5.6 KiB
5.6 KiB
Introduction
This git repo is designed to showcase some of the cool tech things I work on in my spare time. This repo is even hosted by me on-prem at home.
Hardware
All of the sites and services that I run locally are hosted on various hardware that suits my need. Most of the devices are embedded board as I don't require much power.
| Form Factor | Purpose | Operating System | Notes |
|---|---|---|---|
| Embedded | Gateway | pfSense | Gateway, firewall, and inbound reverse proxy. Migrating to IPfire |
| Embedded x3 | Docker host | Debian | Docker containers live here |
| Mid-size ATX | Network storage | TrueNAS SCALE | Central storage server - ZFS 50TiB |
| Embedded | Voice/audio | Raspbian | Listens for smart home commands and played TTS voices |
| Embedded | Voice/audio | Raspbian | Listens for smart home commands and played TTS voices |
| Embedded | Media center | CoreElec - Kodi | Plays local media on TV |
| Embedded | WiFI AP | Unifi | Ubiquity WiFi device |
| Cloud | Mail relay | Debian | Outbound mail relay and inbound queue |
Software
pfSense- Gateway/firewall operating system. Also the VPN endpoint for road-warriors.TrueNAS scale- File storage server implementing OpenZFS file system. Serves network file systems (SMB/NFS) as well as block storage (iSCSI).Kodi- Dedicated and flexible media player software for displaying on the main TV. Ensures that media is played at high quality (4K, 60Hz, HDR10). Can be controlled from home automation.traefik- Inbound HTTPS reverse proxy. Also used to reverse proxy sites hosted in docker swarm services.bind- Local DNS authority. Serves master zones only.unbound- Local DNS relay. Also performs DNS based ad-blocking.isc-dhcpd- Local DHCP server. Works with bind to allocate DNS names to DHCP clients.wireguard- VPN to cloud as well as road-warrior connections. Also used to VPN outbound for private internet browsing.acme.sh- Public TLS certificate automation on gateway server.postfix- Local email authority server for local mailboxes. Additional cloud deployment for outbound relay and inbound queue.dovecot- IMAP access to mail directories.rspamd- Inbound email spam filtering. This runs in the cloud.clamav- Inbound email anti-virus. This run in the cloud.opendkim/opendmarc- Inbound/outbound email signing/validation. This runs in the cloud (inbound validation) and on-prem (signing).postfixadmin- Postfix admin website.home assistant- Home automation software. Used with Zigbee smart devices.snapcast- Synchronized multi-room home audio. This server plays audio (voice and music) to the 2 Raspberry Pi's.mopidy- Media player server used to play media from multiple sources. Pipes music into snapcast.opentts- Voice synthesizer. Used when requesting voice audio from smart home. API returns wav files for rhasspy.rhasspy- Voice command server/client. Deployed to the Raspberry Pi's to listen for smart commands and plays synthesized voices.mayan edms- EDMS server with OCR. Used to store official and archived documents.nextcloud- Synchronized cloud document and sharing server. Used for immediate document storage.onlyoffice- Cloud document editing software that works in conjunction with Nextcloud.wordpress- Blog software used for multiple hosted blog sites.calibre- Local ebook server. Appears to work with comics too.mosquitto- Local MQTT broker. Used mostly with home automation.openxpki- Local cetificate authority. Includes certificate enrollment and renewal automation. Serves certificates for all locally hosted sites.portainer- Simple docker container management. Can also manage docker compose, docker swarm, and kubernetes.mealie- Hoster recipe server. Can plug into servers via webhook to manage a grocery list for recipes.fxa- Mozilla auth and sync server. Used to synchronize Firefox settings and content locally rather than with Mozilla's servers.elastic stack- Elastic search, logstash, and kibana for log management.synapse- Matrix protocol implementation. Used for locally hosted chat server.photoprism- Picture server. Used to host home/family pictures.gitea- Local git repo. Used mostly to mirror internet projects.jenkins- Build automation. Used mostly for dockerfile build automation.unifi- WiFi access point management software. Connects to the Ubiquity WiFi AP.opencas- Vulnerability management software.firefly-iii- Local finance server. I've implemented a script that will grab OFX files from my bank and import into this server daily.