 10 | collection_jitter = "0s" 11 | flush_interval = "10s" 12 | flush_jitter = "0s" 13 | precision = "" 14 | debug = false 15 | quiet = false 16 | hostname = "" 17 | omit_hostname = false 18 | 19 | [[inputs.docker]] 20 | # To use TCP, set endpoint = "tcp://[ip]:[port]" 21 | endpoint = "unix:///var/run/docker.sock" 22 | container_name_include = [] 23 | container_name_exclude = [] 24 | timeout = "5s" 25 | 26 | [[inputs.cpu]] 27 | percpu = true 28 | totalcpu = true 29 | collect_cpu_time = false 30 | report_active = false 31 | [[inputs.disk]] 32 | mount_points = [] 33 | ignore_fs = ["tmpfs", "devtmpfs", "devfs"] 34 | [[inputs.diskio]] 35 | device_tags = ["ID_SERIAL", "ID_FS_TYPE", "ID_FS_USAGE"] 36 | [[inputs.diskio]] 37 | [[inputs.kernel]] 38 | [[inputs.mem]] 39 | [[inputs.processes]] 40 | [[inputs.swap]] 41 | [[inputs.system]] 42 | # Only use this section if you have a UPS connected to your unraid server 43 | # [[inputs.apcupsd]] 44 | [[inputs.nstat]] 45 | # Plugin "inputs.net" is deprecated and will be removed in 1.36.0 46 | [[inputs.net]] 47 | interfaces = ["eth1"] 48 | [[inputs.netstat]] 49 | [[inputs.sensors]] 50 | [[inputs.smart]] 51 | attributes = true 52 | # For nivida devices add '--runtime=nvidia' added as an Extra Argument 53 | #[[inputs.nvidia_smi]] 54 | # bin_path = "/usr/bin/nvidia-smi" 55 | # timeout = "15s" 56 | 57 | 58 | [[outputs.influxdb_v2]] 59 | urls = ["http://ip:8086"] 60 | token = "yourtoken" 61 | organization = "yourorg" 62 | bucket = "unraidbucket" 63 | -------------------------------------------------------------------------------- /timezones.properties: -------------------------------------------------------------------------------- 1 | # This file is currently for reference purposes only. 2 | # Copied from Confluence source code timezones.properties file. 3 | GMT, \ 4 | Pacific/Apia, \ 5 | HST, \ 6 | AST, \ 7 | America/Los_Angeles, \ 8 | America/Phoenix, \ 9 | America/Mazatlan, \ 10 | America/Denver, \ 11 | America/Belize, \ 12 | America/Chicago, \ 13 | America/Mexico_City, \ 14 | America/Regina, \ 15 | America/Bogota, \ 16 | America/New_York, \ 17 | America/Indianapolis, \ 18 | America/Halifax, \ 19 | America/Caracas, \ 20 | America/Santiago, \ 21 | America/St_Johns, \ 22 | America/Sao_Paulo, \ 23 | America/Buenos_Aires, \ 24 | America/Godthab, \ 25 | Atlantic/South_Georgia, \ 26 | Atlantic/Azores, \ 27 | Atlantic/Cape_Verde, \ 28 | Africa/Casablanca, \ 29 | Europe/Dublin, \ 30 | Europe/Berlin, \ 31 | Europe/Belgrade, \ 32 | Europe/Paris, \ 33 | Europe/Warsaw, \ 34 | ECT, \ 35 | Europe/Athens, \ 36 | Europe/Minsk, \ 37 | Europe/Bucharest, \ 38 | Africa/Cairo, \ 39 | Africa/Harare, \ 40 | Europe/Helsinki, \ 41 | Asia/Jerusalem, \ 42 | Asia/Baghdad, \ 43 | Asia/Kuwait, \ 44 | Europe/Moscow, \ 45 | Africa/Nairobi, \ 46 | Asia/Tehran, \ 47 | Asia/Muscat, \ 48 | Asia/Baku, \ 49 | Asia/Kabul, \ 50 | Asia/Yekaterinburg, \ 51 | Asia/Karachi, \ 52 | Asia/Calcutta, \ 53 | Asia/Katmandu, \ 54 | Asia/Almaty, \ 55 | Asia/Dhaka, \ 56 | Asia/Colombo, \ 57 | Asia/Rangoon, \ 58 | Asia/Bangkok, \ 59 | Asia/Krasnoyarsk, \ 60 | Asia/Hong_Kong, \ 61 | Asia/Irkutsk, \ 62 | Asia/Kuala_Lumpur, \ 63 | Australia/Perth, \ 64 | Asia/Taipei, \ 65 | Asia/Tokyo, \ 66 | Asia/Seoul, \ 67 | Asia/Yakutsk, \ 68 | Australia/Adelaide, \ 69 | Australia/Darwin, \ 70 | Australia/Brisbane, \ 71 | Australia/Sydney, \ 72 | Pacific/Guam, \ 73 | Australia/Hobart, \ 74 | Asia/Vladivostok, \ 75 | Pacific/Noumea, \ 76 | Pacific/Auckland, \ 77 | Pacific/Fiji, \ 78 | Pacific/Tongatapu 79 | -------------------------------------------------------------------------------- /monitoring/compose.yaml: -------------------------------------------------------------------------------- 1 | services: 2 | prometheus: 3 | image: prom/prometheus 4 | container_name: prometheus 5 | command: 6 | - '--config.file=/etc/prometheus/prometheus.yml' 7 | ports: 8 | - 9090:9090 9 | restart: unless-stopped 10 | extra_hosts: 11 | - "dockerlab:host-gateway" 12 | volumes: 13 | - ./prometheus:/etc/prometheus 14 | - prom_data:/prometheus 15 | grafana: 16 | image: grafana/grafana 17 | container_name: grafana 18 | ports: 19 | - 3000:3000 20 | restart: unless-stopped 21 | volumes: 22 | - ./grafana:/etc/grafana/provisioning/datasources 23 | - grafana_data:/var/lib/grafana 24 | influxdb: 25 | image: influxdb:2.7.6-alpine 26 | container_name: influxdb2 27 | ports: 28 | - 8086:8086 29 | extra_hosts: 30 | - "dockerlab:host-gateway" 31 | volumes: 32 | - influxdb2_data:/var/lib/influxdb2 33 | - ./influxdb2/config:/etc/influxdb2 34 | - ./influxdb2/scripts:/docker-entrypoint-initdb.d 35 | telegraf: 36 | image: telegraf:latest 37 | pid: "host" 38 | container_name: telegraf 39 | user: telegraf:XXX # make sure to run 'getent group docker' on the host for appropriate group number for docker. 40 | restart: always 41 | entrypoint: /bin/bash -c "/entrypoint.sh telegraf" 42 | extra_hosts: 43 | - "dockerlab:host-gateway" 44 | volumes: 45 | - /var/run/docker.sock:/var/run/docker.sock 46 | - ./telegraf/telegraf.conf:/etc/telegraf/telegraf.conf:ro 47 | - /:/hostfs:ro 48 | environment: 49 | - HOST_ETC=/hostfs/etc 50 | - HOST_PROC=/hostfs/proc 51 | - HOST_SYS=/hostfs/sys 52 | - HOST_VAR=/hostfs/var 53 | - HOST_RUN=/hostfs/run 54 | - HOST_MOUNT_PREFIX=/hostfs 55 | volumes: 56 | prom_data: 57 | grafana_data: 58 | influxdb2_data: 59 | -------------------------------------------------------------------------------- /proxy/compose.yaml: -------------------------------------------------------------------------------- 1 | services: 2 | proxy: 3 | image: 'jc21/nginx-proxy-manager:latest' 4 | container_name: nginx-proxy-manager 5 | restart: unless-stopped 6 | network_mode: host 7 | volumes: 8 | - data:/data 9 | - letsencrypt:/etc/letsencrypt 10 | healthcheck: 11 | test: ["CMD", "/usr/bin/check-health"] 12 | interval: 10s 13 | timeout: 3s 14 | 15 | ddns: 16 | image: favonia/cloudflare-ddns:latest 17 | container_name: cloudflare-ddns 18 | # network_mode: host # This bypasses network isolation and makes IPv6 easier (optional; see below) 19 | restart: unless-stopped 20 | user: "1000:1000" # Run the updater with specific user and group IDs (in that order). 21 | read_only: true # Make the container filesystem read-only (optional but recommended) 22 | cap_drop: [all] # Drop all Linux capabilities (optional but recommended) 23 | security_opt: [no-new-privileges:true] # Another protection to restrict superuser privileges (optional but recommended) 24 | environment: 25 | - CLOUDFLARE_API_TOKEN=KEY 26 | - DOMAINS=example.com,jellyfin.example.com 27 | - PROXIED=true 28 | - IP6_PROVIDER=none 29 | 30 | netbird: 31 | container_name: netbird 32 | hostname: proxy-stack 33 | cap_add: 34 | - NET_ADMIN 35 | - SYS_ADMIN 36 | - SYS_RESOURCE 37 | network_mode: host 38 | environment: 39 | - NB_SETUP_KEY=key 40 | volumes: 41 | - netbird-client:/var/lib/netbird 42 | image: netbirdio/netbird:latest 43 | 44 | # For testing the proxy 45 | helloworld: 46 | image: 'karthequian/helloworld:latest' 47 | container_name: helloworld 48 | restart: unless-stopped 49 | ports: 50 | - 8888:80/tcp 51 | 52 | volumes: 53 | data: 54 | letsencrypt: 55 | netbird-client: 56 | name: netbird-client 57 | -------------------------------------------------------------------------------- /media/jellyfin/compose.yaml: -------------------------------------------------------------------------------- 1 | services: 2 | jellyfin: 3 | image: lscr.io/linuxserver/jellyfin:latest 4 | container_name: jellyfin 5 | environment: 6 | - PUID=1000 7 | - PGID=1000 8 | - TZ=America/Los_Angeles 9 | - JELLYFIN_PublishedServerUrl=http://10.0.0.101 #optional 10 | volumes: 11 | - ./config:/config 12 | - /data:/data 13 | devices: 14 | - /dev/dri:/dev/dri #Use for Intel QuickSync 15 | ports: 16 | - 8096:8096 17 | - 7359:7359/udp #Service Discovery 18 | - 1900:1900/udp #Client Discovery 19 | restart: unless-stopped 20 | # Remove the Jellyfin service if installed directly on system. 21 | 22 | jellyseerr: 23 | container_name: jellyseerr 24 | image: fallenbagel/jellyseerr:latest 25 | environment: 26 | - PUID=1000 27 | - PGID=1000 28 | - TZ=America/Los_Angeles 29 | volumes: 30 | - ./jellyseerr:/app/config 31 | ports: 32 | - 5055:5055 33 | restart: unless-stopped 34 | 35 | jellystat-db: 36 | image: postgres:15.2 37 | container_name: jellystat-db 38 | restart: unless-stopped 39 | environment: 40 | POSTGRES_USER: postgres 41 | POSTGRES_PASSWORD: mypassword 42 | volumes: 43 | - ./jellystat/postgres:/var/lib/postgresql/data 44 | 45 | jellystat: 46 | image: cyfershepard/jellystat:latest 47 | container_name: jellystat 48 | restart: unless-stopped 49 | environment: 50 | POSTGRES_USER: postgres 51 | POSTGRES_PASSWORD: mypassword 52 | POSTGRES_IP: jellystat-db 53 | POSTGRES_PORT: 5432 54 | JWT_SECRET: "my-secret-jwt-key" 55 | TZ: America/Los_Angeles 56 | volumes: 57 | - ./jellystat/backup-data:/app/backend/backup-data 58 | ports: 59 | - "3000:3000" 60 | depends_on: 61 | - jellystat-db 62 | 63 | # Want more!? https://github.com/awesome-jellyfin/awesome-jellyfin 64 | -------------------------------------------------------------------------------- /old_hardware.md: -------------------------------------------------------------------------------- 1 | ## Old Setup 2 | 3 | ![counter top lab](https://github.com/TechHutTV/homelab/blob/main/storage/homelab.png) 4 | 5 | ### Servers and NAS 6 | #### ZimaCube Pro (Proxmox) 7 | This machine is running our Proxmox Server. Handling our media storage, arr services, proxy, home assistant, monitoring, and many others. 8 | * 12th Gen Intel Core i5 1235U 9 | * [32GB SODIMM DDR5](https://amzn.to/3Um77VB) 10 | * 256GB NVMe SSD (Boot Drive) 11 | * x3 [T-Create 1TB 2280 NVMe](https://amzn.to/4dGvwMx) (Flash Pool raidz1) 12 | * x6 [Western Digital 4TB WD Red Plus](https://amzn.to/4gCpv6d) (Vault Pool raidz1) 13 | 14 | #### UGREEN DXP6800 Pro (Proxmox) 15 | This machine is running Proxmox. Due to a free PCIe slot this has an additional Coral TPU and I'm currently testing it with Blue Iris. Running Immich for personal photo backups and MeTube to pull YouTube videos for use in media projects. This machines handles the network shares that connect to our Nextcloud instance. 16 | * 12th Gen Intel Core i5 1235U 17 | * [16GB SODIMM DDR5](https://amzn.to/3YqeZ9A) 18 | * [DataTraveler 3.0 32GB USB](https://amzn.to/4fovZUR) (Boot Drive) 19 | * x1 [Seagate IronWolf 16TB NAS HDD](https://amzn.to/4eNPXYv) (Parity Drive) 20 | * x5 [Seagate IronWolf 4TB NAS HDD](https://amzn.to/3Y6eyT7) (Raid5 Pool) 21 | * x2 [T-Create 1TB 2280 NVMe](https://amzn.to/4dGvwMx) (Cache) 22 | 23 | #### Intel NUC (Ubuntu) 24 | This NUC has a base install of Ubuntu 24.04 with docker. This machine is dedicated to business services including Odoo and Nextcloud. 25 | * 13th Gen Intel i7-1360P 26 | * [32GB SODIMM DDR5](https://amzn.to/3Um77VB) 27 | * [Intel 670p Series M.2 2280 512GB](https://amzn.to/40fOiHn) (Boot Drive) 28 | 29 | ### Networking 30 | #### Omada Short Stack 31 | * [TP-Link Omada Hardware Controller](https://amzn.to/48vW6H1) 32 | * [TP-Link Omada Multi-Gigabit VPN Router](https://amzn.to/4hmvgoD) 33 | * [TP-Link Jetstream 8 Port Gigabit Smart Managed PoE Switch](https://amzn.to/4hxKqI2) 34 | 35 | #### Other 36 | * [TP-Link EAP610 Ultra-Slim Wireless Access Point](https://amzn.to/4e2clNc) 37 | * [TP-Link EAP653 Wireless Access Point](https://amzn.to/48pY8IT) 38 | * [TP-Link TL-SG2016P 16 Port Gigabit Smart Managed PoE Switch](https://amzn.to/3BYq5uV) 39 | -------------------------------------------------------------------------------- /cloud/compose.yaml: -------------------------------------------------------------------------------- 1 | services: 2 | 3 | # Remove the nginx-proxy-manager service if running elsewhere 4 | nginx-proxy-manager: 5 | image: 'docker.io/jc21/nginx-proxy-manager:latest' 6 | restart: unless-stopped 7 | container_name: nginx-proxy-manager 8 | network_mode: host 9 | environment: # Uncomment this if IPv6 is not enabled on your host 10 | - DISABLE_IPV6=true # Uncomment this if IPv6 is not enabled on your host 11 | volumes: 12 | - ./npm/data:/data 13 | - ./npm/letsencrypt:/etc/letsencrypt 14 | 15 | nextcloud-aio-mastercontainer: 16 | image: ghcr.io/nextcloud-releases/all-in-one:latest 17 | init: true 18 | restart: always 19 | container_name: nextcloud-aio-mastercontainer # This line is not allowed to be changed. 20 | network_mode: bridge 21 | volumes: 22 | - nextcloud_aio_mastercontainer:/mnt/docker-aio-config # This line is not allowed to be changed. 23 | - /var/run/docker.sock:/var/run/docker.sock:ro 24 | ports: 25 | - 8080:8080 26 | environment: 27 | AIO_COMMUNITY_CONTAINERS: "local-ai memories" # Community containers https://github.com/nextcloud/all-in-one/tree/main/community-containers 28 | APACHE_PORT: 11000 # Use this port in Nginx Proxy Manager 29 | # NC_TRUSTED_PROXIES: 172.18.0.3 # this is the NPM proxy ip address in the docker network ! 30 | FULLTEXTSEARCH_JAVA_OPTIONS: "-Xms1024M -Xmx1024M" 31 | NEXTCLOUD_DATADIR: /nextcloud/ncdata # ⚠️ Warning: do not set or adjust this value after the initial Nextcloud installation is done! 32 | # NEXTCLOUD_MOUNT: /mnt/ # Allows the Nextcloud container to access the chosen directory on the host. 33 | NEXTCLOUD_UPLOAD_LIMIT: 1028G 34 | NEXTCLOUD_MAX_TIME: 7200 35 | NEXTCLOUD_MEMORY_LIMIT: 1028M 36 | NEXTCLOUD_ENABLE_DRI_DEVICE: true # Intel QuickSync 37 | SKIP_DOMAIN_VALIDATION: false # This should only be set to true if things are correctly configured. 38 | TALK_PORT: 3478 # This allows to adjust the port that the talk container is using which is exposed on the host. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-talk-port 39 | 40 | volumes: 41 | nextcloud_aio_mastercontainer: 42 | name: nextcloud_aio_mastercontainer # This line is not allowed to be changed. 43 | -------------------------------------------------------------------------------- /automations/compose.yml: -------------------------------------------------------------------------------- 1 | services: 2 | n8n: 3 | build: 4 | context: . 5 | dockerfile: Dockerfile 6 | image: n8n-custom 7 | container_name: n8n 8 | restart: always 9 | ports: 10 | - "5678:5678" 11 | environment: 12 | - N8N_HOST=10.173.10.176 13 | - N8N_PORT=5678 14 | - N8N_PROTOCOL=http 15 | - WEBHOOK_URL=https://n8n.hopki.net/ 16 | - GENERIC_TIMEZONE=America/Los_Angeles 17 | - N8N_FORMDATA_FILE_SIZE_MAX=50000 18 | - N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS=true 19 | volumes: 20 | - ./n8n_data:/home/node/.n8n 21 | - ./local-files:/files 22 | depends_on: 23 | ollama-init: 24 | condition: service_completed_successfully 25 | networks: 26 | - n8n-network 27 | 28 | ollama: 29 | image: ollama/ollama:latest 30 | container_name: ollama 31 | restart: always 32 | ports: 33 | - "11434:11434" 34 | volumes: 35 | - ./ollama_data:/root/.ollama 36 | environment: 37 | - OLLAMA_HOST=0.0.0.0 38 | deploy: 39 | resources: 40 | reservations: 41 | devices: 42 | - driver: nvidia 43 | count: all 44 | capabilities: [gpu] 45 | networks: 46 | - n8n-network 47 | healthcheck: 48 | test: ["CMD-SHELL", "ollama --version || exit 0"] 49 | interval: 10s 50 | timeout: 10s 51 | retries: 5 52 | start_period: 20s 53 | 54 | ollama-init: 55 | image: ollama/ollama:latest 56 | container_name: ollama-init 57 | volumes: 58 | - ./ollama_data:/root/.ollama 59 | entrypoint: ["/bin/sh", "-c"] 60 | command: 61 | - | 62 | echo "Waiting for Ollama to be ready..." 63 | sleep 15 64 | export OLLAMA_HOST=http://ollama:11434 65 | echo "Pulling models..." 66 | ollama pull qwen3-vl:8b 67 | ollama pull qwen3-coder:latest 68 | ollama pull gpt-oss:lates 69 | echo "All models ready!" 70 | depends_on: 71 | ollama: 72 | condition: service_healthy 73 | networks: 74 | - n8n-network 75 | openai-whisper-asr-webservice: 76 | container_name: whisper 77 | restart: always 78 | deploy: 79 | resources: 80 | reservations: 81 | devices: 82 | - driver: nvidia 83 | count: all 84 | capabilities: 85 | - gpu 86 | ports: 87 | - 9000:9000 88 | environment: 89 | - ASR_MODEL=large 90 | - ASR_ENGINE=openai_whisper 91 | image: onerahmet/openai-whisper-asr-webservice:latest-gpu 92 | networks: 93 | - n8n-network 94 | 95 | networks: 96 | n8n-network: 97 | driver: bridge 98 | -------------------------------------------------------------------------------- /surveillance/README.md: -------------------------------------------------------------------------------- 1 | # Frigate NVR in Proxmox with Coral TPU 2 | 3 | This is something I am still trying to learn on figure out. My configuration is far from perfect as many of the features I want are not working or set up yet. 4 | 5 | ## To-Do 6 | * Stream audio from cameras in live view 7 | * Enable two-way audio for supported cameras 8 | * Configure zones for event capture 9 | 10 | ``` 11 | apt-get install linux-headers-`uname -r` 12 | ``` 13 | [debuild on proxmox](https://forum.proxmox.com/threads/facing-issues-installing-the-build-dependencies-for-building-the-pve-kernel-current-head-of-master-branch.132669/) 14 | 15 | 16 | ## LXC Setup 17 | Install docker as priv [https://community-scripts.github.io/ProxmoxVE/scripts?id=docker](https://community-scripts.github.io/ProxmoxVE/scripts?id=docker) 18 | 19 | ``` 20 | # USB passthrough 21 | lxc.cgroup2.devices.allow: a 22 | lxc.cap.drop: 23 | lxc.cgroup2.devices.allow: c 188:* rwm 24 | lxc.cgroup2.devices.allow: c 189:* rwm 25 | lxc.mount.entry: /dev/serial/by-id dev/serial/by-id none bind,optional,create=dir 26 | lxc.mount.entry: /dev/ttyUSB0 dev/ttyUSB0 none bind,optional,create=file 27 | lxc.mount.entry: /dev/ttyUSB1 dev/ttyUSB1 none bind,optional,create=file 28 | lxc.mount.entry: /dev/ttyACM0 dev/ttyACM0 none bind,optional,create=file 29 | lxc.mount.entry: /dev/ttyACM1 dev/ttyACM1 none bind,optional,create=file 30 | # Coral M.2 TPU 31 | features: nesting=1 32 | lxc.mount.entry: /dev/apex_0 dev/apex_0 none bind,optional,create=file 33 | # VAAPI hardware transcoding 34 | lxc.cgroup2.devices.allow: c 226:0 rwm 35 | lxc.cgroup2.devices.allow: c 226:128 rwm 36 | lxc.cgroup2.devices.allow: c 29:0 rwm 37 | lxc.mount.entry: /dev/fb0 dev/fb0 none bind,optional,create=file 38 | lxc.mount.entry: /dev/dri dev/dri none bind,optional,create=dir 39 | lxc.mount.entry: /dev/dri/renderD128 dev/dri/renderD128 none bind,optional,create=file 40 | ``` 41 | 42 | ## Install Coral AI PCIe Accelerator Drivers 43 | https://coral.ai/docs/m2/get-started/#2a-on-linux 44 | reboot 45 | 46 | Check for devices 47 | 48 | ``` 49 | lspci -nn | grep 089a 50 | ``` 51 | 52 | Two Coral TPU’s Found 53 | 54 | Check for Apex devices 55 | 56 | ``` 57 | ls /dev/apex_* 58 | ``` 59 | 60 | --- 61 | 62 | ## Install MQTT (Mosquitto) 63 | I don't currently run my MQTT server on the same LXC as Frigate, but you can install it on the same machine with no issues. 64 | 65 | ``` 66 | sudo apt install mosquitto mosquitto-clients 67 | 68 | sudo systemctl is-enabled mosquitto 69 | 70 | sudo systemctl status mosquitto 71 | ``` 72 | 73 | 74 | Edit the MQTT config file. 75 | 76 | nano /etc/mosquitto/mosquitto.conf 77 | 78 | Add these two lines 79 | 80 | ``` 81 | allow_anonymous true 82 | listener 1883 83 | ``` 84 | https://dgpu-docs.intel.com/driver/installation.html 85 | systemctl restart mosquitto 86 | 87 | Needs updated: [https://docs.vultr.com/install-mosquitto-mqtt-broker-on-ubuntu-20-04-server](https://docs.vultr.com/install-mosquitto-mqtt-broker-on-ubuntu-20-04-server) 88 | 89 | ## Stream audio from cameras in live view 90 | Add ffmpeg codec under the go2rtc entry for the camera. 91 | ``` 92 | go2rtc: 93 | streams: 94 | kitchen: 95 | - rtsp://admin:password@10.0.0.103/Preview_01_main 96 | - "ffmpeg:living_room#audio=opus" 97 | ``` 98 | ``` 99 | Kitchen: 100 | ffmpeg: 101 | inputs: 102 | - path: rtsp://localhost:8554/kitchen 103 | input_args: preset-rtsp-restream 104 | roles: 105 | - record 106 | - path: rtsp://localhost:8554/kitchen_sub 107 | input_args: preset-rtsp-restream 108 | roles: 109 | - detect 110 | ... 111 | live: 112 | stream_name: kitchen 113 | ``` 114 | -------------------------------------------------------------------------------- /homeassistant/dashboard/README.md: -------------------------------------------------------------------------------- 1 | ## Navigation 2 | * [Home Assistant](https://github.com/TechHutTV/homelab/tree/main/homeassistant) 3 | - [__Dashboard__](https://github.com/TechHutTV/homelab/tree/main/homeassistant/dashboard) 4 | - [LocalTuya](https://github.com/TechHutTV/homelab/tree/main/homeassistant/localtuya) 5 | - [Zigbee](https://github.com/TechHutTV/homelab/tree/main/homeassistant/zigbee) 6 | 7 | Custom card compents used; [bubble card](https://github.com/Clooos/Bubble-Card), [mini graph card](https://github.com/kalkih/mini-graph-card). 8 | 9 | ## Pi-Hole 10 | 11 | If you need to setup your Pi-Hole Integration check out [the docs](https://www.home-assistant.io/integrations/pi_hole/). 12 | 13 | ### Bubble Card with Disable Ads Timer 14 | This is my config using the [bubble card](https://github.com/Clooos/Bubble-Card). 15 | ``` 16 | type: custom:bubble-card 17 | card_type: button 18 | entity: switch.pi_hole 19 | button_type: state 20 | sub_button: 21 | - entity: switch.pi_hole 22 | tap_action: 23 | action: call-service 24 | service: pi_hole.disable 25 | service_data: 26 | entity_id: switch.pi_hole 27 | duration: "00:05:00" 28 | target: 29 | entity_id: switch.pi_hole 30 | name: 5m 31 | show_name: true 32 | icon: mdi:block-helper 33 | - entity: switch.pi_hole 34 | tap_action: 35 | action: call-service 36 | service: pi_hole.disable 37 | service_data: 38 | entity_id: switch.pi_hole 39 | duration: "00:30:00" 40 | target: 41 | entity_id: switch.pi_hole 42 | name: 30m 43 | show_name: true 44 | icon: mdi:block-helper 45 | - entity: switch.pi_hole 46 | tap_action: 47 | action: call-service 48 | service: pi_hole.disable 49 | service_data: 50 | entity_id: switch.pi_hole 51 | duration: "00:01:00" 52 | target: 53 | entity_id: switch.pi_hole 54 | name: 60m 55 | show_name: true 56 | icon: mdi:block-helper 57 | card_layout: large 58 | scrolling_effect: false 59 | force_icon: false 60 | show_name: false 61 | show_state: true 62 | show_last_changed: true 63 | tap_action: 64 | action: more-info 65 | service: "" 66 | target: 67 | entity_id: switch.pi_hole 68 | styles: |2 69 | .is-on .bubble-button-card-container { 70 | background-color: #0000; 71 | border-radius: 10px; 72 | } 73 | .bubble-icon-container { 74 | opacity: 1 !important; 75 | background-color: ${state === 'on' ? 