docs: add real README.md
This commit is contained in:
80
README.md
80
README.md
@@ -0,0 +1,80 @@
|
||||
# Homelab Infrastructure
|
||||
|
||||
A collection of self-hosted services running on Docker containers, orchestrated through Portainer and exposed via Traefik reverse proxy.
|
||||
|
||||
## Architecture
|
||||
|
||||
This homelab uses a stack-based approach where each service is containerized and deployed as a complete stack with its dependencies. All services integrate with a centralized Traefik instance for SSL termination and domain routing.
|
||||
|
||||
### Stack Structure
|
||||
```
|
||||
docker/stacks/<service>/
|
||||
- docker-compose.yaml # Service definition
|
||||
- stack.env # Environment template (tracked)
|
||||
- stack.env.real # Actual values with secrets (gitignored)
|
||||
```
|
||||
|
||||
## Services
|
||||
|
||||
| Service | Description | Purpose |
|
||||
|---------|-------------|---------|
|
||||
| **Immich** | Self-hosted photo and video management | Personal media library with ML features |
|
||||
| **Paperless-ngx** | Document management system with OCR | Digital document archive and search |
|
||||
| **Media Stack** | Sonarr, Radarr, Prowlarr, qBittorrent | Automated media acquisition and management |
|
||||
| **Arch Mirror** | Local Arch Linux package repository mirror | Local package cache for faster updates |
|
||||
|
||||
## Deployment
|
||||
|
||||
Services are deployed through **Portainer WebUI**:
|
||||
|
||||
1. Access Portainer dashboard
|
||||
2. Navigate to Stacks section
|
||||
3. Create new stack or update existing
|
||||
4. Copy content from `docker-compose.yaml`
|
||||
5. Configure environment variables from `stack.env.real`
|
||||
6. Deploy stack
|
||||
|
||||
### Environment Setup
|
||||
|
||||
For each stack:
|
||||
```bash
|
||||
cd docker/stacks/<service>/
|
||||
cp stack.env stack.env.real
|
||||
# Edit stack.env.real with actual values
|
||||
```
|
||||
|
||||
## Common Operations
|
||||
|
||||
### Stack Management
|
||||
- Stack status and logs monitored through Portainer WebUI dashboard
|
||||
- Updates performed by pulling new images and recreating containers
|
||||
|
||||
### Backup Operations
|
||||
Each stack includes automated backup services:
|
||||
- **Database backups**: Hourly PostgreSQL dumps using postgres-backup-local
|
||||
- **File backups**: Scheduled Restic backups to AWS S3 backend
|
||||
|
||||
## Network Architecture
|
||||
|
||||
- **traefik** (external): Reverse proxy network for SSL termination and routing
|
||||
- **service-specific**: Internal networks for each stack (immich, paperless, sonarr, radarr)
|
||||
- Services primarily accessed through Traefik with minimal direct port exposure
|
||||
|
||||
## Security
|
||||
|
||||
- All services behind Traefik reverse proxy with Let's Encrypt SSL certificates
|
||||
- Environment variables with secrets stored in `*.env.real` files (gitignored)
|
||||
- API endpoints protected with HTTP basic authentication where applicable
|
||||
- Internal service communication isolated over Docker networks
|
||||
|
||||
## Requirements
|
||||
|
||||
- Docker and Docker Compose
|
||||
- Portainer CE for stack management
|
||||
- Traefik reverse proxy (external dependency)
|
||||
- Valid domain names for SSL certificate generation
|
||||
|
||||
## Notes
|
||||
|
||||
- This repository contains infrastructure definitions only
|
||||
- Actual deployment and management handled through Portainer WebUI
|
||||
|
||||
Reference in New Issue
Block a user