Skip to content

Services

Overview of core services running across the homelab. The service architecture emphasizes containerization, automation, and self-hosting for privacy and control.

Container Orchestration

🐳 Docker & Portainer

Docker powers the majority of services in the homelab, with Portainer providing centralized management, monitoring, and deployment across multiple hosts.

Key Services: - Media stack (Jellyfin, *arr apps) - Automation (N8N, Home Assistant) - Productivity (Vaultwarden, Paperless-NGX) - Monitoring (Checkmk, Graylog, Netdata)

⎈ Kubernetes

K3s cluster for larger workloads requiring orchestration, scaling, and service mesh capabilities. Used for production-grade deployments and experimenting with cloud-native patterns.

Service Categories

🎬 Media & Entertainment

  • Jellyfin – Self-hosted media streaming (movies, TV, music)
  • Radarr – Movie collection management and automation
  • Sonarr – TV show collection management and automation
  • Prowlarr – Indexer management for *arr apps
  • Bazarr – Subtitle automation
  • SABnzbd – Usenet downloader
  • Transmission – Torrent client (behind VPN)
  • Jellyseerr – Request management for Jellyfin
  • Jellystat – Media analytics and statistics
  • Pterodactyl – Game server management (Minecraft, modded packs)

🤖 AI & Automation

  • N8N – Workflow automation and integration platform
  • Jarvis – Custom AI assistant (voice + text)
  • Open WebUI – Local AI chat interface
  • Ollama – Local LLM runner
  • Coder – Cloud development environments
  • Home Assistant – Smart home automation hub
  • Spotcast – Spotify casting integration

🏠 Smart Home & IoT

  • Home Assistant – Central automation and device control
  • Roborock Integration – Vacuum control and scheduling
  • Moonraker (Klipper) – 3D printer monitoring and control
  • Custom IoT Sensors – ESP8266/ESP32 temperature/humidity sensors

🔍 Monitoring & Observability

  • Checkmk – Comprehensive infrastructure monitoring
  • Graylog – Centralized log management and analysis
  • Netdata – Real-time system metrics (VPS)
  • WUD – Watchtower Update Daemon for container tracking
  • Uptime Kuma – Service uptime monitoring

🛡️ Networking & Security (VPS)

  • Traefik – Reverse proxy with automatic HTTPS
  • Authelia – SSO with two-factor authentication
  • Fail2Ban – Intrusion prevention
  • Cloudflare Tunnel – Secure public access

💻 Development & Collaboration

  • Gitea – Self-hosted Git server
  • Wiki.js – Internal documentation (private)
  • MkDocs – Public documentation (this site!)
  • Coder – VS Code in the browser
  • Azure DevOps – CI/CD pipelines for IaC

📂 Productivity & Tools

  • Vaultwarden – Password manager (Bitwarden-compatible)
  • Actual Budget – Personal finance tracking
  • Paperless-NGX – Document management and OCR
  • Linkwarden – Bookmark and link management
  • ChangeDetection.io – Webpage change monitoring
  • FileBrowser – Web-based file access (VPS)

🌐 Web & Public Services

  • Nginx – Static site hosting (max-thomas.com)
  • LinkStack – Personal link landing page
  • MkDocs Material – This wiki

🗄️ Databases & Caching

  • PostgreSQL – Primary database for apps
  • MySQL/MariaDB – Legacy app support
  • Redis – Caching and session storage
  • InfluxDB – Time-series data for monitoring

Deployment Strategy

Docker Compose Stacks

Most services are deployed using Docker Compose for simplicity and portability:

# Example stack structure
/opt/stacks/
  ├── media/docker-compose.yml       # Jellyfin, *arr apps
  ├── automation/docker-compose.yml  # N8N, Home Assistant
  ├── monitoring/docker-compose.yml  # Checkmk, Graylog
  └── productivity/docker-compose.yml # Vaultwarden, Paperless

Automated Updates

  • WUD – Tracks available container updates
  • Renovate Bot – Automated dependency updates for compose files
  • Manual Approval – Staged updates with testing before production

Backup & Recovery

  • Docker Volume Backups – Automated backups to TrueNAS
  • Configuration as Code – All compose files in Git (Gitea)
  • Disaster Recovery – Documented restore procedures

Service Discovery

Internal DNS

  • AdGuard Home – Local DNS with custom records
  • Split DNS – Internal domains resolve to local IPs
  • Wildcard Records*.services.local for easy access

Reverse Proxy

  • Traefik Labels – Automatic service discovery
  • HTTPS by Default – Let's Encrypt certificates
  • SSO Integration – Authelia for public-facing services

Best Practices

  1. Containerize Everything – Use Docker for consistency and portability
  2. Environment Variables – Externalize configuration from images
  3. Persistent Volumes – Store data on NFS/host mounts
  4. Health Checks – Define health checks for all services
  5. Resource Limits – Prevent resource exhaustion
  6. Logging – Centralize logs to Graylog
  7. Monitoring – Track all services in Checkmk
  8. Documentation – Maintain service inventory in Wiki.js