'green' : 'darkred'} !important; 76 | } 77 | .bubble-sub-button-1 { 78 | background: 00000; 79 | } 80 | .bubble-sub-button-2 { 81 | background: 00000; 82 | } 83 | .bubble-sub-button-3 { 84 | background: 00000; 85 | } 86 | .bubble-sub-button-4 { 87 | background: 00000; 88 | } 89 | button_action: 90 | tap_action: 91 | action: toggle 92 | 93 | ``` 94 | ### Mini Graph Card for Metrics 95 | This uses the [mini graph card](https://github.com/kalkih/mini-graph-card). 96 | ``` 97 | type: horizontal-stack 98 | cards: 99 | - type: custom:mini-graph-card 100 | name: Queries 101 | entities: 102 | - sensor.pi_hole_dns_queries_today 103 | hours_to_show: 3 104 | points_per_hour: 10 105 | update_interval: 10 106 | aggregate_func: max 107 | line_width: 8 108 | line_color: blue 109 | font_size: 70 110 | - type: custom:mini-graph-card 111 | name: Blocked 112 | entities: 113 | - sensor.pi_hole_ads_blocked_today 114 | hours_to_show: 3 115 | points_per_hour: 10 116 | update_interval: 10 117 | aggregate_func: max 118 | line_width: 8 119 | line_color: red 120 | font_size: 70 121 | - type: custom:mini-graph-card 122 | name: Difference 123 | entities: 124 | - sensor.pi_hole_ads_percentage_blocked_today 125 | hours_to_show: 3 126 | points_per_hour: 10 127 | update_interval: 10 128 | aggregate_func: max 129 | line_color: orange 130 | line_width: 8 131 | font_size: 70 132 | 133 | ``` 134 | -------------------------------------------------------------------------------- /monitoring/unraid/README.md: -------------------------------------------------------------------------------- 1 | # Monitoring Unraid with Telegraf 2 | 3 | ## Add your configuration 4 | Before we add our Telegraf container, we need to add our configuration. In this example, we are placing it in the default directory for Docker configurations on Unraid. Change anything here to better fit your setup. When working with my appdata directory in Unraid, I generally use the [Dynamix File Manager](https://forums.unraid.net/topic/120982-dynamix-file-manager/), It's an awesome tool that makes navigating shares in the Unraid UI easy. 5 | 6 | First, download the [telegraf.conf](https://github.com/TechHutTV/homelab/blob/main/monitoring/unraid/telegraf.conf) file located in this repository and make any changes you'd like. Most everything in my configuration should work as-is with Unraid, but you will need to edit the output plugin information to properly send data to your InfluxDB 2 bucket. _Note: Use a new bucket specifically for this Unraid instance._ 7 | 8 | ``` 9 | [[outputs.influxdb_v2]] 10 | urls = ["http://ip:8086"] 11 | token = "yourtoken" 12 | organization = "yourorg" 13 | bucket = "unraidbucket" 14 | ``` 15 | 16 | In your appdata directory on Unraid make a new folder called telegraf. Within your telegraf folder, upload the edited telegraf.conf file. The file path will look like this if you are following the default Unriad setup. ```/mnt/user/appdata/telegraf/telegraf.conf ``` 17 | 18 | 19 | ## Setting up the conatiner 20 | 21 | Use the official Telegraf container from the Applications page. We will be using the [golift/telegraf](https://hub.docker.com/golift/telegraf) in place of the office image as it includes some packages needed for full monitoring of the hardware. 22 | ### Change the following: 23 | 24 | Repository: ```golift/telegraf``` 25 | 26 | Registry URL: ```https://hub.docker.com/golift/telegraf``` 27 | 28 | This container provides a telegraf docker image with added tools for monitoring disks, sensors, and IPMI. This exists because the base Telegraf Docker image makes it *very* difficult to monitor some system metrics. Applications added: smartctl (smartmontools), ipmitool, nvme-cli, sensors (lm-sensors), mtr (mtr-tiny), sudo. Sudoers entries are added for smartctl, ipmitool, and nvme. 29 | 30 | ### Add the following: 31 | 32 | Extra Parameters: ```/bin/bash -c "/entrypoint.sh telegraf"``` 33 | 34 | Extra Argument: ```--user telegraf:$(stat -c '%g' /var/run/docker.sock)``` 35 | 36 | ### Start and verify 37 | 38 | Other than these adjustments, everything can be left as is included in the template. Check over everything and click Apply. Go to your Docker page in Unraid and check to see if the container is running. Check the log files to ensure there are no issues and that all the plugins are properly active. 39 | 40 | If there are no issues, we check to see if the data is being properly exported to InfluxDB 2. Head over to your dashboard and open the bucket you created for Unraid. It should look like the picture below. Go through the data and make sure nothing is missing. In my installation, I have 7 tags for Docker data under the _messurements ID and another tag for every plugin I have enabled. 41 | 42 | ![Unraid data preview in InfluxDB 2](https://github.com/TechHutTV/homelab/blob/main/monitoring/unraid/unraid-data-preview.png?raw=true) 43 | 44 | ## Nivida Support 45 | 46 | I have not been able to test this, but feel free to. The plugin for this is commented out in telegraf.conf. If you want to use a NVidia card, you must first [install the drivers](https://forums.unraid.net/topic/98978-plugin-nvidia-driver/) thanks to [@ich777](https://forums.unraid.net/profile/72388-ich777/). 47 | 48 | ``` 49 | [[inputs.nvidia_smi]] 50 | bin_path = "/usr/bin/nvidia-smi" 51 | timeout = "15s" 52 | ``` 53 | To get this working, an extra argument is needed in the Docker template for Telegraf on Unraid. 54 | 55 | Extra Argument: ```--runtime=nvidia``` 56 | 57 | Create a custom user script that should be executed during startup with the following content: 58 | 59 | ``` 60 | #!/bin/bash 61 | nvidia-persistenced 62 | ``` 63 | 64 | ## To-Do 65 | - [x] Create a working configuration. 66 | - [ ] Create a custom Unraid template for golift/telegraf. 67 | - [ ] Test inputs.apcupsd and add steps. 68 | - [ ] Test and verify inputs.nvidia_smi steps. 69 | - [ ] Add steps on enabling SSL for better security. 70 | - [ ] Add steps for connecting this data to Grafana. 71 | - [ ] Add tested and recommended Unraid dashboards. 72 | 73 | I'm more than open to any suggestions and improvements! 74 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # My Homelab Setup 2 | Homelab stacks, templates, and more fun resources! This is a *work in progress*. I still have a ton to update and add. 3 | 4 | ## Navigation 5 | * [Apps](https://github.com/TechHutTV/homelab/tree/main/apps) - List of all the apps and services. 6 | * [Automations](https://github.com/TechHutTV/homelab/tree/main/automations) - Making my life easier. 7 | * [Home Assistant](https://github.com/TechHutTV/homelab/tree/main/homeassistant) - Smart home services and automation. 8 | * [Media Server](https://github.com/TechHutTV/homelab/tree/main/media) - Plex, Jellyfin, *arr stack, and more. 9 | * [Server Monitoring](https://github.com/TechHutTV/homelab/tree/main/monitoring) - Graphs and Visualizations for Unraid, Proxmox, and more. 10 | * [Surveillance System](https://github.com/TechHutTV/homelab/tree/main/surveillance) - Frigate NVR Solution with Coral TPU. 11 | * [Storage](https://github.com/TechHutTV/homelab/tree/main/storage) - Current Storage and Backup Solution. 12 | * [Proxy Managment](https://github.com/TechHutTV/homelab/tree/main/proxy) - NGINX Proxy Manager, DDNS with Cloudflare, Local Domains, and more. 13 | 14 | ## Hardware 15 | wip 16 | 17 | ### Compute 18 | #### OpnNAS SL-R12 Pro (Unriad) 19 | The model I have is a early release press model. I'm not quite sure when they will be ready for sale, but you can learn more [here](https://opnnas.com/#hls). This machine is running Unraid and acts as my main media server. Also includes a Ubuntu VM running NextCloud. 20 | * [13th Gen Intel® Core™ i5-13500T](https://amzn.to/4qblt9y) 21 | * [Crucial Pro 96GB DDR5 RAM](https://amzn.to/3Jbh2uD) 22 | * [x5 Seagate Exos 20TB](https://amzn.to/4nPhn5d) 23 | * [x7 Seagate IronWolf 4TB](https://amzn.to/3W1IFt5) 24 | 25 | #### Miniforum AI X1 Pro (Proxmox) 26 | This acts as my Proxmox Node. Running a varity of services including; graphana, npm, n8n, and another other non-media related instances. 27 | [get it here](https://amzn.to/4n0xTOR) 28 | * AMD Ryzen AI 9 HX 370 29 | * 96GB SODIMM DDR5 30 | * [x2 Western Digital SN580 1TB](https://amzn.to/4hdfHzY) (Mirrored Boot Drives) 31 | 32 | 33 | ### Networking 34 | Now, Ubiquiti sent all this over to me. There is no way I'd be able to afford all this stuff on my own dime, so note that. This setup is crazy overpowered for what I need. 35 | 36 | #### UDM Pro Max 37 | #### USW Pro Max 24 PoE 38 | #### USW Pro XG 10 PoE 39 | #### x2 U7 Pro XG 40 | #### USW Lite 16 PoE 41 | 42 | Other Unifi Devices 43 | * 2 x 8TB-HDDs 44 | * 1 x U-Rack-6U-TL 45 | * 1 x UACC-Cable-Patch-EL-0.15M-W-24 46 | * 5 x UACC-Cable-Patch-EL-3M-W 47 | * 2 x UACC-Cable-Patch-EL-15M-W 48 | 49 | ### Security 50 | Currently have two different systems as I was fully on Reolink for sometime, but since Ubiquiti sent over some equipment to try we currently have a mix. 51 | 52 | [https://www.youtube.com/watch?v=2RiiKi4vjJc](https://www.youtube.com/watch?v=2RiiKi4vjJc) 53 | 54 | #### Reolink NVR Kit 55 | This is great if you're trying to save money and have a simple PoE plug and play solution. This does add difficulties to manage as all the streams are under a single device and kit camera NEED the NVR to function. Some kit cameras may have more features so check the specific features of the camera model in the kit. You can probably find a great deal used. Cameras are the B400s. 56 | * [REOLINK 8CH 5MP](https://amzn.to/4dulGgG) 57 | * [REOLINK 16CH 12MP](https://amzn.to/4d9YaWz) (my kit) 58 | 59 | #### Reolink PoE 60 | I've had no issues with these. Great for the Reolink ecosystem and using 3rd party services such as Frigate. 61 | * [Reolink RLC-1224A 12MP UHD PoE](https://amzn.to/4d6BuGJ) 62 | * [Reolink 4K Floodlight](https://amzn.to/4ceRKnM) 63 | 64 | 65 | #### x3 UVC-G6-Turret-W 66 | These are running hooked up to the Dream Machine Pro Max. I like it enough I will be slowly switching to Unifi stuff as I can afford it. 67 | 68 | ## Stars 69 | 70 | ![https://api.star-history.com/svg?repos=netbirdio/netbird&type=Date&theme=dark] 71 | 72 | ![Star History Chart](https://api.star-history.com/svg?repos=TechHutTV/homelab&type=date&legend=top-left) 73 | 74 | 75 | 81 | 87 | Star History Chart 91 | 92 | -------------------------------------------------------------------------------- /monitoring/README.md: -------------------------------------------------------------------------------- 1 | # Server Monitoring Stack 2 | Docker compose featuring Grafana, Prometheus, Influxdb2, and Telegraf. Tested and working with the lastest version of Docker compose. This repository is a companion to the offical guide on our website. That is currently a work in progress. This is designed to be envolving repo as I add services and figure out better way to do this. 3 | 4 | **Note:** This is not a secure way to do this. ONLY use this in closed off, private testing enviorments. Eventually, we will add steps for SSL and other security features. 5 | 6 | **System Specific Guides and Files:** [Unraid](https://github.com/TechHutTV/homelab/tree/main/monitoring/unraid) | Proxmox (wip) 7 | 8 | ## Installation 9 | This assumes you have the last version of Docker. For my installation I used the [convenience script](https://docs.docker.com/engine/install/ubuntu/#install-using-the-convenience-script) on Ubuntu 22.04. 10 | 11 | When you clone the repository make sure it’s wherever you want some configuration files and scripts for services to be stored. Generally, I just do this in my user home directory. 12 | 13 | ```git clone https://github.com/TechHutTV/server-monitoring.git``` 14 | 15 | Now we can see how the included files are laid out: 16 | 17 | ``` 18 | tree server-monitoring/ 19 | 20 | server-monitoring/ 21 | ├── compose.yaml 22 | ├── grafana 23 | │ └── datasource.yml 24 | ├── prometheus 25 | │ └── prometheus.yml 26 | └── README.md 27 | 28 | 2 directories, 4 files 29 | ``` 30 | ### compose.yaml 31 | One thing we added is an extra_hosts section under a few of the services. This will enable they have access data exporters running on the host system outside of Docker by adding an entry to the container’s ```/etc/hosts``` file. If you have DNS set up for your LAN, then this part is not necessary. You can just substitute the DNS name as needed. 32 | 33 | In the compose.yaml the I use the hostname “dockerlab” but replace this with yours throughout the guide. The important thing to note is that the data will be tagged with this name inside Prometheus as the machine name, and if you change it later, you’ll end up with multiple entries for the same machine. To check your hostname just run ```hostname``` in your terminal. 34 | ``` 35 | extra_hosts: 36 | - "dockerlab:host-gateway" 37 | ``` 38 | The configuration files are within the repository we pull. You can just launch the compose file from there or move things around to meet your preferences. 39 | 40 | ### Configuration 41 | Other than the docker compose file prometheus is the only one that needs to be configured before launching. 42 | 43 | ```nano prometheus/prometheus.yml``` 44 | 45 | Adding a job for the Node Exporter or multiple node exporters can be done here. Use either the IP of the machine or a hostname if setup on your network or within your systems hosts file. 46 | 47 | ``` 48 | - job_name: node_exporter 49 | static_configs: 50 | - targets: 51 | - dockerlab:9100 52 | - 10.0.0.216:9100 53 | - unRAID:9100 54 | ``` 55 | 56 | Telegraf cant be configured until after we launch the stack for the first time and setup Influxdb2 as we will need our organization, username, token, and bucket. My default configuration is setup only to monitor docker with some system monitoring [plugins](https://docs.influxdata.com/telegraf/v1/plugins/) commented out. I recommened you read up on their [documentation](https://docs.influxdata.com/telegraf/v1/get-started/) for plugin specific configuration. To monitor docker with the included configuration you'll only need to change the information under the outputs plugin to match your setup 57 | ``` 58 | nano telegraf/telegraf.conf 59 | ``` 60 | 61 | ``` 62 | [[outputs.influxdb_v2]] 63 | urls = ["http://influxdb:8086"] 64 | token = "yourtoken" 65 | organization = "yourorg" 66 | bucket = "localbucket" 67 | ``` 68 | ### Launch the Stack 69 | 70 | In our project director we can launch the stack using the compose up command. 71 | ``` 72 | docker compose up -d 73 | ``` 74 | If you run into any issues the logs are you best friend. Heck, check em anyway. 75 | ``` 76 | docker compose logs 77 | ``` 78 | To make configuration changes, simple save the edits you make and restart the stack. 79 | ``` 80 | docker compose restart 81 | ``` 82 | ## Installing and Starting Node Exporter 83 | 84 | The Prometheus node exporter is widely available as a package in the official repos of various Linux distros. To start we will be installing this Exporter on the same machine that we plan on running with Prometheus and Grafana. For Ubuntu and other Debian based distros, you can install it like this: 85 | 86 | ```sudo apt install prometheus-node-exporter``` 87 | 88 | While apt should start and enable the systemd service for the node exporter automatically, you can double check that like this: 89 | 90 | ```sudo systemctl status prometheus-node-exporter``` 91 | 92 | ## Recommended Dashboards 93 | 94 | The entire point of this is to have some pretty dashboards. These are the ones I found to work best with this setup. If needed I added the preferred language of the dashboards. as InfluxBD has multiple options when adding a new data connection. 95 | 96 | [Docker Monitoring](https://grafana.com/grafana/dashboards/18389-influxdb-2-x-telegraf-docker-dashboard/) (Flux) - 18389 97 | 98 | [Proxmox Monitoring](https://grafana.com/grafana/dashboards/10048-proxmox/) (InfluxQL) - 10048 99 | 100 | [Unraid System Dashboard V2](https://grafana.com/grafana/dashboards/7233-unraid-system-dashboard-v2/) (InfluxQL) - 7233 101 | 102 | [Node Exporter Full](https://grafana.com/grafana/dashboards/1860-node-exporter-full/) - 1860 103 | 104 | ## Personal Notes for later 105 | 106 | https://github.com/charlie-haley/omada_exporter 107 | 108 | #### Work in Progress 109 | Feel free to send any feedback or rise any issues. This is a new repo and I'm organizing everything and trying to get it to be as good as I can. 110 | -------------------------------------------------------------------------------- /automations/README.md: -------------------------------------------------------------------------------- 1 | ## Work in Progress 2 | I'll be working on building out this page with all my automations. Until then subscribe to the channel so you don't miss it! 3 | 4 | ## Installing n8n with PM2 on Ubuntu 5 | 6 | This guide walks through setting up n8n as a persistent background service using PM2 on Ubuntu. 7 | 8 | ### Why PM2? 9 | 10 | PM2 is a production-ready process manager for Node.js applications. Running n8n directly in a terminal means it stops when you close the session. PM2 solves this by: 11 | 12 | - Keeping n8n running in the background 13 | - Automatically restarting it if it crashes 14 | - Starting n8n on system boot 15 | - Managing environment variables cleanly 16 | - Providing monitoring and log management 17 | 18 | ### Prerequisites 19 | 20 | Install Node.js, npm, and nvm. Visit the [official download page](https://nodejs.org/en/download) for an updated command and different platforms. 21 | 22 | ``` 23 | # Download and install nvm: 24 | curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.3/install.sh | bash 25 | 26 | # in lieu of restarting the shell 27 | \. "$HOME/.nvm/nvm.sh" 28 | 29 | # Download and install Node.js: 30 | nvm install 24 31 | 32 | # Verify the Node.js version: 33 | node -v # Should print "v24.11.1". 34 | 35 | # Verify npm version: 36 | npm -v # Should print "11.6.2". 37 | 38 | ``` 39 | 40 | ### Step 1: Install or Update n8n 41 | 42 | Install n8n globally via npm: 43 | 44 | ```bash 45 | npm install -g n8n 46 | ``` 47 | 48 | To update an existing installation to the latest version: 49 | 50 | ```bash 51 | npm update -g n8n 52 | ``` 53 | 54 | Verify the installation: 55 | 56 | ```bash 57 | n8n --version 58 | ``` 59 | 60 | ### Step 2: Install PM2 61 | 62 | Install PM2 globally: 63 | 64 | ```bash 65 | npm install -g pm2 66 | ``` 67 | 68 | ### Step 3: Create the PM2 Configuration File 69 | 70 | Create a configuration file in your home directory. This file tells PM2 how to run n8n and what environment variables to use. 71 | 72 | ```bash 73 | nano ~/n8n.config.js 74 | ``` 75 | 76 | Add the following content: 77 | 78 | ```javascript 79 | module.exports = { 80 | apps: [{ 81 | name: 'n8n', 82 | script: 'n8n', 83 | env: { 84 | NODE_ENV: 'production', 85 | N8N_RELEASE_TYPE: 'stable', 86 | N8N_HOST: '0.0.0.0', 87 | N8N_PORT: '5678', 88 | WEBHOOK_URL: 'https://your-domain.com/', 89 | } 90 | }] 91 | }; 92 | ``` 93 | 94 | Save and exit (Ctrl+X, then Y, then Enter). 95 | 96 | #### Environment Variables Explained 97 | 98 | | Variable | Purpose | 99 | |----------|---------| 100 | | `NODE_ENV` | Set to `production` to remove the [DEV] tag in the browser and enable production optimizations | 101 | | `N8N_HOST` | The IP address n8n listens on. Use `0.0.0.0` to accept connections from any interface, or a specific IP to restrict access | 102 | | `N8N_PORT` | The port n8n runs on (default: 5678) | 103 | | `WEBHOOK_URL` | The public URL for webhooks. Required for triggers and external integrations to reach your instance | 104 | 105 | ### Step 4: Start n8n with PM2 106 | 107 | Launch n8n using the configuration file: 108 | 109 | ```bash 110 | pm2 start ~/n8n.config.js 111 | ``` 112 | 113 | ### Step 5: Enable Startup on Boot 114 | 115 | Generate the startup script and save the current process list: 116 | 117 | ```bash 118 | pm2 startup 119 | ``` 120 | 121 | This outputs a command you need to run with sudo—copy and execute it. Then save the process list: 122 | 123 | ```bash 124 | pm2 save 125 | ``` 126 | 127 | Now n8n will automatically start when your system boots. 128 | 129 | ### PM2 Command Reference 130 | 131 | #### Basic Process Management 132 | 133 | | Command | Description | 134 | |---------|-------------| 135 | | `pm2 start ~/n8n.config.js` | Start n8n using the config file | 136 | | `pm2 stop n8n` | Stop the n8n process | 137 | | `pm2 restart n8n` | Restart n8n | 138 | | `pm2 delete n8n` | Remove n8n from PM2's process list | 139 | 140 | #### Monitoring and Logs 141 | 142 | | Command | Description | 143 | |---------|-------------| 144 | | `pm2 list` | Show all managed processes and their status | 145 | | `pm2 monit` | Real-time monitoring dashboard (CPU, memory, logs) | 146 | | `pm2 logs n8n` | View n8n logs (Ctrl+C to exit) | 147 | | `pm2 logs n8n --lines 100` | View last 100 lines of logs | 148 | 149 | #### Configuration Changes 150 | 151 | When you modify `n8n.config.js`, apply the changes with: 152 | 153 | ```bash 154 | pm2 delete n8n 155 | pm2 start ~/n8n.config.js 156 | pm2 save 157 | ``` 158 | 159 | Alternatively, for environment variable updates only: 160 | 161 | ```bash 162 | pm2 restart n8n --update-env 163 | ``` 164 | 165 | #### Useful Diagnostics 166 | 167 | | Command | Description | 168 | |---------|-------------| 169 | | `pm2 show n8n` | Detailed information about the n8n process | 170 | | `pm2 env 0` | Show environment variables for process ID 0 | 171 | 172 | ### Where is My Data Stored? 173 | 174 | Your n8n data (workflows, credentials, settings) is stored separately from PM2 in: 175 | 176 | ``` 177 | ~/.n8n/ 178 | ``` 179 | 180 | Deleting and recreating the PM2 process does not affect your workflows or credentials. 181 | 182 | ## Updating n8n 183 | 184 | To update n8n to the latest version: 185 | 186 | ```bash 187 | pm2 stop n8n 188 | npm update -g n8n 189 | pm2 start n8n 190 | ``` 191 | 192 | Verify the new version: 193 | 194 | ```bash 195 | n8n --version 196 | ``` 197 | 198 | # n8n compose.yml (switching away from) 199 | This is running without ssl behind NetBird. Considering setting up ssl if not useing wireguard. 