Skip to content

Commit e044aae

Browse files
riccjohnriccjohn
committed
Set up new services
1 parent 39eb596 commit e044aae

5 files changed

Lines changed: 467 additions & 20 deletions

File tree

.gitignore

Lines changed: 11 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -1,25 +1,16 @@
1-
# Environment variables
1+
# Environment files
22
.env
33

4-
# Node.js
5-
node_modules/
6-
.pnpm-store/
4+
# Docker volumes and data
5+
adguard/
6+
syncthing/
7+
jellyfin/
8+
traefik/letsencrypt/
9+
media/
710

8-
# Docker
9-
.docker/
10-
docker-compose.override.yml
11+
# Homepage config (contains personal data)
12+
homepage/config/
1113

12-
# Traefik
13-
traefik/acme.json
14-
15-
# Service data
16-
service-configs/
17-
homepage/data/
18-
19-
# IDE
20-
*.swp
21-
*.swo
22-
23-
# OS
14+
# OS files
2415
.DS_Store
25-
Thumbs.db
16+
Thumbs.db

README.md

Lines changed: 194 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,194 @@
1+
# Home Network Setup
2+
3+
A centralized Docker Compose configuration for managing your home network services, including AdGuard, Syncthing, Jellyfin, and Homepage, all accessible through a unified dashboard with Traefik as the reverse proxy.
4+
5+
## Services Included
6+
7+
- **Homepage** - Unified dashboard to access all services
8+
- **AdGuard Home** - DNS ad-blocker and network-wide tracker blocker
9+
- **Syncthing** - Continuous file synchronization
10+
- **Jellyfin** - Media server for movies, TV shows, and music
11+
- **Traefik** - Reverse proxy and load balancer (no need to remember port numbers!)
12+
13+
## Prerequisites
14+
15+
- Docker and Docker Compose installed on your server
16+
- Basic knowledge of Docker and networking
17+
- A domain name (optional - can use local domain like `home.local`)
18+
19+
## Quick Start
20+
21+
1. **Clone or download this repository** to your server
22+
23+
2. **Run the setup script** (optional but recommended):
24+
```bash
25+
./setup.sh
26+
```
27+
This will create necessary directories and help you get started.
28+
29+
3. **Create environment file** (if not done by setup script):
30+
```bash
31+
cp env.example .env
32+
```
33+
Edit `.env` and set your domain, timezone, and media path:
34+
```bash
35+
DOMAIN=home.local
36+
TZ=America/New_York
37+
MEDIA_PATH=/path/to/your/media
38+
```
39+
40+
4. **Start all services**:
41+
```bash
42+
docker compose up -d
43+
```
44+
45+
5. **Configure DNS/hosts file**:
46+
47+
For local network access, add entries to your router's DNS or your device's `/etc/hosts` file:
48+
```
49+
192.168.1.100 home.local
50+
192.168.1.100 homepage.home.local
51+
192.168.1.100 adguard.home.local
52+
192.168.1.100 syncthing.home.local
53+
192.168.1.100 jellyfin.home.local
54+
192.168.1.100 traefik.home.local
55+
```
56+
Replace `192.168.1.100` with your server's IP address.
57+
58+
## Accessing Services
59+
60+
Once everything is running, you can access:
61+
62+
- **Homepage Dashboard**: `https://homepage.home.local` or `https://home.local`
63+
- **AdGuard Home**: `https://adguard.home.local`
64+
- **Syncthing**: `https://syncthing.home.local`
65+
- **Jellyfin**: `https://jellyfin.home.local`
66+
- **Traefik Dashboard**: `https://traefik.home.local:8080` (or via Homepage)
67+
68+
All services are also accessible through the Homepage dashboard, so you don't need to remember individual URLs!
69+
70+
## Initial Setup for Each Service
71+
72+
### AdGuard Home
73+
74+
1. Access `https://adguard.home.local` (or `http://YOUR_SERVER_IP:3001`)
75+
2. Follow the initial setup wizard
76+
3. Configure your DNS settings (typically port 53)
77+
4. Set up admin credentials
78+
79+
### Syncthing
80+
81+
1. Access `https://syncthing.home.local` (or `http://YOUR_SERVER_IP:8384`)
