Navy.gif/media-stack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: replace Heimdall by Homepage

Browse Source
This commit is contained in:
Adrien Poupa 2023-05-14 00:19:04 -04:00
parent cb6630d8b8
commit 933324bd74
12 changed files with 216 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
.env.example
View File

@ -11,10 +11,23 @@ PIA_PASS=
PIA_LOCAL_NETWORK="192.168.0.0/16"
HOSTNAME=localhost
ADGUARD_HOSTNAME=
ADGUARD_USERNAME=
ADGUARD_PASSWORD=
DNS_CHALLENGE=true
DNS_CHALLENGE_PROVIDER=cloudflare
LETS_ENCRYPT_CA_SERVER=https://acme-v02.api.letsencrypt.org/directory
LETS_ENCRYPT_CA_SERVER="https://acme-v02.api.letsencrypt.org/directory"
LETS_ENCRYPT_EMAIL=
CLOUDFLARE_EMAIL=
CLOUDFLARE_DNS_API_TOKEN=
CLOUDFLARE_ZONE_API_TOKEN=
SONARR_API_KEY=
RADARR_API_KEY=
PROWLARR_API_KEY=
JELLYFIN_API_KEY=
HOMEPAGE_VAR_TITLE="Docker-Compose NAS"
HOMEPAGE_VAR_SEARCH_PROVIDER=google
HOMEPAGE_VAR_HEADER_STYLE=boxed
HOMEPAGE_VAR_WEATHER_CITY=
HOMEPAGE_VAR_WEATHER_LAT=
HOMEPAGE_VAR_WEATHER_LONG=
HOMEPAGE_VAR_WEATHER_UNIT=metric

4
.gitignore vendored
View File

@ -1,8 +1,8 @@
.env
.idea
docker-compose.override.yml
/heimdall
!/heimdall/.gitkeep
/homepage/logs
/homepage/*.yaml
/sonarr
!/sonarr/.gitkeep
/radarr