200 | ``` 201 | services: 202 | n8n: 203 | stdin_open: true 204 | tty: true 205 | container_name: n8n 206 | ports: 207 | - 5678:5678 208 | environment: 209 | - GENERIC_TIMEZONE=America/Los_Angeles 210 | - TZ=America/Los_Angeles 211 | - N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS=true 212 | - N8N_RUNNERS_ENABLED=true 213 | - N8N_SECURE_COOKIE=false 214 | volumes: 215 | - n8n_data:/home/node/.n8n 216 | image: docker.n8n.io/n8nio/n8n 217 | volumes: 218 | n8n_data: 219 | name: n8n_data 220 | ``` 221 | -------------------------------------------------------------------------------- /homeassistant/localtuya/README.md: -------------------------------------------------------------------------------- 1 | ## Navigation 2 | * [Home Assistant](https://github.com/TechHutTV/homelab/tree/main/homeassistant) 3 | - [Dashboard](https://github.com/TechHutTV/homelab/tree/main/homeassistant/dashboard) 4 | - [__LocalTuya__](https://github.com/TechHutTV/homelab/tree/main/homeassistant/localtuya) 5 | - [LocalTuya in Home Assistant](https://github.com/TechHutTV/homelab/tree/main/homeassistant/localtuya#localtuya-in-home-assistant) 6 | - [Install and Setup LocalTuya Fork](https://github.com/TechHutTV/homelab/tree/main/homeassistant/localtuya#install-and-setup-localtuya-fork) 7 | - [Credentials from Tuya IoT Platform](https://github.com/TechHutTV/homelab/tree/main/homeassistant/localtuya#credentials-from-tuya-iot-platform) 8 | - [Adding Tuya devices in Home Assistant](https://github.com/TechHutTV/homelab/tree/main/homeassistant/localtuya#adding-tuya-devices-in-home-assistant) 9 | - [Manual configuration tips](https://github.com/TechHutTV/homelab/tree/main/homeassistant/localtuya#manual-configuration-tips) 10 | - [XMCOSY String Lights with LocalTuya](https://github.com/TechHutTV/homelab/tree/main/homeassistant/localtuya#xmcosy-string-lights-with-localtuya) 11 | - [Finding Raw Data Values for Scenes](https://github.com/TechHutTV/homelab/tree/main/homeassistant/localtuya#finding-raw-data-values-for-scenes) 12 | - [Zigbee](https://github.com/TechHutTV/homelab/tree/main/homeassistant/zigbee) 13 | 14 | ## LocalTuya in Home Assistant 15 | When I first tired integrating XMCOSY String Lights with LocalTuya I followed a few different [guides](https://thehelpfulidiot.com/integrating-xmcosy-outdoor-string-lights-with-home-assistant-locally), but had no luck. The main issue ended up being LocalTuya itself. I found that using [this fork](https://github.com/xZetsubou/localtuya) works great and it's more up to date. This quick guide assumes you have the Tuya app setup with your devices added. Also, you'll need a [Tuya developer account](https://platform.tuya.com/) to get this setup. 16 | 17 | #### Install and Setup LocalTuya Fork 18 | 1. Open HACS and navigate to Integrations Section. 19 | 2. Open the Overflow Menu (⋮) in the top right corner and click on Custom repositories. 20 | 3. Paste ```https://github.com/xZetsubou/localtuya``` and select Integration from the category dropdown then click ADD. 21 | 4. Now the integration should be added search in for it and install it, then restart Home Assistant. 22 | 23 | #### Credentials from Tuya IoT Platform 24 | 1. Sign in and create a new project slecting Smart Home for both Industry and Development Method. Next, on the API options add 'Device Log Query' as you may need it to see important information about your devices. 25 | 2. Within the project overview page select 'Devices' and then 'Link App Account'. Use the sanner in the settings of your Tuya app to scan the QR code. Once you athenticate your devices should appear under 'All Devices'. If you see Read under 'Device Permission' you need to change this so it's listed as Controllable. 26 | 3. Now let's collect our IDs and Keys to connect LocalTuya. Under the project overview tab you will see 'Authorization Key'. You will need to save both the Client ID and Client Secret. Next go back to Devices and then 'Link App Account' and save the UID as this will go under User ID in the next step. 27 | 4. Within Home Assisant nagivate to the newly added LocalTuya integration. Click on 'Configure' and then 'Manage Cloud API account'. Paste in all the details from your Tuya project dashboard. Click submit and you should be good to go. 28 | 29 | #### Adding Tuya devices in Home Assistant 30 | 1. Click on 'Configure' again, but this time select 'Add new device' and select the device you'd like to add. Manual configuration is a pain, but if you have your devices on a different Vlan this may be required. 31 | 2. Next, you'll get a 'Configure device connectivity' option. In most cases the pre-filled options will be perfect and there will not be anything you need to change here. 32 | #### Manual configuration tips 33 | If you need to manually connect to a device an it's important to know where to find you local ids and values. These can be found within your project on the Tuya IoT Platform. For steps within the API Explorer copy the Device ID found under All Devices. 34 | * local_key: API Explorer > Query Device Details in Bulk > Input Device > See string after "local_key" 35 | * entity ids: API Explorer > Query Properties > Input Device > See number after "dp_id" 36 | * min/max values: Devices > All Devices > Debug Device > Device Debugging > Standard Instuction Set 37 | 38 | ### XMCOSY String Lights with LocalTuya 39 | 40 | #### Finding Raw Data Values for Scenes 41 | You can use the Tuya app to create custom or access pre-exisiting scenes. Open the developer portal, go to devices and click on "debug device". Open then device logs page and select the 'scene' logs from the dropdown menu on the top and click search. This should provide a overview of all scenes that were activated. 42 | 43 | ``` 44 | # XMcosy RGBCW String Lights, 24 bulbs, 64ft Acrylic Holiday Lights 45 | ASMJMgkAAABkAABkAAAAAGQAPGQAAAAAZAC7VAAAAABkAOpXAAAAAGQBCGMAAAAA: Christmas 46 | AVATMhkAAABkALxkAAAAAGQALU4AAAAAZAAAZAAAAABkAGQ8AAAAAA==: Christmas eve 47 | ASkJMk8AAABkAN1LAAAAAGQAvVMAAAAAZADYXQAAAAA: Fathers Day 48 | AQEDMjIAAABkAUVkAAAAAGQBIjkAAAAAZAEeZAAAAABkATpfAAAAAGQAAWQAAAAAZAAnWgAAAAA=: Flower harbor 49 | ASoJMgoAAABkAAFkAAAAAGQAiGQAAAAAZAC7ZAAAAAA: Football Day 50 | AScJMiQAAABkAJVbAAAAAGQAtGQAAAAAZACRYQAAAAA: Forest Day 51 | ASUKMjIAAABkAApfAAAAAGQBBmQAAAAAZADvXAAAAABkALAsAAAAAGQAfFQAAAAA: Halloween 52 | ASgKMgcAAABkAU49AAAAAGQBF1UAAAAAZAEMOwAAAAA: Mothers Day 53 | ASYUMjIAAABkADxVAAAAAGQBD2QAAAAAZADNQwAAAABkABZgAAAAAA: Thanksgiving 54 | ASQMMjIAAABkARJkAAAAAGQA71cAAAAAZAFBUwAAAABkAVJkAAAAAA: Valentines 55 | ``` 56 | 57 | Want to know more about these codes and how they work? Read the documentation here: [Tuya Cloud Development Instruction Set](https://developer.tuya.com/en/docs/iot/dj?id=K9i5ql3v98hn3#title-16-scene_select). 58 | To decode and Encode these strings, you can utilize the Base64 Encoder/Decoder available here: [Base 64 Encoder/Decoder](https://emn178.github.io/online-tools/base64_decode.html). Be sure to set your Input/Output Encoding to HEX. 59 | 60 | __Wish List__: I feel like these could be possible with python scripts if I figure out how to decode that raw scene string to something a little more human friendly. I've reached out to XMCOSY, but I'm waiting on them to get back to me. 61 | - [ ] Per-bulb control with a custom card 62 | - [ ] Ability to save current configuration as a scene directly in HA 63 | - [ ] Mode option in HA (pulse, fade, etc.) 64 | -------------------------------------------------------------------------------- /media/compose.yaml: -------------------------------------------------------------------------------- 1 | # Compose file for the *arr stack. Configuration files are stored in the 2 | # directory you launch the compose file on. Change to bind mounts if needed. 3 | # All containers are ran with user and group ids of the main user and 4 | # group to aviod permissions issues of downloaded files, please refer 5 | # the read me file for more information. 6 | 7 | ############################################################################# 8 | # NOTICE: We recently switched to using a .env file. PLEASE refer to the docs. 9 | # https://github.com/TechHutTV/homelab/tree/main/media#docker-compose-and-env 10 | ############################################################################# 11 | 12 | networks: 13 | servarrnetwork: 14 | name: servarrnetwork 15 | ipam: 16 | config: 17 | - subnet: 172.39.0.0/24 18 | 19 | services: 20 | # airvpn recommended (referral url: https://airvpn.org/?referred_by=673908) 21 | gluetun: 22 | image: qmcgaw/gluetun 23 | container_name: gluetun 24 | cap_add: 25 | - NET_ADMIN 26 | devices: 27 | - /dev/net/tun:/dev/net/tun # If running on an LXC see readme for more info. 28 | networks: 29 | servarrnetwork: 30 | ipv4_address: 172.39.0.2 31 | ports: 32 | - 8080:8080 # qbittorrent web interface 33 | - 6881:6881 # qbittorrent torrent port 34 | - 6789:6789 # nzbget 35 | - 9696:9696 # prowlarr 36 | volumes: 37 | - ./gluetun:/gluetun 38 | # Make a '.env' file in the same directory. 39 | env_file: 40 | - .env 41 | healthcheck: 42 | test: ping -c 1 www.google.com || exit 1 43 | interval: 20s 44 | timeout: 10s 45 | retries: 5 46 | restart: unless-stopped 47 | 48 | qbittorrent: 49 | image: lscr.io/linuxserver/qbittorrent:latest 50 | container_name: qbittorrent 51 | restart: unless-stopped 52 | labels: 53 | - deunhealth.restart.on.unhealthy=true 54 | environment: 55 | - PUID=${PUID} 56 | - PGID=${PGID} 57 | - TZ=${TZ} 58 | - WEBUI_PORT=8080 # must match "qbittorrent web interface" port number in gluetun's service above 59 | - TORRENTING_PORT=${FIREWALL_VPN_INPUT_PORTS} # airvpn forwarded port, pulled from .env 60 | volumes: 61 | - ./qbittorrent:/config 62 | - /data:/data 63 | depends_on: 64 | gluetun: 65 | condition: service_healthy 66 | restart: true 67 | network_mode: service:gluetun 68 | healthcheck: 69 | test: ping -c 1 www.google.com || exit 1 70 | interval: 60s 71 | retries: 3 72 | start_period: 20s 73 | timeout: 10s 74 | 75 | # See the 'qBittorrent Stalls with VPN Timeout' section for more information. 76 | deunhealth: 77 | image: qmcgaw/deunhealth 78 | container_name: deunhealth 79 | network_mode: "none" 80 | environment: 81 | - LOG_LEVEL=info 82 | - HEALTH_SERVER_ADDRESS=127.0.0.1:9999 83 | - TZ=${TZ} 84 | restart: always 85 | volumes: 86 | - /var/run/docker.sock:/var/run/docker.sock 87 | 88 | nzbget: 89 | image: lscr.io/linuxserver/nzbget:latest 90 | container_name: nzbget 91 | environment: 92 | - PUID=${PUID} 93 | - PGID=${PGID} 94 | - TZ=${TZ} 95 | volumes: 96 | - /etc/localtime:/etc/localtime:ro 97 | - ./nzbget:/config 98 | - /data:/data 99 | depends_on: 100 | gluetun: 101 | condition: service_healthy 102 | restart: true 103 | restart: unless-stopped 104 | network_mode: service:gluetun 105 | 106 | prowlarr: 107 | image: lscr.io/linuxserver/prowlarr:latest 108 | container_name: prowlarr 109 | environment: 110 | - PUID=${PUID} 111 | - PGID=${PGID} 112 | - TZ=${TZ} 113 | volumes: 114 | - /etc/localtime:/etc/localtime:ro 115 | - ./prowlarr:/config 116 | restart: unless-stopped 117 | depends_on: 118 | gluetun: 119 | condition: service_healthy 120 | restart: true 121 | network_mode: service:gluetun 122 | 123 | sonarr: 124 | image: lscr.io/linuxserver/sonarr:latest 125 | container_name: sonarr 126 | restart: unless-stopped 127 | environment: 128 | - PUID=${PUID} 129 | - PGID=${PGID} 130 | - TZ=${TZ} 131 | volumes: 132 | - /etc/localtime:/etc/localtime:ro 133 | - ./sonarr:/config 134 | - /data:/data 135 | ports: 136 | - 8989:8989 137 | networks: 138 | servarrnetwork: 139 | ipv4_address: 172.39.0.3 140 | 141 | radarr: 142 | image: lscr.io/linuxserver/radarr:latest 143 | container_name: radarr 144 | restart: unless-stopped 145 | environment: 146 | - PUID=${PUID} 147 | - PGID=${PGID} 148 | - TZ=${TZ} 149 | volumes: 150 | - /etc/localtime:/etc/localtime:ro 151 | - ./radarr:/config 152 | - /data:/data 153 | ports: 154 | - 7878:7878 155 | networks: 156 | servarrnetwork: 157 | ipv4_address: 172.39.0.4 158 | 159 | lidarr: 160 | container_name: lidarr 161 | image: lscr.io/linuxserver/lidarr:latest 162 | restart: unless-stopped 163 | volumes: 164 | - /etc/localtime:/etc/localtime:ro 165 | - ./lidarr:/config 166 | - /data:/data 167 | environment: 168 | - PUID=${PUID} 169 | - PGID=${PGID} 170 | - TZ=${TZ} 171 | ports: 172 | - 8686:8686 173 | networks: 174 | servarrnetwork: 175 | ipv4_address: 172.39.0.5 176 | 177 | bazarr: 178 | image: lscr.io/linuxserver/bazarr:latest 179 | container_name: bazarr 180 | restart: unless-stopped 181 | environment: 182 | - PUID=${PUID} 183 | - PGID=${PGID} 184 | - TZ=${TZ} 185 | volumes: 186 | - /etc/localtime:/etc/localtime:ro 187 | - ./bazarr:/config 188 | - /data:/data 189 | ports: 190 | - 6767:6767 191 | networks: 192 | servarrnetwork: 193 | ipv4_address: 172.39.0.6 194 | 195 | # Newer additions to this stack feel. Remove the '#' to add the service. 196 | # 197 | # ytdl-sub: 198 | # image: ghcr.io/jmbannon/ytdl-sub:latest 199 | # container_name: ytdl-sub 200 | # environment: 201 | # - PUID=${PUID} 202 | # - PGID=${PGID} 203 | # - TZ=${TZ} 204 | # - DOCKER_MODS=linuxserver/mods:universal-cron 205 | # volumes: 206 | # - ./ytdl-sub:/config 207 | # - /data/youtube:/youtube 208 | # networks: 209 | # servarrnetwork: 210 | # ipv4_address: 172.39.0.8 211 | # restart: unless-stopped 212 | # 213 | # jellyseerr: 214 | # container_name: jellyseerr 215 | # image: fallenbagel/jellyseerr:latest 216 | # environment: 217 | # - PUID=${PUID} 218 | # - PGID=${PGID} 219 | # - TZ=${TZ} 220 | # volumes: 221 | # - ./jellyseerr:/app/config 222 | # ports: 223 | # - 5055:5055 224 | # networks: 225 | # servarrnetwork: 226 | # ipv4_address: 172.39.0.9 227 | # restart: unless-stopped 228 | -------------------------------------------------------------------------------- /homeassistant/zigbee/README.md: -------------------------------------------------------------------------------- 1 | ## Navigation 2 | * [Home Assistant](https://github.com/TechHutTV/homelab/tree/main/homeassistant) 3 | - [Dashboard](https://github.com/TechHutTV/homelab/tree/main/homeassistant/dashboard) 4 | - [LocalTuya](https://github.com/TechHutTV/homelab/tree/main/homeassistant/localtuya) 5 | - [__Zigbee__](https://github.com/TechHutTV/homelab/tree/main/homeassistant/zigbee) 6 | - [Seperate ZigbeeMQTT from Home Assistant in Proxmox](https://github.com/TechHutTV/homelab/tree/main/homeassistant/zigbee#seperate-zigbeemqtt-from-home-assistant-in-proxmox) 7 | - [Sonoff Zigbee 3.0 USB Dongle Plus V2 model "ZBDongle-E version"](https://github.com/TechHutTV/homelab/tree/main/homeassistant/zigbee#sonoff-zigbee-30-usb-dongle-plus-v2-model-zbdongle-e-version) 8 | - [ZigbeeMQTT and Mosquitto](https://github.com/TechHutTV/homelab/tree/main/homeassistant/zigbee#zigbeemqtt-and-mosquitto) 9 | - [Mosquitto MQTT Broker](https://github.com/TechHutTV/homelab/tree/main/homeassistant/zigbee#mosquitto-mqtt-broker) 10 | - [ZigbeeMQTT Configuration](https://github.com/TechHutTV/homelab/tree/main/homeassistant/zigbee#zigbeemqtt-configuration) 11 | 12 | # Seperate ZigbeeMQTT from Home Assistant in Proxmox 13 | Within Proxmox VE I have my ZigbeeMQTT and MQTT broker servers seperated from my Home Assistant virtual machine. I found I get slightly better preformance out of my Zigbee devices doing it this way, plus it's easier to backup and feed all my Zigbee devices to a new Home Assistant server if needed. 14 | 15 | ## Sonoff Zigbee 3.0 USB Dongle Plus V2 model "ZBDongle-E version" 16 | 17 | This setup is centered around the Zigbee dongle that I purchased. I bought it due to it having decent reviews and it was on sale at the time of purchase. I have not tried anything else so I can't say if anything is better. __Due note__, it comes with outdated firmware that is not supported with current version of ZigbeeMQTT so you will need to update. Luckly, it's a fairly easy process. 18 | 19 | * [YouTube video](https://www.youtube.com/watch?v=r0ihC8Dx3NM&) on how to update the firmware. 20 | * Firmware: [https://github.com/darkxst/silabs-firmware-builder/tree/main/firmware_builds/zbdonglee](https://github.com/darkxst/silabs-firmware-builder/tree/main/firmware_builds/zbdonglee) 21 | * Flashing Website: [https://darkxst.github.io/silabs-firmware-builder/](https://darkxst.github.io/silabs-firmware-builder/) 22 | * Firmware I'm using as of writing this: [ncp-uart-hw-v7.4.5.0-zbdonglee-115200.gbl](https://github.com/darkxst/silabs-firmware-builder/blob/main/firmware_builds/zbdonglee/ncp-uart-hw-v7.4.5.0-zbdonglee-115200.gbl) 23 | 24 | Once the firmware is updated you can plug it into your machine and find the ID and port using this command. 25 | ```bash 26 | ls -l /dev/serial/by-id 27 | ``` 28 | This information will be used later in the ZigbeeMQTT configuration. You will get an output like this. 29 | ```bash 30 | lrwxrwxrwx 1 root root 13 Dec 13 20:55 usb-ITEAD_SONOFF_Zigbee_3.0_USB_Dongle_Plus_V2_20231007143933-if00 -> ../../ttyACM0 31 | ``` 32 | From there we can pull the following adapter locations 33 | * Device ID: ```/dev/serial/by-id/usb-ITEAD_SONOFF_Zigbee_3.0_USB_Dongle_Plus_V2_20231007143933-if00``` 34 | * USB Port: ```/dev/ttyACM0``` 35 | 36 | ## ZigbeeMQTT and Mosquitto 37 | 38 | For the inital set up I used a [Proxmox Community Helper Script](https://community-scripts.github.io/ProxmoxVE/scripts?id=zigbee2mqtt) to get this going. 39 | ```bash 40 | bash -c "$(wget -qLO - https://github.com/community-scripts/ProxmoxVE/raw/main/ct/zigbee2mqtt.sh)" 41 | ``` 42 | After running this command I chose the advanced setup to ensure the container is privilaged. I also set the IP address as static, but that's optional depending on your network setup. This helper script sets up a systemctl background service to automatically start ZigbeeMQTT when the system starts up. We are going to make some changes so let's ensure the serivce isn't running. Login to the console for our new LXC and run the command to stop the service. 43 | ```bash 44 | sudo systemctl stop zigbee2mqtt 45 | ``` 46 | ### Mosquitto MQTT Broker 47 | 48 | For ZigbeeMQTT to be able to communicate with Home Assistant we will set up Mosquitto, a MQTT broker. You can set this up as a [Home Assistant addon](https://github.com/home-assistant/addons/blob/master/mosquitto/DOCS.md), it's [own seperate LXC](https://community-scripts.github.io/ProxmoxVE/scripts?id=mqtt), or many other deploylemt methods. I chose to install this on the same LXC that ZigbeeMQTT is running on. Lets install it and make sure it's running. 49 | 50 | ```bash 51 | sudo apt install -y mosquitto 52 | systemctl status mosquitto 53 | ``` 54 | Next we can use the built in passwork creation tool to set our password and encrypt it. Use the command below replacing _brandon_ with your username of choice. 55 | 56 | ```bash 57 | mosquitto_passwd -c /etc/mosquitto/passwd brandon 58 | ``` 59 | 60 | You can run ```cat /etc/mosquitto/passwd``` to view the password encryption. Now lets ensure our configure is setup use nano to create or edit the file and copy the configuration below. 61 | 62 | ```bash 63 | nano /etc/mosquitto/conf.d/default.conf 64 | ``` 65 | ```yaml 66 | allow_anonymous false 67 | persistence true 68 | password_file /etc/mosquitto/passwd 69 | listener 1883 70 | ``` 71 | Now lets reload mosquitto and it will be ready to use in ZigbeeMQTT and Home Assistant. 72 | 73 | systemctl restart mosquitto 74 | 75 | ### ZigbeeMQTT Configuration 76 | 77 | Copied from [the official pro-install guide](https://github.com/community-scripts/ProxmoxVE/discussions/410), originally provided by the legend [tteck](https://github.com/tteck/Proxmox/discussions/2917). If you're using a different adapter, check out the official guide. 78 | 79 | Edit the configuration here 80 | ```bash 81 | nano /opt/zigbee2mqtt/data/configuration.yaml 82 | ``` 83 | Use this configuration if following my steps. 84 | ```yaml 85 | frontend: 86 | port: 9442 87 | homeassistant: true 88 | permit_join: false 89 | mqtt: 90 | base_topic: zigbee2mqtt 91 | server: 'mqtt://localhost:1883' 92 | user: brandon 93 | password: password 94 | keepalive: 60 95 | reject_unauthorized: true 96 | version: 4 97 | serial: 98 | port: /dev/serial/by-id/usb-ITEAD_SONOFF_Zigbee_3.0_USB_Dongle_Plus_V2_20231007143933-if00 99 | adapter: ember # for ITead Sonoff Zigbee 3.0 USB Dongle Plus V2 model "ZBDongle-E version" 100 | advanced: 101 | pan_id: GENERATE 102 | network_key: GENERATE 103 | channel: 20 104 | ``` 105 | Be sure to change you username and password or mqtt and the device id under port. Once the configuration is saved run the service using npm so we can see if there are any errors. 106 | ```bash 107 | cd /opt/zigbee2mqtt && npm start 108 | ``` 109 | If there are no errors you can exit the service with ctrl+c and restart the the service in the background using systemctl. 