work in progress!!
This repository contains the (very simple) declarative configuration for my home server. The software stack is based on NixOS, a Linux distribution that is configured declaratively using several configuration files.
The entire infrastructure uses containers and it is a single docker-compose file.
I try to keep the setup as simple as possible, to avoid headache (and beacuse i don't want to spend a lot of time mantaning it). All my services run as Docker containers in bridge mode, using Docker Compose.
All ports exposed by services are also exposed on the firewall config in NixOS, and they are always accessible inside the local network.
I do not have a public IP address and i'm also behind a very shitty double-NAT.
In order to access my services and home network from outside, i use Tailscale VPN. This way, i don't have to worry about NAT and such because Tailscale does automatic NAT-traversal and, if the client is connected to the VPN, i can access my home network from everywhere.
Yes, i know it is possible to setup WireGuard to NAT-traverse using an online VPS, but i wanted to avoid having to also mantain that.
Running on Docker containers:
- Homarr: Server dashboard
- AdGuard Home: Network level ad blocking DNS
- PhotoPrism: Self-hosted photo archive solution
- note: i will probably switch to Immich when it is more stable.
- Backrest: Automatic data backup
- Prometheus: Metrics, alerts gathering
- Grafana: Data visualization
- *arr suite (Radarr, Sonarr, Prowlarr): Services for pirating movies and TV shows
- Jellyfin: Media server
- qBittorrent NOX: Web UI for qbittorrent
Running on the host:
- Tailscale client: VPN to access the network from remote
- Cockpit: Web-based system administration tool