78
README.md
View File

@ -8,6 +8,8 @@ SSL certificates and remote access through Tailscale are supported.
Requirements: Any Docker-capable recent Linux box with Docker Engine and Docker Compose V2.
I am running it in Ubuntu Server 22.04; I also tested this setup on a [Synology DS220+ with DSM 7.1](#synology-quirks).
![Docker-Compose NAS Homepage](https://github.com/AdrienPoupa/docker-compose-nas/assets/15086425/3492a9f6-3779-49a5-b052-4193844f16f0)
## Table of Content
<!-- TOC -->
@ -23,6 +25,7 @@ I am running it in Ubuntu Server 22.04; I also tested this setup on a [Synology
* [Prowlarr](#prowlarr)
* [qBittorrent](#qbittorrent)
* [Jellyfin](#jellyfin)
* [Homepage](#homepage)
* [Traefik and SSL Certificates](#traefik-and-ssl-certificates)
* [Accessing from the outside with Tailscale](#accessing-from-the-outside-with-tailscale)
* [Optional Services](#optional-services)
@ -55,7 +58,7 @@ I am running it in Ubuntu Server 22.04; I also tested this setup on a [Synology
| [PIA WireGuard VPN](https://github.com/thrnz/docker-wireguard-pia) | Encapsulate qBittorrent traffic in [PIA](https://www.privateinternetaccess.com/) using [WireGuard](https://www.wireguard.com/) with port forwarding. | [thrnz/docker-wireguard-pia](https://hub.docker.com/r/thrnz/docker-wireguard-pia) | |
| [qBittorrent](https://www.qbittorrent.org) | Bittorrent client with a complete web UI<br/>Uses VPN network<br/>Using Libtorrent 1.x | [linuxserver/qbittorrent:libtorrentv1](https://hub.docker.com/r/linuxserver/qbittorrent) | /qbittorrent |
| [Jellyfin](https://jellyfin.org) | Media server designed to organize, manage, and share digital media files to networked devices | [linuxserver/jellyfin](https://hub.docker.com/r/linuxserver/jellyfin) | /jellyfin |
| [Heimdall](https://heimdall.site) | Application dashboard | [linuxserver/heimdall](https://hub.docker.com/r/linuxserver/heimdall) | / |
| [Homepage](https://gethomepage.dev) | Application dashboard | [benphelps/homepage](https://github.com/benphelps/homepage/pkgs/container/homepage) | / |
| [Traefik](https://traefik.io) | Reverse proxy | [traefik](https://hub.docker.com/_/traefik) | |
| [Watchtower](https://containrrr.dev/watchtower/) | Automated Docker images update | [containrrr/watchtower](https://hub.docker.com/r/containrrr/watchtower) | |
| [SABnzbd](https://sabnzbd.org/) | Optional - Free and easy binary newsreader | [linuxserver/sabnzbd](https://hub.docker.com/r/linuxserver/sabnzbd) | /sabnzbd |
@ -71,32 +74,47 @@ see [Optional Services](#optional-services) for more information.
`cp .env.example .env`, edit to your needs then `sudo docker compose up -d`.
For the first time, run `./update-config.sh` to update the applications base URLs.
For the first time, run `./update-config.sh` to update the applications base URLs and set the API keys in `.env`.
If you want to show Jellyfin information in the homepage, create it in Jellyfin settings and fill `JELLYFIN_API_KEY`.
## Environment Variables
| Variable | Description | Default |
|-----------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------|
| `COMPOSE_FILE` | Docker compose files to load | `docker-compose.yml` |
| `COMPOSE_PATH_SEPARATOR` | Path separator between compose files to load | `:` |
| `USER_ID` | ID of the user to use in Docker containers | `1000` |
| `GROUP_ID` | ID of the user group to use in Docker containers | `1000` |
| `TIMEZONE` | TimeZone used by the container. | `America/New_York` |
| `DATA_ROOT` | Host location of the data files | `/mnt/data` |
| `DOWNLOAD_ROOT` | Host download location for qBittorrent, should be a subfolder of `DATA_ROOT` | `/mnt/data/torrents` |
| `PIA_LOCATION` | Servers to use for PIA | `ca` (Montreal, Canada) |
| `PIA_USER` | PIA username | |
| `PIA_PASS` | PIA password | |
| `PIA_LOCAL_NETWORK` | PIA local network | `192.168.0.0/16` |
| `HOSTNAME` | Hostname of the NAS, could be a local IP or a domain name | `localhost` |
| `ADGUARD_HOSTNAME` | AdGuard Home hostname used, if enabled | |
| `DNS_CHALLENGE` | Enable/Disable DNS01 challenge, set to `false` to disable. | `true` |
| `DNS_CHALLENGE_PROVIDER` | Provider for DNS01 challenge, [see list here](https://doc.traefik.io/traefik/https/acme/#providers). | `cloudflare` |
| `LETS_ENCRYPT_CA_SERVER` | Let's Encrypt CA Server used to generate certificates, set to production by default.<br/>Set to `https://acme-staging-v02.api.letsencrypt.org/directory` to test your changes with the staging server. | `https://acme-v02.api.letsencrypt.org/directory` |