110 | 111 | ```bash 112 | sudo systemctl restart zigbee2mqtt 113 | ``` 114 | Once everything is complete you can navigate to the frontend for ZigbeeMQTT and begin adding your devices! For my installation I navigate to ```http://10.0.0.106:9442```. Change your the IP to match yours. For my set up I added this to NGINX Proxy Manager so I just nagivate to ```https://zigbee.hopki.net/``` 115 | -------------------------------------------------------------------------------- /surveillance/frigate/config.yml: -------------------------------------------------------------------------------- 1 | mqtt: 2 | enabled: true 3 | host: 10.0.0.50 4 | user: mqtt-user 5 | password: password 6 | port: 1883 7 | 8 | record: 9 | enabled: true 10 | retain: 11 | days: 1 12 | mode: active_objects 13 | events: 14 | retain: 15 | default: 30 16 | mode: motion 17 | detect: 18 | annotation_offset: -800 19 | detectors: 20 | coral1: 21 | type: edgetpu 22 | device: pci:0 23 | coral2: 24 | type: edgetpu 25 | device: pci:1 26 | snapshots: 27 | enabled: true 28 | retain: 29 | default: 1 30 | 31 | timestamp_style: 32 | position: tl 33 | format: '%m/%d/%Y %H:%M:%S' 34 | color: 35 | red: 255 36 | green: 255 37 | blue: 255 38 | thickness: 2 39 | effect: shadow 40 | 41 | go2rtc: 42 | streams: 43 | kitchen: 44 | - rtsp://admin:password@10.0.0.104/Preview_01_main 45 | - "ffmpeg:living_room#audio=opus" 46 | kitchen_sub: 47 | - rtsp://admin:password@10.0.0.104/Preview_01_sub 48 | studio: 49 | - rtsp://admin:password@10.0.0.102/cam/realmonitor?channel=1&subtype=01 50 | - "ffmpeg:studio#audio=opus" 51 | studio_sub: 52 | - rtsp://admin:password@10.0.0.102/cam/realmonitor?channel=1&subtype=0 53 | kids_room: 54 | - rtsp://admin:password@10.0.0.103/Preview_01_main 55 | - "ffmpeg:kids_room#audio=opus" 56 | kids_room_sub: 57 | - rtsp://admin:password@10.0.0.103/Preview_01_sub 58 | living_room: 59 | - rtsp://admin:password@10.0.0.100/cam/realmonitor?channel=1&subtype=01 60 | - "ffmpeg:kitchen#audio=opus" 61 | living_room_sub: 62 | - rtsp://admin:password@10.0.0.100/cam/realmonitor?channel=1&subtype=0 63 | flood_light: 64 | - rtsp://admin:password@10.0.0.105/Preview_01_main 65 | - "ffmpeg:flood_light#audio=opus" 66 | flood_light_sub: 67 | - rtsp://admin:password@10.0.0.105/Preview_01_sub 68 | front_porch: 69 | - rtsp://admin:password@10.0.0.99/Preview_01_main 70 | front_porch_sub: 71 | - rtsp://admin:password@10.0.0.99/Preview_01_sub 72 | nana_porch: 73 | - rtsp://admin:password@10.0.0.99/Preview_02_main 74 | nana_porch_sub: 75 | - rtsp://admin:password@10.0.0.99/Preview_02_sub 76 | east_side: 77 | - rtsp://admin:password@10.0.0.99/Preview_03_main 78 | east_side_sub: 79 | - rtsp://admin:password@10.0.0.99/Preview_03_sub 80 | west_side: 81 | - rtsp://admin:password@10.0.0.99/Preview_04_main 82 | west_side_sub: 83 | - rtsp://admin:password@10.0.0.99/Preview_04_sub 84 | 85 | ffmpeg: 86 | hwaccel_args: preset-vaapi 87 | 88 | cameras: 89 | Studio: 90 | ffmpeg: 91 | inputs: 92 | - path: rtsp://localhost:8554/studio 93 | input_args: preset-rtsp-restream 94 | roles: 95 | - record 96 | - path: rtsp://localhost:8554/studio_sub 97 | input_args: preset-rtsp-restream 98 | roles: 99 | - detect 100 | output_args: 101 | record: preset-record-generic-audio-aac 102 | detect: 103 | width: 896 104 | height: 512 105 | fps: 10 106 | objects: 107 | track: 108 | - person 109 | - dog 110 | Kitchen: 111 | ffmpeg: 112 | inputs: 113 | - path: rtsp://localhost:8554/kitchen 114 | input_args: preset-rtsp-restream 115 | roles: 116 | - record 117 | - path: rtsp://localhost:8554/kitchen_sub 118 | input_args: preset-rtsp-restream 119 | roles: 120 | - detect 121 | output_args: 122 | record: preset-record-generic-audio-aac 123 | detect: 124 | width: 896 125 | height: 512 126 | fps: 10 127 | objects: 128 | track: 129 | - person 130 | - dog 131 | live: 132 | stream_name: kitchen 133 | Kids_Room: 134 | ffmpeg: 135 | inputs: 136 | - path: rtsp://localhost:8554/kids_room 137 | input_args: preset-rtsp-restream 138 | roles: 139 | - record 140 | - path: rtsp://localhost:8554/kids_room_sub 141 | input_args: preset-rtsp-restream 142 | roles: 143 | - detect 144 | output_args: 145 | record: preset-record-generic-audio-aac 146 | detect: 147 | width: 896 148 | height: 512 149 | fps: 10 150 | objects: 151 | track: 152 | - person 153 | - dog 154 | live: 155 | stream_name: kids_room 156 | Living_Room: 157 | ffmpeg: 158 | inputs: 159 | - path: rtsp://localhost:8554/living_room 160 | input_args: preset-rtsp-restream 161 | roles: 162 | - record 163 | - path: rtsp://localhost:8554/living_room_sub 164 | input_args: preset-rtsp-restream 165 | roles: 166 | - detect 167 | output_args: 168 | record: preset-record-generic-audio-aac 169 | detect: 170 | width: 896 171 | height: 512 172 | fps: 10 173 | objects: 174 | track: 175 | - person 176 | - dog 177 | live: 178 | stream_name: living_room 179 | Flood_Light: 180 | ffmpeg: 181 | inputs: 182 | - path: rtsp://localhost:8554/flood_light 183 | input_args: preset-rtsp-restream 184 | roles: 185 | - record 186 | - path: rtsp://localhost:8554/flood_light_sub 187 | input_args: preset-rtsp-restream 188 | roles: 189 | - detect 190 | output_args: 191 | record: preset-record-generic-audio-aac 192 | detect: 193 | width: 1536 194 | height: 576 195 | fps: 15 196 | objects: 197 | track: 198 | - person 199 | - dog 200 | live: 201 | stream_name: flood_light 202 | Front_Porch: 203 | ffmpeg: 204 | inputs: 205 | - path: rtsp://localhost:8554/front_porch 206 | input_args: preset-rtsp-restream 207 | roles: 208 | - record 209 | - path: rtsp://localhost:8554/front_porch_sub 210 | input_args: preset-rtsp-restream 211 | roles: 212 | - detect 213 | output_args: 214 | record: preset-record-generic-audio-aac 215 | detect: 216 | width: 640 217 | height: 360 218 | fps: 7 219 | objects: 220 | track: 221 | - person 222 | - dog 223 | live: 224 | stream_name: front_porch 225 | Nanas_Porch: 226 | ffmpeg: 227 | inputs: 228 | - path: rtsp://localhost:8554/nana_porch 229 | input_args: preset-rtsp-restream 230 | roles: 231 | - record 232 | - path: rtsp://localhost:8554/nana_porch_sub 233 | input_args: preset-rtsp-restream 234 | roles: 235 | - detect 236 | output_args: 237 | record: preset-record-generic-audio-aac 238 | detect: 239 | width: 640 240 | height: 360 241 | fps: 7 242 | objects: 243 | track: 244 | - person 245 | - dog 246 | West_Side: 247 | ffmpeg: 248 | inputs: 249 | - path: rtsp://localhost:8554/west_side 250 | input_args: preset-rtsp-restream 251 | roles: 252 | - record 253 | - path: rtsp://localhost:8554/west_side_sub 254 | input_args: preset-rtsp-restream 255 | roles: 256 | - detect 257 | output_args: 258 | record: preset-record-generic-audio-aac 259 | detect: 260 | width: 640 261 | height: 360 262 | fps: 7 263 | objects: 264 | track: 265 | - person 266 | - dog 267 | East_Side: 268 | ffmpeg: 269 | inputs: 270 | - path: rtsp://localhost:8554/east_side 271 | input_args: preset-rtsp-restream 272 | roles: 273 | - record 274 | - path: rtsp://localhost:8554/east_side_sub 275 | input_args: preset-rtsp-restream 276 | roles: 277 | - detect 278 | output_args: 279 | record: preset-record-generic-audio-aac 280 | detect: 281 | width: 640 282 | height: 360 283 | fps: 7 284 | objects: 285 | track: 286 | - person 287 | - dog 288 | 289 | logger: 290 | # Optional: Default log verbosity (default: shown below) 291 | default: debug 292 | # Optional: Component specific logger overrides 293 | logs: 294 | frigate.event: debug 295 | version: 0.14 296 | camera_groups: 297 | Inside: 298 | order: 1 299 | icon: LuWarehouse 300 | cameras: 301 | - Garage 302 | - Kids_Room 303 | - Kitchen 304 | - Living_Room 305 | - Studio 306 | Outside: 307 | order: 2 308 | icon: LuTreePine 309 | cameras: 310 | - East_Side 311 | - Flood_Light 312 | - Front_Porch 313 | - West_Side 314 | - Nanas_Porch 315 | -------------------------------------------------------------------------------- /homeassistant/README.md: -------------------------------------------------------------------------------- 1 | # Home Assistant Guides, Templates, Tips and Tricks! 2 | This is a work in progress, check back for more! 3 | 4 | ## Navigation 5 | * [Apps](https://github.com/TechHutTV/homelab/tree/main/apps) - List of all the apps and services. 6 | * [__Home Assistant__](https://github.com/TechHutTV/homelab/tree/main/homeassistant) - Smart home services and automation. 7 | - [Dashboard](https://github.com/TechHutTV/homelab/tree/main/homeassistant/dashboard) 8 | - [LocalTuya](https://github.com/TechHutTV/homelab/tree/main/homeassistant/localtuya) 9 | - [Zigbee](https://github.com/TechHutTV/homelab/tree/main/homeassistant/zigbee) 10 | * [Media Server](https://github.com/TechHutTV/homelab/tree/main/media) - Plex, Jellyfin, *arr stack, and more. 11 | * [Server Monitoring](https://github.com/TechHutTV/homelab/tree/main/monitoring) - Graphs and Visualizations for Unriad, Proxmox, and more. 12 | * [Surveillance System](https://github.com/TechHutTV/homelab/tree/main/surveillance) - Frigate NVR Solution with Coral TPU. 13 | * [Storage](https://github.com/TechHutTV/homelab/tree/main/storage) - Current Storage and Backup Solution. 14 | * [Proxy Managment](https://github.com/TechHutTV/homelab/tree/main/proxy) - NGINX Proxy Manager, DDNS with Cloudflare, Local Domains, and more. 15 | 16 | To do 17 | * [https://github.com/custom-cards/upcoming-media-card](https://github.com/custom-cards/upcoming-media-card) 18 | * [https://community.home-assistant.io/t/tautulli-rest-end-point-and-custom-button-card/559371](https://community.home-assistant.io/t/tautulli-rest-end-point-and-custom-button-card/559371) 19 | 20 | ## Bubble Cards 21 | I'm starting to utilze Bubble Cards for my dashboard. I'll add more information soon, but first my custom card for shades with set_postition varibles on the sub-buttons. 22 | 23 | ``` 24 | type: custom:bubble-card 25 | card_type: cover 26 | entity: cover.bedroom_window_shade 27 | name: Bedroom 28 | icon_open: mdi:roller-shade 29 | icon_close: mdi:roller-shade-closed 30 | show_state: false 31 | show_last_changed: false 32 | show_attribute: true 33 | attribute: current_position 34 | card_layout: normal 35 | hold_action: {} 36 | sub_button: 37 | - entity: cover.bedroom_window_shade 38 | name: Close 39 | show_icon: false 40 | show_name: true 41 | tap_action: 42 | action: call-service 43 | target: 44 | entity_id: cover.bedroom_window_shade 45 | data: 46 | position: 2 47 | service: cover.set_cover_position 48 | show_last_changed: false 49 | show_attribute: false 50 | show_state: false 51 | - entity: cover.bedroom_window_shade 52 | name: "15" 53 | show_icon: false 54 | show_name: true 55 | tap_action: 56 | action: call-service 57 | target: 58 | entity_id: cover.bedroom_window_shade 59 | data: 60 | position: 15 61 | service: cover.set_cover_position 62 | - entity: cover.bedroom_window_shade 63 | name: "50" 64 | show_icon: false 65 | show_name: true 66 | tap_action: 67 | action: call-service 68 | target: 69 | entity_id: cover.bedroom_window_shade 70 | data: 71 | position: 50 72 | service: cover.set_cover_position 73 | - entity: cover.bedroom_window_shade 74 | name: "75" 75 | show_icon: false 76 | show_name: true 77 | tap_action: 78 | action: call-service 79 | target: 80 | entity_id: cover.bedroom_window_shade 81 | data: 82 | position: 75 83 | service: cover.set_cover_position 84 | grid_options: 85 | columns: 12 86 | rows: 2 87 | styles: |2- 88 | .bubble-sub-button-1 { 89 | background: 00000; 90 | } 91 | .bubble-sub-button-2 { 92 | background: 00000; 93 | } 94 | .bubble-sub-button-3 { 95 | background: 00000; 96 | } 97 | .bubble-sub-button-4 { 98 | background: 00000; 99 | } 100 | scrolling_effect: false 101 | ``` 102 | 103 | ## LocalTuya in Home Assistant 104 | When I first tired integrating XMCOSY String Lights with LocalTuya I followed a few different [guides](https://thehelpfulidiot.com/integrating-xmcosy-outdoor-string-lights-with-home-assistant-locally), but had no luck. The main issue ended up being LocalTuya itself. I found that using [this fork](https://github.com/xZetsubou/localtuya) works great and it's more up to date. This quick guide assumes you have the Tuya app setup with your devices added. Also, you'll need a [Tuya developer account](https://platform.tuya.com/) to get this setup. 105 | 106 | #### Install and Setup LocalTuya Fork 107 | 1. Open HACS and navigate to Integrations Section. 108 | 2. Open the Overflow Menu (⋮) in the top right corner and click on Custom repositories. 109 | 3. Paste ```https://github.com/xZetsubou/localtuya``` and select Integration from the category dropdown then click ADD. 110 | 4. Now the integration should be added search in for it and install it, then restart Home Assistant. 111 | 112 | #### Credentials from Tuya IoT Platform 113 | 1. Sign in and create a new project slecting Smart Home for both Industry and Development Method. Next, on the API options add 'Device Log Query' as you may need it to see important information about your devices. 114 | 2. Within the project overview page select 'Devices' and then 'Link App Account'. Use the sanner in the settings of your Tuya app to scan the QR code. Once you athenticate your devices should appear under 'All Devices'. If you see Read under 'Device Permission' you need to change this so it's listed as Controllable. 115 | 3. Now let's collect our IDs and Keys to connect LocalTuya. Under the project overview tab you will see 'Authorization Key'. You will need to save both the Client ID and Client Secret. Next go back to Devices and then 'Link App Account' and save the UID as this will go under User ID in the next step. 116 | 4. Within Home Assisant nagivate to the newly added LocalTuya integration. Click on 'Configure' and then 'Manage Cloud API account'. Paste in all the details from your Tuya project dashboard. Click submit and you should be good to go. 117 | 118 | #### Adding Tuya devices in Home Assistant 119 | 1. Click on 'Configure' again, but this time select 'Add new device' and select the device you'd like to add. Manual configuration is a pain, but if you have your devices on a different Vlan this may be required. 120 | 2. Next, you'll get a 'Configure device connectivity' option. In most cases the pre-filled options will be perfect and there will not be anything you need to change here. 121 | #### Manual condfigureation tips 122 | If you need to manually connect to a device an it's important to know where to find you local ids and values. These can be found within your project on the Tuya IoT Platform. For steps within the API Explorer copy the Device ID found under All Devices. 123 | * local_key: API Explorer > Query Device Details in Bulk > Input Device > See string after "local_key" 124 | * entity ids: API Explorer > Query Properties > Input Device > See number after "dp_id" 125 | * min/max values: Devices > All Devices > Debug Device > Device Debugging > Standard Instuction Set 126 | 127 | ### XMCOSY String Lights with LocalTuya 128 | 129 | #### Finding Raw Data Values for Scenes 130 | You can use the Tuya app to create custom or access pre-exisiting scenes. Open the developer portal, go to devices and click on "debug device". Open then device logs page and select the 'scene' logs from the dropdown menu on the top and click search. This should provide a overview of all scenes that were activated. 131 | 132 | ``` 133 | # XMcosy RGBCW String Lights, 24 bulbs, 64ft Acrylic Holiday Lights 134 | ASMJMgkAAABkAABkAAAAAGQAPGQAAAAAZAC7VAAAAABkAOpXAAAAAGQBCGMAAAAA: Christmas 135 | AVATMhkAAABkALxkAAAAAGQALU4AAAAAZAAAZAAAAABkAGQ8AAAAAA==: Christmas eve 136 | ASkJMk8AAABkAN1LAAAAAGQAvVMAAAAAZADYXQAAAAA: Fathers Day 137 | AQEDMjIAAABkAUVkAAAAAGQBIjkAAAAAZAEeZAAAAABkATpfAAAAAGQAAWQAAAAAZAAnWgAAAAA=: Flower harbor 138 | ASoJMgoAAABkAAFkAAAAAGQAiGQAAAAAZAC7ZAAAAAA: Football Day 139 | AScJMiQAAABkAJVbAAAAAGQAtGQAAAAAZACRYQAAAAA: Forest Day 140 | ASUKMjIAAABkAApfAAAAAGQBBmQAAAAAZADvXAAAAABkALAsAAAAAGQAfFQAAAAA: Halloween 141 | ASgKMgcAAABkAU49AAAAAGQBF1UAAAAAZAEMOwAAAAA: Mothers Day 142 | ASYUMjIAAABkADxVAAAAAGQBD2QAAAAAZADNQwAAAABkABZgAAAAAA: Thanksgiving 143 | ASQMMjIAAABkARJkAAAAAGQA71cAAAAAZAFBUwAAAABkAVJkAAAAAA: Valentines 144 | ``` 145 | __Wish List__: I feel like these could be possible with python scripts if I figure out how to decode that raw scene string to something a little more human friendly. I've reached out to XMCOSY, but I'm waiting on them to get back to me. 146 | - [ ] Per-bulb control with a custom card 147 | - [ ] Ability to save current configuration as a scene directly in HA 148 | - [ ] Mode option in HA (pulse, fade, etc.) 149 | 150 | ## Other Devices 151 | One of my switches wasn't pulling the actions or entities, [this blueprint](https://community.home-assistant.io/t/zha-aqara-wireless-mini-switch/255540) seems to fix it. 152 | -------------------------------------------------------------------------------- /glance.yml: -------------------------------------------------------------------------------- 1 | # Note: I installed this with the Proxmox Helper Script. So this config file is in /opt/glance. If you run with docker, there may be multiple configuration files. 2 | theme: 3 | background-color: 0 0 16 4 | primary-color: 43 59 81 5 | positive-color: 61 66 44 6 | negative-color: 6 96 59 7 | pages: 8 | - name: Startpage 9 | width: slim 10 | hide-desktop-navigation: false 11 | center-vertically: true 12 | columns: 13 | 14 | - size: small 15 | widgets: 16 | - type: dns-stats 17 | service: pihole 18 | url: https://pihole.hopki.net 19 | token: 12345abcdefghijk 20 | - type: custom-api 21 | title: Immich stats 22 | cache: 1d 23 | url: https://immich.hopki.net/api/server/statistics 24 | headers: 25 | x-api-key: 12345abcdefghijk 26 | Accept: application/json 27 | template: | 28 |
29 |
30 |
{{ .JSON.Int "photos" | formatNumber }}
31 |
PHOTOS
32 |
33 |
34 |
{{ .JSON.Int "videos" | formatNumber }}
35 |
VIDEOS
36 |
37 |
38 |
{{ div (.JSON.Int "usage" | toFloat) 1073741824 | toInt | formatNumber }}GB
39 |
USAGE
40 |
41 |
42 | 43 | - type: repository 44 | repository: TechHutTV/homelab 45 | pull-requests-limit: 5 46 | issues-limit: 3 47 | commits-limit: 3 48 | 49 | - size: full 50 | widgets: 51 | - type: search 52 | autofocus: true 53 | search-engine: google 54 | new-tab: true 55 | bangs: 56 | - title: YouTube 57 | shortcut: "!yt" 58 | url: https://www.youtube.com/results?search_query={QUERY} 59 | - title: Github 60 | shortcut: "!gh" 61 | url: https://github.com/search?q={QUERY}&type=repositories 62 | 63 | - type: monitor 64 | cache: 1m 65 | title: Services 66 | sites: 67 | - title: Proxmox 68 | url: https://proxmox.hopki.net/ 69 | check-url: https://10.0.0.80:8006 70 | allow-insecure: true 71 | icon: di:proxmox 72 | - title: Plex 73 | url: https://plex.hopki.net/ 74 | check-url: http://10.0.0.100:32400 75 | icon: di:plex 76 | alt-status-codes: 77 | - 401 78 | - 403 79 | - title: Nextcloud 80 | url: https://cloud.hopki.net/ 81 | check-url: http://10.0.0.104:11000 82 | icon: di:nextcloud 83 | - title: Immich 84 | url: https://immich.hopki.net/ 85 | check-url: http://10.0.0.104:2283 86 | icon: di:immich 87 | - title: Pi-Hole 88 | url: https://pihole.hopki.net/admin 89 | check-url: http://10.0.0.103:80 90 | icon: di:pi-hole 91 | - title: Vaultwarden 92 | url: https://warden.hopki.net/ 93 | check-url: http://10.0.0.109:8000 94 | icon: di:vaultwarden-light 95 | - title: Home Assistant 96 | url: https://hass.hopki.net/ 97 | check-url: http://10.0.0.250:8123 98 | icon: di:home-assistant 99 | - title: Frigate 100 | url: https://frigate.hopki.net/ 101 | check-url: http://10.0.0.107:5000 102 | icon: di:frigate-light 103 | - title: Zigbee2MQTT 104 | url: https://zigbee.hopki.net/ 105 | check-url: http://10.0.0.106:9442 106 | icon: di:zigbee2mqtt 107 | - title: NGINX Proxy Manager 108 | url: https://proxy.hopki.net/ 109 | check-url: http://10.0.0.102:81 110 | icon: di:nginx 111 | - title: Docmost 112 | url: https://doc.hopki.net/ 113 | check-url: http://10.0.0.104:3001 114 | icon: di:notion 115 | - title: Hoarder 116 | url: https://hoarder.hopki.net/ 117 | check-url: http://10.0.0.104:3000 118 | icon: di:hoarder-light 119 | - title: Tautulli 120 | url: https://tautulli.hopki.net/ 121 | check-url: http://10.0.0.201:8181 122 | icon: di:tautulli 123 | - title: Jellyfin 124 | url: https://jellyfin.hopki.net/ 125 | check-url: http://10.0.0.100:8096 126 | icon: di:jellyfin 127 | - title: TeslaMate 128 | url: https://tesla.hopki.net/ 129 | check-url: http://10.0.0.101:4000 130 | icon: di:teslamate-light 131 | - title: Grafana 132 | url: https://grafana.hopki.net/ 133 | check-url: http://10.0.0.101:3001 134 | icon: di:grafana 135 | - title: OctoPrint 136 | url: https://3d.hopki.net/ 137 | check-url: http://10.0.0.71 138 | icon: di:octoprint 139 | - title: Proxmox Backup Server 140 | url: https://backup.hopki.net/ 141 | check-url: https://10.0.0.251:8007 142 | icon: di:proxmox-light 143 | alt-status-codes: 144 | - 401 145 | - 403 146 | 147 | - type: monitor 148 | cache: 1m 149 | title: Servarr 150 | sites: 151 | - title: Overseerr 152 | url: https://request.hopki.net 153 | check-url: http://10.0.0.202:5055 154 | icon: di:overseerr 155 | - title: Radarr 156 | url: https://arr.hopki.net/radarr 157 | check-url: http://10.0.0.100:7878 158 | icon: di:radarr 159 | - title: Sonarr 160 | url: https://arr.hopki.net/sonarr 161 | check-url: http://10.0.0.100:8989 162 | icon: di:sonarr 163 | - title: Lidarr 164 | url: https://arr.hopki.net/lidarr 165 | check-url: http://10.0.0.100:8686 166 | icon: di:lidarr 167 | - title: Bazarr 168 | url: https://arr.hopki.net/bazarr 169 | check-url: http://10.0.0.100:6767 170 | icon: di:bazarr 171 | - title: Prowlarr 172 | url: https://arr.hopki.net/prowlarr 173 | check-url: http://10.0.0.100:9696 174 | icon: di:prowlarr 175 | - title: qBittorrent 176 | url: https://torrent.hopki.net/ 177 | check-url: http://10.0.0.100:8080 178 | icon: di:qbittorrent 179 | - title: NZBGet 180 | url: https://nzbget.hopki.net/ 181 | check-url: http://10.0.0.100:6789 182 | icon: di:nzbget 183 | alt-status-codes: 184 | - 401 185 | - 403 186 | - title: File Browser 187 | url: https://arrfiles.hopki.net/ 188 | icon: di:filebrowser 189 | - title: Portainer 190 | url: https://arr.hopki.net/ 191 | check-url: http://10.0.0.100:80 192 | icon: di:portainer 193 | 194 | - name: Home 195 | # Optionally, if you only have a single page you can hide the desktop navigation for a cleaner look 196 | # hide-desktop-navigation: true 197 | columns: 198 | - size: small 199 | widgets: 200 | - type: calendar 201 | first-day-of-week: monday 202 | 203 | - type: rss 204 | limit: 10 205 | collapse-after: 3 206 | cache: 12h 207 | feeds: 208 | - url: https://omgubuntu.co.uk/feed 209 | title: OmgUbuntu 210 | limit: 4 211 | - url: https://9to5linux.com/feed/atom 212 | title: 9to5Linux 213 | limit: 4 214 | 215 | - type: twitch-channels 216 | channels: 217 | - technotim 218 | - piratesoftware 219 | 220 | - size: full 221 | widgets: 222 | - type: group 223 | widgets: 224 | - type: hacker-news 225 | - type: lobsters 226 | 227 | - type: videos 228 | channels: 229 | - UCXuqSBlHAE6Xw-yeJA0Tunw # Linus Tech Tips 230 | - UCR-DXc1voovS8nhAvccRZhg # Jeff Geerling 231 | - UCsBjURrPoezykLs9EqgamOA # Fireship 232 | - UCBJycsmduvYEL83R_U4JriQ # Marques Brownlee 233 | 234 | - type: group 235 | widgets: 236 | - type: reddit 237 | subreddit: technology 238 | show-thumbnails: true 239 | - type: reddit 240 | subreddit: selfhosted 241 | show-thumbnails: true 242 | 243 | - size: small 244 | widgets: 245 | - type: weather 246 | location: 98664 247 | units: imperial 248 | hour-format: 12h # alternatively "24h" 249 | # Optionally hide the location from being displayed in the widget 250 | # hide-location: true 251 | 252 | - type: markets 253 | # The link to go to when clicking on the symbol in the UI, 254 | # {SYMBOL} will be substituded with the symbol for each market 255 | symbol-link-template: https://www.tradingview.com/symbols/{SYMBOL}/news 256 | markets: 257 | - symbol: LTC-USD 258 | name: Litecoin 259 | - symbol: XRP-USD 260 | name: Ripple 261 | - symbol: AAPL 262 | name: Apple 263 | - symbol: MSFT 264 | name: Microsoft 265 | 266 | - type: releases 267 | cache: 1d 268 | # Without authentication the Github API allows for up to 60 requests per hour. You can create a 269 | # read-only token from your Github account settings and use it here to increase the limit. 270 | # token: ... 271 | repositories: 272 | - glanceapp/glance 273 | - TechHutTV/homelab 274 | - immich-app/immich 275 | 276 | # Add more pages here: 277 | # - name: Your page name 278 | # columns: 279 | # - size: small 280 | # widgets: 281 | # # Add widgets here 282 | 283 | # - size: full 284 | # widgets: 285 | # # Add widgets here 286 | 287 | # - size: small 288 | # widgets: 289 | # # Add widgets here 290 | -------------------------------------------------------------------------------- /storage/README.md: -------------------------------------------------------------------------------- 1 | # Storage and Backup 2 | In this repo I will layout my storage and backup solutions for all of the services and platforms running on my homelab. Currently, I manage everything with Proxmox and Proxmox Backup Server. While solutions like Unraid and TrueNAS are awesome, I have found over the years the Proxmox is actually an amazing solution for managing storage, network shares, and backups. 