AWX Part 3 - Projects and Inventories At the beginning of this project, I started out setting up the foundation for Ansible to automate the management, configuration, deployment, and maintenance of the infrastructure that I set up.
AWX Part 2 - Single Sign-On I will be configuring AWX to integrate with the Keycloak Single Sign-On previously installed. Previously, I set up oauth2 integration with Nextcloud, but this time I'm going to set up
AWX Part 1 - Installation AWX is the open source upstream project of the Ansible Tower automation and management platform based on Ansible. Both Ansible and Ansible Tower are provided by RedHat. I plan to
Grocy - ERP Beyond Your Fridge Grocy is an Enterprise Resource Planning (ERP ) application centered around home management. Essentially, it's a web-based self-hosted grocery and household management solution. It has features such as: Tracking grocery purchasesAutomating
Nextcloud Part 4 - Cron Nextcloud needs to be able to execute tasks in the background. It can do this just by executing those tasks whenever any page is loaded via AJAX or webcron, but
Nextcloud Part 3 - Single Sign-On with Keycloak I started with a guide I found on integrating Keycloak with Nextcloak with OpenID Connect (OID). I will want to open the OpenID Endpoint configuration page from the Keycloak Administration
Nextcloud Part 3 - NGINX and Let's Encrypt To begin, I need to create a Config Map key to store the NGINX nginx.conf file which will handle the connections to the Nextcloud FPM container as well as
Nextcloud Part 2 - FPM Now that the Nextcloud MariaDB is up and running, I can deploy a new workload for the Nextcloud FPM container into the Nextcloud namespace. There are a few pre-requisites to
Virtual Gaming I mentioned in an earlier post that one of my side goals for this project was to set up a (Windows) VM which would allow me to utilize Nvidia Gamestream
Freedom! Things have gotten a little busy on the work front so I haven't gotten back to working on Nextcloud, but I came across a post about the FreedomBox so I
Nextcloud Part 1 - Database Nextcloud is the first "production" service to be deployed. Everything else has been building the foundation for Nextcloud and the services which follow it - Mailcow, OpenPGP, Keybase.io, server
Single Sign-On Part 3 - oauth2-proxy In my last post, I stated that I would be moving on to deploying the first "real" application which will bring all of this together. In fact, I decided that
Single Sign-On Part 2 - Keycloak Keycloak provides single sign-on services using multiple protocols and provides a proxy which can be used to add SSO for applications which don't natively support those protocols. It should be
Single Sign-On Part 1 - OpenLDAP Many of the services I deploy will require authentication of some type. Rather than maintaining a separate set of credentials for each one, I want to use single-sign on (SSO)
Server Build Part 4 - Workloads Now that Kubernetes is up and running, it's time to deploy the first workload. First, let's talk about DNS, reverse proxies, and networking. The cluster will host a multitude of
Server Build Part 3 - Virtual Machines Proxmox VE offers two different types of virtual environments. The first is Linux containers (LXC) which provides a very lightweight way to run an isolated virtual Linux environment which utilize
Server Build Part 2 - Operating System and Storage The server hardware is racked and cabled. It's time to choose an operating system. Linux was an obvious choice, but which distribution? With a little research, I narrowed the choices
Server Build Part 1 - Hardware Using server resources from IaaS providers such as Digital Ocean are very convenient and sometimes necessary with services which can't be hosted at home such as an e-mail server, but
Encryption for the masses End-to-end encryption has been a hot topic for years now as more people realize that their data is highly sought after by criminals, their privacy is compromised by those who
You've got mail! If you follow r/selfhosted, you know that one of the most common questions asked is, "can I self-host e-mail?" This is usually because most people bought into the Google
Ansible Refined As I was working on being able to deploy to a Digital Ocean droplet for "development", "test", and "production", I realized that my original vision of the Ansible playbooks needed
ansible Ansible what? Since the last update, I have been working to set up a basic way to automate common configuration and management tasks with Ansible. The basic Ansible setup uses a primary
Network Migrated In my last update, I was setting up the new Unifi networks and getting the devices migrated. I have now pulled the old Amplifi router off of the network as
Time to Unifi I received the Ubiquiti Unifi gear and got it racked and cabled. It consists of a Unifi Security Gateway Pro, a Unifi 24 port managed switch, and a Unifi AC
Current State December 2019 As 2019 comes to a close and I look forward to 2020, it is time to take an inventory of the current state of things. I'm obviously not starting with