Last active
February 18, 2023 03:17
-
-
Save shurizzle/a3c0a12a7f36bc264d0e0a9391e0f03b to your computer and use it in GitHub Desktop.
Services on home server
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| set -eu | |
| echo 'net.ipv4.conf.all.src_valid_mark = 1' | \ | |
| sudo tee '/etc/sysctl.d/10-wireguard.conf' >/dev/null | |
| sudo sysctl net.ipv4.conf.all.src_valid_mark=1 | |
| docker run -d \ | |
| --name=wireguard \ | |
| --cap-add=NET_ADMIN \ | |
| --cap-add=SYS_MODULE \ | |
| -e PUID="$(id -u)" \ | |
| -e PGID="$(id -g)" \ | |
| -e TZ=Europe/Rome \ | |
| -e INTERNAL_SUBNET=10.13.13.0 \ | |
| -e ALLOWEDIPS=0.0.0.0/0 \ | |
| -e SERVERPORT=51820 \ | |
| --network=host \ | |
| -v "/root/.local/etc/wireguard:/config" \ | |
| -v /lib/modules:/lib/modules \ | |
| --restart unless-stopped \ | |
| linuxserver/wireguard | |
| # docker run -d \ | |
| # --name=tvheadend \ | |
| # --network=host \ | |
| # --restart unless-stopped \ | |
| # -e PUID="$(id -u)" \ | |
| # -e PGID="$(id -g)" \ | |
| # -e TZ=Europe/Rome \ | |
| # -v "$HOME/.config/tvheadend":/config \ | |
| # -v /data/recordings:/recordings \ | |
| # --device /dev/dvb:/dev/dvb \ | |
| # linuxserver/tvheadend:latest | |
| docker run -d \ | |
| --name portainer \ | |
| --network=host \ | |
| --restart unless-stopped \ | |
| -v /var/run/docker.sock:/var/run/docker.sock \ | |
| -v portainer_data:/data \ | |
| portainer/portainer-ce:latest | |
| docker run -d \ | |
| --name pihole \ | |
| --network=host \ | |
| --restart unless-stopped \ | |
| -e TZ=Europe/Rome \ | |
| -e PROXY_LOCATION=filottete.local \ | |
| -e VIRTUAL_HOST=filottete.local \ | |
| -v /root/.local/etc/dnsmasq.d:/etc/dnsmasq.d \ | |
| -v /root/.local/etc/pihole:/etc/pihole \ | |
| pihole/pihole:latest | |
| docker run -d \ | |
| --name plex \ | |
| --network=host \ | |
| --restart unless-stopped \ | |
| -e TZ="Europe/Rome" \ | |
| -e PLEX_UID="$(id -u)" \ | |
| -e PLEX_GID="$(id -g)" \ | |
| -e VERSION=docker \ | |
| -e UMASK=022 \ | |
| -v /home/shura/.config/plex:/config \ | |
| -v /data:/data \ | |
| --device /dev/dvb:/dev/dvb \ | |
| linuxserver/plex | |
| sudo ufw disable | |
| sudo ufw reset | |
| sudo ufw limit OpenSSH | |
| cat <<'EOF' | sudo tee "/etc/ufw/applications.d/ufw-avahi" >/dev/null | |
| [Avahi] | |
| title=Avahi | |
| description=Avahi protocol | |
| ports=5353/udp | |
| EOF | |
| sudo ufw allow avahi | |
| cat <<'EOF' | sudo tee "/etc/ufw/applications.d/ufw-pihole" >/dev/null | |
| [PiHole] | |
| title=PiHole | |
| description=PiHole | |
| ports=53/tcp|80/tcp|53/udp|67/udp | |
| EOF | |
| sudo ufw allow pihole | |
| cat <<'EOF' | sudo tee "/etc/ufw/applications.d/ufw-plex" >/dev/null | |
| [Plex] | |
| title=Plex | |
| description=Plex media server | |
| ports=32400/tcp|1900/udp|3005/tcp|5353/udp|8324/tcp|32410/udp|32412:32414/udp|32469/tcp | |
| EOF | |
| sudo ufw allow plex | |
| cat <<'EOF' | sudo tee "/etc/ufw/applications.d/ufw-portainer" >/dev/null | |
| [Portainer] | |
| title=Portainer | |
| description=Portainer | |
| ports=8000/tcp|9443/tcp|9000/tcp | |
| EOF | |
| sudo ufw allow portainer | |
| # cat <<'EOF' | sudo tee "/etc/ufw/applications.d/ufw-tvheadend" >/dev/null | |
| # [TVHeadEnd] | |
| # title=TVHeadEnd | |
| # description=TVHeadEnd | |
| # ports=9981:9982/tcp | |
| # EOF | |
| # sudo ufw allow tvheadend | |
| cat <<'EOF' | sudo tee "/etc/ufw/applications.d/ufw-wireguard" >/dev/null | |
| [WireGuard] | |
| title=WireGuard | |
| description=WireGuard VPN | |
| ports=51820/udp | |
| EOF | |
| sudo ufw allow wireguard | |
| sudo ufw enable |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment