Skip to content
/ serverr Public

Docker media and home server stack with Docker Compose, Traefik, Google OAuth2, and LetsEncrypt

7 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dphildebrandt/serverr

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

163 Commits
app-data
app-data
 
 
scripts
scripts
 
 
stacks
stacks
 
 
.env.template
.env.template
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
compose.yaml
compose.yaml
 
 

Repository files navigation

serverr

Docker media and home server stack with Docker Compose, Traefik, Google OAuth2, and LetsEncrypt

Setup Tips:

  1. Insall Docker
    1. Set privileges on folder and sub-folders:
      1. sudo setfacl -Rdm g:docker:rwx serverr
      2. sudo chmod -R 775 serverr
  2. Make sure to have domain/DNS up to date, and API access to provider (whitelist your IP if needed)
  3. Update router settings:
    1. Make machine static internal IP
    2. Port forward 80, 443 (Traefik) and 32400 (Plex)
  4. cp serverr/.env.template serverr/.env and fill out variables
  5. Setup Traefik2 files:
    1. touch serverr/app-data/traefik2/acme/acme.json
    2. chmod 600 serverr/app-data/traefik2/acme/acme.json
    3. touch serverr/app-data/traefik2/traefik.log
  6. Setup docker secrets:
    1. mkdir serverr/secrets
    2. sudo chown root:root serverr/secerts
    3. sudo chmod 600 serverr/secrets
    4. Domain Name Providers (I use Namecheap, docker-compose.yml will need to be updated if provider changes)
  7. Set up Google Cloud Platform oauth/credentials
  8. SSL certs:
    1. Uncomment traefik sections
    2. docker-compose up -d traefik and check certs at traefik.domain.com and/or acme.json
    3. Comment staging, clear out acme.json
    4. Bring up traefik again and check certs at traefik.domain.com and/or acme.json
    5. Comment out certresolver label and bring up traefik last time
  9. Configure various containers via their subdomain.domain.com addresses, things to note:
    1. Sabnzbd
      1. Have to access Sabnzbd via IP:Port/sabnzbd before whitelisting the subdomain in config
    2. Tauttulli
      1. If using the official remote app, disable oauth, register device token, update .env, re-enable oauth.
  10. Install UFW:
    1. Allow 80, 443, 32400 from anywhere
    2. Allow 22 from 192.168.0.0/16
  11. Change DOCKER_OPTS to Respect IP Table Firewall
    1. sudo vi /etc/default/docker
    2. add DOCKER_OPTS="--iptables=false"
  12. Install snapraid, gitclone snapraid-runner and update conf, install and configure mergerFs, install rclone and configure to Dropbox
  13. Update scripts/crontab.template and copy to sudo crontab -e
  14. CrowdSec Setup Guide

About

Docker media and home server stack with Docker Compose, Traefik, Google OAuth2, and LetsEncrypt

Resources

Readme
Activity

Stars

7 stars

Watchers

0 watching

Forks

0 forks
Report repository

Languages