oster
/
homeserver
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

many changes

This commit is contained in:
Stefan Ostermann 2025-02-13 22:40:44 +00:00
parent 867375b286
commit 80d39a13a6
15 changed files with 366 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ai/docker-compose.yml
View File

@ -1,6 +1,6 @@
services:
openwebui:
image: ghcr.io/open-webui/open-webui:0.5.10
image: ghcr.io/open-webui/open-webui:0.5.11
container_name: open-webui
restart: always
environment:
@ -13,6 +13,7 @@ services:
- 'OAUTH_CLIENT_SECRET=7DvwzbhHEElZLoZjEcHOtpwIU2IxhyNPv5sGmdOnJvvaMxQVQTgbaP6OAcEKTGLtUvIzgh8c8juvTYsrOkdp2WXCLNTrM2ZQP3UhHTBjESRU1yZK4MaVG46jnLj9Aaks'
- 'OAUTH_SCOPES=openid email profile'
- 'OPENID_REDIRECT_URI=https://ai.home.thoster.net/oauth/oidc/callback'
- 'GLOBAL_LOG_LEVEL=DEBUG'
volumes:
- ./data:/app/backend/data
ports:

4
hass/homeassistant/automations.yaml
View File

@ -474,6 +474,10 @@
device_id: ef6d5a43ae7c971e4b7b740dbc0f378e
entity_id: d212bffda3c532f2e43ea9d08b1fd008
domain: switch
for:
hours: 0
minutes: 59
seconds: 0
actions:
- type: turn_off
device_id: ef6d5a43ae7c971e4b7b740dbc0f378e

7
hass/homeassistant/configuration.yaml
View File

@ -18,7 +18,12 @@ switch:
mac: "58:47:CA:78:4E:59"
turn_off:
service: shell_command.turn_off_remote_pc
- platform: template
name: "comfyui"
turn_on:
service: shell_command.start_comfy_ui
turn_off:
service: shell_command.turn_off_remote_pc
#MQTT Broker for milight hub:
mqtt:

1
hass/homeassistant/shell_commands.yaml
View File

@ -1 +1,2 @@
turn_off_remote_pc: "ssh -i /config/ssh_keys/id_rsa_homeassistant -o 'StrictHostKeyChecking=no' homeassistant@192.168.178.87 sudo shutdown -h now"
start_comfy_ui: "ssh -i /config/ssh_keys/id_rsa_homeassistant -o 'StrictHostKeyChecking=no' homeassistant@192.168.178.87 bash -c 'cd /home/oster/git/ComfyUI;./start.sh; read x'"

9
samba/config/avahi/samba.service Normal file
View File

@ -0,0 +1,9 @@
<?xml version="1.0" standalone='no'?>
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
<name replace-wildcards="yes">%h</name>
<service>
<type>_smb._tcp</type>
<port>445</port>
</service>
</service-group>

2
samba/config/runit/avahi/run Executable file
View File

@ -0,0 +1,2 @@
#!/bin/sh -x
exec avahi-daemon --no-rlimits

3
samba/config/runit/nmbd/run Executable file
View File

@ -0,0 +1,3 @@
#!/bin/sh -x
sleep 6
exec nmbd --foreground

3
samba/config/runit/samba/run Executable file
View File

@ -0,0 +1,3 @@
#!/bin/sh -x
sleep 2
exec smbd --foreground

3
samba/config/runit/wsdd2/run Executable file
View File

@ -0,0 +1,3 @@
#!/bin/sh -x
sleep 10
exec /usr/sbin/wsdd2

31
samba/config/samba/smb.conf Normal file
View File

@ -0,0 +1,31 @@
[global]
server role = standalone server
log file = /dev/stdout
dns proxy = no
# password stuff
passdb backend = smbpasswd
obey pam restrictions = yes
security = user
printcap name = /dev/null
load printers = no
dns proxy = no
wide links = yes
follow symlinks = yes
unix extensions = no
acl allow execute always = yes
# MacOS Compatibility options
vfs objects = catia fruit streams_xattr
# Special configuration for Apple's Time Machine
fruit:model = TimeCapsule
fruit:aapl = yes
# fix filenames with special chars (should be default)
mangled names = no
dos charset = CP850
unix charset = UTF-8
# Docker Envs global config options

23
traefik/conf.d/rules.yml
View File

@ -69,6 +69,23 @@ http:
service: authentik
tls:
certResolver: letsencrypt
comfy-router:
entryPoints:
- "websecure"
rule: "Host(`comfy.home.thoster.net`) && PathPrefix(`/`)"
middlewares:
- middlewares-authentik
service: comfy-service
tls:
certResolver: letsencrypt
comfy-router-auth:
entryPoints:
- "websecure"
rule: "Host(`comfy.home.thoster.net`) && PathPrefix(`/outpost.goauthentik.io/`)"
priority: 15
service: authentik
tls:
certResolver: letsencrypt
photos-router:
entryPoints:
- "websecure"
@ -111,7 +128,7 @@ http:
hass-service:
loadBalancer:
servers:
- url: "http://ubuntu:8123"
- url: "http://192.168.178.114:8123"
photos-service:
loadBalancer:
servers:
@ -128,6 +145,10 @@ http:
loadBalancer:
servers:
- url: "http://ubuntu:5200"
comfy-service:
loadBalancer:
servers:
- url: "http://192.168.178.87:8188"
auth-service:
loadBalancer:
servers:

147
traefik/conf.d/rules.yml.backup3 Normal file
View File

@ -0,0 +1,147 @@
# dynamic configuration
http:
middlewares:
middlewares-authentik:
forwardAuth:
address: http://ubuntu:9000/outpost.goauthentik.io/auth/traefik
trustForwardHeader: true
authResponseHeaders:
- X-authentik-username
- X-authentik-groups
- X-authentik-entitlements
- X-authentik-email
- X-authentik-name
- X-authentik-uid
- X-authentik-jwt
- X-authentik-meta-jwks
- X-authentik-meta-outpost
- X-authentik-meta-provider
- X-authentik-meta-app
- X-authentik-meta-version
routers:
hass-router:
entryPoints:
- "hass"
rule: "Host(`home.thoster.net`) && PathPrefix(`/`)"
service: hass-service
tls:
certResolver: letsencrypt
paperless-router:
entryPoints:
- "websecure"
rule: "Host(`pl.home.thoster.net`) && PathPrefix(`/`)"
middlewares:
- "middlewares-authentik"
priority: 15
service: paperless-service
tls:
certResolver: letsencrypt
hass-router-auth:
entryPoints:
- "websecure"
rule: "Host(`hass.home.thoster.net`) && PathPrefix(`/outpost.goauthentik.io/`)"
priority: 15
service: authentik
tls:
certResolver: letsencrypt
paperless-router-auth:
entryPoints:
- "websecure"
rule: "Host(`pl.home.thoster.net`) && PathPrefix(`/outpost.goauthentik.io/`)"
priority: 15
service: authentik
tls:
certResolver: letsencrypt
default-router:
entryPoints:
- "websecure"
rule: "Host(`home.thoster.net`) && PathPrefix(`/`)"
middlewares:
- middlewares-authentik
service: wikimd-service
tls:
certResolver: letsencrypt
default-router-auth:
entryPoints:
- "websecure"
rule: "Host(`home.thoster.net`) && PathPrefix(`/outpost.goauthentik.io/`)"
priority: 15
service: authentik
tls:
certResolver: letsencrypt
photos-router:
entryPoints:
- "websecure"
rule: "Host(`photo.home.thoster.net`) && PathPrefix(`/`)"
service: photos-service
tls:
certResolver: letsencrypt
auth-router:
entryPoints:
- "websecure"
rule: "Host(`auth.home.thoster.net`) && PathPrefix(`/`)"
service: auth-service
tls:
certResolver: letsencrypt
hass2-router:
entryPoints:
- "websecure"
rule: "Host(`hass.home.thoster.net`) && PathPrefix(`/`)"
middlewares:
- "middlewares-authentik"
service: hass-service
tls:
certResolver: letsencrypt
nas-router:
entryPoints:
- "websecure"
rule: "Host(`nas.home.thoster.net`) && PathPrefix(`/`)"
service: nas-service
tls:
certResolver: letsencrypt
ai-router:
entryPoints:
- "websecure"
rule: "Host(`ai.home.thoster.net`) && PathPrefix(`/`)"
service: ai-service
tls:
certResolver: letsencrypt
services:
hass-service:
loadBalancer:
servers:
- url: "http://192.168.178.114:8123"
photos-service:
loadBalancer:
servers:
- url: "http://ubuntu:2283"
nas-service:
loadBalancer:
servers:
- url: "http://nas"
ai-service:
loadBalancer:
servers:
- url: "http://ubuntu:8082"
wikimd-service:
loadBalancer:
servers:
- url: "http://ubuntu:5200"
auth-service:
loadBalancer:
servers:
- url: "http://ubuntu:9000"
paperless-service:
loadBalancer:
servers:
- url: "http://ubuntu:8000"
dummy-service:
loadBalancer:
servers:
- url: "http://whoami"
authentik:
loadBalancer:
servers:
- url: "http://ubuntu:9000/outpost.goauthentik.io"

63
traefik/traefik.yaml.backup Normal file
View File

@ -0,0 +1,63 @@
providers:
file:
directory: /etc/traefik/conf.d/
entryPoints:
web:
address: ':80'
http:
redirections:
entryPoint:
to: websecure
scheme: https
websecure:
address: ':443'
http:
tls:
certResolver: letsencrypt
traefik:
address: ':8080'
hass:
address: ':444'
http:
tls:
certResolver: letsencrypt
redirections:
entryPoint:
scheme: https
certificatesResolvers:
letsencrypt:
acme:
email: "stefan@ostermail.de"
storage: /etc/traefik/ssl/acme.json
tlsChallenge: {}
api:
dashboard: true
insecure: true
log:
filePath: /var/log/traefik/traefik.log
format: json
level: INFO
accessLog:
filePath: /var/log/traefik/traefik-access.log
format: json
filters:
statusCodes:
- "200"
- "400-599"
retryAttempts: true
minDuration: "10ms"
bufferingSize: 0
fields:
headers:
defaultMode: drop
names:
User-Agent: keep

65
traefik/traefik.yaml.backup2 Normal file
View File

@ -0,0 +1,65 @@
providers:
file:
directory: /etc/traefik/conf.d/
entryPoints:
web:
address: ':80'
http:
redirections:
entryPoint:
to: websecure
scheme: https
websecure:
address: ':443'
http:
tls:
certResolver: letsencrypt
paperless:
address: ':5200'
traefik:
address: ':8080'
hass:
address: ':444'
http:
tls:
certResolver: letsencrypt
redirections:
entryPoint:
scheme: https
certificatesResolvers:
letsencrypt:
acme:
email: "stefan@ostermail.de"
storage: /etc/traefik/ssl/acme.json
tlsChallenge: {}
api:
dashboard: true
insecure: true
log:
filePath: /var/log/traefik/traefik.log
format: json
level: INFO
accessLog:
filePath: /var/log/traefik/traefik-access.log
format: json
filters:
statusCodes:
- "200"
- "400-599"
retryAttempts: true
minDuration: "10ms"
bufferingSize: 0
fields:
headers:
defaultMode: drop
names:
User-Agent: keep

5
wikimd/wiki/homepage.md
View File

@ -10,6 +10,9 @@
[KI Server](https://ai.home.thoster.net) -> wenn der Rechner im Keller aus ist, gehen nur die öffentlichen Modelle!
#### Alte Dinge
[Photo App auf der NAS](https://home.thoster.net:446/photo/)
### Interne Dienste
[Proxmox](https://192.168.178.99:8006)
@ -24,6 +27,8 @@
[Influx](http://ubuntu.fritz.box:8086)
[Paperless ai](http://ubuntu:3000/)
https://www.reddit.com/r/homeassistant/comments/oje65v/home_assitant_with_grafana_and_influxdb_2x_basic/
### Probleme / TODOs