brammp/HomeServerCTs
1
0
Fork 0
Code Issues Pull Requests Releases Activity
186 Commits 2 Branches 0 Tags
1925682277c7b428ae5c8d0f7efff4c94718c261
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

Readme.md

Scripts for building containers for the Proxmox home server

Initial Setup

The first step is to build the containers needed for building all other containers.
This can be done on a privileged Debian CT (make sure to enable the Fuse, Nesting and 'Create Device Nodes' features) on the new proxmox server or any other Debian install

  1. Clone this repo
  2. cd in to cloned repo
  3. run bash Scripts/FirstSetup.sh, to install dependencies and generate the container images
  4. upload the Debian-imgbuilder.tar.xz to the proxmox server and create a privileged container
  5. Follow the steps under Container Setup > imgbuilder
  6. Upload the Debian-Jenkins.tar.xz to the proxmox server and create a container
  7. Follow the steps under Container Setup > Jenkins

List of containers

Name Distro Description
minimal All Minimal installed packages
default All ssh-server and nano packages
jenkins Debian Jenkins server
jenkinsBuilder Debian Basic node for Jenkins
imgbuilder Debian LXC template builder node for Jenkins
mysql Debian Mysql server with PhpMyadmin
pihole Debian Pihole CT
collabora Debian CollaboraOffice WebService (CODE version)
jellyfin Debian Jellyfin in-home streaming server
domoticz Debian Domoticz home automation service
omadaV3 Debian TP-link Omada SDN controller(V3.2.14)
docker Debian Docker container service
smb Debian Samba server
x2go Debian Remote xfce desktop accessable via X2go
aptcacherng Debian Caching server for linux packages
nfs Debian NFS server
duplicati Debian Duplicati backup software
fileshelter Debian FileShelter file shareing software
esphome Debian ESPHome software to manage wifi-MCUs
postgresql Debian PostgreSQL server with pgAdmin
linkwarden Debian inkwarden is an collaborative bookmark manager to collect, organize and preserve webpages.
elkarbackupALP (Deprecated, Requires PHP 7.4) Alpine ElkarBackup rsyncsnapshot server
gitea Alpine Gitea server
nginx Alpine Nginx server for reverse-proxy use
ddns Alpine DDNS client configured for OVH/OVH-Cloud
transfersh Alpine transfer.sh instance
iscsi Alpine iSCSI server
z2mqtt Alpine Mqtt bridges for Zigbee and ZWave
nodered Alpine Node-Red
nodejs Alpine Basic nodejs install with pm2
nextcloud Alpine Nextcloud
mqtt Alpine Mosquitto mqtt broker
hass (Broken, Requires python 3.13) Alpine HomeAssistant instance with HACS and mysql support
mailbackup Alpine Contains mail archive tools (MailBackup-sys)
heimdall Alpine Heimdall, A application dashboard/launcher
vouchproxy Alpine Vouch-proxy, A SSO solution for Nginx
freshrss Alpine FreshRSS, a self-hosted RSS feed aggregator
uptimekuma Alpine Uptime Kuma a self-hosted monitoring tool.
kavita Alpine A self-hosted digital library which supports a vast array of file formats.

TODO

Begin original list

Unifi Not supported in debian 11

End original list

Container Setup

imgbuilder

This container should be set up as privileged

  1. Enable features: Fuse, Nesting and 'Create Device Nodes'
  2. Add a mountpoint to /LXCBuild on a accessible place for the Proxmox Server
  3. Add this location to datastore for LXC templates to Proxmox
  4. Set the jenkins user password using passwd jenkins in the container
  5. Create folders on mountpoint using mkdir -p /LXCBuild/template/cache
  6. Set permissions on the folder chmod o+w -R /LXCBuild
  7. Write down the ip of this server (for use in the jenkins container)

jenkins

After first start of CT wait a minute for jenkins to fully initialize before continuing with these steps

