Services and Tools - capyBearista/home-server GitHub Wiki

Docker Compose

Docker Compose is the backbone of most of my services.

I use Docker Compose whenever I can—it's just so much easier to manage updates, dependencies, and restarts. If you haven't used it before, it's basically a way to define all your containers and their settings in a single YAML file, then bring them up or down with a single command. Highly recommend learning the basics!

cron jobs

Tasks that run automatically at specified times or intervals.

Cron jobs are commonly used to automate repetitive tasks like backups, updates, or system maintenance, so you don't have to remember to run them manually.

Backing up /home/ to external drive using rsync
This gives me peace of mind that my files are safe, even if I forget to do it manually. I set up a simple cron job to back up my home directory every morning at 5AM. Here's the line from my crontab:

0 5 * * * rsync -aP /home/ /mnt/external_drive/horizon_backup/

CrowdSec

Crowd-sourced security.

CrowdSec is a modern security tool that analyzes logs and detects suspicious activity, like brute-force attacks or port scans. What makes it unique is that it shares anonymized attack information with the community, so everyone benefits from up-to-date threat intelligence. I'm still experimenting with it, but so far it's been a set-and-forget layer of protection—alerts me if something weird is going on, and can automatically block bad actors.

Setup steps:

  1. Install CrowdSec repositors: curl -s https://packagecloud.io/install/repositories/crowdsec/crowdsec/script.deb.sh | sudo bash
  2. Install CrowdSec: sudo apt install crowdsec
  3. Follow the prompts to set up the agent.
  4. (Optional) Install the firewall bouncer: sudo apt install crowdsec-firewall-bouncer-iptables
  5. Check the dashboard: sudo cscli dashboard setup (or use the web UI if enabled).

Duck DNS

Dynamic DNS service, recommended when your ISP doesn't offer a static IP.

Duck DNS keeps my server accessible from anywhere, even though my home IP changes from time to time. Super easy to set up, and free!

Setup steps:

  1. Sign up at duckdns.org and create a subdomain.
  2. On your server, install curl and cron if not already present on your system.
  3. Make a directory,, enter it, and create a new file duck.sh
mkdir duckdns
cd duckdns
nano duck.sh
  1. Copy/paste this command into the file. You must change your token and domain to be the one you want to update.
echo url="https://www.duckdns.org/update?domains=exampledomain&token=a7c4d0ad-114e-40ef-ba1d-d217904a50f2&ip=" | curl -k -o ~/duckdns/duck.log -K -
  1. Exit the file. Press Ctrl+S then Ctrl+X.
  2. Make the duck.sh file executable: chmod 700 duck.sh
  3. Enter the file containing cron jobs: crontab -e
  4. Paste this command at the bottom of crontab:
*/5 * * * * ~/duckdns/duck.sh >/dev/null 2>&1
  1. Exit the file. Press Ctrl+S then Ctrl+X.
  2. Test the script: ./duck.sh
  3. Check if the attempt was successful: cat duck.log (OK if success, KO if not)

Immich

Self-hosted photo and video backup solution.

  • Used Docker Compose
  • Accessible through browser and mobile app

Immich is my go-to for photo and video backups. I keep the heavy media files on an external HDD, but the database lives on the internal SSD for speed. All managed with Docker Compose, so updates are a breeze.

Setup steps:

  1. Visit the Immich repo for a sample docker-compose.yml file.
  2. Copy the contents into a docker-compose.yml file on your system (I recommend making a dedicated directory).
  3. Edit the compose file to set your media and database paths.
  4. Run docker compose up -d in the directory.
  5. Access Immich via browser at http://<server-ip>:2283 or mobile app and create your user account.

Jellyfin

Open-source media server for streaming movies and TV shows.

  • Used Docker Compose
  • Accessible through browser

Jellyfin is my media server of choice. Streams movies and shows to any device on my network. I just point it at my media folders and let it do its thing. The web UI is super clean, and again, Docker Compose makes it trivial to manage.

Setup steps:

  1. Visit the Jellyfin website for a sample docker-compose.yml file.
  2. Copy the contents into a docker-compose.yml file on your system (I recommend making a dedicated directory).
  3. Map your media folders and set a config directory.
  4. Run docker compose up -d.
  5. Visit http://<server-ip>:8096 to complete setup.

