I have an Odroid N2+ running Arch Linux ARM that I just love. I have installed a bunch of shit on it like jellyfin (TV), miniflux (RSS), gonic/airsonic-refix (music), soju/gamja (IRC), komga (comics).
I am starting to lose track of things. Like which port which service is running on. Sometimes I even forget which service I am running.
It would be nice to maintain a text configuration that I can use to provision this setup if I have to reinstall everything (as is tradition) and something I can glance over to get a state of things.
Any ideas for this? I feel like something like ansible should for this. I tried looking up stuff for this but search results always show some sweaty nerd managing kubernetes on a fleet of Raspberry Pis (the sweaty nerd calls it "homelab"). Before I start hacking my own stuff I would like to hear if someone else has experience with this.
Thanks.
I have Ansible to configure my media server. Some roles for basic setup (storage, directories, network sharing, software installation), and a bunch of services which are mostly run as docker containers. Those rules just setup storage, config, and then start the container.
Traefik runs as an automatic reverse proxy, picking up new services as they are added. For the few non-docker containers, there's a little config file template added.
All config is separated out into a separate file, and I've run the same script against another machine, with different accounts and such, to take it from fresh Ubuntu server install to fully functioning in 5 minutes. Well. Plus aan hour filling in all the variables for my friend's accounts😀
I just use docker for everything. Docker compose file for "saving" configuration. If you have trouble remembering ports use nginx proxy manager of traifik.
I use podman wherever possible. Some things don't have upstream container images though which sucks. If I was simply using podman for everything I could just backup the /etc/containers/systemd folder which would have been nice. But I also want to backup things like firewall and DNS configuration because I keep forgetting how those things work.
For not having to remember ports, use a reverse proxy. Keep configuration text files in a repository somewhere, online or offline. Then maybe write an ansible playbook to install all the packages you need and configure as you want. For services that don't have config files, document in a personal wiki what you do to have it set up.
I currently have a lot of things installed and use a mixture of docker compose files and config files (podman can also use compose-style files). I've written down a guide for myself on how to redeploy my whole server and plan to use ansible to reproduce the setup.
Flow charts are also good to visualize the state of things.
For not having to remember ports, use a reverse proxy.
Do you do this? The prospect of editing nginx configuration scares the shit out of me. I am also scared of breakages if I (for example) set up a service at a subpath like
ip_address/jellyfin/
rather than at a port (ip_address:8000
) which feels like a root domain.I often prefer subdomains for such things. Let's say your SBC is accessible under server.local and then jellyfin can be reachable under jellyfin.server.local. Just use nginx to handle this in your compose file. Since you are using podman (Which I like alot) you can try podman compose. You only need to install podman-compose to use this.
I use nginx for everything, mostly for TLS. You don't have to use subpaths, you can tell nginx to listen on one port and then forward to whatever port the service uses.
listen on one port and then forward to whatever port the service uses
Can you give a brief example of this? I am not able to follow
If your service listens on port 2555, you could tell nginx to listen on port 2556 and then forward things to port 2555.
This is a very basic nginx config file.
server { listen 2556; location / { proxy_pass http://127.0.0.1:2555; } }
Oh I get what you mean. It's for exposing this service over TLS. I don't have a need for this since I only access services over LAN or Tailscale.