Hi all!
So I want to get back into self hosting, but every time I have stopped is because I have lack of documentation to fix things that break. So I pose a question, how do you all go about keeping your setup documented? What programs do you use?
I have leaning towards open source software, so things like OneNote, or anything Microsoft are out of the question.
Edit: I didn’t want to add another post and annoy people, but had another inquiry:
What ReverseProxy do you use? I plan to run a bunch of services from docker, and would like to be able to reserve an IP:Port to something like service.mylocaldomain.lan
I already have Unbound setup on my PiHole, so I have the ability to set DNS records internally.
Bonus points if whatever ReverseProxy setup can accomplish SSL cert automation.
i recently made the switch from doing k3s+flux to have everything in code with bundlewrap and anemos/makeimg
I have a couple Libre Office files where I document the non-technical stuff for my own quick reference, like network layout in Draw, or IP and port assignments in Calc. I use a git repo to store and organize podman scripts, systemd unit files, configs, etc. Probably not the most elegant solution, but it’s simple and FOSS.
Reverse proxy is Nginx Proxy Manager.
One day, I moved all services I really wanted from a couple of random VPS to a nice little proxmox machine at home (and then added some more services, of course). That was the day I swore to document stuff better, and I’m pretty satisfied with how well I was able to keep up with that.
In the proxmox web interface, you can leave notes per container. I note down which service the container is running including a link to the service’s web interface if applicable, plus the source, and a note about how it auto-updates (green check mark emoji) or if it requires manual updates (handiman emoji).
Further I made a concious effort to document everything into a gollum wiki running on that proxmox host (exposes a wiki like web interface, stores all entries as plaintext .md files into a local git repo - very “portable”). Most importantly, it also includes a page of easy to understand emergency measures in case I die or become unresponsive, which I regularly print out and put into a folder with other important documents. The page contains a QR code linking to itself on the wiki too in case the printed version might be outdated here or there.
The organization of the wiki itself (what goes into which folder) is a bit of a work in progress, but as it offers full text search, that’s not too much of a problem imo.
I’m a grumpy linux greybeard type, so I went with… plain text files.
Everything is deployed via docker, so I’ve got a docker-compose.yml for each stack, and any notes or configuration things specific to that app is a comment in the compose file. Those are all backed up in a couple of places, since all I need to do is drop them on a filesystem, and bam, complete restoration.
Reverse proxy is nginx, because it’s reliable, tested, proven, works, and while it might not have all those fancy auto-config options other things have, it also doesn’t automatically configure itself into a way that I’d prefer it didn’t, either.
I don’t use any tools like portainer or dockge or nginx proxy manager at this point, because dealing with what’s just a couple of config files on the filesystem is faster (for me) and less complicated (again, for me) than adding another layer of software on top (and it keeps your attack surface small).
My one concession to gui shit for the docker is an install of dozzle because it certainly makes dealing with docker logs simple, and it simplifies managing the ~40 stacks and ~85 containers that I’ve got setup at the moment.
I appreciate that mentality though. When things break, if your understanding of your setup is there, it’s less to deal with.
I am forgoing the Portainer route this time. I am going to strictly use Docker Compose for my containers. I had too many issues with Portainer to consider using it.
For reverse proxy, I just need/want it for simple ip:port to sub.domain.lan type addresses locally. Anything I need outside of my home will be tunneled through wireguard.
I always quite liked Dozzle. It was handy, and has helped me comb through logs in the past.
Yeah, exactly: if you know how it works, then you know how to fix it. I don’t think you need a comprehensive knowledge about how everything you run works, but you should at least have good enough notes somewhere to explain HOW you deployed it the first time, if you had to make any changes as well as anything you ran into that required you to go figure out what the blocking issue was.
And then you should make sure that documentation is visible in a form that doesn’t require ANYTHING to actually be working, which is why I just put pages of notes in the compose file: docker doesn’t care, and darn near any computer on earth made in the last 40 years can read a plan text file.
I don’t really think there’s any better/worse reverse proxy for simple configurations, but I’m most familiar with nginx, which means I’ve spent too long fixing busted shit on it so it’s the choice primarily because, well, when I break it, I already probably know how to fix what’s wrong.
Personally I use Linkwarden for keeping snapshots of websites as well as a bookmark manager and Memos for a simple note-taking app. Both can be installed on mobile as PWAs, so it makes it easier to access on-the-go.
