Table of Contents
Ok so continuing from the previous post, as I more-or-less added all things that I consider essential, let’s see what is under the hood on my system.
We can not have a media server without media apps, so I have a pretty common media management stack. For the time being, I ran Plex to stream my media, and the arr-s to manage missing media.
Here is where things get a bit more interesting.
- Portainer – is an obvious choice for visual management/troubleshooting containers; while the config is in code, it is useful sometimes to spot errors – ie. incorrect volume mapping, labels that come to mind – also the easy access to logs, status and console to the container is quite awesome – what is there not to like?
- Watchtower – this one is freshly deployed, and meant to be doing the upgrade of container images (will see how it plays out; I recall I had that a long time ago, and worked well). It should also send notifications – in my case to Slack.
- Duplicati – I had trouble directing Docker to a native nfs mounted directory (I am assuming it is not supported – if anyone knows better feel free to reach out on Github and educate me), so I deployed Duplicati, which backs up my Docker directory (minus the data part; really only care about application data there). Will write up how the restore went – if I ever come to that sad situation where I will need it 🙂
- Tailscale – now that one is a gem:)
A few weeks ago I came across these new things called “zero trust VPN” (well, they might be around for a while…also…sarcasm..?). My choice was Tailscale. Not that I am affiliated with them or anything, but liked the idea of Magic DNS (Zero Tier was a contender, might try that out later too). So I deployed their container, so I can ssh (or really browse) to the server from wherever I want – provided I install their client on the machine I am on. Right now I have it on my phone (shocking! not an iPhone!) and on my laptop (gasp! It is not a MacBook!), so if I am out and about I can just hop on to my server from there, with security.
- Proxmox – if you read my previous post, you are not surprised that I also put this one here. There is no Tailscale on that one yet, so it is only accessible from within my network, but that is coming to him. Also, Homepage had service integration for it, so its API information is also collected. Right now there is – as can be seen by the eagle-eyed – only one VM on it (the Docker host) running. But now that I near-finished this project, my next few ideas will change that (I plan to deploy pfSense, some Windows VM-s to build a domain-test-lab and most likely an Unifi controller for my planned Unifi AP-s).
- Qnap – finally (sadly they also not paying for the free advertisement) the backbone of my lab is an oldie-but-goldie QNAP TS-809. This guy does not have Tailscale either (yet), so local access only.
And that is it for today folks!
Feel free to reach out if you need more information!