<!-- markdownlint-configure-file {
  "MD013": {
    "code_blocks": false,
    "tables": false
  },
  "MD033": false,
  "MD041": false
} -->

<!-- align the title and description to center -->
<div align="center">

# Showcase

[![manios.ca][manios.ca-badge]][manios.ca]

This showcase is the best showcase ever made.

[Introduction](#introduction) •
[Hardware](#hardware) •
[Software](#software)

</div>

## Introduction

This git repo is designed to showcase some of the cool tech things I work on in my spare time. This repo is even hosted by me on-prem at home.

## Hardware

All of the sites and services that I run locally are hosted on various hardware that suits my need. Most of the devices are embedded board as I don't require much power.

| Form Factor  | Purpose         | Operating System | Notes                                                             |
| ------------ | --------------- | ---------------- | ----------------------------------------------------------------- |
| Embedded     | Gateway         | OpenWRT          | Gateway, firewall, and inbound reverse proxy. Migrating to IPfire |
| Embedded     | Docker host     | Debian           | Docker containers live here                                       |
| Mid-size ATX | Network storage | TrueNAS SCALE    | Central storage server - ZFS 50TiB                                |
| Embedded     | Voice/audio     | Raspbian         | Listens for smart home commands and played TTS voices             |
| Embedded     | Voice/audio     | Raspbian         | Listens for smart home commands and played TTS voices             |
| Embedded     | Media center    | CoreElec - Kodi  | Plays local media on TV                                           |
| Embedded     | WiFI AP         | Unifi            | Ubiquity WiFi device                                              |
| Cloud        | Mail relay      | Debian           | Outbound mail relay and inbound queue                             |

## Software

* `openwrt` - Gateway/firewall/wifi operating system. Used as a gateway/firewall/HTTPS reverse proxy.
* `trueNAS scale` - File storage server implementing OpenZFS file system. Serves network file systems (SMB/NFS) as well as block storage (iSCSI).
* `Kodi` - Dedicated and flexible media player software for displaying on the main TV. Ensures that media is played at high quality (4K, 60Hz, HDR10). Can be controlled from home automation.
* `nginx` - Inbound HTTPS reverse proxy. Also used to reverse proxy sites hosted in docker (each docker compose stack has an nginx container).
* `bind` - Local DNS authority. Serves master zones only.
* `unbound` - Local DNS relay. Also performs DNS based ad-blocking.
* `isc-dhcpd` - Local DHCP server. Works with bind to allocate DNS names to DHCP clients.
* `wireguard` - VPN to cloud as well as road-warrior connections. Also used to VPN outbound for private internet browsing.
* `acme.sh` - Public TLS certificate automation on gateway server.
* `postfix` - Local email authority server (configured for virtual hosts and virtual address). This runs in the cloud (outbound relay, inbound queue) and on-prod (local mailbox).
* `dovecot` - IMAP access to mail directories.
* `rspamd` - Inbound email spam filtering. This runs in the cloud.
* `clamav` - Inbound email anti-virus. This run in the cloud.
* `opendkim/opendmarc` - Inbound/outbound email signing/validation. This runs in the cloud (inbound validation) and on-prem (signing).
* `postfixadmin` - Postfix admin website.
* `home assistant` - Home automation software. Used with Zigbee smart devices. Can pipe music/voice into snapcast.
* `snapcast` - Synchronized multi-room home audio. This server plays audio (voice and music) to the 2 Raspberry Pi's.
* `mopidy` - Media player server used to play media from multiple sources. Pipes music into snapcast.
* `opentts` - Voice synthesizer. Used when requesting voice audio from smart home. API returns wav files for rhasspy.
* `rhasspy` - Voice command server/client. Deployed to the Raspberry Pi's to listen for smart commands and plays synthesized voices.
* `mayan edms` - EDMS server with OCR. Used to store official and archived documents.
* `nextcloud` - Synchronized cloud document and sharing server. Used for immediate document storage.
* `onlyoffice` - Cloud document editing software that works in conjunction with Nextcloud.
* `wordpress` - Blog software used for multiple hosted blog sites.
* `calibre` - Local ebook server. Appears to work with comics too.
* `mosquitto` - Local MQTT broker. Used mostly with home automation.
* `openxpki` - Local cetificate authority. Includes certificate enrollment and renewal automation. Serves certificates for all locally hosted sites.
* `portainer` - Simple docker container management. Can also manage docker compose, docker swarm, and kubernetes.
* `mealie` - Hoster recipe server. Can plug into servers via webhook to manage a grocery list for recipes.
* `fxa` - Mozilla auth and sync server. Used to synchronize Firefox settings and content locally rather than with Mozilla's servers.
* `elastic stack` - Elastic search, logstash, and kibana for log management.
* `synapse` - Matrix protocol implementation. Used for locally hosted chat server.
* `photoprism` - Picture server. Used to host home/family pictures.
* `gitea` - Local git repo. Used mostly to mirror internet projects.
* `jenkins` - Build automation. Used mostly for dockerfile build automation.
* `unifi` - WiFi access point management software. Connects to the Ubiquity WiFi AP.
* `opencas` - Vulnerability management software.
* `firefly-iii` - Local finance server. I've implemented a script that will grab OFX files from my bank and import into this server daily.
* `traefik` - Ingress load balancer for kubernetes.

<!--[manios.ca-badge]: https://img.manios.ca/git/badges/manios.ca?style=flat-square-->
[manios.ca-badge]: https://img.shields.io/crates/v/zoxide?style=flat-square
[manios.ca]: https://www.manios.ca/