Skip to content

awm/vaire-cfg

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
part-db
part-db
 
 
snipe-it
snipe-it
 
 
traefik
traefik
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pyproject.toml
pyproject.toml
 
 
secrets.yml.example
secrets.yml.example
 
 
services.py
services.py
 
 
services.yml
services.yml
 
 

Repository files navigation

Vairë Container Definitions

Home network container definitions and reverse proxy configuration, using rootless Podman Quadlets.

Services

  • Part-DB: Electronics and hardware component inventory tracking.
  • Snipe-IT: Asset management and tracking.
  • Traefik: Application proxy.

Installation

The assumed platform here is an Ubuntu 24.04 VM.

  • Install required system packages:

    sudo apt install podman pipx s3fs

  • Allow the services to access privileged ports by adding the following in /etc/sysctl.d/user_priv_ports.conf:

    net.ipv4.ip_unprivileged_port_start=80

  • Do the same for the active session by running:

    sudo sysctl net.ipv4.ip_unprivileged_port_start=80

    TODO: Revise this to instead use forwarding rules in the firewall and restore the privileged port threshold to 1024.

  • Ensure the services run even when the owner is not logged in by running

    loginctl enable-linger

  • Install Python dependencies:

    pipx ensurepath
pipx install poetry
# ...restart session here...
poetry install

  • Create a secrets.yml based off the example and populate it with real values. Save it with permissions of 0600.

  • Install services:

    poetry run ./services.py deploy partdb snipe traefik backup

  • Start services:

    poetry run ./services.py start partdb snipe traefik

About

Home lab container configuration

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages