Code for running self-hosted services using podman and ansible
Want to know more about selfhosting a media server? Checkout the docs here
flowchart TB
subgraph internet
http_client
wireguard_client
subgraph github[Github]
github_action_runner
end
dns_name_server[DNS Name Server]
end
subgraph lan_network
subgraph media_server
intel_amt[Intel AMT]
subgraph container_network
caddy -- reverse proxy --> applications
end
server_port -- 80 and 443 --> caddy
end
subgraph pc
windows
end
end
subgraph openwrt_router
http_client --> port_forward
github_action_runner --> wireguard
wireguard_client --> wireguard
port_forward -- 80 and 443 --> server_port
dns_name_server <-- update dynamic public IPv4 --> ddns_client_v4
dns_name_server <-- update dynamic public IPv6 prefix --> ddns_client_v6
end
wireguard --> lan_network
flowchart TB
subgraph media_server
subgraph os_disk
end
subgraph data_disk
subgraph storage_disk
storage_disk_1
storage_disk_2
end
subgraph parity_disk
parity_disk_1
end
end
end
- Always run partition playbook with --check first
ansible-playbook partition --check
- It's possible to control the PC remotely from BIOS via Intel AMT
- Setup:
- Enable Intel AMT
- Enable the integrated GPU in the BIOS in case of using a discrete GPU (NVIDA, AMD)
- Set the integrated GPU as the default GPU in the BIOS
- Use Intel software for setting up KVM (remote mouse and keyboard) to the PC. For cross-platform open source solution, checkout Meshcentral in a container
- I used a HPZ230 for the server with an NVME hard drive in the PCIE slot.
- The mainboard does not allow booting from PCIE slot directly, so I have to boot from Cloverboot installed in an USB.
- It can be installed by downloading the release from the github page and burn the ISO to the USB. The name is
CloverISO-<revision>.tar.lzma
- After burning the ISO into USB, copy the EFI\CLOVER\drivers\off\NvmExpressDxe.efi to EFI\CLOVER\drivers\UEFI
- In the BIOS, set the boot order to boot from USB first
- Then set the following settings in the BIOS
- Advanced -> Option ROM Launch Policy -> Storage Options Rom -> UEFI only
- It can be installed by downloading the release from the github page and burn the ISO to the USB. The name is
- In the BIOS, enable wol via Advanced -> Device Options -> S5 Wake on LAN
https://github.com/ublue-os/ucore
- The koreader opds requires
/opds
path to the calibre content server - The calibre content server authentication need to be
digest
for the koreader opds
- To upgrade python version, update them in the following files:
- .devcontainer/Dockerfile
- .github/workflows/deployment.yaml
- To upgrade postgres major version, do the following
- Change the
postgres_action
key in variable files toexport
and run the playbook for that container - Change the image tag to the next major version
- Change the
postgres_action
key in variable files toimport
and run the playbook for that container - Change the
postgres_action
key in variable files tonone
and run the playbook for that container - Check if the container startup correctly
- Change the
postgres_action
key in variable files toclean
and run the playbook to cleanup the previous backup
- Change the
- To debug the CI, run the following command
dagger run -i python ci/deployment.py
- Consult this
- Rebuild nextcloud
ansible-playbook container_run.yaml --tags nextcloud
- Run the following command to enable adminer container for accessing postgres database
ansible-playbook main.yaml --tags nextcloud --extra-vars '{"debug":true}'
- Check if the container exists as external storage in podman then remove that container
podman ps --external
- Reference
- Check this
- Run this command in the Video folder
find . -type f -links 1 ! -name "*.srt" -print
- If the server is reinstalled, some steps need to be taken:
- Podman: Reset podman for rootless user
podman system reset
- Renovate can be visisted at: https://developer.mend.io
- Why HP Z230?
- The PC itself is a bit old, and the bios is no longer updated. However, it is good for home usage due to the following reasons:
- Can be cheaply build with a Xeon E3-1230v3 CPU
- Has 4 DIMM DDR3 slots, and support for ECC memory. DDDR4 ECC memory can be expensive
- Has 2 GPU slots, though I don't really need SLI
- Has Intel AMT support, so I can have headless remote access to the BIOS for troubleshooting
- It has some annoyances however:
- The mainboard has no Nvme slot, and does not allow booting from PCIE slot directly, but can be solved via Cloverboot option from above
- Has little room for HDD (2 by default), but can be solved by using a HDD cage