This repo has been replaced by JenswBE/ansible
Config for my home NAS
- Download the latest version of the config transpiler
- Complete config
olaf-clc.yml
. Usemkpasswd --method=SHA-512 --rounds=4096
to generate a secure password hash. - Transpile the config using
ct -strict < olaf-clc.yml > olaf-clc.json
- Install CoreOS using
coreos-install -d /dev/sdX -i olaf-clc.json
- Reboot
- Change hostname with
sudo hostnamectl set-hostname olaf
- Set correct timezone with
sudo timedatectl set-timezone Europe/Brussels
- Create opt folders with
sudo mkdir -p /opt/bin /opt/conf
Use following instructions and install Docker compose at /opt/bin/docker-compose
- Clone this repo with
git clone https://github.com/JenswBE/olaf.git
- Copy file
.env.template
to.env
- Change permissions with
chmod 600 .env
- Complete the file
- Create a symbolic link to
.env
usingsudo ln -s /<ABSOLUTE_PATH>/.env /opt/docker-env
Send mail on failed unit. See JenswBE/systemd-mailjet for more info.
- Create a new user with
sudo useradd -r systemd-mailjet
- Copy executable
bin/systemd-mailjet
to/opt/bin/systemd-mailjet
- Make executable using
sudo chmod +x /opt/bin/systemd-mailjet
- Complete file
conf/systemd-mailjet.conf
and copy to/opt/conf/systemd-mailjet.conf
- Make file readonly by owner
sudo chmod 400 /opt/conf/systemd-mailjet.conf
- Set correct owner
sudo chown systemd-mailjet:systemd-mailjet /opt/conf/systemd-mailjet.conf
Add for each host a file which contains a single line with the hosts public SSH key. The filename will become the name of the borg repo. E.g. conf/borgserver/clients/test123
becomes ssh://borg@<SERVER_NAME>/backup/test123/<REPO_NAME>
. See docker-borgserver for more info.
- Execute
docker exec -it borgmatic sh -c "ssh -p <PORT> <BORG_USER>@<BORG_HOST>"
, check and accept the host key - Execute
ssh-keygen
and create a new ssh key with blank passphrase inconf/borgmatic/ssh
- Add public key to allowed ssh keys at remote host (depending on service)
- Copy from template and edit
conf/borgmatic/borgmatic.d/config.yaml
- Change permissions with
chmod 600 config.yaml
- Init repo if required with
docker exec borgmatic sh -c "borgmatic --init --encryption repokey-blake2"
- Perform a backup to test the setup with
docker exec borgmatic sh -c "borgmatic --verbosity 1"
- Optional: Backup your repo key file with
docker exec borgmatic sh -c "BORG_RSH=\"ssh -i /root/.ssh/<NAME_OF_SSH_KEY>\" borg key export --qr-html <FULL_REPO_NAME> /root/.ssh/repokey.html"
. Your file is available atconf/borgmatic/ssh/repokey.html
.
- Set correct permission with
sudo chown 233:233 /media/data/services/transmission/
- Go through online settings
- Category Torrents
- Set "Download to" to
/downloads
- Set "Directory for incomplete files" to
/running
- Set "Stop seeding at ratio" to 3
- Set "Download to" to
- Category Queue
- Set "Download Queue Size" to 10
Go to https://app.plex.tv to setup following libraries:
- Films
- /data/media/Movies
- /data/optimized/movies
- /data/media/Nazien
- TV Series
- /data/media/TV Shows
- /data/optimized/shows
- /data/media/Nazien
- Foto's
- /data/media/Photos
- Muziek
- /data/media/Music
You can create a new bucket and assign read/write right to a user with following commands:
- Start the MinIO client:
docker run -it --entrypoint=/bin/sh minio/mc
- Add a new server:
mc config host add remote <URL> <ACCESS_KEY> <SECRET_KEY>
- Set bucket name for easy reference:
BUCKET=<REPLACE_ME>
- Create bucket:
mc mb remote/${BUCKET:?}
- Create readwrite policy:
cat > ${BUCKET:?}-rw.json << EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": ["s3:*"],
"Effect": "Allow",
"Resource": ["arn:aws:s3:::${BUCKET:?}/*"]
}
]
}
EOF
- Add policy to MinIO server:
mc admin policy add remote ${BUCKET:?}-rw ${BUCKET:?}-rw.json
- Create new user:
mc admin user add remote <USERNAME> <PASSWORD>
- Assign policy to user:
mc admin policy set remote ${BUCKET:?}-rw user=<USERNAME>
- None
- Every 15 mins: Update IP in DNS (olaf-clc.yml => cloudflare-dyndns.timer)
- None
- None
- Run Borgmatic (conf/borgmatic/borgmatic.d/crontab.txt)
- Run Watchtower (docker-compose.yml)
- 05:00 Update and restart (locksmith)
- 06:00 First of month: Scrub BTRFS filesystem (olaf-clc.yml => btrfs-scrub.timer)