  1. In the container configure the setup script nano /opt/Setup/Scripts/FirstRun.sh
  2. In the container run the setup script bash /opt/Setup/Scripts/FirstRun.sh
  3. Access Jenkins using http://<ip>:8080
  4. Press the X to skip the fist time setup
  5. Delete the Admin user go to 'Manage Jenkins' > 'Manage Users' > Admin > Delete
  6. Add credentials for imgbuilder-CT go to 'Manage Jenkins' > 'Manage Nodes and Clouds' > LXCBuilder1 > configure
    Under Credentials click 'Add', enter 'jenkins' as username, and set the password that was set in the imgbuilder CT Then select the created credential and click save
  7. Click 'Relaunch agent'
  8. Now you can build container images

mysql

  • To configure the MySQL root password in the container run the setup script bash /opt/Setup/Scripts/FirstRun.sh

gitea

  1. Edit the parameters in the FistRun script in the container vi /opt/Setup/Scripts/FirstRun.sh
  2. Run the FistRun script in the container ash /opt/Setup/Scripts/FirstRun.sh
  • Available on http://<ip>:3000

nginx

  • Run the FistRun script in the container ash /opt/Setup/Scripts/FirstRun.sh

pihole

  • Run the FistRun script in the container bash /opt/Setup/Scripts/FirstRun.sh

collabora

  • Update the configuration in /etc/coolwsd/coolwsd.xml and reload the service systemctl restart coolwsd

jellyfin

  • To set-up the system follow the initial set-up wizard on http://<ip>:8096

domoticz

  • Available on http://<ip>:8080

transfersh

  • Available on http://<ip>:8080

omadaV3

  • To set-up the system follow the initial set-up wizard on http://<ip>:8088

docker

  • Run the FistRun script in the container bash /opt/Setup/Scripts/FirstRun.sh This container can be set up in two ways
  1. As controller with portainer
  2. As remote with docker tcp on port 2375
  3. BONUS if FistRun script is skipped the CT has clean docker

iscsi

In Proxmox

  • Run following commands
modprobe target_core_mod
printf "#Load iSCSI module at boot\ntarget_core_mod" > /etc/modules-load.d/iSCSI-target.conf
  • Add the following to /etc/pve/lxc/<CT-ID>.conf
lxc.apparmor.profile: unconfined
  • Restart CT

In CT

  • in the targetcli shell (by using the targetcli command) run the following commands
cd /iscsi
create <iqn for this server,Example:(iqn.2021-09.lan.test:host)>
exit

z2mqtt

  • Enable feature on CT: 'Create Device Nodes' Do not start this container after creation, follow these steps first
  • Recommended to give CT 1-2GB of RAM (Required for updating)

In Proxmox

  • Add the following to /etc/udev/rules.d/99-CustomHome.rules

Always add (to set the device permissions)**

KERNEL=="ttyUSB[0-9]*", MODE="0666"
KERNEL=="ttyACM[0-9]*", MODE="0666"

Add for Sonoff Zigbee 3.0 Plus USB ZBDongel-P (CC2652P + CP2102N)

SUBSYSTEM=="tty", ACTION=="change", ATTRS{idVendor}=="10c4", ATTRS{idProduct}=="ea60", SYMLINK+="ttyACM-Zigbee"
SUBSYSTEM=="tty", ACTION=="add", ATTRS{idVendor}=="10c4", ATTRS{idProduct}=="ea60", SYMLINK+="ttyACM-Zigbee"

Add for Sonoff Zigbee 3.0 Plus USB ZBDongel-E (EFR32MG21)

SUBSYSTEM=="tty", ACTION=="change", ATTRS{idVendor}=="1a86", ATTRS{idProduct}=="55d4", SYMLINK+="ttyACM-Zigbee"
SUBSYSTEM=="tty", ACTION=="add", ATTRS{idVendor}=="1a86", ATTRS{idProduct}=="55d4", SYMLINK+="ttyACM-Zigbee"

Add for Zigbee CC2531 USB

SUBSYSTEM=="tty", ACTION=="change", ATTRS{idVendor}=="0451", ATTRS{idProduct}=="16a8", SYMLINK+="ttyACM-Zigbee"
SUBSYSTEM=="tty", ACTION=="add", ATTRS{idVendor}=="0451", ATTRS{idProduct}=="16a8", SYMLINK+="ttyACM-Zigbee"

Add for Zwave Aeotec Z-Stick Gen5

SUBSYSTEM=="tty", ACTION=="change", ATTRS{idVendor}=="0658", ATTRS{idProduct}=="0200", SYMLINK+="ttyACM-Zwave"
SUBSYSTEM=="tty", ACTION=="add", ATTRS{idVendor}=="0658", ATTRS{idProduct}=="0200", SYMLINK+="ttyACM-Zwave"
  • Run udevadm trigger
  • Add the following to /etc/pve/lxc/<CT-ID>.conf
lxc.cgroup2.devices.allow: c 166:* rwm
lxc.cgroup2.devices.allow: c 188:* rwm
lxc.mount.entry: /dev/ttyACM-Zigbee dev/ttyACM-Zigbee none bind,optional,create=file
lxc.mount.entry: /dev/ttyACM-Zwave dev/ttyACM-Zwave none bind,optional,create=file
  • Zigbee2mqtt Available on http://<ip>:8080
  • Z-wave JS UI Available on http://<ip>:8091
  • in the Z-wave JS UI web ui set the Zwave serial port to /dev/ttyACM-Zwave
  • If a Cannot lock port error shows, please reboot the CT, if that does not fix it try rebooting the Proxmox server

nodered

  • Available on http://<ip>:1880

nextcloud

MountPoint for data folder /var/nextcloud

  1. Edit the parameters in the FistRun script in the container vi /opt/Setup/Scripts/FirstRun.sh
  2. Run the FistRun script in the container ash /opt/Setup/Scripts/FirstRun.sh
  3. Available on http://<ip>

smb

  • Webmin available on http://<ip/hostname>
  • Samba server Available

x2go

  • Add a user by typing adduser <username>
  • Set key auth only sed -i -e '/PasswordAuthentication/c\PasswordAuthentication no' -e '/ChallengeResponseAuthentication/c\ChallengeResponseAuthentication no' /etc/ssh/sshd_config
  • Set ssh port sed -i -e '/Port 22/c\Port <PortNr>' /etc/ssh/sshd_config

hass

  • After first start of CT HomeAssistant will finish its installation this will take at least 10 minutes
  • HomeAssistant available on http://<ip>:8123

aptcacherng

  • Available on http://<ip>:80

nfs

This container should be set up as privileged

  • Enable feature on CT: 'Nesting, NFS'
  • Webmin available on http://<ip/hostname>
  • NFS server Available

duplicati

  • Available on http://<ip>:8200

mailbackup

  • Info html page available on http://<ip>:80
  • Add user/storage space by running ash /opt/AddMailBox.sh

heimdall

  • Available on http://<ip>:80

vouchproxy

  • Default port 9090
  • A script to setup another instance is located here: /opt/AddVouchInstance.sh

freshrss

  • Available on http://<ip>:80

elkarbackupALP

Debian version depricated and removed

  1. Edit the parameters in the FistRun script in the container vi /opt/Setup/Scripts/FirstRun.sh
  2. Run the FistRun script in the container ash /opt/Setup/Scripts/FirstRun.sh
  3. Available on http://<ip> (Default username/password: root/root)
  4. Click cogwheel/settings icon > Manage backup locations >New (make sure to create this directory and set ngix as the owner)
  5. Add a retention policy under the Policies tab

heimdal

  • Available on http://<ip>:80, first time loading the page may take a while

fileshelter

  • Available on http://<ip>:5091

esphome

  • Available on http://<ip>:6052

postgresql

  • Run the FistRun script in the container ash /opt/Setup/Scripts/FirstRun.sh
  • After this pgAdmin is available on http://<ip>:80,

linkwarden

  • Edit and run the FistRun script in the container ash /opt/Setup/Scripts/FirstRun.sh
  • After this pgAdmin is available on http://<ip>:80,

uptimekuma

  • Available on http://<ip>:80

kavita

  • Available on http://<ip>:80

Further CT documentation

iscsi

Allow Remote

Set the iqn of the client to one of the server:hostname/nickname

In CT

  • in the targetcli shell (by using the targetcli command) run the following commands
cd /iscsi/<server-iqn>/tpg1/acls/
create <client-iqn>
exit

Add Drive

In Proxmox

  • Create LVM Volume (Available @ /dev/<poolName>/<VolumeName>)
lvcreate --name <name> --size <VolumeSize>G <PoolName>
  • Create LVM-Thin Volume
vcreate -V<VolumeSize>G -T <PoolName>/<ThinpoolName> -n <name>
  • Create ZFS Volume (Available @ /dev/<poolName>/<VolumeName>)
zfs create -o volblocksize=32k -V <VolumeSize>G <poolName>/<VolumeName>
zfs set sync=disabled <poolName>/<VolumeName>
  • Get id by using ls -l /dev/<devicename>
  • Add the following to /etc/pve/lxc/<CT-ID>.conf
lxc.cgroup2.devices.allow: b <id>:<Subid> rwm
lxc.mount.entry: /dev/<devicename> dev/<device> none bind,optional,create=file
  • Restart CT

In CT

  • in the targetcli shell (by using the targetcli command) run the following commands
cd /backstores/block
create <name> /dev/<device>
cd /iscsi/<server-iqn>/tpg1/luns
create <device>
exit
Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 20 MiB
Languages
Shell 95.3%
PHP 3.6%
Python 1.1%