3 | 4 | > [!NOTE] 5 | > I've recently switched to using Unraid on a seperate machine for my shares and primary file storage; however, this guide still works great for a all-Proxmox solution. I will make chages to this page in the next few weeks to reflect additional storage options and the best ways to mount nfs shares in Proxmox. 6 | 7 | ## Video Guides 8 | This readme is a companion to my official walkthrough guide! 9 | 10 | [![](https://raw.githubusercontent.com/TechHutTV/homelab/refs/heads/main/storage/part1_thumbnail.webp)](https://youtu.be/qmSizZUbCOA) 11 | 12 | ## Navigation 13 | * [Apps](https://github.com/TechHutTV/homelab/tree/main/apps) - List of all the apps and services. 14 | * [Home Assistant](https://github.com/TechHutTV/homelab/tree/main/homeassistant) - Smart home services and automation. 15 | * [Media Server](https://github.com/TechHutTV/homelab/tree/main/media) - Plex, Jellyfin, *arr stack, and more. 16 | * [Server Monitoring](https://github.com/TechHutTV/homelab/tree/main/monitoring) - Graphs and Visualizations for Unraid, Proxmox, and more. 17 | * [Surveillance System](https://github.com/TechHutTV/homelab/tree/main/surveillance) - Frigate NVR Solution with Coral TPU. 18 | * **Storage** - Current Storage and Backup Solution. 19 | * [Proxy Management](https://github.com/TechHutTV/homelab/tree/main/proxy) - NGINX Proxy Manager, DDNS with Cloudflare, Local Domains, and more. 20 | 21 | ## Proxmox as a NAS 22 | My current setup involves a single server with x3 NVME drives and a bunch of hard drives in a ZFS configuration. These are combined into separate ZFS pools for the HDDs (vault) and the SSDs (flash). Vault is used as a large data storage pool and Flash is used for containers and virtual machine disks. No matter your configuration you can follow this guide. However, I would recommend at least one NVME SSD for your boot drive, and at least 512gb if you don't have any other NVME SSDs and at least x2 HDDs for file storage. 23 | 24 | ### Post Install Steps (optional) 25 | 26 | #### Removing Proxmox Subscription Notice 27 | (not currently working) 28 | 29 | #### Disable Enterprise Repositories 30 | 1. Navigate to _Node > Repositories_ Disable the enterprise repositories. 31 | 2. Now click Add and enable the no subscription repository. Finally, go _Updates > Refresh_. 32 | 3. Upgrade your system by clicking _Upgrade_ above the repository setting page. 33 | 34 | ![](https://raw.githubusercontent.com/TechHutTV/homelab/refs/heads/main/storage/1_proxmox-repos.jpeg) 35 | 36 | #### Delete local-lvm and Resize local (fresh install) 37 | 38 | > [!WARNING] 39 | > This assumes a fresh installation without advanced storage settings during the installation. See this [issue](https://github.com/TechHutTV/homelab/issues/19). 40 | 41 | My boot drive is small and I run all my containers and virtual machine disks on a separate storage pool. So the LVM partition is not necessary for me and goes unused. If you're running everything off the same boot drive for fast storage skips this. Also you should check out this [video](https://www.youtube.com/watch?v=czQuRgoBrmM) to learn more about LVM before doing anything. 42 | 1. Delete local-lvm manually from web interface under _Datacenter > Storage_. 43 | 2. Run the following commands within _Node > Shell_. 44 | ```bash 45 | lvremove /dev/pve/data 46 | lvresize -l +100%FREE /dev/pve/root 47 | resize2fs /dev/mapper/pve-root 48 | ``` 49 | 3. Check to ensure your local storage partition is using all available space. Reassign storage for containers and VM if needed. 50 | 51 | #### Ensure IOMMU is enabled 52 | Enable IOMMU on in grub configuration within _Node > Shell_. 53 | ```bash 54 | nano /etc/default/grub 55 | ``` 56 | You will see the line with `GRUB_CMDLINE_LINUX_DEFAULT="quiet"`, all you need to do is add `intel_iommu=on` or `amd_iommu=on` depending on your system. 57 | ``` 58 | # Should look like this 59 | GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on" 60 | ``` 61 | 62 | ![](https://raw.githubusercontent.com/TechHutTV/homelab/refs/heads/main/storage/2_proxmox-iommu.jpeg) 63 | 64 | Next run the following commands and reboot your system. 65 | ```bash 66 | update-grub 67 | ``` 68 | Now check to make sure everything is enabled. 69 | ```bash 70 | dmesg | grep -e DMAR -e IOMMU 71 | dmesg | grep 'remapping' 72 | ``` 73 | Learn about enabling PCI Passthrough [here](https://pve.proxmox.com/wiki/PCI_Passthrough) 74 | 75 | ### 2. Create ZFS Pools 76 | 77 | First, we are going to setup two ZFS Pools. A _tank_ pool which is used for larger stored data sets such as media, images and archives. We also will make a _flash_ pool which is used for virtual machine and container root file systems. This is what I name them for my setup. You can name these however you'd like. 78 | 79 | First, checkout you disks and make sure that they're all there. Find this under _Node > Disks_. Make sure you wipe all the disks you plan on using and do note this will wipe any data on the disks, so make sure there is no important data on them and back up if needed. 80 | 81 | ![](https://raw.githubusercontent.com/TechHutTV/homelab/refs/heads/main/storage/3_proxmox-wipe-disk.jpeg) 82 | 83 | Now, on the Proxmox sidebar for your datacenter, go to _Disks > ZFS > Create: ZFS_. This will pop up the screen to create a ZFS pool. 84 | 85 | From this screen, it should show all of your drives, so select the ones you want in your pool, and select your RAID level (in my case RAIDZ for my vault pool and mirror for my flash pool) and compression, (in my case I keep it at on). Make sure you check the box that says __Add to Storage__. This will make the pools immediately available and will prevent using .raw files as opposed to my previous setup when I added directories. 86 | 87 | ![](https://raw.githubusercontent.com/TechHutTV/homelab/refs/heads/main/storage/4_proxmox-mirror-nvme.jpeg) 88 | 89 | ### 3. Creating Containers using ZFS Pools 90 | 91 | Now time to put these new storage pools in use. For this, we are going to create our first LXC. In this example the LXC is going to be in charge of managing our media server. First we need a operating system image. Click on your local storage in the sidebar and click on CT Templates then the Templates button. From there search for Ubuntu and download the ubuntu-22.04-standard template. 92 | 93 | Now in the top right click on Create CT. The "Create: LXC Container" prompt should show up. On the general tab I set my CT ID to 100 (later I will match this to a local IP for organization) and I set the hostname to "servarr", you can name it anything like media, jellyfin, or whatever. Set your password, keep the container and unprivileged and click Next. Select your downloaded Ubuntu template and click next. Under disk you can select your storage location. If you created the flash pool like we did earlier select it, otherwise local is fine. For storage I picked 64gb as my media server is quite large. Click next as we will add the data and docker directory later. Give it as many CPU cores and ram as you need, for my setup I gave it 6 cores and 8gb of memory. 94 | 95 | Under network we will leave most everything, but I like to give it a static IP here. If you want to manage this with your router select DHCP. Under IPv4 I set the IPv4/CIDR to `10.0.0.100/24` and the gateway to `10.0.0.1` your local IP may be different. Keep DNS as is and confirm the installation. 96 | 97 | ### 4. Adding Mount Points 98 | 99 | Now that our container is created I want to add some storage and mount the data and docker directories on my system. Click on your newly created LXC and then click on Resources. From there click the Add button and select mount point. The first one I'll add is going to be for the bulk file storage or I will change the option under storage to tank. For path I will set this to /data and uncheck backup. We will set up backups later. I want to dedicate a ton of room to this so I 26078 GiB (28 TB). Set this to what works best your how much media you'd like to store there. I keep everything else as is and click create. For the docker mount I repeated all these steps, but set the storage to flash, mount point to /docker, and gave it about 128gb of space. 100 | 101 | ### 5. Creating SMB Shares 102 | 103 | In our new LXC we first need to run some general updates and user creation. 104 | 105 | 1. Update your system 106 | ```bash 107 | apt update && apt upgrade -y 108 | ``` 109 | 2. Create your user 110 | ```bash 111 | adduser brandon 112 | adduser brandon sudo 113 | ``` 114 | 115 | Great [video resource by KeepItTechie](https://www.youtube.com/watch?v=2gW4rWhurUs), [source](https://gist.github.com/pjobson/3811b73740a3a09597511c18be845a6c) 116 | 3. Switch to your new user 117 | ```bash 118 | su - brandon 119 | ``` 120 | 4. Set permissions of mount points created earlier. 121 | ```bash 122 | sudo chown -R brandon:brandon /data 123 | sudo chown -R brandon:brandon /docker 124 | ``` 125 | 5. Install Samba 126 | ```bash 127 | sudo apt install samba 128 | ``` 129 | 6. Create a backup of the default configuration 130 | ```bash 131 | cd /etc/samba 132 | sudo mv smb.conf smb.conf.old 133 | ``` 134 | 7. Edit the samba config 135 | ```bash 136 | sudo nano smb.conf 137 | ``` 138 | This is my configuration (see [issue 51](https://github.com/TechHutTV/homelab/issues/51) for more info on subnets.) 139 | ``` 140 | [global] 141 | server string = Servarr 142 | workgroup = WORKGROUP 143 | security = user 144 | map to guest = Bad User 145 | name resolve order = bcast host 146 | hosts allow = 10.0.0.0/24 147 | hosts deny = 0.0.0.0/0 148 | [data] 149 | path = /data 150 | force user = brandon 151 | force group = brandon 152 | create mask = 0774 153 | force create mode = 0774 154 | directory mask = 0775 155 | force directory mode = 0775 156 | browseable = yes 157 | writable = yes 158 | read only = no 159 | guest ok = no 160 | [docker] 161 | path = /docker 162 | force user = brandon 163 | force group = brandon 164 | create mask = 0774 165 | force create mode = 0774 166 | directory mask = 0775 167 | force directory mode = 0775 168 | browseable = yes 169 | writable = yes 170 | read only = no 171 | guest ok = no 172 | ``` 173 | 8. Add your samba user 174 | ```bash 175 | sudo smbpasswd -a [username] 176 | ``` 177 | 9. Set services to auto start on reboot 178 | ```bash 179 | sudo systemctl enable smbd 180 | sudo systemctl enable nmbd 181 | sudo systemctl restart smbd 182 | sudo systemctl restart nmbd 183 | ``` 184 | 10. Install wsdd for Windows discovery 185 | ```bash 186 | sudo apt install wsdd 187 | sudo apt install wsdd-server 188 | ``` 189 | 11. Allow services on firewall if you run into any issues. 190 | ```bash 191 | sudo ufw allow OpenSSH 192 | sudo ufw allow Samba 193 | # following 3 are needed for wsdd 194 | sudo ufw allow 3702/udp 195 | sudo ufw allow 5357/tcp 196 | sudo ufw allow 5358/tcp 197 | # Check ufw status 198 | sudo ufw status 199 | ``` 200 | Optionally, enable the firewall. 201 | ```bash 202 | sudo ufw enable 203 | ``` 204 | 205 | # Backups 206 | Work in Progress 207 | -------------------------------------------------------------------------------- /media/jellyfin/README.md: -------------------------------------------------------------------------------- 1 | # Jellyfin Setup Guide 2 | Welcome to the ultimate Jellyfin setup guide. 3 | 4 | > [!NOTE] 5 | > For simplicity and compatibility it is recommended to install Jellyfin with Docker in a __virtual machine__ if you're running Proxmox. See more information [here](https://pve.proxmox.com/pve-docs/pve-admin-guide.html#chapter_pct). 6 | > 7 | 8 | ## Data Directory 9 | ### Folder Mapping 10 | It's good practice to give all containers the same access to the same root directory or share. This is why all containers in the compose file have the bind volume mount `/data:/data`. It makes everything easier, plus passing in two volumes such as the commonly suggested `/tv`, `/movies`, and `/downloads` makes them look like two different file systems, even if they are a single file system outside the container. See my current setup below. 11 | ``` 12 | data 13 | ├── movies 14 | ├── music 15 | └── shows 16 | docker 17 | └── jellyfin 18 |    ├── config 19 |    ├── jellyseerr 20 |    └── jellystat 21 | ``` 22 | 23 | ### Network Share (VM) 24 | I generally install Docker on the same LXC that I have my media server on as well as all my data. This, however, is [not recommended by Proxmox](https://www.reddit.com/r/Proxmox/comments/1afslhs/should_i_use_lxc_or_vm_for_running_docker/). Going forward you should create a separate VM for all your docker containers and mount the data directory we created in the storage guide with the share. 25 | 26 | Within the VM install `cifs-utils` 27 | ```bash 28 | sudo apt install cifs-utils 29 | ``` 30 | Now, edit the `fstab` file and add the following lines editing them to match your information. 31 | ```bash 32 | sudo nano /etc/fstab 33 | ``` 34 | ``` 35 | //10.0.0.100/data /data cifs uid=1000,gid=1000,username=user,password=password,iocharset=utf8 0 0 36 | ``` 37 | Storing the user credentials within this file isn't the best idea. Check out [this question](https://unix.stackexchange.com/questions/178187/how-to-edit-etc-fstab-properly-for-network-drive) on Stack Exchange to learn more. 38 | 39 | Now reload the configuration and mount the shares with the following commands. 40 | ```bash 41 | sudo systemctl daemon-reload 42 | sudo mount -a 43 | ``` 44 | 45 | ## User Permissions 46 | Using bind mounts (`path/to/config:/config`) may lead to permission conflicts between the host operating system and the container. To avoid this problem, you can specify the user ID (`PUID`) and group ID (`PGID`) to use within some of the containers. This will give your user permissions to read and write configuration files, etc. 47 | 48 | In the compose file I use `PUID=1000` and `PGID=1000`, as those are generally the default IDs in most Linux systems, but depending on your setup you may need to change this. 49 | 50 | ```bash 51 | id your_user 52 | ``` 53 | This command will return something like the following: 54 | ``` 55 | uid=1000(brandon),gid=1003(brandon),groups=1000(data-share),988(docker) 56 | ``` 57 | In the example output above, if using a network share I would need to edit the `compose.yaml` with `PGID=1003`. If you are using a network share mounted though `/etc/fstab` match the permissions there. I use Cockpit with a custom group for shares so my permissions are `uid=1000(brandon),gid=1000(data-share)`. 58 | If you run into errors after creating all the folders you can assign the permissions using `chown`. For example: 59 | ```bash 60 | sudo chown -R 1000:1000 /data 61 | sudo chown -R 1000:1000 /docker 62 | ``` 63 | 64 | ## Installation 65 | There are two options for installing Jellyfin. Both work great and it's all a matter of preference. I generally install Jellyfin directly on the LXC within Proxmox that contains all my data. 66 | 67 | ### Docker Setup (Recommended) 68 | Docker is another option to install and run Jellyfin. Check out the `compose.yaml` file or the full stack. 69 | 70 | ```yaml 71 | services: 72 | jellyfin: 73 | image: lscr.io/linuxserver/jellyfin:latest 74 | container_name: jellyfin 75 | environment: 76 | - PUID=1000 77 | - PGID=1000 78 | - TZ=America/Los_Angeles 79 | - JELLYFIN_PublishedServerUrl=http://10.0.0.101 #optional 80 | volumes: 81 | - ./config:/config 82 | - /data:/data 83 | devices: 84 | - /dev/dri:/dev/dri #Use for Intel QuickSync 85 | ports: 86 | - 8096:8096 87 | - 7359:7359/udp #Service Discovery 88 | - 1900:1900/udp #Client Discovery 89 | restart: unless-stopped 90 | ``` 91 | 92 | ### System Installation (NOT Recommended) 93 | Run the following command on your Ubuntu system, VM, or Proxmox LXC. You can learn about how to verify the script integrity [here](https://jellyfin.org/docs/general/installation/linux/). 94 | ```bash 95 | curl https://repo.jellyfin.org/install-debuntu.sh | sudo bash 96 | ``` 97 | 98 | #### Permissions 99 | If you're running this with docker, you can skip these steps! 100 | 101 | Stop the Jellyfin service. 102 | ```bash 103 | sudo systemctl jellyfin stop 104 | ``` 105 | Edit the Jellyfin service configuration to reflect your user. 106 | ```bash 107 | sudo nano /lib/systemd/system/jellyfin.service 108 | ``` 109 | Now change the `User` and `Group` settings to your main user. You can run the `id` command if you're unsure. 110 | ```ini 111 | [Unit] 112 | Description = Jellyfin Media Server 113 | After = network-online.target 114 | 115 | [Service] 116 | Type = simple 117 | EnvironmentFile = /etc/default/jellyfin 118 | User = brandon 119 | Group = brandon 120 | WorkingDirectory = /var/lib/jellyfin 121 | ExecStart = /usr/bin/jellyfin $JELLYFIN_WEB_OPT $JELLYFIN_FFMPEG_OPT $JELLYFIN_SERVICE_OPT 122 | Restart = on-failure 123 | TimeoutSec = 15 124 | SuccessExitStatus=0 143 125 | 126 | [Install] 127 | WantedBy = multi-user.target 128 | ``` 129 | Now change the permissions of the Jellyfin files and folders 130 | ```bash 131 | sudo chown -R brandon:brandon /etc/default/jellyfin 132 | sudo chown -R brandon:brandon /usr/bin/jellyfin 133 | sudo chown -R brandon:brandon /var/lib/jellyfin/ 134 | sudo chown -R brandon:brandon /etc/jellyfin/ 135 | sudo chown -R brandon:brandon /var/log/jellyfin/ 136 | sudo chown -R brandon:brandon /var/cache/jellyfin/ 137 | sudo chown -R brandon:brandon /usr/share/jellyfin 138 | sudo chown -R brandon:brandon /usr/share/jellyfin-ffmpeg 139 | sudo chown -R brandon:brandon /usr/lib/jellyfin/ 140 | sudo chown -R brandon:brandon /usr/lib/jellyfin-ffmpeg/ 141 | ``` 142 | Reload the daemon and restart jellyfin 143 | ```bash 144 | sudo systemctl daemon-reload 145 | sudo systemctl restart jellyfin 146 | ``` 147 | Check the user that is running Jellyfin 148 | ```bash 149 | ps -aux | grep jellyfin 150 | ``` 151 | Source: [https://github.com/tteck/Proxmox/discussions/286](https://github.com/tteck/Proxmox/discussions/286) 152 | 153 | #### Hardware Transcoding 154 | For the System Installation only, install the `jellyfin-ffmpeg7`. Remove the deprecated jellyfin meta package if it breaks the dependencies. 155 | ```bash 156 | sudo apt update && sudo apt install -y jellyfin-ffmpeg7 157 | ``` 158 | Continue with the steps below... 159 | 160 | ## Hardware Transcoding 161 | This focuses on transcoding with Intel QuickSync. In my experience it is simply the best option. If you're running a AMD CPU you can pickup a Intel Arc GPU fairly cheap. If you have any issues or don't have access to a Intel CPU or an Arc GPU be sure to checkout the official docs [here](https://jellyfin.org/docs/general/administration/hardware-acceleration/). If you're not doing this on Proxmox you can skip to the Ubuntu setup. 162 | 163 | ### Proxmox Passthrough 164 | 165 | > [!NOTE] 166 | > Running Jellyfin with Docker on a VM is highly recommended. This eliminates permission issues with running Jellyfin on the system and running Docker on a VM is what is recommended by the Proxmox team. 167 | > 168 | 169 | #### Running on a VM (Recommended) 170 | In the Proxmox UI, under your virtual machine, click the **Hardware** option in the sidebar. From there select _Add > PCI Device_. Then select **Raw** and pick the device that we will use for Quicksync or another GPU if you're not using Quicksync. For Quicksync it's often the very first Intel device that will say something like "Alderlake" in the name. 171 | 172 | #### Running on an Unprivileged LXC 173 | If you're running Jellyfin directly on the LXC that houses all your media, you will need to manually add the following to you LXC configuration. Add the lines below to the configuration of your container below. Don't forget to change the ID to match the container you've installed Jellyfin on. 174 | ```bash 175 | nano /etc/pve/lxc/100.conf 176 | ``` 177 | ``` 178 | #Add these for Intel QuickSync 179 | dev0: /dev/dri/card0,gid=44 180 | dev1: /dev/dri/renderD128,gid=104 181 | ``` 182 | ### Ubuntu Setup 183 | The following steps are necessary when running Jellyfin on an Ubuntu server, virtual machine or Proxmox LXC. Add user `jellyfin` and the user you're running jellyfin as to the `render` group. 184 | ```bash 185 | sudo usermod -aG render jellyfin 186 | sudo usermod -aG render brandon # since I'm running jellyfin as my user 187 | sudo systemctl restart jellyfin 188 | ``` 189 | Now we can confirm hardware transcoding is ready by installing the `intel-gpu-tools` package and running the command `intel_gpu_top`. 190 | ```bash 191 | sudo apt install intel-gpu-tools 192 | intel_gpu_top 193 | ``` 194 | 195 | ## Configuring Jellyfin 196 | Open your web browser and navigate to your installed instance of Jellyfin using `http://IP:8096` and once there you can power through the initial setup by selecting your preferred language, then create an admin account with a secure username and password. Next, set up your media libraries by adding folders for movies, TV shows, or music. I tend to keep everything in my `/data` directory as shown in the media page on this repo. 197 | 198 | ## Plugins 199 | Below are the plugins I'm currently testing. I'd recommend checking out [Awesome Jellyfin](https://github.com/awesome-jellyfin/awesome-jellyfin) for much more. 200 | 201 | 1. [Intro Skipper](https://github.com/intro-skipper/intro-skipper) 202 | 2. [Fan Art](https://github.com/jellyfin/jellyfin-plugin-fanart) 203 | 3. [Jellyfin Newsletter](https://github.com/Cloud9Developer/Jellyfin-Newsletter-Plugin) 204 | 4. [TMDb Box Sets](https://github.com/jellyfin/jellyfin-plugin-tmdbboxsets) 205 | 5. [TheTVDB](https://github.com/jellyfin/jellyfin-plugin-tvdb) 206 | 6. [SkinManager](https://github.com/danieladov/jellyfin-plugin-skin-manager) 207 | 7. [Media Bar](https://github.com/IAmParadox27/jellyfin-plugin-media-bar) 208 | 209 | ## Other Tools 210 | Now to expand the functionality of Jellyfin I recommend these 3rd party tools that integrate well with Jellyfin. 211 | 212 | ### Jellystat 213 | Find it [here](https://github.com/CyferShepard/Jellystat) 214 | 215 | ### Jellyseerr 216 | Find it [here](https://github.com/fallenbagel/jellyseerr) 217 | 218 | ## DVR and Live TV 219 | 220 | ### Live TV 221 | This will require some extra hardware and a paid service for the guide data. HDHomeRun is great and it's what I use. Go to _Dashboard → Live TV → TV Sources → Add Tuner Device_. Select your tuner type _HDHomeRun_. Enter the tuner’s IP address and click **Save**. 