Minecraft Server

It's Minecraft.

  • Used Docker Compose
  • Accessible through Minecraft

I run a Minecraft server for friends and family. No need for fancy panels—just a Compose file and a couple of ports forwarded. Works great, and I can spin it up or down as needed.

Setup steps:

  1. Visit setupmc.com to easily configure docker-compose.yml with your desired settings (world seed, mods, ports, player count, etc.).
  2. Copy the contents into a docker-compose.yml file on your system (I recommend making a dedicated directory).
  3. Run docker compose up -d.
  4. Connect from Minecraft using your server's IP and port.

Pi-Hole

Network-wide ad and tracker blocker.

  • Used Docker Compose
  • Accessible through browser
  • Set up on IP address: 192.168.0.200

Pi-Hole blocks ads and trackers for my whole network. I gave it a dedicated IP and set it as the main DNS in my router. The web interface is super handy for checking stats or whitelisting domains.

  • Set up as primary DNS (DHCP) in router settings
  • Router is using 1.1.1.1 and 1.0.0.1 as primary and secondary DNS

Setup steps:

  1. Visit the Pi-Hole repo for a sample docker-compose.yml file.
  2. Copy the contents into a docker-compose.yml file on your system (I recommend making a dedicated directory).
  3. Set the container to use a static IP (e.g., 192.168.0.200). Ensure this IP is not already in user by logging into your router. Or just pray.
  4. Map ports 53 (DNS) and 80 (web UI).
  5. Run docker compose up -d.
  6. Set your router's DNS to point to the Pi-Hole IP.
  7. Access Pi-Hole at <the-static-ip-you-just-set>/admin for further configuration.

Portainer

Web UI for Docker management.

Portainer is a lightweight web interface for managing Docker containers. I use it to quickly check which containers are running, view logs, restart services, and even update images—all from my browser. It's especially handy when I don't want to SSH in and type out Docker commands. Setup is as simple as running a Portainer container with Docker Compose.

Setup steps:

  1. A bit less straightforwad. Visit the Earthly.dev (unaffilated with Portainer) for a sample docker-compose.yml file.
  2. Copy the contents into a docker-compose.yml file on your system (I recommend making a dedicated directory).
  3. Map port 9443 (or 9000 for HTTP).
  4. Run docker compose up -d.
  5. Access Portainer at https://<server-ip>:9443 and create your admin user.

Rootkit Hunter (rkhunter)

Security tool for checking for rootkits and suspicious files.

Pretty self-explanatory. It's not perfect, but it's a good extra layer. Because I'm paranoid, I have rkhunter set up to run automatically every time I install or update packages with apt. This way, I get an extra check for rootkits whenever the system changes, without having to remember to run it manually.

Setup steps:

  1. Install: sudo apt install rkhunter
  2. Run a scan: sudo rkhunter --check
  3. (Optional) Set up a cron job or hook to run after apt updates.

Samba

File sharing between Linux, Windows, and Mac.

Samba lets me share folders from the server to any device on my network. Super useful for moving files around or backing up from other computers.

Setup steps:

  1. Install: sudo apt install samba
  2. Edit /etc/samba/smb.conf to add your shared folders.
  3. Create Samba users: sudo smbpasswd -a <username>
  4. Restart Samba: sudo systemctl restart smbd
  5. Access shares from other devices using the server's IP.

Webmin

Web-based system administration.

Webmin gives me a web UI for managing the server—user accounts, services, updates, and more. I don't use it every day, but it's nice to have for quick changes.

Setup steps:

  1. Download and install the Webmin .deb package from webmin.com.
  2. Install with sudo dpkg -i webmin_*.deb (resolve dependencies with sudo apt --fix-broken install if needed).
  3. Access Webmin at https://<server-ip>:10000 in your browser.

Other tools I use:

  • neofetch: Just for fun. Shows system info in the terminal with cool ASCII art.
  • lolcat: Make your terminal output RGB because more colors = better.
  • figlet: Generates large ASCII art text banners in your terminal.
  • cmatrix: Displays a "Matrix"-style rain animation in your terminal so you can look like a real hacker.
  • btop: A modern, colorful resource monitor that looks waaay cooler than htop.
⚠️ **GitHub.com Fallback** ⚠️