This is my setup I use to install some of my self-hosted services (on my Raspberry Pi T-T).
To get started with this project, clone the repository.
git clone [this repo url]
- Raspberry Pi
- Ubuntu 20.04 (installed on your server)
- SSH Pubkeys (from your server)
Install the necessary Ansible collections using the following command:
ansible-galaxy install -r requirements.yml
Run the ansible playbook using the following command:
ansible-playbook -i inventory.ini run.yml
- Jellyfin (Just a media server)
- Libreddit (Private front-end for Reddit)
- OpenBooks (eBook downloader)
- Authelia (2FA Authentication provider)
- Nextcloud (Self-hosted cloud platform)
- Vaultwarden (A FOSS Bitwarden fork written in Rust)
- Watchtower (Automatic updater for Docker images)
- PiHole + Unbound (Ad-blocker + Recursive DNS Resolver)
- Portainer (Docker management)
If there are multiple ports mapped, the bolded port is the main service port.
External ports are exposed to localhost, not the outside world.
| Name | Type | External Port | Internal Port |
|---|---|---|---|
| Libreddit | Media | 2000 | 8080 |
| Jellyfin | Media | 2300 | 8096 |
| Openbooks | Media | 2500 | 80 |
| Authelia | Service | - | - |
| NextCloud | Service | 2700 | 80 |
| Vaultwarden | Service | 4000 | 80 |
| PiHole + Unbound | System | 8080 | 80 |
| Portainer | System | 5000, 8000, 9443 | 9000, 8000, 9443 |
| Homer | System | 7000 | 8080 |
| Nginx Proxy Manager | System | - | - |
This configuration is intended to be used within your local network.
- Adding Authelia into web app w/o 2FA
- Unattended upgrades - https://github.com/hifis-net/ansible-role-unattended-upgrades
- Adding ytdl for jellyfin shows - https://github.com/mendel5/alternative-front-ends#youtube
- UFW or Iptables for Firewall - link (Added UFW)
- Might change to Iptables for better integration with docker
Thanks to:
- @notthebee for inspiring me with his video and GitHub project
- @alex27riva for his home selfhosted server on his GitHub repo.