I’m using Nginx Proxy Manager, which I highly recommend for new users due to how simple it is get set up and running! NPM renews SSL certs automatically before they expire as well (afaik). You just gotta make sure that your different Docker containers’ ports don’t collide with each other.
Today I learned about Linkwarden, and I am so excited to check it out. Thank you!
NPM I did use, however it was ultimately the catalyst as to why I quit homelabbing. But when it did work, it was simple even for SSL cert renewal.
I hope you have fun with Linkwarden!
If you don’t mind me asking, why did NPM push you to quitting homelabbing?
I ran into an issue where I changed nothing, and all of a sudden none of my SSL certs worked on top of most of the hosts were not working through the reverse proxy. I had not even changed ip addresses on any of them. I am not sure what was going on.
It was more of a “I didn’t want to troubleshoot” and gave up, so I shut down my servers.
I run a k3s cluster for selfhosted apps and keep all the configuration and docs in a git repo. That way I have history of changes and can rollback if needed. In that repo I have a docs folder with markdown documents about common operations and runbooks.
There are other ways to do this, but I like keeping docs next to the code and config so I can update them all at the same time. Deployed several wikis in the past but always forget to update them when I change things.
I really should spend time familiarizing with maintaining a git repo. I’ll likely find one I can self host.
https://forgejo.org selfhosted has been good for me, FOSS fork of Gitea.
Thank you for the suggestion. The fact that it’s FOSS wins my vote. I have been trying to go all open source where possible.
If you want a git “server” quick and low maintenance then gitolite is most likely the best choice. https://gitolite.com/gitolite/index.html
It simply acts as a server that you can clone with any git client and the coolest part is that you use git commits to create repositories and manage users as well. Very very or no maintenance at all. I’ve been using it personally for years but also saw it being used at some large companies because it simply gets the job done and doesn’t bother anyone.
I will have to check out gitolite. Thank you!
- caddyserver for reverse proxy
- docker-compose for ~75% of documentation
- logseq for notes, though I don’t keep much.
Docker and docker-compose are nice because every service you want to run follows the same basic pattern. You don’t need much documentation beyond the project docs and the compose files themselves
Edit: caddyserver can do automatic certs, even behind a firewall if you set up the api call method. Varies by registrar
So I want to get back into self hosting, but every time I have stopped is because I have lack of documentation to fix things that break. So I pose a question, how do you all go about keeping your setup documented? What programs do you use?
Joplin or Obsidian? Or… plain markdown files with your favorite text editor.
I use Joplin and it works great for this exact thing. Anytime I discover a new command that fixes something I’ll throw it into my Joplin notebook. “New Server Cheatsheet” goes to list in order common operations and commands for setting up SSH, UfW, making a non-root user, configuring wireguard, etc. I have hundreds of notes by now and they’re easily found via search bar.
I’m adding documentation about what I do in Joplin and I’m using Nextcloud to keep it synced.
For reverse proxy I use Nginx Proxy Manager for its simplicity. I really don’t need anything more fancy… https://nginxproxymanager.com/
I write everything in markdown, and I mean just about everything. Tech notes, recipes, work procedures, shopping lists…everything. If you check my comment history from today, you can see a quick example of the kind of tech notes I keep (firewalld in this case).
I keep all of my plain text files synced across multiple devices using Syncthing. For desktop editors, I use mostly vim and VSCodium (though Kate is nice too), and I use Markor on Android. This workflow has been highly efficient for many years now, and I no longer waste time constantly reviewing the latest note-taking app.
I use nginx for reverse proxy. You can get certbot working to automate ssl fairly easily. There is a learning curve, but most services I use have documentation for hosting their stuff with it.
I have an Ansible playbook that I use to setup everything and all troubleshooting steps I ever had to take to fix something get written down in an Obsidian.md vault.
Wiki.js Nginx Proxy Manager.
I use obsidian for my notes/wiki. I use the git plugin to backup/sync my notes. I self-host forgejo as my gut server. Works great!
Caddy is my favorite reverse-proxy. The setup is just a config file.
Dokuwiki (dokuwiki.org) is my usual go-to. It’s really simple and stores entries in markdown files so you can get at them as plain text files in a pinch. Here’s a life lesson: don’t host your documentation in the machine you’re going to be breaking! Learned that the hard way once or twice.
For reverse proxies, I’m a fan of HAProxy. It uses pretty straightforward config files and is incredibly robust.