| `LETS_ENCRYPT_EMAIL` | E-mail address used to send expiration notifications | |
| `CLOUDFLARE_EMAIL` | CloudFlare Account email | |
| `CLOUDFLARE_DNS_API_TOKEN` | API token with `DNS:Edit` permission | |
| `CLOUDFLARE_ZONE_API_TOKEN` | API token with `Zone:Read` permission | |
| Variable | Description | Default |
|--------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------|
| `COMPOSE_FILE` | Docker compose files to load | `docker-compose.yml` |
| `COMPOSE_PATH_SEPARATOR` | Path separator between compose files to load | `:` |
| `USER_ID` | ID of the user to use in Docker containers | `1000` |
| `GROUP_ID` | ID of the user group to use in Docker containers | `1000` |
| `TIMEZONE` | TimeZone used by the container. | `America/New_York` |
| `DATA_ROOT` | Host location of the data files | `/mnt/data` |
| `DOWNLOAD_ROOT` | Host download location for qBittorrent, should be a subfolder of `DATA_ROOT` | `/mnt/data/torrents` |
| `PIA_LOCATION` | Servers to use for PIA | `ca` (Montreal, Canada) |
| `PIA_USER` | PIA username | |
| `PIA_PASS` | PIA password | |
| `PIA_LOCAL_NETWORK` | PIA local network | `192.168.0.0/16` |
| `HOSTNAME` | Hostname of the NAS, could be a local IP or a domain name | `localhost` |
| `ADGUARD_HOSTNAME` | Optional - AdGuard Home hostname used, if enabled | |
| `ADGUARD_USERNAME` | Optional - AdGuard Home username to show details in the homepage, if enabled | |
| `ADGUARD_PASSWORD` | Optional - AdGuard Home password to show details in the homepage, if enabled | |
| `DNS_CHALLENGE` | Enable/Disable DNS01 challenge, set to `false` to disable. | `true` |
| `DNS_CHALLENGE_PROVIDER` | Provider for DNS01 challenge, [see list here](https://doc.traefik.io/traefik/https/acme/#providers). | `cloudflare` |
| `LETS_ENCRYPT_CA_SERVER` | Let's Encrypt CA Server used to generate certificates, set to production by default.<br/>Set to `https://acme-staging-v02.api.letsencrypt.org/directory` to test your changes with the staging server. | `https://acme-v02.api.letsencrypt.org/directory` |
| `LETS_ENCRYPT_EMAIL` | E-mail address used to send expiration notifications | |
| `CLOUDFLARE_EMAIL` | CloudFlare Account email | |
| `CLOUDFLARE_DNS_API_TOKEN` | API token with `DNS:Edit` permission | |
| `CLOUDFLARE_ZONE_API_TOKEN` | API token with `Zone:Read` permission | |
| `SONARR_API_KEY` | Sonarr API key to show information in the homepage | |
| `RADARR_API_KEY` | Radarr API key to show information in the homepage | |
| `PROWLARR_API_KEY` | Prowlarr API key to show information in the homepage | |
| `JELLYFIN_API_KEY` | Jellyfin API key to show information in the homepage | |
| `HOMEPAGE_VAR_TITLE` | Title of the homepage | `Docker-Compose NAS` |
| `HOMEPAGE_VAR_SEARCH_PROVIDER` | Homepage search provider, [see list here](https://gethomepage.dev/en/widgets/search/) | `google` |
| `HOMEPAGE_VAR_HEADER_STYLE` | Homepage header style, [see list here](https://gethomepage.dev/en/configs/settings/#header-style) | `boxed` |
| `HOMEPAGE_VAR_WEATHER_CITY` | Homepage weather city name | |
| `HOMEPAGE_VAR_WEATHER_LAT` | Homepage weather city latitude | |
| `HOMEPAGE_VAR_WEATHER_LONG` | Homepage weather city longitude | |
| `HOMEPAGE_VAR_WEATHER_UNIT` | Homepage weather unit, either `metric` or `imperial` | `metric` |
## PIA WireGuard VPN
@ -112,6 +130,9 @@ For PIA + WireGuard, fill `.env` and fill it with your PIA credentials.
The location of the server it will connect to is set by `LOC=ca`, defaulting to Montreal - Canada.
You need to fill the credentials in the `PIA_*` environment variable,
otherwise the VPN container will exit and qBittorrent will not start.
## Sonarr & Radarr
### File Structure
@ -178,6 +199,15 @@ devices:
Generally, running Docker on Linux you will want to use VA-API, but the exact mount paths may differ depending on your
hardware.
## Homepage
The homepage comes with sensible defaults; some settings can ben controlled via environment variables in `.env`.
If you to customize further, you can modify the files in `/homepage/*.yaml` according to the [documentation](https://gethomepage.dev).
Due to how the Docker socket is configured for the Docker integration, files must be edited as root.
The files in `/homepage/tpl/*.yaml` only serve as a base to set up the homepage configuration on first run.
## Traefik and SSL Certificates
While you can use the private IP to access your NAS, how cool would it be for it to be accessible through a subdomain

10
adguardhome/docker-compose.yml
View File

@ -38,6 +38,16 @@ services:
- "traefik.http.routers.adguardhome.rule=(Host(`${ADGUARD_HOSTNAME}`))"
- "traefik.http.routers.adguardhome.tls=true"
- "traefik.http.routers.adguardhome.tls.certresolver=myresolver"
- homepage.group=Utilities
- homepage.name=Adguard
- homepage.icon=adguard-home.png
- homepage.href=https://${ADGUARD_HOSTNAME}
- homepage.description=DNS Adblocker
- homepage.weight=0
- homepage.widget.type=adguard
- homepage.widget.url=https://${ADGUARD_HOSTNAME}
- homepage.widget.username=${ADGUARD_USERNAME}
- homepage.widget.password=${ADGUARD_PASSWORD}
traefik-certs-dumper:
image: ldez/traefik-certs-dumper

75
docker-compose.yml
View File

@ -45,6 +45,15 @@ services:
- traefik.http.routers.sonarr.tls=true
- traefik.http.routers.sonarr.tls.certresolver=myresolver
- traefik.http.services.sonarr.loadbalancer.server.port=8989
- homepage.group=Media
- homepage.name=Sonarr
- homepage.icon=sonarr.png
- homepage.href=/sonarr
- homepage.description=Series management
- homepage.weight=0
- homepage.widget.type=sonarr
- homepage.widget.url=http://sonarr:8989/sonarr
- homepage.widget.key=${SONARR_API_KEY}
radarr:
image: lscr.io/linuxserver/radarr
container_name: radarr
@ -62,6 +71,15 @@ services:
- traefik.http.routers.radarr.tls=true
- traefik.http.routers.radarr.tls.certresolver=myresolver
- traefik.http.services.radarr.loadbalancer.server.port=7878
- homepage.group=Media
- homepage.name=Radarr
- homepage.icon=radarr.png
- homepage.href=/radarr
- homepage.description=Movies management
- homepage.weight=1
- homepage.widget.type=radarr
- homepage.widget.url=http://radarr:7878/radarr
- homepage.widget.key=${RADARR_API_KEY}
prowlarr:
image: lscr.io/linuxserver/prowlarr:latest
container_name: prowlarr
@ -78,6 +96,15 @@ services:
- traefik.http.routers.prowlarr.tls=true
- traefik.http.routers.prowlarr.tls.certresolver=myresolver
- traefik.http.services.prowlarr.loadbalancer.server.port=9696
- homepage.group=Download
- homepage.name=Prowlarr
- homepage.icon=prowlarr.png
- homepage.href=/prowlarr
- homepage.description=Indexers management
- homepage.weight=4
- homepage.widget.type=prowlarr
- homepage.widget.url=http://prowlarr:9696/prowlarr
- homepage.widget.key=${PROWLARR_API_KEY}
qbittorrent:
image: lscr.io/linuxserver/qbittorrent:libtorrentv1
container_name: qbittorrent
@ -108,6 +135,16 @@ services:
- traefik.http.middlewares.qbittorrent-strip-slash.redirectregex.replacement=$$1/
- traefik.http.middlewares.qbittorrent-strip-slash.redirectregex.permanent=false
#- com.centurylinklabs.watchtower.depends-on=/vpn
- homepage.group=Download
- homepage.name=qBittorrent
- homepage.icon=qbittorrent.png
- homepage.href=/qbittorrent
- homepage.description=Bittorrent client
- homepage.weight=5
- homepage.widget.type=qbittorrent
- homepage.widget.url=http://vpn:8080
- homepage.widget.username=admin
- homepage.widget.password=adminadmin
vpn:
image: thrnz/docker-wireguard-pia
container_name: vpn
@ -164,21 +201,39 @@ services:
- traefik.http.routers.jellyfin.tls=true
- traefik.http.routers.jellyfin.tls.certresolver=myresolver
- traefik.http.services.jellyfin.loadbalancer.server.port=8096
heimdall:
image: lscr.io/linuxserver/heimdall
container_name: heimdall
- homepage.group=Media
- homepage.name=Jellyfin
- homepage.icon=jellyfin.png
- homepage.href=/jellyfin
- homepage.description=Media server
- homepage.weight=3
- homepage.widget.type=jellyfin
- homepage.widget.url=http://jellyfin:8096/jellyfin
- homepage.widget.key=${JELLYFIN_API_KEY}
homepage:
image: ghcr.io/benphelps/homepage:latest
container_name: homepage
environment:
- PUID=${USER_ID}
- PGID=${GROUP_ID}
- HOMEPAGE_VAR_TITLE=${HOMEPAGE_VAR_TITLE}
- HOMEPAGE_VAR_SEARCH_PROVIDER=${HOMEPAGE_VAR_SEARCH_PROVIDER}
- HOMEPAGE_VAR_HEADER_STYLE=${HOMEPAGE_VAR_HEADER_STYLE}
- HOMEPAGE_VAR_WEATHER_CITY=${HOMEPAGE_VAR_WEATHER_CITY}
- HOMEPAGE_VAR_WEATHER_LAT=${HOMEPAGE_VAR_WEATHER_LAT}
- HOMEPAGE_VAR_WEATHER_LONG=${HOMEPAGE_VAR_WEATHER_LONG}
- HOMEPAGE_VAR_WEATHER_TIME=${TIMEZONE}
- HOMEPAGE_VAR_WEATHER_UNIT=${HOMEPAGE_VAR_WEATHER_UNIT}
volumes:
- ./heimdall:/config
- ./homepage:/app/config
- /var/run/docker.sock:/var/run/docker.sock:ro
- ${DATA_ROOT}:/data
restart: always
command: [sh, -c, "cp -n /app/config/tpl/*.yaml /app/config && node server.js"]
labels:
- traefik.enable=true
- traefik.http.routers.heimdall.rule=(Host(`${HOSTNAME}`) && PathPrefix(`/`))
- traefik.http.routers.heimdall.tls=true
- traefik.http.routers.heimdall.tls.certresolver=myresolver
- traefik.http.services.heimdall.loadbalancer.server.port=80
- traefik.http.routers.homepage.rule=(Host(`${HOSTNAME}`) && PathPrefix(`/`))
- traefik.http.routers.homepage.tls=true
- traefik.http.routers.homepage.tls.certresolver=myresolver
- traefik.http.services.homepage.loadbalancer.server.port=3000
watchtower:
image: containrrr/watchtower
container_name: watchtower

