Traefik HTTPS Config with DuckDNS for Local Homeserver
This is a how-to guide inspired by “Quick and Easy SSL Certificates for Your Homelab!”" focus on Traefik reverse proxy server. Although this guide focuses on DuckDNS, a similar configuration can apply to any DNS provider. The trick is by setting private IP for the domain name you own, in my case DuckDNS. Get DuckDNS Sub-Domain Sign-up an account in duckdns.org, choose a sub-domain(As I choose a dummy sub-domain lser.duckdns.org) and add your home server IP address(In my case 192....
Wireguard VPN and BitTorrent on Docker Swarm (Part 1)
Introduction One of the services I always wanted to have on my raspberry pi home server is VPN and BitTorrent, which basically, route all BitTorrent traffic through a VPN container. Then I saw Wolfgang’s “Set Up Your Own Wireguard VPN Server with 2FA in 5 Minutes!” on Youtube, which inspired me to set up my own VPN server. I quickly created an instance on Oracle Cloud and ran the ansible playbook to deploy the wireguard VPN....
Wireguard VPN and BitTorrent on Docker Swarm (Part 2)
Previously in part 1, we have deployed the qBittorrent with Wireguard VPN on docker swarm. In this part, we will test the deployment, configure qBittorrent and finish the blog with the kill switch configuration Testing Below are the tests to make sure qBittorrent has access to the Internet through Wireguard VPN ➡️Make sure Wireguard and qBittorrent containers are up and running. ➡️Check you are able to ping Wireguard container from qBittorrent...
Portainer vs Yacht
Introduction I have been working on my home server setup on Raspberry Pi 4. I’d like to deploy all of my services/tools in docker containers, and for that, I need a nice and fancy container management tool I want to have on my home server. I had checked multiple sources, and finally picked two; they are Portainer and Yacht. Portainer is a well-known container management tool and Yacht is fairly new....
User Namespace Isolation in Docker
There is a cool feature in docker called userns-remap, discovered while doing my RaspberryPi home server project; 15#issuecomment-1296311979, I can just enable userns-remap and docker does all remapping of uid and gid inside docker container to a non-root user on the host. https://docs.docker.com/engine/security/userns-remap/ How to enable *It is better to reinstall docker and remove all existing docker volumes Add below /etc/docker/daemon.json { "userns-remap": "default" } Restart the docker daemon $ sudo systemctl restart docker Ansible automation here In-Action # Run the Nginx container $ docker run -it -d nginx # Inside, the process thinks it is running as root!...
Pi-hole with DHCP Relay in Docker
Introduction I have been working on a RaspberryPi home server project for quite some time. The project is a collection of applications to run on RaspberryPi and all applications are deployable with docker-compose files and ansible automation. One of the applications I was configuring is Pi-hole, a network-wide ad-blocker. I decided to use Pi-hole as also DHCP server for my LAN. When I look into docs, it says it has to be run as network_mode: host, because it allows Pi-hole to listen to DHCP broadcast packets....
Strimzi Kafka Disaster Recovery with Velero
Introduction Hello my dear fellow humans, hope you are having a great day. Today’s guide is on how to recover from a disaster for Strimzi Kafka with Velero. First of all, what is Strmzi Kafka? https://strimzi.io Strimzi provides a way to run an Apache Kafka cluster on Kubernetes in various deployment configurations. Back in a while, I worked on Strimzi Kafka deployment on Openshift, very easy to set up and manage production-level Kafka cluster on Kubernetes, I have to give credit to the Strimzi project team, did a great job on documentation, support on Github discussions and active developments....
Elasticsearch Configuration Overview
👉 This writeup is part of “Elasticsearch Deploy Docs” series. Important Elasticsearch Configuration 📄 Official Docs Mainly 3 configuration files elasticsearch.yml - Elasticsearch config jvm.options - Elasticsearch JVM settings config log4j2.properties - Elasticsearch logging config Environment Variables export the ES_PATH_CONF etc/default/elasticsearch (Sourced environment variables from. Recommended) Settings 📄 Official Docs Before going to production, it is recommended go through be below elasticsearch configs. Refer sample_config directory for configuration Configuration Description Configuration Reference Path settings Log and data config Refer here Cluster name Cluster name Refer here Node name Node name Refer here Network host IP address that elasticsearch bind on Refer here Discovery settings Cluster discovery and initial master config Refer here Heap size JVM heap memory configuration Recommended heap size should be half of system memory....