fpallas/lab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
33 commits 1 branch 0 tags 145 KiB
Find a file
Exact
Florian Pallas 5ee697521e make pocketid public
2026-02-08 15:04:31 +01:00
playbooks add extra playbook for relay deployments 2026-02-02 23:16:14 +01:00
roles make pocketid public 2026-02-08 15:04:31 +01:00
.gitignore add inventory 2026-02-02 23:25:54 +01:00
ansible.cfg switch to ansible roles 2026-02-02 23:16:14 +01:00
inventory.ini add inventory 2026-02-02 23:25:54 +01:00
LICENSE add services 2025-12-21 16:29:08 +01:00
README.md improve readme 2026-02-02 23:37:25 +01:00

README.md

Homelab

Things I need to survive, hosted locally.

Services

  • Adguard
  • Forgejo
  • Forgejo Runner
  • Home Assistant
  • Immich
  • PocketId
  • Portfolio

Updates

Services are automatically kept up-to-date using the podman auto update service within their specified tags. This allows for time-critical non-intrusive updates to be applied automatically without user intervention.

Backups

All stateful services are backed up automatically and regularly. By using restic snapshots, it is possible to restore services to a desired point of time, without requiring excessive storage.

Security

Instead of docker, which requires a rootful daemon, podman is used. This allows each service to be run under their own user on the host. Those users do not have root permissions, making it much harder for attackers to access files from other services, even if they can break container isolation.

While this is not as secure as separate VMs or machines, it provides a good balance between practicality and security.