222 | 223 | Next you want to setup guide data. _Guide Providers → Add Guide Provider_. Schedules Direct is a paid service, but they're awesome. It's a non-profit and they commit to the Jellyfin code directly. Create an account and you can use it for free for a week. Input your username and password and give it some time to update the data. I didn't need to but you can map the channels by going to _Channels → Map Channels_. 224 | 225 | ### DVR 226 | 227 | > [!NOTE] 228 | > This is a work in progress. Don't quite have it working yet. 229 | > 230 | 231 | ## Remote Connections 232 | 233 | > [!NOTE] 234 | > This is a work in progress. 235 | 236 | In the meantime checkout [this](https://youtu.be/79e6KBYcVmQ?si=0yTkdD5UtDVs-jNX) video. 237 | -------------------------------------------------------------------------------- /media/README.md: -------------------------------------------------------------------------------- 1 | # Self-Hosted Media Server and Aggregation 2 | 3 | Make sure to review everything here and if you have any issues please submit it as an issue. Also, we are more than open to any suggests or edits. Also, checkout the [Servarr Docker Setup](https://wiki.servarr.com/docker-guide) for more details on installing the stack. 4 | 5 | > [!CAUTION] 6 | > Some MAJOR Updates! Moved the VPN configuration and some of the env variables to a `.env` file. If you're watching the current live video it's a huge change. Will be uploading a new one in the next few days. 7 | 8 | ## Navigation 9 | * [Apps](https://github.com/TechHutTV/homelab/tree/main/apps) 10 | * [Home Assistant](https://github.com/TechHutTV/homelab/tree/main/homeassistant) 11 | * [__Media Server__](https://github.com/TechHutTV/homelab/tree/main/media) 12 | - [Companion Video](#companion-video) 13 | * [Updates Since Video Publish](#updates-since-video-publish) 14 | - [Media Server](#media-server) 15 | * [Jellyfin](https://github.com/TechHutTV/homelab/tree/main/media/jellyfin) 16 | * [Plex](https://github.com/TechHutTV/homelab/tree/main/media/plex) 17 | - [Data Directory](#data-directory) 18 | * [Folder Mapping](#folder-mapping) 19 | * [Network Share](#network-share) 20 | - [User Permissions](#user-permissions) 21 | - [Docker Compose and .env](#docker-compose-and-env) 22 | - [Gluetun VPN](#gluetun-vpn) 23 | * [Setup and Configuration](#setup-and-configuration) 24 | * [Testing Gluetun Connectivity](#testing-gluetun-connectivity) 25 | * [Passing Through Containers](#passing-through-containers) 26 | * [External Container to Gluetun](#external-container-to-gluetun) 27 | * [Gluetun Proxmox LXC Setup](#gluetun-proxmox-fix) 28 | * [Reduce Gluetun Ram Usage](#reduce-gluetun-ram-usage) 29 | - [Download Clients](#download-clients) 30 | * [NZBGet](#nzbget) 31 | + [NZBGet Login Credentials](#nzbget-login-credentials) 32 | + [Download Directories Mapping](#nzbget-download-directories) 33 | + [Fix "directory does not appear" error in Sonarr/Radarr](#fix-directory-does-not-appear-to-exist-inside-the-container-error) 34 | * [qBittorrent](#qbittorrent) 35 | + [qBittorrent Login Credentials](#qbittorrent-login-credentials) 36 | + [Download Directories Mapping](#qbittorrent-download-directories) 37 | + [qBittorrent Stalls with VPN Timeout](#qbittorrent-stalls-with-vpn-timeout) 38 | - [*arr Apps](#arr-apps) 39 | * [Server Monitoring](https://github.com/TechHutTV/homelab/tree/main/monitoring) 40 | * [Surveillance System](https://github.com/TechHutTV/homelab/tree/main/surveillance) 41 | * [Storage](https://github.com/TechHutTV/homelab/tree/main/storage) 42 | * [Proxy Management](https://github.com/TechHutTV/homelab/tree/main/proxy) 43 | 44 | ## Companion Video 45 | ``` 46 | # Updated video coming soon 47 | [![alt text](image url)](video link) 48 | ``` 49 | ### Updates Since Video Publish 50 | * Added [ytdl-sub](https://ytdl-sub.readthedocs.io/en/latest/) to the `compose.yaml`. Remove if unwanted. 51 | 52 | ## Media Server 53 | Media Servers have their own guides! Check the link below and it will take you to the folder for the guides. 54 | 55 | - [Jellyfin](https://github.com/TechHutTV/homelab/tree/main/media/jellyfin) 56 | - [Plex](https://github.com/TechHutTV/homelab/tree/main/media/plex) 57 | 58 | ## Data Directory 59 | ### Folder Mapping 60 | It's good practice to give all containers the same access to the same root directory or share. This is why all containers in the compose file have the bind volume mount `/data:/data`. It makes everything easier, plus passing in two volumes such as the commonly suggested `/tv`, `/movies`, and `/downloads` makes them look like two different file systems, even if they are a single file system outside the container. See my current setup below. 61 | ``` 62 | data 63 | ├── books 64 | ├── downloads 65 | │   ├── qbittorrent 66 | │   │   ├── completed 67 | │   │   ├── incomplete 68 | │   │   └── torrents 69 | │   └── nzbget 70 | │   ├── completed 71 | │   ├── intermediate 72 | │   ├── nzb 73 | │   ├── queue 74 | │   └── tmp 75 | ├── movies 76 | ├── music 77 | ├── shows 78 | └── youtube 79 | ``` 80 | Here is a easy command to create the download directory scheme. Run within the `/data` directory. 81 | ```bash 82 | mkdir -p downloads/qbittorrent/{completed,incomplete,torrents} && mkdir -p downloads/nzbget/{completed,intermediate,nzb,queue,tmp} 83 | ``` 84 | 85 | ### Network Share 86 | I generally install Docker on the same LXC that I have my media server on as well as all my data. This, however, is [not recommended by Proxmox](https://pve.proxmox.com/pve-docs/pve-admin-guide.html#chapter_pct). Going forward you should create a separate VM for all your docker containers and mount the data directory we created in the [storage guide](https://github.com/TechHutTV/homelab/tree/main/storage) with the share. You can also use this method if you're using a separate share on another machine running something like Unraid or TrueNAS. 87 | 88 | Within the VM install `cifs-utils` 89 | ```bash 90 | sudo apt install cifs-utils 91 | ``` 92 | Now, edit the `fstab` file and add the following lines editing them to match your information: 93 | ```bash 94 | sudo nano /etc/fstab 95 | ``` 96 | ``` 97 | //10.0.0.100/data /data cifs uid=1000,gid=1000,username=user,password=password,iocharset=utf8 0 0 98 | ``` 99 | Storing the user credentials within this file isn't the best idea. Check out [this question](https://unix.stackexchange.com/questions/178187/how-to-edit-etc-fstab-properly-for-network-drive) on Stack Exchange to learn more. 100 | 101 | Now reload the configuration and mount the shares with the following commands. 102 | ```bash 103 | sudo systemctl daemon-reload 104 | sudo mount -a 105 | ``` 106 | 107 | ## User Permissions 108 | Using bind mounts (`path/to/config:/config`) may lead to permission conflicts between the host operating system and the container. To avoid this problem, you can specify the user ID (`PUID`) and group ID (`PGID`) to use within some of the containers. This will give your user permissions to read and write configuration files, etc. 109 | 110 | In the compose file I use `PUID=1000` and `PGID=1000`, as those are generally the default IDs in most Linux systems, but depending on your setup you may need to change this. 111 | 112 | ```bash 113 | id your_user 114 | ``` 115 | This command will return something like the following: 116 | ``` 117 | uid=1000(your_user) gid=1000(your_user) groups=1000(your_user),27(sudo),24(cdrom),30(dip),46(plugdev),108(lxd) 118 | ``` 119 | If you are using a network share mounted though `/etc/fstab` match the permissions there. Learn more above. 120 | 121 | If you run into errors after creating all the folders you can assign the permissions using `chown`. For example: 122 | ```bash 123 | sudo chown -R 1000:1000 /data 124 | ``` 125 | Also, I like to store all my Docker configurations in a root `/docker` directory on my Linux system. These can go wherever you prefer whether that be your home directory or somewhere else. Do note, many Docker apps may have issues if you're trying to store you Docker configurations in a SMB network share. 126 | ```bash 127 | mkdir /docker 128 | sudo chown -R 1000:1000 /docker 129 | ``` 130 | ## Docker Compose and .env 131 | Navigate to the directory you want to spin up the servarr stack in. I run mine from `/docker/servarr` but you can run it from anywhere you'd like such as `/home/user/docker/servarr`. Then download the `compose.yaml` and `.env` files from this repo. 132 | ```bash 133 | wget https://github.com/TechHutTV/homelab/raw/refs/heads/main/media/compose.yaml && wget https://github.com/TechHutTV/homelab/raw/refs/heads/main/media/.env 134 | ``` 135 | Most of our editing is going to be done in the `.env` file. Here you change your `UID` and `GID`, timezone, and add all your VPN keys and info. You can also make edits to the `compose.yaml` file such as the mount point locations, for example, if you are using something other than `/data:/data` or even changing the docker network IP addresses for your services. 136 | 137 | ## Gluetun VPN 138 | 139 | ### Setup and Configuration 140 | I like to set this out with [AirVPN](https://airvpn.org/?referred_by=673908) (referral link). I'm not affiliated with them in any way other than the referral link. I've tried a few other providers and they're my preference. If you already have a VPN checkout the [providers](https://github.com/qdm12/gluetun-wiki/tree/main/setup/providers) page on their wiki. 141 | 142 | On AirVPN navigate to the **Client Area** from here select the **Config Generator**. Now in the options select **Linux** then toggle the **WireGuard** option. Select **New device** and then scroll down to **By single server** and select a server that is best for you. For example, _Titawin (Vancouver)_ was my selection because, at the time, it had the fewest users with good speeds. Scroll all the way to the bottom and select **Generate**. This will download a conf file with all of your information. 143 | 144 | Back in AirVPN navigate to the **Client Area** from here select **Manage** under **Ports**. If you already have a port open click on **Test open** otherwise click the plus button under **Add a new port** then click **Test open** for that port. Here you will find the specific servers that you can use your port on. If there is a `Connection refused` warning next the server you generated your configuration for change the port until the warning goes away. For example, in my case the _'Titawin (Vancouver)_ server that I selected with my port is good to use. 145 | 146 | > [!CAUTION] 147 | > Do NOT forward on your router the same ports you use on your listening services while connected to the VPN. 148 | 149 | Now, in the same directory as your docker `compose.yaml` file create a `.env` file. Paste in the variables below and then add all the information from your downloaded `.conf` file. 150 | 151 | ```bash 152 | nano .env 153 | ``` 154 | ```bash 155 | # General UID/GIU and Timezone 156 | TZ=America/Los_Angeles 157 | PUID=1000 158 | PGID=1000 159 | 160 | # Input your VPN provider and type here 161 | VPN_SERVICE_PROVIDER=airvpn 162 | VPN_TYPE=wireguard 163 | 164 | # Mandatory, airvpn forwarded port 165 | FIREWALL_VPN_INPUT_PORTS=port # mandatory, airvpn forwarded port 166 | 167 | # Copy all these variables from your generated configuration file 168 | WIREGUARD_PUBLIC_KEY=key 169 | WIREGUARD_PRIVATE_KEY=key 170 | WIREGUARD_PRESHARED_KEY=key 171 | WIREGUARD_ADDRESSES=ipv4 172 | 173 | # Optional location variables, comma separated list, no spaces after commas, make sure it matches the config you created 174 | SERVER_COUNTRIES=country 175 | SERVER_CITIES=city 176 | 177 | # Heath check duration 178 | HEALTH_VPN_DURATION_INITIAL=120s 179 | ``` 180 | 181 | ### Testing Gluetun Connectivity 182 | Once your containers are up and running, you can test your connection is correct and secured. This assumes you keep the `gluetun` container name. Learn more at the [gluetun wiki](https://github.com/qdm12/gluetun-wiki/blob/main/setup/test-your-setup.md). 183 | 184 | > [!Note] 185 | > If you run into issues try restarting the stack with `docker compose restart`. 186 | ```bash 187 | docker run --rm --network=container:gluetun alpine:3.18 sh -c "apk add wget && wget -qO- https://ipinfo.io" 188 | ``` 189 | If you'd like to test Gluetun connectivity from a container using the service jump into the `docker compose exec` console and run the `wget` command below. Tested with `nzbget`, `qbittorrent`, and `prowlarr` containers. Ensure you open the ports through the the `gluetun` container. 190 | ```bash 191 | docker exec -it container_name bash 192 | wget -qO- https://ipinfo.io 193 | ``` 194 | ### Passing Through Containers 195 | When containers are in the same docker compose they all you need to add is a `network_mode: service:container_name` and open the ports through the the gluetun container. See example with a different torrent client below. 196 | ```yaml 197 | services: 198 | gluetun: 199 | image: qmcgaw/gluetun 200 | container_name: gluetun 201 | ... 202 | ports: 203 | - 8888:8112 # deluge web interface 204 | - 58846:58846 # deluge RPC 205 | deluge: 206 | image: linuxserver/deluge:latest 207 | container_name: deluge 208 | ... 209 | network_mode: service:gluetun 210 | ``` 211 | ### External Container to Gluetun 212 | Add the following when launching the container, provided Gluetun is already running on the same machine. 213 | ``` 214 | --network=container:gluetun 215 | ``` 216 | If the container is in another docker `compose.yaml`, assuming Gluetun is already running add the following network mode. Ensure you open the ports through the the gluetun container. 217 | ```yaml 218 | network_mode: "container:gluetun" 219 | ``` 220 | 221 | ### Gluetun Proxmox LXC Setup 222 | 223 | Errors like `cannot Unix Open TUN device file: operation not permitted` and `cannot create TUN device file node: operation not permitted` may happen if you're running this on LXC containers. 224 | 225 | Find your container number, for example mine is 101 226 | 227 | Edit `/etc/pve/lxc/101.conf` and add: 228 | ``` 229 | lxc.cgroup2.devices.allow: c 10:200 rwm 230 | lxc.mount.entry: /dev/net dev/net none bind,create=dir 231 | lxc.mount.entry: /dev/net/tun dev/net/tun none bind,create=file 232 | ``` 233 | Make sure you pass through the tun device (`/dev/net/tun:/dev/net/tun`) as shown in my compose file. 234 | 235 | ### Reduce Gluetun Ram Usage 236 | As mentioned in this [issue](https://github.com/TechHutTV/homelab/issues/12) there is a [feature request](https://github.com/qdm12/gluetun/issues/765#issuecomment-1019367595) on the Gluetun Github page to help reduce ram usage. Gluetun bundles a recursive caching DNS resolver called `unbound` for handling domain name requests securely. Over time the cache size, which rests in RAM, can balloon to gigabytes. 237 | 238 | You can do this by adding the following to your docker `compose.yaml` file under the `gluetun` environment variables. 239 | ```yaml 240 | gluetun: 241 | ... 242 | environment: 243 | - BLOCK_MALICIOUS=off # Disable unbound DNS resolver 244 | ``` 245 | This may not be an issue as [DNS over HTTPS in Go to replace Unbound](https://github.com/qdm12/gluetun/issues/137) is implemented, but it's worth the mention. 246 | 247 | ## Download Clients 248 | 249 | ### NZBGet 250 | 251 | #### NZBGet Login Credentials 252 | The default credentials for NZBGet are a username of `nzbget` and a password of `tegbzn6789`. It's strongly recommended to change these default credentials for security reasons. This can be done under _Settings > SECURITY_, then change the ControlUsername and ControlPassword. 253 | 254 | #### NZBGet Download Directories 255 | If following the `/data:/data` directory scheme and used the command to setup the download directories open the qBittorent Web UI and do under _Settings > PATHS_ and change the paths. 256 | 257 | _MainDir:_ `/data/downloads/nzbget` 258 | 259 | _DestDir:_ `${MainDir}/completed` 260 | 261 | _InterDir:_ `${MainDir}/intermediate` 262 | 263 | And keep everything else as is. 264 | 265 | #### Fix directory does not appear to exist inside the container error 266 | This error may appear within Sonarr and Radarr. Once NZBGet is setup go to settings and under **INCOMING NZBS** change the **AppendCategoryDir** to **No**. This will prevent some potential mapping issues and save on unnecessary directories. 267 | 268 | ### qBittorrent 269 | 270 | #### qBittorrent Login Credentials 271 | When you first launch qBittorrent it will generate a random password. To find this password you can view the logs to see what the password is. 272 | ```bash 273 | docker container logs qbittorrent 274 | ``` 275 | Now, go to your settings and setup a new username and password under _WebUI > Authentication_. 276 | 277 | #### Qbittorrent Download Directories 278 | If following the `/data:/data` directory scheme and used the command to setup the download directories open the qBittorent Web UI and do under _Settings > Downloads_ and change the paths. 279 | 280 | _Default Save Path:_ `/data/downloads/qbittorrent/completed` 281 | 282 | _Keep incomplete torrents in:_ `/data/downloads/qbittorrent/incomplete` 283 | 284 | _Copy .torrent files to:_ `/data/downloads/qbittorrent/torrents` 285 | 286 | #### qBittorrent Stalls with VPN Timeout 287 | qBittorrent stalls out if there is a timeout or any type of interruption on the VPN. This is good because it drops connection, but we need it to fire back up when the connection is restored without manually restarting the container. 288 | 289 | __Solution #1:__ Within the WebUI of qBittorrent head over to advanced options and select `tun0` as the networking interface. See image below for example. 290 | 291 | ![Set Network Interface to tun0](https://raw.githubusercontent.com/TechHutTV/homelab/refs/heads/main/media/images/qbittorrent_tun0.jpeg) 292 | 293 | Next, I added `HEALTH_VPN_DURATION_INITIAL=120s` to my gluetun environment variables as [per this issue](https://github.com/qdm12/gluetun/issues/1832). I updated my `compose.yaml` above with this variable so you may already have this enabled. You can learn more about this on their [wiki](https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md). If you continue to have issues continue to next solution. 294 | 295 | __Solution #2:__ Another solution, that can be used in conjunction with __Solution #1__ is using the [deunhealth](https://github.com/qdm12/deunhealth/tree/main) container to automatically restart qBittorrent when it gives an unhealthy status. We've added this to our `compose.yaml` for this stack. 296 | ```yaml 297 | deunhealth: 298 | image: qmcgaw/deunhealth 299 | container_name: deunhealth 300 | network_mode: "none" 301 | environment: 302 | - LOG_LEVEL=info 303 | - HEALTH_SERVER_ADDRESS=127.0.0.1:9999 304 | - TZ=America/Los_Angeles 305 | restart: always 306 | volumes: 307 | - /var/run/docker.sock:/var/run/docker.sock 308 | ``` 309 | 310 | Next we need to add a health check and label to our `qbittorrent` container. We add `deunhealth.restart.on.unhealthy=true` as a label and a simple ping health check as shown below. 311 | 312 | ```yaml 313 | qbittorrent: 314 | image: lscr.io/linuxserver/qbittorrent:latest 315 | container_name: qbittorrent 316 | restart: unless-stopped 317 | labels: 318 | deunhealth.restart.on.unhealthy=true # Label added for deunhealth monitoring 319 | ... 320 | ``` 321 | Relevant Resources: [DBTech video on deunhealth](https://www.youtube.com/watch?v=Oeo-mrtwRgE), [gluetun/issues/2442](https://github.com/qdm12/gluetun/issues/2442) and [gluetun/issues/1277](https://github.com/qdm12/gluetun/issues/1277#issuecomment-1352009151) 322 | 323 | ## *arr Apps 324 | 325 | When connecting your *arr applications be sure to use the new configured IP addresses in the `servarrnetwork`. We will soon update this section with more text documentation. 326 | -------------------------------------------------------------------------------- /proxy/README.md: -------------------------------------------------------------------------------- 1 | # External Proxy and Internal Top-Level Domains 2 | 3 | This is going to be an overview of my setup for connecting to specific services through a proxy and DDNS combo, local top-level domain names, and how I connect to the internal home network remotely with Twingate. 4 | 5 | This is done on Proxmox with an LXC running Ubuntu 22.04 and Docker. However, these steps will work with any Docker installation. If you want details on installing Docker and a brief overview of all the basics you need to know to get started checkout our [7 Docker Basics for Beginners](https://techhut.tv/7-docker-basics-for-beginners). 6 | 7 | ## Navigation 8 | * [Apps](https://github.com/TechHutTV/homelab/tree/main/apps) - List of all the apps and services. 9 | * [Home Assistant](https://github.com/TechHutTV/homelab/tree/main/homeassistant) - Smart home services and automation. 10 | * [Media Server](https://github.com/TechHutTV/homelab/tree/main/media) - Plex, Jellyfin, *arr stack, and more. 11 | * [Server Monitoring](https://github.com/TechHutTV/homelab/tree/main/monitoring) - Graphs and Visualizations for Unriad, Proxmox, and more. 12 | * [Surveillance System](https://github.com/TechHutTV/homelab/tree/main/surveillance) - Frigate NVR Solution with Coral TPU. 13 | * [Storage](https://github.com/TechHutTV/homelab/tree/main/storage) - Current Storage and Backup Solution. 14 | * [__Proxy Managment__](https://github.com/TechHutTV/homelab/tree/main/proxy) - NGINX Proxy Manager, DDNS with Cloudflare, Local Domains, and more. 15 | 16 | 17 | ## Installing NGINX Proxy Manager 18 | This is done with the [Docker Compose file](https://github.com/TechHutTV/homelab/blob/main/proxy/compose.yaml) within this repository. Do note, I made some customizations for how I specifically like to set it up. I've changed some of the external ports to access 80, 443, and the GUI for NGINX Proxy Manager as well as placing the storage within [volumes](https://docs.docker.com/engine/storage/volumes/). Please change these as needed or use the [official compose file](https://github.com/NginxProxyManager/nginx-proxy-manager) as seen below. Additionally, I've added the container [cloudflare-dynamic-dns](https://github.com/favonia/cloudflare-ddns) as my IP address changes randomly. If you don't have a dynamic IP address or don't have intention on exposing a service to the internet you can remove this container from the compose file. 19 | 20 | ### NGINX Proxy Manager Compose (customized) 21 | 22 | ``` 23 | services: 24 | proxy: 25 | image: 'jc21/nginx-proxy-manager:latest' 26 | container_name: nginx-proxy-manager 27 | restart: unless-stopped 28 | network_mode: host 29 | volumes: 30 | - proxy-data:/data 31 | - proxy-letsencrypt:/etc/letsencrypt 32 | healthcheck: 33 | test: ["CMD", "/usr/bin/check-health"] 34 | interval: 10s 35 | timeout: 3s 36 | volumes: 37 | proxy-data: 38 | proxy-letsencrypt: 39 | ``` 40 | 41 | This is setup as a host network to allow localhost and local networking connections without needing to add ports for all the services to the container. 42 | 43 | _Below is a basic compose template from NGINX if you don't want to use [mine](https://github.com/TechHutTV/homelab/blob/main/proxy/compose.yaml)._ 44 | 45 | #### Official Compose from NginxProxyManager/nginx-proxy-manager 46 | 47 | Checkout the [quick setup](https://github.com/NginxProxyManager/nginx-proxy-manager?tab=readme-ov-file#quick-setup) section in their official repo. 48 | 49 | ``` 50 | services: 51 | app: 52 | image: 'docker.io/jc21/nginx-proxy-manager:latest' 53 | restart: unless-stopped 54 | ports: 55 | - '80:80' 56 | - '81:81' 57 | - '443:443' 58 | volumes: 59 | - ./data:/data 60 | - ./letsencrypt:/etc/letsencrypt 61 | ``` 62 | 63 | Due note, as seen in my docker compose you'll need to either need to set the network mode to [host](https://stackoverflow.com/questions/42438381/docker-nginx-proxy-to-host#:~:text=Use%20network_mode%3A%20host%2C%20this%20will%20bind%20your%20nginx,every%20exposed%20port%20is%20binded%20to%20host%27s%20interface.) or [expose the specific ports](https://www.reddit.com/r/homelab/comments/1c38ize/nginx_proxy_manager_cant_route_to_different_port/#:~:text=Nginx%20Proxy%20Manager%20is%20in%20a%20docker%20container.) if running on bridge mode for servers that are running on your home network from a different machine. Also, be sure to check out their [Advanced Configuration](https://nginxproxymanager.com/advanced-config/) documents. 64 | 65 | #### If using bridge mode see the example below 66 | ``` 67 | proxy: 68 | ... 69 | network_mode: bridge 70 | ports: 71 | - 5080:80 72 | - 5443:443 73 | - 5000:81 74 | - 8096:8096 # add ports you want to expose that are not on your local server 75 | ... 76 | ``` 77 | 78 | 79 | ## Setup DDNS for and Cloudflare for Public Access 80 | 81 | ### Cloudflare Setup 82 | 1. Sign up for a Cloudflare account and use it to manage your domain using [this guide](https://developers.cloudflare.com/fundamentals/setup/manage-domains/add-site/). 83 | 2. Within Cloudflare [obtain your API token](https://developers.cloudflare.com/fundamentals/api/get-started/create-token/). _My Profile > API Tokens > Create Token > Edit Zone DNS > Include All Zones > Create Token > Save your Token_. We will be using this token in the cloudflare-ddns container configuration and when we generate SSL certificates. 84 | 85 | ### Port Forwarding 86 | This is different for every router so you may need to do additional research to do this on your specific hardware. I currently use the Omada stack for networking needs. Basically, it's like Ubiquiti but cheaper (you get what you pay for). 87 | 88 | Open the ports on your router for the 80 and 443 ports we set up in NGINX Proxy Manager. In my docker compose file I'm using the host networking mode so I'd open the ports 80 and 443 with the local IP of the machine that NGINX Proxy Manager is installed on. In my setup I needed to set the source port and destination port. See my example below. 89 | 90 |