82+
2. Set up your first folder to sync
83+
3. Add devices you want to sync with
84+
4. Configure sharing settings
85+
86+
### Jellyfin
87+
88+
1. Access `https://jellyfin.home.local` (or `http://YOUR_SERVER_IP:8096`)
89+
2. Complete the initial setup wizard
90+
3. Add your media libraries
91+
4. Configure users and permissions
92+
93+
### Homepage
94+
95+
1. Access `https://homepage.home.local` (or `http://YOUR_SERVER_IP:3000`)
96+
2. The services should already be configured in `homepage/config/services.yaml`
97+
3. Customize the appearance in `homepage/config/settings.yaml`
98+
99+
## Configuration Files
100+
101+
- `docker-compose.yml` - Main service definitions
102+
- `.env` - Environment variables (create from `.env.example`)
103+
- `homepage/config/` - Homepage configuration files
104+
- `traefik/letsencrypt/` - SSL certificates (auto-generated)
105+
106+
## Ports Used
107+
108+
- **80** - HTTP (Traefik)
109+
- **443** - HTTPS (Traefik)
110+
- **53** - DNS (AdGuard)
111+
- **3000** - Homepage (direct access)
112+
- **3001** - AdGuard Web UI (direct access)
113+
- **8096** - Jellyfin (direct access)
114+
- **8384** - Syncthing (direct access)
115+
- **8080** - Traefik Dashboard (direct access)
116+
117+
## SSL Certificates
118+
119+
Traefik is configured to automatically obtain SSL certificates from Let's Encrypt. For local networks:
120+
121+
- If using a real domain, ensure it points to your server and ports 80/443 are accessible
122+
- If using a local domain (like `home.local`), you may need to use self-signed certificates or disable SSL verification in your browser
123+
124+
## Troubleshooting
125+
126+
### Services not accessible via Traefik
127+
128+
1. Check that services are running: `docker compose ps`
129+
2. Verify Traefik labels are correct in `docker-compose.yml`
130+
3. Check Traefik logs: `docker compose logs traefik`
131+
132+
### DNS not working
133+
134+
1. Ensure AdGuard is configured correctly
135+
2. Check that port 53 is not blocked by firewall
136+
3. Verify your router's DNS settings point to your server
137+
138+
### Can't access services
139+
140+
1. Check firewall rules allow ports 80, 443, and service-specific ports
141+
2. Verify DNS/hosts file entries are correct
142+
3. Try accessing services directly via IP:port (e.g., `http://192.168.1.100:3000`)
143+
144+
## Updating Services
145+
146+
To update all services to their latest versions:
147+
148+
```bash
149+
docker compose pull
150+
docker compose up -d
151+
```
152+
153+
## Stopping Services
154+
155+
To stop all services:
156+
157+
```bash
158+
docker compose down
159+
```
160+
161+
To stop and remove all volumes (⚠️ **WARNING**: This deletes all data):
162+
163+
```bash
164+
docker compose down -v
165+
```
166+
167+
## Backup
168+
169+
Important data is stored in the following directories:
170+
- `adguard/` - AdGuard configuration
171+
- `syncthing/` - Syncthing configuration and data
172+
- `jellyfin/` - Jellyfin configuration
173+
- `homepage/config/` - Homepage configuration
174+
175+
Regularly backup these directories to preserve your settings.
176+
177+
## Security Notes
178+
179+
⚠️ **Important**: This setup does not include authentication by default. For security:
180+
181+
1. Deploy behind a VPN for remote access
182+
2. Use a reverse proxy with authentication (e.g., Authelia, Authentik)
183+
3. Keep services updated regularly
184+
4. Use strong passwords for all services
185+
5. Consider firewall rules to restrict access
186+
187+
## License
188+
189+
This configuration is provided as-is for personal use.
190+
191+
## Contributing
192+
193+
Feel free to submit issues or pull requests if you have improvements or find bugs.
194+

