feat: Adds homarr

README.md

@@ -0,0 +1,10 @@
+# Homelab
+
+This contains docker compose files for services that I typically run inside my
+network / homelab.
+
+Not all services are currently running or may be ones that I've just
+experimented with in the past.
+
+Each folder should have a brief `README` that gives further instructions on the
+individual service.

caddy/README.md

@@ -0,0 +1,36 @@
+# Caddy
+
+Caddy is a web-server, commonly used as a reverse proxy (meaning it sits in
+front of other services and routes traffic to them).  It offers SSL certificates
+via Let's Encrypt.
+
+## Usage
+
+This directory has the basic set of files needed to create a caddy server.
+Because caddy uses a plugin architecture, the Dockerfile builds the image that
+is used, which includes cloudflare's DNS provider for verifying the domain of
+the server in order for it to obtain SSL certificates.
+
+## Environment Variables
+
+The `.env` file has the common environment variables needed in order to obtain
+SSL certificates, these values need to be updated.
+
+## Caddyfile
+
+The configuration for the caddy server is found in the `caddy/Caddyfile`.  There
+is a block included as an example of setting up a reverse proxy that will issue
+a wildcard certificate for the domains that are listed.
+
+## Network
+
+The proxy network needs to be created prior to starting the container.  You can
+use the following command to create the network:
+
+```bash
+docker network create --driver=bridge proxy
+```
+
+This allows you to place other containers running on the same host on this
+network and configure the reverse proxy using their container name.
+

caddy/compose.yml

@@ -1,10 +1,13 @@
+# This network needs created prior to running the container.
+#
+# docker network create --driver=bridge proxy
+#
 networks:
   proxy:
     external: true
 
 volumes:
   caddy_config:
-  caddy_data:
 
 services:
   caddy:
@@ -23,12 +26,14 @@ services:
       - 80:80
       - 443:443
       - "443:443/udp"
-      - 2019:2019
+      - 2019:2019 # only needed if you want to access the api.
     cap_add:
       - NET_ADMIN
     volumes:
-      - $PWD/config:/etc/caddy
+      - ./config:/etc/caddy
-      - caddy_data:/data
+      - ./data:/data
       - caddy_config:/config
     networks:
       - proxy
+    security_opt:
+      - no-new-privileges:true

caddy/config/Caddyfile

@@ -11,10 +11,18 @@
     resolvers 1.1.1.1
   }
 
-  # example of reverse proxy.
+  # Example of reverse proxy on a separate host.
 
   @gitea host git.housh.dev
   handle @gitea {
     reverse_proxy 192.168.10.76:3000
   }
+
+  # Example of revers proxy on same host
+  # This assumes the container name is gitea.
+
+  @gitea host git.housh.dev
+  handle @gitea {
+    reverse_proxy gitea:3000 # uses the container name for DNS discovery.
+  }
 }

excalidraw/README.md

@@ -0,0 +1,3 @@
+# Excalidraw
+
+[Excalidraw](https://excalidraw.com) is a drawing / infinite canvas tool.

excalidraw/compose.yml

@@ -0,0 +1,12 @@
+networks:
+  proxy:
+    external: true
+
+services:
+  excalidraw:
+    image: excalidraw/excalidraw:latest
+    container_name: excalidraw
+    ports:
+      - 5005:80
+    labels:
+      com.centurlinklabs.watchtower.enble: true

homarr/README.md

@@ -0,0 +1,4 @@
+# Homarr
+
+[Homarr](https://homarr.dev) is a dashboard for services / links to services and
+websites that I commonly use.

homarr/compose.yml

@@ -0,0 +1,17 @@
+networks:
+  proxy:
+    external: true
+
+services:
+  homarr:
+    container_name: homarr
+    image: ghcr.io/ajnart/homarr:latest
+    volumes:
+      - ./config:/app/data/configs
+      - ./icons:/app/public/icons
+    networks:
+      - proxy
+    ports:
+      - 7575:7575
+    labels:
+      com.centurylinklabs.watchtower.enable: true

portainer/README.md

@@ -0,0 +1,8 @@
+# Portainer
+
+Portainer is a container orchestration tool / interface that gives a web portal to view containers
+running on different machines.
+
+The primary `compose.yml` file is the primary portainer docker compose file, and is used for the
+primary portainer instance. The `agent-compose.yml` is used on other / extra machines that you would
+like to integrate into the primary portainer instance known as `environments`.

portainer/agent-compose.yml

@@ -0,0 +1,16 @@
+networks:
+  proxy:
+    external: true
+
+services:
+  portainer_agent:
+    image: portainer/agent:latest
+    container_name: portainer_agent
+    restart: unless-stopped
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - /var/lib/docker/volumes:/var/lib/docker/volumes:
+    ports:
+      - 9001:9001
+    labels:
+      com.centurylink.watchtower.enable: true

portainer/compose.yml

@@ -0,0 +1,18 @@
+networks:
+  proxy:
+    external: true
+
+services:
+  portainer:
+    image: portainer/portainer-ce:alpine-sts
+    container_name: portainer
+    restart: unless-stopped
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - ./data:/data
+    networks:
+      - proxy
+    ports:
+      - 9010:9000 # optional if behind reverse proxy.
+    labels:
+      com.centurylinklabs.watchtower.enable: true

watchtower/README.md

@@ -0,0 +1,5 @@
+# Watchtower
+
+[Watchtower](https://github.com/containrrr/watchtower) is a tool that watches for new docker images
+based on their `tag`, and will pull new images when available and restart services that include a
+label of `com.centurylinklabs.watchtower.enable: true`.

watchtower/compose.yml

@@ -0,0 +1,22 @@
+networks:
+  proxy:
+    external: true
+  backend:
+    external: true
+
+services:
+  watchtower:
+    image: containrrr/watchtower:latest
+    container_name: watchtower
+    restart: unless-stopped
+    networks:
+      - proxy
+      - backend
+    environment:
+      WATCHTOWER_CLEANUP: true
+      WATCHTOWER_LABEL_ENABLE: true
+      WATCHTOWER_TIMEOUT: 30s
+      TZ: "America/New_York"
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+