91 | Source Port vs. Destination Port 92 |
93 | Source Port: 94 | This is the port on the device that is initiating the communication. For example, when your computer sends a request to a server, it uses a source port to identify itself. 95 |

96 | Destination Port: 97 | This is the port on the device that will receive the communication. For example, when you're connecting to a web server. The destination port is fixed for the service you're trying to reach and tells the receiving device what service or application should handle the incoming data. 98 |
99 | 100 | ![Omada Port Forwarding](https://github.com/TechHutTV/homelab/blob/main/proxy/images/odama-port-forwarding-443.jpeg) 101 | 102 | If using bridge mode with custom ports, for example 5080 and 5443 as shown in the example. I'd set the destination port to 5443 and the source port to 443 for https. 103 | 104 | ### Dynamic DNS 105 | 1. Within Cloudflare use an A record to create the root domain and/or sub-domains you wish to point to specific services within your home network. For the IPv4 address we will have our DDNS container handle that. I recommend adding a random IP now (ie. 8.8.8.8) so in the next step we can verify that it will update automatically to our public IP. Be sure to keep the 'Proxy status' option enabled. 106 | 2. If you need to use DDNS, edit your Docker Compose file, add your API, and domain names including subdomains you want to set up for external access. When the container runs ensure there are no errors and the public IP in Cloudflare is updated to your actual IP. 107 | 108 | Below is the compose template for the cloudflare-dynamic-dns container. You can use it as I have it within my compose file or set it up separately. 109 | 110 | ``` 111 | services: 112 | ddns: 113 | image: favonia/cloudflare-ddns:latest 114 | container_name: cloudflare-ddns 115 | # network_mode: host # This bypasses network isolation and makes IPv6 easier (optional; see below) 116 | restart: always 117 | user: "1000:1000" # Run the updater with specific user and group IDs (in that order). 118 | read_only: true # Make the container filesystem read-only (optional but recommended) 119 | cap_drop: [all] # Drop all Linux capabilities (optional but recommended) 120 | security_opt: [no-new-privileges:true] # Another protection to restrict superuser privileges (optional but recommended) 121 | environment: 122 | - CLOUDFLARE_API_TOKEN=KEY 123 | - DOMAINS=example.com,jellyfin.example.com 124 | - PROXIED=true 125 | - IP6_PROVIDER=none 126 | ``` 127 | 128 | ### Generate SSL Certificates and Add Hosts 129 | 1. Now head over to NGINX Proxy Manager and create your SSL certificates. You navigate to _SSL Certificates > Add SSL Certifcate_. Type in your domain name and then enable 'Use a DNS Challenge'. Select Cloudflare and paste in the API we saved from earlier. 130 | 2. Now in NGINX Proxy Manager navigate to _Hosts > Add Proxy Host_. Add the domain name for the service (ie. nextcloud.example.com) and select http (this may vary on if the service is running on https locally) then add the local IP and port for the service you want forwarded to the domain. 131 | * Depending on the service you may need to enable _Websockets Support_, but I always select _Block Common Exploits_. 132 | * Navigate the the SSL tab and select your SSL Certificate and enable _Force SSL_. **See known issues below.** 133 | * Depending on the service you may need to make changes to the settings in the specific service, such as allowing proxies and add some advanced configuration, for example Jellyfin requires some additional configuration. 134 | * Jellyfin requires you to add the approved proxy ip for the local NGINX Proxy Manager Machine. [source](https://jellyfin.org/docs/general/networking/#:~:text=SERVER_IP_ADDRESS) 135 | * Jellyfin has additional configurations for the advanced tab in proxy host settings. [source](https://jellyfin.org/docs/general/networking/nginx/#nginx-proxy-manager) 136 | 137 | #### Known Issues and Tips 138 | * **Too Many Redirects:** Force SSL may not work with CloudFlare proxying. [issue](https://github.com/NginxProxyManager/nginx-proxy-manager/issues/852) 139 | * **Disable Cloudflare Proxy on Streaming:** Jellyfin, Plex and other streaming services are not allowed to use Proxy on the free plan. Doing this technically [breaks their TOS](https://www.cloudflare.com/service-specific-terms-application-services/#content-delivery-network-terms) and may result in your account getting banned. Just to be safe I used a subdomain for my Jellyfin instance as a separate A-Record and disabled the Cloudflare Proxy. 140 | 141 | ![Disable Cloudflare Proxy for Media Streaming](https://github.com/TechHutTV/homelab/blob/main/proxy/images/disable-proxy-media-streaming.png) 142 | 143 | --- 144 | 145 | # Local Top-Level Domains and Twingate 146 | 147 | Within this section we will use our NGINX Proxy Manager setup and our domain registrar directly to create a proxy host scheme for local access only. This will also allow us to use letsencrypt to generate SSL certificates for our local network. This will eliminate that horrible _this site is not secure_ message on our services! Also, we will be setting up Twingate (a channel sponsor) to enable a zero trust network for remote access to those services we don't want to expose publically. 148 | 149 | ## Setup a Top-Level Domain for Local Use 150 | 151 | ### Local IP on Registar 152 | Assign a local IP scheme in the domain registration website. The local IP you will use is the same as the machine running NGINX Proxy Manager. (ie. 10.0.0.60). You'll want to assign this to the A-Record for the main domain and create a CNAME Record as a wildcard (*) pointing to the main domain name. Due note, this may take some time, it took about 15 minutes for the record to update for me. If you're using Cloudflare make sure you disable their proxy service. 153 | 154 | ![Record for Local Top-Level Domain](https://github.com/TechHutTV/homelab/blob/main/proxy/images/local-ip-wildcard.png) 155 | 156 | While you're on Cloudflare or the registar find your API key. You'll need this for generating SSL certificates in the DNS challenges option. Many providers are supported and you can see a [full list here](https://community.letsencrypt.org/t/dns-providers-who-easily-integrate-with-lets-encrypt-dns-validation/86438). 157 | 158 | ### Adding Proxy Hosts 159 | This will mirror the steps above, with some slight differences. In NGINX Proxy Manager navigate to _Hosts > Add Proxy Host_. Add the domain name for the service (ie. example.com) and select http (this may vary depending on if the service is running on https locally) then add the local IP and port for the service you want forwarded to that domain. If you want to test everything check below. 160 | 161 | #### Testing 162 | There is a simple container we can use to test our domain with the local IP. In the terminal run the docker command below on the same machine that is running your Proxy Manager. This is also available as docker compose in the compose.yaml file in this repository. 163 | 164 | ``` 165 | docker run -p 8888:80/tcp "karthequian/helloworld:latest" 166 | ``` 167 | 168 | Add a subdomain (hello.example.com) in proxy hosts with the IP running this helloworld container and the port _8888_. Set it to http only with no SSL since we have not set that up yet. 169 | 1. Navigate to example.com:8888 to test if the A-Record and CNAME is working properly. 170 | 2. Navigate to hello.example.com to test if the reverse proxy is working. 171 | 172 | ### Generate Let's Encrypt Certificates 173 | Navigate to _SSL Certificates > Add SSL Certifcate_. Type in your root domain name (example.com) click add then input the wildcare domain (*.example.com) and then enable 'Use a DNS Challenge'. Select your registar and paste in the API we saved from eariler. If you run into error make sure that your API key is correct, whitelist your public IP with you registar if needed, or try increasing the _Propagation Seconds_ to 120 seconds. 174 | 175 | #### Testing 176 | With the helloworld container still running, head over to _Proxy Hosts_ and edit the hello.example.com host. In the SSL tab add _*.example.com_ under the SSL Certificate and enable _Force SSL_. Navigate to hello.example.com to ensure that the connection is automatically redirected to https. 177 | 178 | #### Known Issues and Tips 179 | * **Namecheap API Whitelist:** Namecheap isn't really the best for this if you have a Dynamic IP. Whenever I want to update my certificates I need to whitelist my public IP so it can use their API. I will be switching to using Cloudflare for this going forward. 180 | 181 | ## Setup Twingate for remote connections 182 | **Notice: Twingate is a channel sponsor, thus this is a bias disclosure.** Twingate uses cloud based software for managing networks, resources, and users. Some users prefer to self-host every aspect of this, if that's you look into something like [Netbird](https://github.com/netbirdio/netbird). For myself, Twingate has been awesome; easy to use and [others rate it well](https://www.reddit.com/r/twingate/comments/1awg76l/how_safe_is_twingate/). 183 | 184 | After [creating an account on Twingate](https://bit.ly/feb24-twingate) and setting up [your first network](https://www.twingate.com/docs/quick-start) we need to set up a connector. Within my docker compose file I have the twingate-connector service ready to deploy with the entire stack. Here is what this service looks like. 185 | 186 | ``` 187 | services: 188 | twingate_connector: 189 | container_name: twingate_connector 190 | restart: always 191 | image: "twingate/connector:latest" 192 | environment: 193 | - TWINGATE_NETWORK= 194 | - TWINGATE_ACCESS_TOKEN= 195 | - TWINGATE_REFRESH_TOKEN= 196 | ``` 197 | When you create your connector in the Twingate dashboard you'll generate some tokens. Enter them in the environmental variables and launch the stack. Verify a connection under networks in Twingate. 198 | 199 | Next, create a new resource with the IP of your proxy manager and add the local root domain as an alias. Once created you should be able to have access to the local domain we created earlier including sub-domains. See the image before for an example. 200 | 201 | ![Adding an Alias in Twingate](https://github.com/TechHutTV/homelab/blob/main/proxy/images/twingate-alias.jpeg) 202 | 203 | # Additional Resources 204 | 205 | | Additional Security Steps | Twingate Guide | 206 | | ------------- | ------------- | 207 | | [![Twingate Guide](https://github.com/TechHutTV/homelab/blob/main/proxy/images/technotim-security-guide.jpg)](https://www.youtube.com/watch?v=Cs8yOmTJNYQ "DITCH your VPN! - How I Access my Home Server from ANYWHERE @TechHut") | [![Additional Security Steps](https://github.com/TechHutTV/homelab/blob/main/proxy/images/twingate-techhut.jpg)](https://youtu.be/yaw2A3DG664 "Self-Hosting Security Guide for your HomeLab @TechnoTim") | 208 | 209 | 210 | ## Setup Netbird for remote connections (work in progress) 211 | NetBird is an open source platform responsible for handling peer-to-peer connections, tunneling, authentication, and network management. While Netbird has a wonderful option to [fully self host](https://docs.netbird.io/selfhosted/self-hosted-vs-cloud-netbird), I opt for their free teir so I don't need to worry about having my own instance in my home or in a VPS. NetBird uses WireGuard’s lightweight encryption to establish direct, encrypted tunnels between devices or “peers" automatically. It eliminates manual configuration by handling tasks like IP assignment, NAT traversal, and firewall negotiation through built-in signaling servers. Plus you can setup various single sign on services and multi-factor authentication for added security. If you're interested in learning more about the technology used and how it works checkout [their docs](https://docs.netbird.io/about-netbird/how-netbird-works). 212 | 213 | (image here) 214 | 215 | ### Self Hosting Netbird Managment (skip if using their platform) 216 | wip 217 | 218 | ### Mangment Setup 219 | If you're not using the self-hosted instance 220 | Obtain your [security key](https://docs.netbird.io/how-to/register-machines-using-setup-keys). 221 | 222 | ### Setup 223 | 224 | There are two ways you can go about setting this up. First is a Full Peer-to-Peer (P2P) Mesh Network. For this, NetBird is installed on every device. It enables a full mesh network, allowing direct, secure connections between all peers. Or you can enable Remote Network Access because sometimes, it’s not feasible or necessary to install NetBird on every device. You probably can’t install Netbird on all your printers and IoT devices. This is what I'm going to do for my main network, you can set up a NetBird-enabled connector on something like a Raspberry Pi, Proxmox LXC, or whatever you’d like. This acts as a bridge, allowing other devices in the network to securely access devices on your network that you allow it to. 225 | 226 | #### Installing on Linux 227 | Installing on Linux is simple with a single line command. You can install this directly on any Linux system such as the Proxmox host system, an LXC container, and so on. 228 | ``` 229 | curl -fsSL https://pkgs.netbird.io/install.sh | sh 230 | ``` 231 | Now connect it using the setup key from the managment dashboard. 232 | ``` 233 | netbird up --setup-key 234 | ``` 235 | If you're self hosting you will need to specificy the URL that your instance is hosted on, for example, `netbird up --setup-key --management-url http://10.0.0.102:33073`. 236 | 237 | #### Install on Docker 238 | If you want to spin up a docker container or run Netbird in a docker stack checkout the following docker compose.yaml. 239 | ``` 240 | #Untested 241 | services: 242 | netbird: 243 | container_name: netbird-client 244 | hostname: PEER_NAM 245 | cap_add: 246 | - NET_ADMIN 247 | - SYS_ADMIN 248 | - SYS_RESOURCE 249 | network_mode: host 250 | privileged: true 251 | environment: 252 | # - NB_SETUP_KEY=SETUP 253 | # - NB_FOREGROUND_MODE=true 254 | # - NB_MANAGEMENT_URL=netbird.mydomain.net # Needed if self-hosting 255 | volumes: 256 | - netbird-client:/etc/netbird 257 | image: netbirdio/netbird:lastest 258 | volumes: 259 | netbird-client: 260 | name: netbird-client 261 | ``` 262 | -------------------------------------------------------------------------------- /apps/README.md: -------------------------------------------------------------------------------- 1 | **This is a work in progress.** 2 | 3 | # Awesome Homelab 4 | 5 | This page in the homelab repository is a way to feature all of the apps that I have running! While the purpose of the directory is to give a home of all the apps that don't need their own guides and resources, it will still feature everything I run on my machines. Formatting of the readme inspired by [awesome-selfhosted](https://github.com/awesome-selfhosted/awesome-selfhosted). 6 | 7 | ## Navigation 8 | * [__Apps__](https://github.com/TechHutTV/homelab/tree/main/apps) - List of all the apps and services. 9 | * [Home Assistant](https://github.com/TechHutTV/homelab/tree/main/homeassistant) - Smart home services and automation. 10 | * [Media Server](https://github.com/TechHutTV/homelab/tree/main/media) - Plex, Jellyfin, *arr stack, and more. 11 | * [Server Monitoring](https://github.com/TechHutTV/homelab/tree/main/monitoring) - Graphs and Visualizations for Unraid, Proxmox, and more. 12 | * [Surveillance System](https://github.com/TechHutTV/homelab/tree/main/surveillance) - Frigate NVR Solution with Coral TPU. 13 | * [Storage](https://github.com/TechHutTV/homelab/tree/main/storage) - Current Storage and Backup Solution. 14 | * [Proxy Management](https://github.com/TechHutTV/homelab/tree/main/proxy) - NGINX Proxy Manager, DDNS with Cloudflare, Local Domains, and more. 15 | 16 | 17 | In my network I also have two Raspberry Pis. One of them is a Pi 5 with a PoE HAT and that is responsible for a Twingate connector and updating my IP address on Cloudflare. The other is hooked up to a 3D printer running Octoprint. 18 | 19 | ## Dashboards 20 | 21 | Dashboards are used to create a simple webpage with links to all the services, websites, or really anything you care about. What makes each dashboard special and unique is the features they come with. Many can act as monitoring tools, have widgets to get more details from services, weather, and more. 22 | 23 | ### Glance 24 | 25 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/01_glance-dashboard.png) 26 | 27 | This dashboard is a new addition for me, it’s not the most feature rich of the options out there, but for me it’s simplistic and default look and feel is what stands out to me. You can use it to monitor and link to all your applications, like most tools in this category, but it also is great for monitoring various feeds, websites, and a customizable RSS feed. I use the tool as a start page for my web browser and it gives a quick and simple _glance_ of everything that I care about. One of the best things about it, in my opinion, is that everything is customized and configured in a simple yaml file. 28 | 29 | **Resources:** [Video](https://youtu.be/QGONe-NTWuI) | [Github](https://github.com/glanceapp/glance) 30 | 31 | ### Homarr 32 | 33 | I’m not using this one at the moment, but it’s currently a VERY CLOSE second for me. This one is more feature rich than Glance as it has much more widgets and is customizable through the graphical interface of the application. Homarr has its main focus in the name and that is a deep integration with the \*arr stack of applications. This dashboard, like Glance, can be used to monitor the up status of your applications, but it also integrates easily with Docker, Proxmox and other platforms. 34 | 35 | **Resources:** [Video](https://youtu.be/A6vcTIzp_Ww) | [Github](https://github.com/homarr-labs/homarr) | [Website](https://homarr.dev/) 36 | 37 | ## Tools and Utilities 38 | 39 | ### File Browser 40 | 41 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/02_file-browser.png) 42 | 43 | This is another new addition, while not great for moving or copying large amounts of data, it has helped me significantly jumping though my rather large media server. Features rather simple and straight forward file management features, as described on their official website; “File Browser is a **create-your-own-cloud-kind** of software where you can install it on a server, direct it to a path and then access your files through a nice web interface. You have many available features!” 44 | 45 | **Resources:** [Github](https://github.com/filebrowser/filebrowser) | [Website](https://filebrowser.org/) 46 | 47 | ### Vaultwarden 48 | 49 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/03_vaultwarden-password-manager.png) 50 | 51 | After being suggested this for YEARS I finally bit the bullet and have a self-hosted password vault. It’s fully compatible with Bitwardens extensions and applications, this allows me to keep all my passwords, emails, and payment information in one place. 