docker-compose.yml

Lines changed: 152 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,152 @@
1+
version: '3.8'
2+
3+
services:
4+
traefik:
5+
image: traefik:v3.0
6+
container_name: traefik
7+
restart: unless-stopped
8+
command:
9+
- --api.dashboard=true
10+
- --api.insecure=true
11+
- --providers.docker=true
12+
- --providers.docker.exposedbydefault=false
13+
- --entrypoints.web.address=:80
14+
- --entrypoints.websecure.address=:443
15+
- --certificatesresolvers.letsencrypt.acme.email=${ACME_EMAIL:[email protected]}
16+
- --certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json
17+
- --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web
18+
ports:
19+
- "80:80"
20+
- "443:443"
21+
- "8080:8080" # Traefik dashboard
22+
volumes:
23+
- /var/run/docker.sock:/var/run/docker.sock:ro
24+
- ./traefik/letsencrypt:/letsencrypt
25+
networks:
26+
- home-network
27+
labels:
28+
- "traefik.enable=true"
29+
- "traefik.http.routers.traefik.rule=Host(`traefik.${DOMAIN:-home.local}`)"
30+
- "traefik.http.routers.traefik.entrypoints=websecure"
31+
- "traefik.http.routers.traefik.tls.certresolver=letsencrypt"
32+
- "traefik.http.routers.traefik-http.rule=Host(`traefik.${DOMAIN:-home.local}`)"
33+
- "traefik.http.routers.traefik-http.entrypoints=web"
34+
- "traefik.http.routers.traefik-http.middlewares=traefik-redirect"
35+
- "traefik.http.middlewares.traefik-redirect.redirectscheme.scheme=https"
36+
- "traefik.http.services.traefik.loadbalancer.server.port=8080"
37+
38+
adguard:
39+
image: adguard/adguardhome:latest
40+
container_name: adguard
41+
restart: unless-stopped
42+
ports:
43+
- "53:53/tcp"
44+
- "53:53/udp"
45+
- "3001:3000/tcp" # Web UI (also accessible via Traefik)
46+
- "853:853/tcp" # DNS-over-TLS
47+
- "784:784/udp" # DNS-over-QUIC
48+
- "8853:8853/udp" # DNS-over-HTTPS
49+
volumes:
50+
- ./adguard/work:/opt/adguardhome/work
51+
- ./adguard/conf:/opt/adguardhome/conf
52+
networks:
53+
- home-network
54+
labels:
55+
- "traefik.enable=true"
56+
- "traefik.http.routers.adguard.rule=Host(`adguard.${DOMAIN:-home.local}`)"
57+
- "traefik.http.routers.adguard.entrypoints=websecure"
58+
- "traefik.http.routers.adguard.tls.certresolver=letsencrypt"
59+
- "traefik.http.routers.adguard-http.rule=Host(`adguard.${DOMAIN:-home.local}`)"
60+
- "traefik.http.routers.adguard-http.entrypoints=web"
61+
- "traefik.http.routers.adguard-http.middlewares=adguard-redirect"
62+
- "traefik.http.middlewares.adguard-redirect.redirectscheme.scheme=https"
63+
- "traefik.http.services.adguard.loadbalancer.server.port=3000"
64+
65+
syncthing:
66+
image: syncthing/syncthing:latest
67+
container_name: syncthing
68+
restart: unless-stopped
69+
environment:
70+
- PUID=1000
71+
- PGID=1000
72+
volumes:
73+
- ./syncthing/config:/var/syncthing/config
74+
- ./syncthing/data:/var/syncthing/data
75+
ports:
76+
- "22000:22000/tcp" # Sync protocol
77+
- "22000:22000/udp" # Sync protocol
78+
- "21027:21027/udp" # Local discovery
79+
- "8384:8384/tcp" # Web UI (also accessible via Traefik)
80+
networks:
81+
- home-network
82+
labels:
83+
- "traefik.enable=true"
84+
- "traefik.http.routers.syncthing.rule=Host(`syncthing.${DOMAIN:-home.local}`)"
85+
- "traefik.http.routers.syncthing.entrypoints=websecure"
86+
