My home service stack running on a Raspberry Pi 5 with Raspberry Pi OS. Applications are run as docker containers and managed by docker compose to support my home infrastructure.
- direnv: Update environment per working directory.
- renovate: Universal dependency automation tool.
- sops: Manage secrets which are commited to Git using Age for encryption.
- task: A task runner / simpler Make alternative written in Go.
Important
A non-root user must be created (if not already) and used.
-
Install required system deps and reboot
sudo sh -c "$(curl --location https://taskfile.dev/install.sh)" -- -d -b /usr/local/bin sudo apt install git
-
Make a new SSH key, add it to GitHub and clone your repo
export GITHUB_USER="joryirving" curl https://github.com/$GITHUB_USER.keys > ~/.ssh/authorized_keys sudo install -d -o $(logname) -g $(logname) -m 755 ~/git/home-service git clone git@github.com:$GITHUB_USER/home-service.git ~/git/home-service
-
Install additional system deps and reboot
cd ~/git/home-service task deps
-
Add user to docker group
sudo groupadd docker sudo usermod -aG docker $USER newgrp docker
-
Create an Age public/private key pair for use with sops
age-keygen -o /var/opt/home-service/age.key
Tip
To encrypt files with sops replace the public key in the .sops.yaml
file with your Age public key. The format should look similar to the one already present.
View the apps directory for documentation on configuring an app container used here, or setup your own by reviewing the structure of this repository.
Using the included Taskfile there are helper commands to start, stop, restart containers and more. Run the command below to view all available tasks.
task --list
Tip
🐟 fish is awesome, you should try fish!
chsh -s /usr/bin/fish
# IMPORTANT: Log out and log back in
task dotfiles
Name | Subnet | DHCP range |
---|---|---|
LAN | 192.168.1.0/24 | 6-254 |
GUESTS | 192.168.6.0/24 | 6-254 |
IOT | 192.168.10.0/24 | 6-254 |
CAMERA | 192.168.20.0/24 | 6-254 |
TRUSTED | 192.168.30.0/24 | 6-254 |
SERVERS | 10.69.1.0/24 | 6-254 |
- onedr0p/home-service: Original repo where most of the config was taken from. Fedora IoT/x86 based.
- bjw-s/nix-config: NixOS driven configuration for running a home service machine, a nas or nix-darwin using deploy-rs and home-manager.
- truxnell/nix-config: NixOS driven configuration for running your entire homelab.