Personal homelab setup
- Docker
- Docker Compose
- SSH
- Ansible on the host machine
- Direnv (optional, issue
source .envrcotherwise) - Cloudflare account
- Domain name
| Variable Name | Description |
|---|---|
HOMELAB_IP |
IP address of the homelab |
HOMELAB_PORT |
Port for SSH access |
HOMELAB_USER |
SSH user for the homelab |
HOMELAB_PASSWORD |
SSH password for the homelab |
HOMELAB_BECOME_USER |
User to become for elevated privileges |
HOMELAB_BECOME_PASSWORD |
Password for the become user |
PROJECT_DIR |
Directory of the project on host machine |
PG_ADDITIONAL_USERS |
Additional users for the PostgreSQL database |
CLOUDFLARE_ACCOUNT_ID |
Cloudflare account ID |
CLOUDFLARE_ACCOUNT_EMAIL_ADDRESS |
Cloudflare account email address |
CLOUDFLARE_API_TOKEN |
Cloudflare DNS API token |
CLOUDFLARE_TUNNEL_ID |
Cloudflare tunnel ID |
CLOUDFLARE_TUNNEL_TOKEN |
Cloudflare tunnel token |
LETSENCRYPT_CA_SERVER |
Let's Encrypt CA server URL (default is production) |
LETSENCRYPT_EMAIL_ADDRESS |
Email address for Let's Encrypt |
ROOT_DOMAIN |
Root domain for the services |
GRAFANA_USER |
Grafana user |
GRAFANA_PASSWORD |
Grafana password |
GOOGLE_OAUTH_CLIENT_ID |
Google OAuth client ID |
GOOGLE_OAUTH_CLIENT_SECRET |
Google OAuth client secret |
TRANSMISSION_DOWNLOAD_DIR |
Transmission download directory |
SONARR_MEDIA_DIR |
Sonarr save directory |
RADARR_MEDIA_DIR |
Radarr save directory |
READARR_MEDIA_DIR |
Readarr save directory |
JELLYFIN_DATA_DIR |
Jellyfin data directory |
JELLYFIN_CACHE_DIR |
Jellyfin cache directory |
JELLYFIN_MEDIA_DIR |
Jellyfin media directory |
-
Setup nameservers for the domain:
- Add Cloudflare nameservers to the domain registrar.
- Add the domain to Cloudflare.
-
Setup Cloudflare Tunnel:
- Create a tunnel for the domain.
- Copy the tunnel ID and token.
-
Clone the repository:
git clone [email protected]:aakash-rajur/homelab.git cd homelab
-
you can skip certain services by commenting them out in compose.yml
-
Setup users configuration in
services/authelia/users.ymlwith content following, passwords will be generated for each user incredentialsfolder:users: johndoe: disabled: false displayname: "John Doe" password: "" email: "[email protected]" groups: - admin - guest janedoe: disabled: false displayname: "Jane Doe" password: "" email: "[email protected]" groups: - guest
-
Set up environment variables:
- Create a
.envrc.localfile in the project root and populate it with the necessary values. Refer to the.envrcfile for the required variables. - Load the environment variables using
direnv alloworsource .envrc.local.
- Create a
-
Tweak docker service for cadvisor from here, if you wish to avoid a non-root setup, update cgroup service in compose.yml to run in
priviled: truemode -
Start services:
make deploy
-
Stop services:
make teardown
| Service Name | Description | Access URL |
|---|---|---|
watchtower |
Monitors and updates running Docker containers. | |
nodeexporter |
Exports hardware and OS metrics. | |
cadvisor |
Analyzes resource usage and performance characteristics of running containers. | |
prometheus |
Monitoring and alerting toolkit. | https://prometheus.<root_domain> |
grafana |
Analytics and monitoring platform. | https://grafana.<root_domain> |
pg |
PostgreSQL database. | |
authelia |
Authentication and authorization server. | https://authelia.<root_domain> |
traefik |
Reverse proxy and load balancer. | https://traefik.<root_domain> |
transmission |
Torrent download client. | https://transmission.<root_domain> |
prowlarr |
Torrent indexer. | https://prowlarr.<root_domain> |
radarr |
Movie download manager. | https://radarr.<root_domain> |
sonarr |
TV show download manager. | https://sonarr.<root_domain> |
readarr |
E-book download manager. | https://readarr.<root_domain> |
bazarr |
Subtitle download manager. | https://bazarr.<root_domain> |
jellyseerr |
Request manager for content in Jellyfin. | https://jellyseerr.<root_domain> |
jellyfin |
Media server. | https://jellyfin.<root_domain> |
This project is licensed under the MIT License - see the LICENSE file for details.