From 70effebaafebb874db25541dda8fcf787b40a089 Mon Sep 17 00:00:00 2001 From: nicholas Date: Wed, 30 Mar 2022 15:59:14 +0000 Subject: [PATCH] full change to readme --- README.md | 93 +++++++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 83 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 1c76bdb..8c47205 100644 --- a/README.md +++ b/README.md @@ -1,14 +1,87 @@ + + + +
+ # Showcase -## aries -The aries server is aimed to be a "router replacement" but with improved performance, flexibility, and features. Services include: -* BIND9 DNS server -* ISC-DHCPd server -* nginx reverse proxy for HTTPS -* Let's Encrypt acme.sh public TLS termination +[![manios.ca][manios.ca-badge]][manios.ca] -## CROWLEY -CROWLEY is a NAS server running the FreeNAS operating system. It currently houses all of my storage and hosts most of my services. My pool is currently using 25TB (81%) of my total storage. Normally ZFS performance degrades after 80%, but I haven't seen any major performance hits. In the process of extending ZFS volume by adding 4 more 12TB drives. +This showcase is the best showcase ever made. -## hermes -hermes is a mail (SMTP/IMAP) server that I am using for public mail exchange. It also houses my mailboxes. hermes is currently living as a VM on aries as my dedicated hardware for hermes failed. \ No newline at end of file +[Introduction](#introduction) • +[Hardware](#hardware) • +[Software](#software) + +
+ +## Introduction + +This git repo is designed to showcase some of the cool tech things I work on in my spare time. This repo is even hosted by me on-prem at home. + +## Hardware + +All of the sites and services that I run locally are hosted on various hardware that suits my need. Most of the devices are embedded board as I don't require much power. + +| Form Factor | Purpose | Operating System | Notes | +| ------------ | --------------- | ---------------- | ----------------------------------------------------------------- | +| Embedded | Gateway | OpenWRT | Gateway, firewall, and inbound reverse proxy. Migrating to IPfire | +| Embedded | Docker host | Debian | Docker containers live here | +| Mid-size ATX | Network storage | TrueNAS SCALE | Central storage server - ZFS 50TiB | +| Embedded | Voice/audio | Raspbian | Listens for smart home commands and played TTS voices | +| Embedded | Voice/audio | Raspbian | Listens for smart home commands and played TTS voices | +| Embedded | Media center | CoreElec - Kodi | Plays local media on TV | +| Embedded | WiFI AP | Unifi | Ubiquity WiFi device | +| Cloud | Mail relay | Debian | Outbound mail relay and inbound queue | + +## Software + +* `openwrt` - Gateway/firewall/wifi operating system. Used as a gateway/firewall/HTTPS reverse proxy. +* `trueNAS scale` - File storage server implementing OpenZFS file system. Serves network file systems (SMB/NFS) as well as block storage (iSCSI). +* `Kodi` - Dedicated and flexible media player software for displaying on the main TV. Ensures that media is played at high quality (4K, 60Hz, HDR10). Can be controlled from home automation. +* `nginx` - Inbound HTTPS reverse proxy. Also used to reverse proxy sites hosted in docker (each docker compose stack has an nginx container). +* `bind` - Local DNS authority. Serves master zones only. +* `unbound` - Local DNS relay. Also performs DNS based ad-blocking. +* `isc-dhcpd` - Local DHCP server. Works with bind to allocate DNS names to DHCP clients. +* `wireguard` - VPN to cloud as well as road-warrior connections. Also used to VPN outbound for private internet browsing. +* `acme.sh` - Public TLS certificate automation on gateway server. +* `postfix` - Local email authority server (configured for virtual hosts and virtual address). This runs in the cloud (outbound relay, inbound queue) and on-prod (local mailbox). +* `dovecot` - IMAP access to mail directories. +* `rspamd` - Inbound email spam filtering. This runs in the cloud. +* `clamav` - Inbound email anti-virus. This run in the cloud. +* `opendkim/opendmarc` - Inbound/outbound email signing/validation. This runs in the cloud (inbound validation) and on-prem (signing). +* `postfixadmin` - Postfix admin website. +* `home assistant` - Home automation software. Used with Zigbee smart devices. Can pipe music/voice into snapcast. +* `snapcast` - Synchronized multi-room home audio. This server plays audio (voice and music) to the 2 Raspberry Pi's. +* `mopidy` - Media player server used to play media from multiple sources. Pipes music into snapcast. +* `opentts` - Voice synthesizer. Used when requesting voice audio from smart home. API returns wav files for rhasspy. +* `rhasspy` - Voice command server/client. Deployed to the Raspberry Pi's to listen for smart commands and plays synthesized voices. +* `mayan edms` - EDMS server with OCR. Used to store official and archived documents. +* `nextcloud` - Synchronized cloud document and sharing server. Used for immediate document storage. +* `onlyoffice` - Cloud document editing software that works in conjunction with Nextcloud. +* `wordpress` - Blog software used for multiple hosted blog sites. +* `calibre` - Local ebook server. Appears to work with comics too. +* `mosquitto` - Local MQTT broker. Used mostly with home automation. +* `openxpki` - Local cetificate authority. Includes certificate enrollment and renewal automation. Serves certificates for all locally hosted sites. +* `portainer` - Simple docker container management. Can also manage docker compose, docker swarm, and kubernetes. +* `mealie` - Hoster recipe server. Can plug into servers via webhook to manage a grocery list for recipes. +* `fxa` - Mozilla auth and sync server. Used to synchronize Firefox settings and content locally rather than with Mozilla's servers. +* `elastic stack` - Elastic search, logstash, and kibana for log management. +* `synapse` - Matrix protocol implementation. Used for locally hosted chat server. +* `photoprism` - Picture server. Used to host home/family pictures. +* `gitea` - Local git repo. Used mostly to mirror internet projects. +* `jenkins` - Build automation. Used mostly for dockerfile build automation. +* `unifi` - WiFi access point management software. Connects to the Ubiquity WiFi AP. +* `opencas` - Vulnerability management software. +* `firefly-iii` - Local finance server. I've implemented a script that will grab OFX files from my bank and import into this server daily. + + +[manios.ca-badge]: https://img.shields.io/crates/v/zoxide?style=flat-square +[manios.ca]: https://www.manios.ca/ \ No newline at end of file