0
heimdall/.gitkeep → homepage/.gitkeep
View File

8
homepage/tpl/bookmarks.yaml Normal file
View File

@ -0,0 +1,8 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/en/configs/bookmarks
- Credits:
- Docker-Compose-NAS:
- abbr: NAS
href: https://github.com/AdrienPoupa/docker-compose-nas

6
homepage/tpl/docker.yaml Normal file
View File

@ -0,0 +1,6 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/en/configs/docker/
my-docker:
socket: /var/run/docker.sock

20
homepage/tpl/settings.yaml Normal file
View File

@ -0,0 +1,20 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/en/configs/settings
title: {{HOMEPAGE_VAR_TITLE}}
headerStyle: {{HOMEPAGE_VAR_HEADER_STYLE}}
layout:
Media:
style: row
columns: 3
Download:
style: row
columns: 2
quicklaunch:
searchDescriptions: true
hideInternetSearch: true
hideVisitURL: true

27
homepage/tpl/widgets.yaml Normal file
View File

@ -0,0 +1,27 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/en/configs/widgets
- resources:
cpu: true
memory: true
disk:
- /
- /data
- search:
provider: {{HOMEPAGE_VAR_SEARCH_PROVIDER}}
target: _blank
- openmeteo:
label: {{HOMEPAGE_VAR_WEATHER_CITY}}
latitude: {{HOMEPAGE_VAR_WEATHER_LAT}}
longitude: {{HOMEPAGE_VAR_WEATHER_LONG}}
timezone: {{HOMEPAGE_VAR_WEATHER_TIME}}
units: {{HOMEPAGE_VAR_WEATHER_UNIT}}
cache: 5 # Time in minutes to cache API responses, to stay within limits
- datetime:
text_size: md
format:
timeStyle: short

8
sabnzbd/docker-compose.yml
View File

@ -17,4 +17,10 @@ services:
- traefik.http.routers.sabnzbd.rule=(Host(`${HOSTNAME}`) && PathPrefix(`/sabnzbd`) || PathPrefix(`/sabnzbd`))
- traefik.http.routers.sabnzbd.tls=true
- traefik.http.routers.sabnzbd.tls.certresolver=myresolver
- traefik.http.services.sabnzbd.loadbalancer.server.port=8080
- traefik.http.services.sabnzbd.loadbalancer.server.port=8080
- homepage.group=Media
- homepage.name=Sabnzbd
- homepage.icon=sabnzbd.png
- homepage.href=/sabnzbd
- homepage.description=Usenet
- homepage.weight=6

3
update-config.sh
View File

@ -8,6 +8,7 @@ do
sleep 5
done
sed -i.bak "s/<UrlBase><\/UrlBase>/<UrlBase>\/radarr<\/UrlBase>/" ./radarr/config.xml && rm ./radarr/config.xml.bak
sed -i.bak 's/^RADARR_API_KEY=.*/RADARR_API_KEY='"$(sed -n 's/.*<ApiKey>\(.*\)<\/ApiKey>.*/\1/p' ./radarr/config.xml)"'/' .env && rm .env.bak
echo "Updating Sonarr configuration..."
until [ -f ./sonarr/config.xml ]
@ -15,6 +16,7 @@ do
sleep 5
done
sed -i.bak "s/<UrlBase><\/UrlBase>/<UrlBase>\/sonarr<\/UrlBase>/" ./sonarr/config.xml && rm ./sonarr/config.xml.bak
sed -i.bak 's/^SONARR_API_KEY=.*/SONARR_API_KEY='"$(sed -n 's/.*<ApiKey>\(.*\)<\/ApiKey>.*/\1/p' ./sonarr/config.xml)"'/' .env && rm .env.bak
echo "Updating Prowlarr configuration..."
until [ -f ./prowlarr/config.xml ]
@ -22,6 +24,7 @@ do
sleep 5
done
sed -i.bak "s/<UrlBase><\/UrlBase>/<UrlBase>\/prowlarr<\/UrlBase>/" ./prowlarr/config.xml && rm ./prowlarr/config.xml.bak
sed -i.bak 's/^PROWLARR_API_KEY=.*/PROWLARR_API_KEY='"$(sed -n 's/.*<ApiKey>\(.*\)<\/ApiKey>.*/\1/p' ./prowlarr/config.xml)"'/' .env && rm .env.bak
echo "Updating Jellyfin configuration..."
until [ -f ./jellyfin/network.xml ]