- "traefik.http.routers.syncthing.tls.certresolver=letsencrypt"
87+
- "traefik.http.routers.syncthing-http.rule=Host(`syncthing.${DOMAIN:-home.local}`)"
88+
- "traefik.http.routers.syncthing-http.entrypoints=web"
89+
- "traefik.http.routers.syncthing-http.middlewares=syncthing-redirect"
90+
- "traefik.http.middlewares.syncthing-redirect.redirectscheme.scheme=https"
91+
- "traefik.http.services.syncthing.loadbalancer.server.port=8384"
92+
93+
jellyfin:
94+
image: jellyfin/jellyfin:latest
95+
container_name: jellyfin
96+
restart: unless-stopped
97+
environment:
98+
- PUID=1000
99+
- PGID=1000
100+
- TZ=${TZ:-America/New_York}
101+
volumes:
102+
- ./jellyfin/config:/config
103+
- ./jellyfin/cache:/cache
104+
- ${MEDIA_PATH:-./media}:/data/media:ro
105+
ports:
106+
- "8096:8096/tcp" # Web UI (also accessible via Traefik)
107+
- "8920:8920/tcp" # HTTPS
108+
- "7359:7359/udp" # DLNA
109+
- "1900:1900/udp" # DLNA
110+
networks:
111+
- home-network
112+
labels:
113+
- "traefik.enable=true"
114+
- "traefik.http.routers.jellyfin.rule=Host(`jellyfin.${DOMAIN:-home.local}`)"
115+
- "traefik.http.routers.jellyfin.entrypoints=websecure"
116+
- "traefik.http.routers.jellyfin.tls.certresolver=letsencrypt"
117+
- "traefik.http.routers.jellyfin-http.rule=Host(`jellyfin.${DOMAIN:-home.local}`)"
118+
- "traefik.http.routers.jellyfin-http.entrypoints=web"
119+
- "traefik.http.routers.jellyfin-http.middlewares=jellyfin-redirect"
120+
- "traefik.http.middlewares.jellyfin-redirect.redirectscheme.scheme=https"
121+
- "traefik.http.services.jellyfin.loadbalancer.server.port=8096"
122+
123+
homepage:
124+
image: ghcr.io/gethomepage/homepage:latest
125+
container_name: homepage
126+
restart: unless-stopped
127+
environment:
128+
- HOMEPAGE_ALLOWED_HOSTS=${DOMAIN:-home.local}
129+
- PUID=1000
130+
- PGID=1000
131+
volumes:
132+
- ./homepage/config:/app/config
133+
- /var/run/docker.sock:/var/run/docker.sock:ro
134+
ports:
135+
- "3000:3000" # Web UI (also accessible via Traefik)
136+
networks:
137+
- home-network
138+
labels:
139+
- "traefik.enable=true"
140+
- "traefik.http.routers.homepage.rule=Host(`homepage.${DOMAIN:-home.local}`) || Host(`${DOMAIN:-home.local}`)"
141+
- "traefik.http.routers.homepage.entrypoints=websecure"
142+
- "traefik.http.routers.homepage.tls.certresolver=letsencrypt"
143+
- "traefik.http.routers.homepage-http.rule=Host(`homepage.${DOMAIN:-home.local}`) || Host(`${DOMAIN:-home.local}`)"
144+
- "traefik.http.routers.homepage-http.entrypoints=web"
145+
- "traefik.http.routers.homepage-http.middlewares=homepage-redirect"
146+
- "traefik.http.middlewares.homepage-redirect.redirectscheme.scheme=https"
147+
- "traefik.http.services.homepage.loadbalancer.server.port=3000"
148+
149+
networks:
150+
home-network:
151+
driver: bridge
152+

env.example

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
# Domain configuration
2+
# For local network, use something like "home.local" or your actual domain
3+
DOMAIN=home.local
4+
5+
# Timezone
6+
TZ=America/New_York
7+
8+
# Media path for Jellyfin (adjust to your actual media location)
9+
# Use absolute path for best results
10+
MEDIA_PATH=/path/to/your/media
11+
12+
# ACME email for Let's Encrypt certificates (only needed if using real domain)
13+
[email protected]

0 commit comments

Comments
 (0)