eddie/homelab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
homelab/docs/quick-reference.md
Claude 4adaa8e8be
docs: Add comprehensive documentation for homelab setup and operations 
This commit adds extensive documentation covering all aspects of homelab setup,
configuration, and troubleshooting.

## Documentation Structure

### Main Documentation
- **docs/README.md**: Documentation hub with table of contents
- **docs/getting-started.md**: Complete setup guide from scratch
- **docs/quick-reference.md**: Fast reference for common tasks and commands

### Configuration Guides (docs/guides/)
- **secrets-management.md**: Environment variables and secrets configuration
  - How to generate secure secrets
  - Service-specific configuration
  - Automated secret generation scripts
  - Security best practices
  - Common mistakes to avoid

- **gpu-setup.md**: NVIDIA GTX 1070 GPU acceleration setup
  - Specific to Proxmox 9 on Debian 13
  - Complete passthrough configuration
  - Jellyfin hardware transcoding setup
  - Immich ML inference acceleration
  - Performance tuning and benchmarks
  - Troubleshooting GPU issues

### Troubleshooting (docs/troubleshooting/)
- **faq.md**: Frequently asked questions (60+ Q&A)
  - General questions about the homelab
  - Setup and configuration questions
  - SSL/TLS and SSO questions
  - Service-specific questions
  - Security and backup questions
  - Performance optimization

- **common-issues.md**: Common problems and solutions
  - Service startup failures
  - SSL certificate errors
  - SSO authentication issues
  - Access problems
  - Performance issues
  - Database errors
  - Network issues
  - GPU problems

### Services (docs/services/)
- **README.md**: Complete service overview
  - All 20 services with descriptions
  - Use cases for each service
  - Resource requirements
  - Deployment checklists
  - Service dependencies
  - Minimum viable setups

## Key Features

### Environment-Specific
All GPU documentation is specific to:
- **Platform**: Proxmox 9 (PVE)
- **OS**: Debian 13
- **GPU**: NVIDIA GTX 1070 (Pascal)
- Includes Proxmox-specific GPU passthrough
- VM guest setup on Debian 13
- NVIDIA Container Toolkit configuration

### Comprehensive Coverage
- 60+ FAQs answered
- 50+ common issues documented
- 100+ command examples
- Step-by-step procedures
- Troubleshooting decision trees
- Quick reference tables

### Practical Examples
- Actual command outputs
- Real-world scenarios
- Copy-paste ready commands
- Configuration file examples
- Debugging procedures

## Documentation Highlights

### Getting Started Guide
- Prerequisites checklist
- Docker installation
- Media directory setup
- DNS configuration
- Environment variable setup
- Service deployment order
- Initial service configuration
- Verification procedures

### Secrets Management
- Secret type identification
- Generation commands for each type
- Service-specific requirements
- Automated generation script
- Password manager integration
- Backup procedures
- Security best practices
- Common mistakes

### GPU Setup (Proxmox/Debian/GTX 1070)
- IOMMU enablement
- VFIO configuration
- PCI passthrough to VM
- NVIDIA driver installation on Debian 13
- Container toolkit setup
- Jellyfin NVENC configuration
- Immich CUDA acceleration
- Performance benchmarks
- NVENC stream limit unlock
- Monitoring and tuning

### Quick Reference
- All service URLs
- Common Docker Compose commands
- System check commands
- Secret generation commands
- Troubleshooting steps
- File locations
- Port reference
- Emergency procedures

### FAQ
Covers questions about:
- Hardware requirements
- Domain requirements
- Cost estimates
- Setup procedures
- Configuration details
- SSL certificates
- SSO authentication
- Service-specific issues
- Backup strategies
- Performance optimization
- Security considerations

### Common Issues
Solutions for:
- Container startup failures
- Environment variable errors
- Port conflicts
- Permission issues
- SSL certificate problems
- DNS issues
- SSO login failures
- Database connections
- Network connectivity
- GPU detection
- Resource constraints

