Skip to content

Instantly share code, notes, and snippets.

@morpheuslord

morpheuslord/plan.md

Created December 8, 2024 11:53
Show Gist options
  • Save morpheuslord/794456fb11c96738d30e5eb983513855 to your computer and use it in GitHub Desktop.
Save morpheuslord/794456fb11c96738d30e5eb983513855 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
plan.md

Services and Hostname

Services

  • Backup
    • File Backup: via SMB
    • Image Backup: PhotoPrism
  • Remote Connection and Monitoring: SSH, NetData
  • Music Streaming: Jellyfin
  • Hosting and container management: Portainer

Hostname

  • Portainer:
    • Hostname: portainer.homeserverapp.org
    • Internal Port: 9443
    • Externally accessed using: 443
  • Photos:
    • Hostname: photos.homeserverapp.org
    • Internal Port: 2342
    • Externally accessed using: 443
  • Music:
    • Hostname: jelly.homeserverapp.org
    • Internal Port: 8096
    • Externally accessed using: 443

File Structure

USER: morpheuslord HOME Directory: /home/morpheuslord/

Priority:

  • Working Ready To Access Files via SMB:
    • Photos:
      • /home/morpheuslord/share/photoprism/pictures
      • /home/morpheuslord/share/photoprism/storage
      • /home/morpheuslord/share/photoprism/database
    • Music:
      • /home/morpheuslord/share/jelly/music
    • Backups
      • /home/morpheuslord/share/devicebackup

SMB Exposing Folder: /home/morpheuslord/share

Reverse Proxy

Service Used: Cloudflare

Proxy mapping:

  • 223.185.129.102:9443 -> 443 (portainer.homeserverapp.org)
  • 223.185.129.102:2342 -> 443 (photos.homeserverapp.org)
  • 223.185.129.102:8096 -> 443 (jelly.homeserverapp.org)
  • 223.185.129.102:445 -> 445 (share.homeserverapp.org)
  • 223.185.129.102:2222 -> 22 (ssh.homeserverapp.org)

Music Solution

Jellyfin Docker-compose.yml:


Exposed Port: 8096 -> Internally: 8096 TCP
Exposed Port: 7359 -> Internally: 7359 UDP
Exposed Port: 1900 -> Internally: 1900 UDP

Volumes: (Bind Mounts)

/home/morpheuslord/share/jelly/config
/home/morpheuslord/share/jelly/music

PUID:1000
PGID:1000
TZ:Asia/Kolkata

Restart Policy: Unless Stopped

PhotoPrism

photoprism docker-compose.yml: Use code ref

Setup Monitoring

Go To NetData Website copy and run the command:

wget -O /tmp/netdata-kickstart.sh https://get.netdata.cloud/kickstart.sh && sh /tmp/netdata-kickstart.sh

Security

Reverse Proxy: refer network checks video on how to do it. ref

Firewall rules:

sudo apt install ufw
# Allow incoming HTTP/HTTPS (external access)
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp

# Allow SSH (custom port for external and local access)
sudo ufw allow 2222/tcp

# Allow Cloudflare Tunneling (port 7844 TCP/UDP for external access)
sudo ufw allow out to any port 7844 proto tcp
sudo ufw allow out to any port 7844 proto udp

# Allow ICMP (ping)
sudo ufw allow proto icmp

# Allow all traffic from the local network (adjust the range if needed)
sudo ufw allow from 192.168.0.0/24 to any
sudo ufw allow out to 192.168.0.0/24

sudo ufw allow from 192.168.1.0/24 to any
sudo ufw allow out to 192.168.1.0/24

sudo ufw enable
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment