diff options
Diffstat (limited to 'readme.md')
| -rw-r--r-- | readme.md | 37 |
1 files changed, 12 insertions, 25 deletions
@@ -1,39 +1,26 @@ # net_services -This is personal project about services on the network I provide for myself. +A stack of services exposed over the network. -I want to handle as much of my data myself. For privacy and for the challenge. I also want to serve apps for my friends. +The services run in Docker containers and are routed through Nginx. -I set this up on a VPS with a static IP. I also bought a domain name `tvcloud.fr` to point to the VPS. Some services run on the VPS itself. Some others are run with Docker. Nginx is used as endpoint. +Sensitive data is not stored on the disk when containers start. It is copied into a tmpfs within the container. ## How-to -1. Create a `.env`. See `example.env`. +1. Create a `.env`; see `example.env` + +1. Build and run the services -1. Build and run the services. - ``` - ./build.command + ./tools/build docker compose up ``` -## Handling data - -Data of various types has to be handled in different ways. - -* **Passwords**: A KeePassXC database shared with Syncthing. - -* **Git repositories**: A remote server accesible over SSH for push. And also a web front-end (cgit). - -* **Calendars, to-dos, journals, and contacts**: A Radicale server. - I could just synchronize the `.ics`/`.vcf` files, but a CalDAV/CarDAV server is compatible with mobile applications. +1. Add Radicale user -* **Remote storage**: SFTP for large files. Syncthing for moderately large data that is better synchronized than downloaded manually. + You can add as many as you want. -## Security - -TODO (sensitive data in tmpfs) - -### Firewalls - -TODO (OVH, iptables, docker+iptables+reboot bug) + ``` + htpasswd ${HOST__RADICALE_USERS_DIR}/.htpasswd username + ``` |