### Services Overview
- Detailed description of all 20 services
- Use cases and features
- Required vs optional services
- Resource requirements by tier
- Service dependencies diagram
- Deployment checklists
- "When to use" guidance

## File Structure

```
docs/
├── README.md                           # Documentation hub
├── getting-started.md                  # Setup walkthrough
├── quick-reference.md                  # Command reference
├── guides/
│   ├── secrets-management.md           # Secrets configuration
│   └── gpu-setup.md                    # GPU acceleration (GTX 1070)
├── troubleshooting/
│   ├── faq.md                          # 60+ FAQs
│   └── common-issues.md                # Problem solving
└── services/
    └── README.md                       # Service overview
```

## Benefits

### For New Users
- Clear setup path from zero to running services
- Explains "why" not just "how"
- Common pitfalls documented and avoided
- Example configurations provided

### For Experienced Users
- Quick reference for commands
- Troubleshooting decision trees
- Performance tuning guides
- Advanced configurations

### For Maintenance
- Update procedures
- Backup and restore
- Monitoring guidelines
- Security hardening

## Documentation Standards

- Clear, concise writing
- Code blocks with syntax highlighting
- Examples with expected output
- Warning and tip callouts
- Cross-references between docs
- Tested commands and procedures

## Next Steps

Users should:
1. Start with getting-started.md
2. Configure secrets using secrets-management.md
3. Enable GPU if available (gpu-setup.md)
4. Use quick-reference.md for daily operations
5. Refer to faq.md and common-issues.md when stuck

---

**This documentation makes the homelab accessible to users of all skill levels!**
2025-11-06 19:32:10 +00:00

10 KiB
Raw Blame History

Quick Reference Guide

Fast reference for common tasks and commands.

Service URLs

All services accessible via:

  • Primary domain: *.fig.systems
  • Secondary domain: *.edfig.dev

Core Services

https://traefik.fig.systems  # Reverse proxy dashboard
https://lldap.fig.systems    # User directory
https://auth.fig.systems     # SSO authentication

Dashboard & Management

https://home.fig.systems     # Homarr dashboard (START HERE!)
https://backup.fig.systems   # Backrest backup manager

Media Services

https://flix.fig.systems      # Jellyfin media server
https://photos.fig.systems    # Immich photo library
https://requests.fig.systems  # Jellyseerr media requests
https://sonarr.fig.systems    # TV show automation
https://radarr.fig.systems    # Movie automation
https://sabnzbd.fig.systems   # Usenet downloader
https://qbt.fig.systems       # qBittorrent client

Utility Services

https://links.fig.systems     # Linkwarden bookmarks
https://tasks.fig.systems     # Vikunja task management
https://garage.fig.systems    # LubeLogger vehicle tracking
https://books.fig.systems     # Calibre-web ebook library
https://booklore.fig.systems  # Book tracking
https://rss.fig.systems       # FreshRSS reader
https://files.fig.systems     # File Browser

Common Commands

Docker Compose

# Start service
cd ~/homelab/compose/path/to/service
docker compose up -d

# View logs
docker compose logs -f

# Restart service
docker compose restart

# Stop service
docker compose down

# Update and restart
docker compose pull
docker compose up -d

# Rebuild service
docker compose up -d --force-recreate

Docker Management

# List all containers
docker ps

# List all containers (including stopped)
docker ps -a

# View logs
docker logs <container_name>
docker logs -f <container_name>  # Follow logs

# Execute command in container
docker exec -it <container_name> bash

# View resource usage
docker stats

# Remove stopped containers
docker container prune

# Remove unused images
docker image prune -a

# Remove unused volumes (CAREFUL!)
docker volume prune

# Complete cleanup
docker system prune -a --volumes

Service Management

# Start all core services
cd ~/homelab/compose/core
for dir in traefik lldap tinyauth; do
  cd $dir && docker compose up -d && cd ..
done

# Stop all services
cd ~/homelab
find compose -name "compose.yaml" -execdir docker compose down \;

# Restart single service
cd ~/homelab/compose/services/servicename
docker compose restart

# View all running containers
docker ps --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}"

System Checks

# Check all containers
docker ps --format "table {{.Names}}\t{{.Status}}"

# Check network
docker network inspect homelab

# Check disk usage
docker system df
df -h

# Check logs for errors
docker compose logs --tail=100 | grep -i error

# Test DNS resolution
dig home.fig.systems +short

# Test SSL
curl -I https://home.fig.systems

Secret Generation

# JWT/Session secrets (64 char)
openssl rand -hex 32

# Database passwords (32 char alphanumeric)
openssl rand -base64 32 | tr -d /=+ | cut -c1-32

# API keys (32 char hex)
openssl rand -hex 16

# Find what needs updating
grep -r "changeme_" ~/homelab/compose

Troubleshooting

Service Won't Start

# Check logs
docker compose logs

# Check container status
docker compose ps

# Check for port conflicts
sudo netstat -tulpn | grep :80
sudo netstat -tulpn | grep :443

# Recreate container
docker compose down
docker compose up -d

SSL Certificate Issues

# Check Traefik logs
docker logs traefik | grep -i certificate

# Check Let's Encrypt logs
docker logs traefik | grep -i letsencrypt

# Verify DNS
dig home.fig.systems +short

# Test port 80 accessibility
curl -I http://home.fig.systems

SSO Not Working

# Check LLDAP
docker logs lldap

# Check Tinyauth
docker logs tinyauth

# Verify passwords match
grep LLDAP_LDAP_USER_PASS ~/homelab/compose/core/lldap/.env
grep LDAP_BIND_PASSWORD ~/homelab/compose/core/tinyauth/.env

# Test LDAP connection
docker exec tinyauth nc -zv lldap 3890

Database Connection Failures

# Check database container
docker ps | grep postgres

# View database logs
docker logs <db_container_name>

# Test connection from app container
docker exec <app_container> nc -zv <db_container> 5432

# Verify password in .env
cat .env | grep POSTGRES_PASSWORD

File Locations

Configuration

~/homelab/compose/               # All services
~/homelab/compose/core/          # Core infrastructure
~/homelab/compose/media/         # Media services
~/homelab/compose/services/      # Utility services

Service Data

compose/<service>/config/        # Service configuration
compose/<service>/data/          # Service data
compose/<service>/db/            # Database files
compose/<service>/.env           # Environment variables

Media Files

/media/movies/                   # Movies
/media/tv/                       # TV shows
/media/music/                    # Music
/media/photos/                   # Photos
/media/books/                    # Books
/media/downloads/                # Active downloads
/media/complete/                 # Completed downloads

Logs

docker logs <container_name>     # Container logs
compose/<service>/logs/          # Service-specific logs (if configured)
/var/lib/docker/volumes/         # Volume data

Network

Create Network

docker network create homelab

Inspect Network

docker network inspect homelab

Connect Container to Network

docker network connect homelab <container_name>

GPU (NVIDIA GTX 1070)

Check GPU Status

nvidia-smi

Test GPU in Docker

docker run --rm --gpus all nvidia/cuda:12.2.0-base-ubuntu22.04 nvidia-smi

Monitor GPU Usage

watch -n 1 nvidia-smi

Check GPU in Container

docker exec jellyfin nvidia-smi
docker exec immich_machine_learning nvidia-smi

Backup

Backup Configuration Files

cd ~/homelab
tar czf homelab-config-$(date +%Y%m%d).tar.gz \
  $(find compose -name ".env") \
  $(find compose -name "compose.yaml")

Backup Service Data

# Example: Backup Immich
cd ~/homelab/compose/media/frontend/immich
tar czf immich-backup-$(date +%Y%m%d).tar.gz upload/ config/

Restore Configuration

tar xzf homelab-config-YYYYMMDD.tar.gz

Updates

Update Single Service

cd ~/homelab/compose/path/to/service
docker compose pull
docker compose up -d

Update All Services

cd ~/homelab
for dir in $(find compose -name "compose.yaml" -exec dirname {} \;); do
  echo "Updating $dir"
  cd $dir
  docker compose pull
  docker compose up -d
  cd ~/homelab
done

Update Docker

sudo apt update
sudo apt upgrade docker-ce docker-ce-cli containerd.io

Performance

Check Resource Usage

# Overall system
htop

# Docker containers
docker stats

# Disk usage
df -h
docker system df

# Network usage
iftop

Clean Up Disk Space

# Docker cleanup
docker system prune -a

# Remove old logs
sudo journalctl --vacuum-time=7d

# Find large files
du -h /media | sort -rh | head -20

DNS Configuration

Cloudflare Example

Type: A
Name: *
Content: YOUR_SERVER_IP
Proxy: Off (disable for Let's Encrypt)
TTL: Auto

Local DNS (Pi-hole/hosts file)

192.168.1.100  home.fig.systems
192.168.1.100  flix.fig.systems
192.168.1.100  photos.fig.systems
# ... etc

Environment Variables

List All Services with Secrets

find ~/homelab/compose -name ".env" -exec echo {} \;

Check for Unconfigured Secrets

grep -r "changeme_" ~/homelab/compose | wc -l
# Should be 0

Backup All .env Files

cd ~/homelab
tar czf env-files-$(date +%Y%m%d).tar.gz $(find compose -name ".env")
gpg -c env-files-$(date +%Y%m%d).tar.gz

Monitoring

Service Health

# Check all containers are running
docker ps --format "{{.Names}}: {{.Status}}" | grep -v "Up"

# Check for restarts
docker ps --format "{{.Names}}: {{.Status}}" | grep "Restarting"

# Check logs for errors
docker compose logs --tail=100 | grep -i error

SSL Certificate Expiry

# Check cert expiry
echo | openssl s_client -servername home.fig.systems -connect home.fig.systems:443 2>/dev/null | openssl x509 -noout -dates

Disk Space

# Overall
df -h

# Docker
docker system df

# Media
du -sh /media/*

Common File Paths

# Core services
~/homelab/compose/core/traefik/
~/homelab/compose/core/lldap/
~/homelab/compose/core/tinyauth/

# Media
~/homelab/compose/media/frontend/jellyfin/
~/homelab/compose/media/frontend/immich/
~/homelab/compose/media/automation/sonarr/

# Utilities
~/homelab/compose/services/homarr/
~/homelab/compose/services/backrest/
~/homelab/compose/services/linkwarden/

# Documentation
~/homelab/docs/
~/homelab/README.md

Port Reference

80   - HTTP (Traefik)
443  - HTTPS (Traefik)
3890 - LLDAP
6881 - qBittorrent (TCP/UDP)
8096 - Jellyfin
2283 - Immich

Default Credentials

⚠️ Change these immediately after first login!

qBittorrent

Username: admin
Password: adminadmin

Microbin

Check compose/services/microbin/.env
MICROBIN_ADMIN_USERNAME
MICROBIN_ADMIN_PASSWORD

All Other Services

Use SSO (LLDAP) or create admin account on first visit.

Quick Deployment

Deploy Everything

cd ~/homelab
chmod +x deploy-all.sh
./deploy-all.sh

Deploy Core Only

cd ~/homelab/compose/core/traefik && docker compose up -d
cd ../lldap && docker compose up -d
cd ../tinyauth && docker compose up -d

Deploy Media Stack

cd ~/homelab/compose/media/frontend
for dir in */; do cd "$dir" && docker compose up -d && cd ..; done

cd ~/homelab/compose/media/automation
for dir in */; do cd "$dir" && docker compose up -d && cd ..; done

Emergency Procedures

Stop All Services

cd ~/homelab
find compose -name "compose.yaml" -execdir docker compose down \;

Remove All Containers (Nuclear Option)

docker stop $(docker ps -aq)
docker rm $(docker ps -aq)

Reset Network

docker network rm homelab
docker network create homelab

Reset Service

cd ~/homelab/compose/path/to/service
docker compose down -v  # REMOVES VOLUMES!
docker compose up -d

For detailed guides, see the docs folder.