Last 24.05 update

homelab/README.md

@@ -1,13 +1,44 @@
-# Create proxy network
-`docker network create proxy`
+# Configuration steps
 
-# Configure caddy cloudflare
-Find instructions on [caddy-dns cloudflare](https://github.com/caddy-dns/cloudflare)
+## 1. Install [NixOS](https://nixos.org/)
+
+Follow the steps from the [NixOS Manual Installation](https://nixos.org/manual/nixos/stable/#sec-installation-manual)
+
+> At the edit configuration.nix step you must:
+>
+> - Add a user to the configuration file and set a password
+> - Enable openssh
+
+## 2. Configuring flake
+
+1. Clone this repository
+2. Copy hardware configuration to host<br>
+   `cp /etc/nixos/hardware-configuration.nix ~/nix/hosts/<host>/hardware-configuration.nix`
+3. Rebuild system
+   `sudo nixos-rebuild switch --flake .#<host>`
+4. Rebuild home-manager
+   `home-manager switch --flake .#<user>@<host>`
+5. Reboot
+
+## 3. Configuring docker containers
+
+1. Create proxy network<br>
+   `docker network create proxy`
+
+2. Configure [Adguard](./adguard/README.md)
+3. Configure [Caddy](./caddy/README.md)
+4. Configure [Authelia](./authelia/README.md)
+5. Configure the rest of the services
 
 # Services
-| Name | Use | Domain | Auth |
-| --- | --- | --- | --- |
-| Adguard | DNS | https://adguard.timo.bmrs.nl/ | local | 
-| Caddy | Reverse proxy | - | - |
-| Forgejo | Git | https://git.timo.bmrs.nl/ | Openid |
-| Ldap | User directory | https://ldap.timo.bmrs.nl/ | - |
+
+| Name    | Use            | Domain                        | Auth   |
+| ------- | -------------- | ----------------------------- | ------ |
+| Adguard | DNS            | https://adguard.timo.bmrs.nl/ | local  |
+| Caddy   | Reverse proxy  | -                             | -      |
+| Forgejo | Git            | https://git.timo.bmrs.nl/     | Openid |
+| Ldap    | User directory | https://ldap.timo.bmrs.nl/    | -      |
+
+# Services to try out
+
+- [Beszel](https://github.com/henrygd/beszel)

homelab/adguard/README.md

@@ -0,0 +1,7 @@
+# Adguard Home
+
+1. Temporaraly edit ports in docker-compose file to setup
+2. Configuration screen<br>
+   1. Change listen interface to port 3000
+3. Add DNS rewrite for *.timo.bmrs.nl
+4. Delete temporaraly port edit in docker-compose

homelab/authelia/README.md

@@ -1,2 +1,13 @@
-- Follow [This](https://www.authelia.com/configuration/identity-providers/openid-connect/provider/) guide for generating keys
-- Store the keys in the /keys directory
+# Authelia
+
+1. Edit environment variables.
+   1. For HMAC_SECRET, JWT_SECRET, ADMIN_PASSWORD, SESSION_SECRET, STORAGE_ENCRYPTION_KEY, LLDAP_KEY_SEED use an random alphanumeric string of at least 64 characters
+   2. For CLIENT_SECRET, CLIEND_ID: [Generate client identifier](https://www.authelia.com/integration/openid-connect/frequently-asked-questions/#how-do-i-generate-a-client-identifier-or-client-secret)
+      1. Use single quotes for the client secret
+
+2. Generate PAM file using and save it to the /config/keys directory: [Generating keypair](https://www.authelia.com/reference/guides/generating-secure-values/#generating-an-rsa-keypair)
+   1. Save the random password
+
+3. Configure LLDAP
+   1. Create a user in LLDAP with the group: lldap_password_manager
+   2. Create groups: forgejo

homelab/caddy/README.md

@@ -1,2 +1,4 @@
 # Caddy reverse proxy
-Follow [this](https://github.com/caddy-dns/cloudflare) to obtain secrets
+
+1. Obtain cloudflare tokens: [Caddy Cloudflare](https://github.com/caddy-dns/cloudflare)
+2. Set environment variables

homelab/nextcloud/README.md

@@ -0,0 +1,4 @@
+# Nextcloud
+
+1. Configure environment variables
+2. Update office configuration