Skip to content

Latest commit

 

History

History
44 lines (22 loc) · 2.74 KB

README.md

File metadata and controls

44 lines (22 loc) · 2.74 KB

DOCKER-PI

I like to run a lot of services for my home on a Rasberry Pi. To keep these services contained and easy to port to a new Pi, I have Dockerized all of them. Upon getting a new Pi, I can have it up and running within a few minutes.

This is a side hackery project of mine, so not everything is perfectly well factored, etc.

Rasberry Pi Setup

Note that I run Ubuntu on my Pi. This is nice because I run Ubuntu on other machines so everything is the same. I had most of this setup running on Raspbian in the past so that should work fine as well.

Getting up and running requires the following:

  • Set up SSH. Strongly recommend only allowing PubKeyAuthentication. Make sure you never allow your new Pi to be put onto a network that has port forwarding to its IP on port 22, with the default username/password. I, uh, heard that from a friend.

  • Set up Docker and Docker Compose. Follow this guide to get it up and running.

  • Set up git: sudo apt-get install git

Now you should be all set.

Clone this repo, navigate to a service directory, set your environment (for example, using direnv), and run docker-compose up -d, and you should be set.

Services

Each of the services below are set up in a similar manner:

  • There is a docker-compose.yml file that defines the service. All services container name is the same as the service so it's easy to do something like docker logs openvpn. If, for some reason, you want to run multiple verisons, you'll need to change that. These files use ENV variable injection for configuration parameters. You shouldn't have to modify the docker-compose files yourself.

  • Each service has an .env file that contains the default non-secret values for each container. Docker will automatically load this into the env when running Docker commands.

  • For secrets, I recommend using direnv. With this you can drop an .envrc file in each folder. These are excluded by .gitignore so you can use them for your secrets. You can use other solutions here but direnv is simple and easy to manage.

Currently Supported Services

  • dyndns: hand-rolled dynamic DNS updater that uses Route53.

  • pihole: turn your Pi into an ad-blocker for your whole network.

  • openvpn: run an OpenVPN server. This is a great way to have remote and secure access to your home network.

  • backup-cloud: uses rclone to sync cloud storage (e.g. Google Drive, Google Photos) to an attached local drive.

  • plex: run a Plex media server.