52 | 53 | **Resources:** [Github](https://github.com/dani-garcia/vaultwarden) 54 | 55 | ### Hoarder 56 | 57 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/04_hoarder-bookmark-manager.png) 58 | 59 | My video covering Hoarder may have turned into an unfortunate story of drama, that’s not to take away from how awesome this tool actually is. I think of it as a dumping ground for anything I come across that is slightly interesting. This is a self-hostable bookmark-everything app with a touch of AI for the data hoarders out there. Some of the features include the ability to take simple notes and store images and pdfs, automatic fetching for link titles, descriptions and images, sorting tools, and full text search of all the content stored. 60 | 61 | **Resources:** [Video](https://youtu.be/TDWombBvK8c) | [Github](https://github.com/hoarder-app/hoarder) | [Website](https://hoarder.app/) 62 | 63 | ### Portainer 64 | 65 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/05_portainer-docker-manager.png) 66 | 67 | I’ll admit, I do have plans to slowly remove Portainer from my home server. I’ve gotten comfortable enough with using docker compose and other Docker features in the command line that it almost slows me down. With that said Portainer is a GREAT tool for managing Docker stacks, containers, and other instances on other machines. 68 | 69 | **Resources:** [Video](https://www.youtube.com/watch?v=olUD_F37n0E) | [Github](https://github.com/portainer/portainer) | [Website](https://docs.portainer.io/start/install-ce) 70 | 71 | ### Cockpit 72 | 73 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/06_cockpit-server-tool.png) 74 | 75 | Cockpit is one of the best tools that you can use to give your server a nice web interface to monitor and manage. Their website says; “See your server in a web browser and perform system tasks with a mouse. It’s easy to start containers, administer storage, configure networks, and inspect logs. Basically, you can think of Cockpit like a graphical “desktop interface”, but for individual servers.” 76 | 77 | I was using this in a centralized LXC for managing shares and using various extensions to give cockpit even more features. After a very recent change in my home server setup I have yet to install it on anything, but I’m leaving it here on this list as it is an amazing tool. 78 | 79 | **Resources:** [Video](https://youtu.be/zLFB6ulC0Fg?si=9eFVzVcAebZUTgFi&t=1072) | [Github](https://github.com/cockpit-project/cockpit) | [Website](https://cockpit-project.org/) 80 | 81 | ### Octoprint 82 | 83 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/07_octoprint-3d-printing.png) 84 | 85 | Octoprint is another great tool that has actually helped me increase the use of my 3D printer. I have this software setup on a Raspberry Pi 4 plugged directly into the printer. Essentially turning my dumb 3D printer smart. This allows control of all aspects of 3D printing including, uploading gcodes, printing, monitoring, and much more. Setting up camera monitoring and video recording is as simple as plugging in a webcam. 86 | 87 | **Resources:** [Github](https://github.com/OctoPrint/OctoPrint) | [Website](https://octoprint.org/) 88 | 89 | ## Media Server 90 | 91 | ### Jellyfin 92 | 93 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/08_jellyfin-media-server.png) 94 | 95 | Jellyfin is by far the best free and open source media server on the market right now. It has all the features you’d expect without any paywalls. This includes streaming to a wide variety of platforms. I currently run Jellyfin as a backup to Plex as that is currently my preferred platform. See the video above for much more information. 96 | 97 | **Resources:** [Video](https://www.youtube.com/watch?v=eJvQKLVrmU8) | [Github](https://github.com/jellyfin/jellyfin) | [Website](https://jellyfin.org/) 98 | 99 | ### Plex 100 | 101 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/09_plex-media-server.png) 102 | 103 | Plex is my main media streaming platform. I have quite a few family members using it and Plex has support for more platforms and easier login capabilities. I’ve also recently setup a TV tuner and it has been working great. Another reason why I use Plex is the support for 3rd party tools such as Tautulli that we will get into below. 104 | 105 | **Resources:** [Video](https://youtu.be/lXcfKTNObOo) | [Github](https://github.com/plexinc) | [Website](https://www.plex.tv/) 106 | 107 | ### Tautulli 108 | 109 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/10_tautulli-plex-stats.png) 110 | 111 | While Plex does have some statistics and logs to see what’s going on, it is nothing compared to what we get from Tautulli. From their website; “Tautulli is a 3rd party application that you can run alongside your Plex Media Server to monitor activity and track various statistics. Most importantly, these statistics include what has been watched, who watched it, when and where they watched it, and how it was watched.” This data is very helpful when I clean up and remove some media from the server. One of my favorite features of all this is the newsletter option that you can setup giving the users an overview of new media that has been added to the server. 112 | 113 | **Resources:** [Github](https://github.com/Tautulli/Tautulli) | [Website](https://tautulli.com/) 114 | 115 | ## Media Management 116 | 117 | Many of the applications below act in similar function with a slightly different goal or media type so the descriptions will be brief. With that these tools are by far some of my favorites in my home server. 118 | 119 | ### Overseerr 120 | 121 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/11_overseerr-media-requests.png) 122 | 123 | Overseerr is an amazing tool for discovering new movies and shows as well as having Plex users request media they want to see. Overseerr integrates really well into Plex and some of the other services in this category. It can see what is already in your media library and if a request is made it can automatically add that entry to Radarr or Sonarr. I particularly like it because of the discover functionality, you can filter movies and shows by what streaming service they’re on, rating, and more. 124 | 125 | **Resources:** [Github](https://github.com/sct/overseerr) | [Website](https://overseerr.dev/) 126 | 127 | ### Radarr 128 | 129 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/12_radarr-movie-management.png) 130 | 131 | Radarr is a media organization tool for movies. This allows you to scan your library to see everything you have. Manage file names, see the media quality, and even search indexers for media. From their wiki; “Radarr is a movie collection manager for Usenet and BitTorrent users. It can monitor multiple RSS feeds for new movies and will interface with clients and indexers to grab, sort, and rename them. It can also be configured to automatically upgrade the quality of existing files in the library when a better quality format becomes available.” 132 | 133 | **Resources:** [Wiki](https://wiki.servarr.com/radarr) | [Github](https://github.com/Radarr/Radarr) | [Website](https://radarr.video/) 134 | 135 | ### Sonarr 136 | 137 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/13_sonarr-shows-management.png) 138 | 139 | This does all the same things as Radarr but with TV shows and series. It uses TVDB to see if you’re missing any episodes and even specials. From their wiki; “Sonarr is a PVR for Usenet and BitTorrent users. It can monitor multiple RSS feeds for new episodes of your favorite shows and will grab, sort and rename them. It can also be configured to automatically upgrade the quality of files already downloaded when a better quality format becomes available.” 140 | 141 | **Resources:** [Wiki](https://wiki.servarr.com/sonarr) | [Github](https://github.com/Sonarr/Sonarr) | [Website](https://sonarr.tv/) 142 | 143 | ### Lidarr 144 | 145 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/14_lidarr-music-management.png) 146 | 147 | This acts the same as Radarr and Sonarr, but for music. From their wiki; “Lidarr is a music collection manager for Usenet and BitTorrent users. It can monitor multiple RSS feeds for new tracks from your favorite artists and will grab, sort and rename them. It can also be configured to automatically upgrade the quality of files already downloaded when a better quality format becomes available.” 148 | 149 | **Resources:** [Wiki](https://wiki.servarr.com/lidarr) | [Github](https://github.com/Lidarr/Lidarr) | [Website](https://lidarr.audio/) 150 | 151 | ### Bazarr 152 | 153 | This also acts similar to the other \*arr application, but with a focus on subtitles. From the Bazarr site; “Bazarr is a companion application to Sonarr and Radarr that manages and downloads subtitles based on your requirements. \[With manual search to\] find all the matching subtitles, choose the one you want and download it to your media directory with the proper name to be used by your media player.” 154 | 155 | **Resources:** [Wiki]() | [Github](https://github.com/morpheus65535/bazarr) | [Website](https://www.bazarr.media/) 156 | 157 | ### Prowlarr 158 | 159 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/15_prowlarr-index-manager.png) 160 | 161 | Without using Prowlarr you’d need to manually setup your trackers and indexers in each application. This allows a centralized place to manage that aspect of these tools if you’re using it in this way. From their wiki; “Prowlarr is an indexer manager/proxy built on the popular arr .net/reactjs base stack to integrate with your various PVR apps. Prowlarr supports management of both Torrent Trackers and Usenet Indexers. It integrates seamlessly with [LazyLibrarian](https://lazylibrarian.gitlab.io/), [Lidarr](https://wiki.servarr.com/lidarr), [Mylar3](https://github.com/mylar3/mylar3), [Radarr](https://wiki.servarr.com/radarr), [Readarr](https://wiki.servarr.com/readarr), and [Sonarr](https://wiki.servarr.com/sonarr) offering complete management of your indexers with no per app Indexer setup required (we do it all).” 162 | 163 | **Resources:** [Wiki](https://wiki.servarr.com/prowlarr) | [Github](https://github.com/Prowlarr/Prowlarr) | [Website](https://prowlarr.com/) 164 | 165 | ## Download Clients 166 | 167 | I highly recommend using a VPN for downloading things. Especially when using peer-to-peer downloaders. Using a VPN will keep your public IP address hidden. I have tried a few VPN services and so far my favorite is [AirVPN](https://airvpn.org/?referred_by=673908), they're not a sponsor, but that is a affiliate link. 168 | 169 | [![](https://github.com/TechHutTV/homelab/blob/main/apps/images/airvpn.png)](https://airvpn.org/?referred_by=673908) 170 | 171 | ### qBittorrent 172 | 173 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/16_qbittorrent-peer-client.png) 174 | 175 | This is a web version of the popular qBittorrent peer-to-peer file sharing client. Overall its clean, simple, and has a fair bit of features. Works well with AirVPN (my favorite VPN service) and integrates well with various \*arr applications. 176 | 177 | **Resources:** [Github](https://github.com/qbittorrent/qBittorrent) | [Website](https://www.qbittorrent.org/) 178 | 179 | ### NZBGet 180 | 181 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/17_nzbget-newsletter-client.png) 182 | 183 | This is a Usenet client written in C++. It works very well and out of any that I’ve used it seems to give the least amount of issues. This can pull files, fix them in some cases if the health is low, rename and move files. 184 | 185 | https://nzbget.net/ 186 | **Resources:** [Github](https://github.com/nzbgetcom/nzbget) | [Website](https://radarr.video/) 187 | 188 | 189 | ## Files and Images 190 | 191 | ### Nextcloud 192 | 193 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/18_nextcloud-cloud.png) 194 | 195 | Nextcloud is the best in the game for replacing cloud services like Google Drive, Onedrive, and so on. Not only can it act as a great on-premise cloud, but there are many other add-ons and features that it offers. This includes a complete groupware suite, collaborative document editing, tasks, and much more. 196 | 197 | **Resources:** [Video](https://www.youtube.com/watch?v=Nh2-LjIymmQ) | [Github](https://github.com/nextcloud) | [Website](https://nextcloud.com/) 198 | 199 | ### Immich 200 | 201 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/19_immich-photo-backup.png) 202 | 203 | This is arguably the most important application that I am running. This is what I’ve used to completely replace Google Photos. Myself and a few of my family members use this as their primary Photo backup solution. It has a mobile app that supports easy backups and some other key features include facial recognition and a location map of your photos. From their website; “Easily back up, organize, and manage your photos on your own server. Immich helps you browse, search and organize your photos and videos with ease, without sacrificing your privacy.” 204 | 205 | **Resources:** [Video](https://www.youtube.com/watch?v=s1ufPvO0BVE) | [Github](https://github.com/immich-app/immich) | [Website](https://immich.app/) 206 | 207 | ### Docmost 208 | 209 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/20_docmost-personal-wiki.png) 210 | 211 | This is a new addition and it’s actually how I’m initially drafting this entire article. In my hunt to replace Notion I’ve started using this. While I’m still on a hunt for a more one-to-one replacement this is doing the trick for now. This tool is used to manage your own personal wiki, knowledge base, and notes. The UI is clean, elegant, and simple. 212 | 213 | **Resources:** [Github](https://github.com/docmost/docmost) | [Website](https://docmost.com/) 214 | 215 | ## Smart Home and Automation 216 | 217 | ### Home Assistant 218 | 219 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/21_home-assistant-smart.png) 220 | 221 | Home Assistant is a great tool that allows the connection of many devices in your smart home and integrate them together with a variety blueprints, automatons, and more. You can create custom dashboards, use their mobile app, and so much more I can’t even properly describe here how much this tool is capable of. 222 | 223 | https://www.home-assistant.io/ 224 | **Resources:** [Video](https://www.youtube.com/watch?v=Y8xY4keybnw) | [Github](https://github.com/plexinc) | [Website](https://www.plex.tv/) 225 | 226 | ### Frigate 227 | 228 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/22_frigate-nvr.png) 229 | 230 | Frigate is the best open source, self-hosted NVR option that I can find. For a while I was using Blue Iris, but I HATE that you have to use Windows. This tool shines with you hook it up with a Coral TPU for AI object detection. The interface is wonderful and it supports most of what you’d expect of an NVR. Granted depending on your cameras it may be difficult to configure and use all the features a camera may support, for example, two way audio. 231 | 232 | **Resources:** [Video](https://youtu.be/NzbghOfRx3k?si=HY7aHdCbqz1X5ONe) | [Github](https://github.com/blakeblackshear/frigate) | [Website](https://frigate.video/) 233 | 234 | ### Zigbee2MQTT 235 | 236 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/23_zigbee2mqtt-smart-devices.png) 237 | 238 | I was originally using this with Home Assistant as an add-on, but I’ve noticed it to be way more reliable if it is separated out. Zigbee2MQTT supports various Zigbee adapters and a bunch of devices. 239 | 240 | **Resources:** [Github](https://github.com/Koenkk/zigbee2mqtt) | [Website](https://www.zigbee2mqtt.io/) 241 | 242 | ## DNS and Remote Connections 243 | 244 | ### Pi-Hole 245 | 246 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/24_pi-hole-dns-sinkhole.png) 247 | 248 | By far the most popular “DNS Sinkhole” a Domain Name Service that blocks certain DNS inquiries. In the case of Pi-Hole it uses black lists full of domains associated with advertisements and tracking. For example, one of the most blocked domain on my server is [s2s.mparticle.com](https://www.mparticle.com/about-us/) a data collection firm. And with Pi-Hole I can investigate and figure out why this data collection company is being reached out to so much. This is in addition to the main use case of simple ad blocking. Pi-Hole has many other features I’ve yet to dive into, but it’s a wonderful tool that is worth trying out of anyone. 249 | 250 | **Resources:** [Video](https://www.youtube.com/watch?v=xtMFcVx3cHU) | [Github](https://github.com/pi-hole/pi-hole) | [Website](https://pi-hole.net/) 251 | 252 | ### NGINX Proxy Manager 253 | 254 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/25_nginx-proxy-manager.png) 255 | 256 | NGINX Proxy Manager is a simple web based proxy manager for setting up and forwarding domain names to your services and generating SSL certifications. I use this for both local top level domains and exposing a few select services to the public internet. 257 | 258 | **Resources:** [Video](https://youtu.be/79e6KBYcVmQ?si=1h1daKy-0fZeiBtI) | [Github](https://github.com/NginxProxyManager/nginx-proxy-manager) | [Website](https://nginxproxymanager.com/) 259 | 260 | ### Twingate 261 | 262 | Full disclosure, Twingate is one of the channel sponsors. This is a VPN alternative for remotely connecting to your home server. It works by spinning up a smaller connector on your local network, then you use a client to establish a secure peer-to-peer connection. All this is managed and verified through the Twingate cloud platform. Something I started using recently is the Twingate service API to connect with a headless client. Connecting to one headless service to another. 263 | 264 | **Resources:** [Video](https://www.youtube.com/watch?v=yaw2A3DG664) | [Website](https://www.twingate.com/onboarding?utm_source=youtube&utm_medium=referral&utm_campaign=techhut-q1-25 ) 265 | 266 | ### Cloudflare DDNS 267 | 268 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/26_cloudflare-ddns.png) 269 | 270 | This is a very simple docker container used to update your public IP address within the Cloudflare A records using their API. I need to use this because my public IP is dynamic, meaning it will randomly and automatically change every few weeks or sometimes every few days. From their Github it’s; “A feature-rich and robust Cloudflare DDNS updater with a small footprint. The program will detect your machine’s public IP addresses and update DNS records using the Cloudflare API.” 271 | 272 | **Resources:** [Video](https://youtu.be/79e6KBYcVmQ?si=1h1daKy-0fZeiBtI) | [Github](https://github.com/favonia/cloudflare-ddns) 273 | 274 | ## Data and Metrics 275 | 276 | ### Grafana 277 | 278 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/27_grafana-dashboards.png) 279 | 280 | Grafana is a BEAUTIFUL dashboard tool that can translate various databases into stunning graphs, charts, and presentation. There is a huge amount of integrations and custom dashboard that many people create for their specific use cases. You can easily add a connection and import a dashboard to display the data. The most popular is for the Node Exporter that you can see above. 281 | 282 | **Resources:** [Video](https://www.youtube.com/watch?v=vffhtqK3ZU) | [Github](https://github.com/grafana/grafana) | [Website](https://grafana.com/) 283 | 284 | ### TeslaMate 285 | 286 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/28_teslamate-grafana.png) 287 | 288 | TeslaMate is a tool that uses the Tesla API to gather every possible data point about the car. This includes trips, mileage, battery, elevation, and much more. This is a stack that includes Teslamate itself, a database, Grafana, and a few others. 289 | 290 | **Resources:** [Github](https://github.com/teslamate-org/teslamate) | [Website](https://docs.teslamate.org) 291 | 292 | ### InfluxDB2 293 | 294 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/29_influxdb2-data-explorer.png) 295 | 296 | InfluxDB is described as; “Purpose-built database for all types of time series data at any scale.” This database tool has its own way to turn data into charts and graphs, but I’m primarily using it for helpful data from my Proxmox server and pulling that data to Grafana dashboards. 297 | 298 | **Resources:** [Video](https://www.youtube.com/watch?v=vffhtqK3ZU) | [Github](https://github.com/influxdata/influxdb) | [Website](https://www.influxdata.com/) 299 | 300 | ### Prometheus (with Node Exporter) 301 | 302 | ![](https://github.com/TechHutTV/homelab/blob/main/apps/images/30_proetheus-query-execute.png) 303 | 304 | Like InfluxDB this is a data collection tool for monitoring and data analytics. This one this the most popular of what I’m using so there are a ton of different integrations and dashboards to pick from. The most popular and probably the easiest to setup is the Node Exporter, I have this installed and two Raspberry Pi systems for monitoring. 305 | 306 | **Resources:** [Video](https://www.youtube.com/watch?v=vffhtqK3ZU) | [Github](https://github.com/prometheus/prometheus) | [Website](https://prometheus.io/) 307 | 308 | **Warning!** This 'Alternatives and Extras' section is actively being worked on. 309 | 310 | ### Alternatives and Extras 311 | Dashboards 312 | - (alt to Glance/Homarr) 313 | 314 | Tools and Utilities 315 | - (alt to File Browser) 316 | - (alt to Vaultwarden) 317 | - (alt to Hoarder) 318 | - (alt to Portainer) 319 | - (alt to Cockpit) 320 | - (alt to Octoprint) 321 | 322 | Media Server 323 | - (alt to Jellyfin/Plex) 324 | - (alt to Tautulli) 325 | 326 | Media Management 327 | - (alt to Overseerr) 328 | - (alt to Radarr) 329 | - (alt to Sonarr) 330 | - (alt to Lidarr) 331 | - (alt to Bazarr) 332 | - (alt to Prowlarr) 333 | 334 | Download Clients 335 | - (alt to qBittorrent) 336 | - (alt to NZBGet) 337 | 338 | Files and Images 339 | - [Owncloud](https://owncloud.com/), [Pydio](https://github.com/pydio) (alts to Nextcloud) 340 | - [Nextcloud Memories](https://apps.nextcloud.com/apps/memories), [a bunch more](https://github.com/meichthys/foss_photo_libraries) (alts to Immich) 341 | - (alt to Docmost) 342 | 343 | Smart Home and Automation 344 | - [openHAB](https://www.openhab.org/), [Homey](https://homey.app/en-us/) (alts to Home Assistant) 345 | - [AgentDVR](https://www.ispyconnect.com/), [Shinobi NVR](https://shinobi.video/) (alts to Frigate) 346 | 347 | DNS and Remote Connections 348 | - [AdGuard Home](https://adguard.com/en/adguard-home/overview.html) (alt to Pi-Hole) 349 | - [SWAG](https://docs.linuxserver.io/general/swag/#creating-a-swag-container) (alt to NGINX Proxy Manager) 350 | - [Tailscale](https://tailscale.com/) (alt to Twingate) 351 | - [ddns-updater](https://github.com/qdm12/ddns-updater) (alt to Cloudflare DDNS) 352 | 353 | 354 | 355 | 356 | 357 | --------------------------------------------------------------------------------