krasovs.ky / homelab
Personal Homelab
fork atom

feat: remnawave panel pod and node added

krasovs.ky 6b392548 2c14b4e4

verified
options
unified split
Changed files
+197 -32
README.md
configs
alloy
config.alloy.tftpl
containers
systemd
networks
remnawave.network
pods
remnawave.pod
remnawave
remnawave-panel.container.tftpl
remnawave-postgres.container.tftpl
remnawave-valkey.container.tftpl
remnawave-node.container.tftpl
fcos.tf
variables.tf
+34 -32
README.md
··· 23 23 24 24 ## Current services 25 25 26 - | Name | Description | Pod | 27 - |-----------------|---------------------------------------------------|-----| 28 - | Actual Budget | Budgeting App | | 29 - | Bluesky PDS | ATProto Personal Data Server | | 30 - | Element Web | Element Web Client | | 31 - | Element Call | Element Call Client | | 32 - | Glance | Homelab Dashboard | | 33 - | Grafana | Data-visualization Platform | | 34 - | Grafana Alloy | OpenTelemetry Collector | | 35 - | Davmail | Exchange to IMAP/SMTP Gateway | | 36 - | Karakeep | Bookmark App | ☑️ | 37 - | Immich | Image & Video Management | ☑️ | 38 - | Matrix | Matrix Homeserver | ☑️ | 39 - | MatrixRTC | Matrix Realtime Stack | ☑️ | 40 - | Miniflux | RSS Reader | ☑️ | 41 - | OAuth2 Proxy | Identity-Aware Proxy | | 42 - | OpenCloud | File Management and Collaboration platform | ☑️ | 43 - | Open WebUI | Chatbot UI | ☑️ | 44 - | Outline | Personal Knowledge Base | ☑️ | 45 - | Plex | Personal Media Server | | 46 - | Pocket ID | Single Sign-on Portal | | 47 - | Podman Exporter | Podman Prometheus Metrics Exporter | | 48 - | rmqtt | MQTT Broker Server | | 49 - | qBittorrent | BitTorrent Client | | 50 - | Tangled Knot | Git Platform based on ATProto | | 51 - | Telegraf | Only for MQTT to OpenTelemetry conversion | | 52 - | Traefik | Application Proxy | | 53 - | Gatus | Uptime Monitoring[^1] | | 54 - | vmauth | Authorization module for VictoriaMetrics products | ☑️ | 55 - | VictoriaMetrics | Metrics Storage | ☑️ | 56 - | VictoriaLogs | Logs Storage | ☑️ | 57 - | VictoriaTraces | Tracing Storage | ☑️ | 26 + | Name | Description | Pod | 27 + |-----------------|--------------------------------------------------------|-----| 28 + | Actual Budget | Budgeting App | | 29 + | Bluesky PDS | ATProto Personal Data Server | | 30 + | Element Web | Element Web Client | | 31 + | Element Call | Element Call Client | | 32 + | Glance | Homelab Dashboard | | 33 + | Grafana | Data-visualization Platform | | 34 + | Grafana Alloy | OpenTelemetry Collector | | 35 + | Davmail | Exchange to IMAP/SMTP Gateway | | 36 + | Karakeep | Bookmark App | ☑️ | 37 + | Immich | Image & Video Management | ☑️ | 38 + | Matrix | Matrix Homeserver | ☑️ | 39 + | MatrixRTC | Matrix Realtime Stack | ☑️ | 40 + | Miniflux | RSS Reader | ☑️ | 41 + | OAuth2 Proxy | Identity-Aware Proxy | | 42 + | OpenCloud | File Management and Collaboration platform | ☑️ | 43 + | Open WebUI | Chatbot UI | ☑️ | 44 + | Outline | Personal Knowledge Base | ☑️ | 45 + | Plex | Personal Media Server | | 46 + | Pocket ID | Single Sign-on Portal | | 47 + | Podman Exporter | Podman Prometheus Metrics Exporter | | 48 + | Remnaware Panel | Censorship Circumvent Proxy Management Platform | ☑️ | 49 + | Remnaware Node | Node for accessing my server from totalitarian regimes | | 50 + | rmqtt | MQTT Broker Server | | 51 + | qBittorrent | BitTorrent Client | | 52 + | Tangled Knot | Git Platform based on ATProto | | 53 + | Telegraf | Only for MQTT to OpenTelemetry conversion | | 54 + | Traefik | Application Proxy | | 55 + | Gatus | Uptime Monitoring[^1] | | 56 + | vmauth | Authorization module for VictoriaMetrics products | ☑️ | 57 + | VictoriaMetrics | Metrics Storage | ☑️ | 58 + | VictoriaLogs | Logs Storage | ☑️ | 59 + | VictoriaTraces | Tracing Storage | ☑️ | 58 60 59 61 [^1]: It lives outside Homeleb. 60 62
+12
configs/alloy/config.alloy configs/alloy/config.alloy.tftpl
··· 112 112 scrape_interval = "10s" 113 113 } 114 114 115 + prometheus.scrape "scrape_remnawave_metrics" { 116 + targets = [ 117 + { __address__ = "remnawave:3001" }, 118 + ] 119 + basic_auth { 120 + username = "admin" 121 + password = "${secrets.remnawave_metrics_pass}" 122 + } 123 + forward_to = [prometheus.remote_write.victoria_metrics.receiver] 124 + scrape_interval = "10s" 125 + } 126 + 115 127 prometheus.remote_write "victoria_metrics" { 116 128 endpoint { 117 129 url = "http://victoria:8428/prometheus/api/v1/write"
+1
configs/containers/systemd/networks/remnawave.network
··· 1 + [Network]
+8
configs/containers/systemd/pods/remnawave.pod
··· 1 + [Unit] 2 + Description=Remnawave Pod 3 + 4 + [Pod] 5 + PodName=remnawave 6 + UserNS=keep-id:uid=1000,gid=1000 7 + Network=remnawave.network 8 + Network=reverse-proxy.network
+23
configs/containers/systemd/remnawave-node.container.tftpl
··· 1 + [Unit] 2 + Description=Remnawave Node Quadlet 3 + 4 + [Container] 5 + Image=docker.io/remnawave/node:latest 6 + AutoUpdate=registry 7 + ContainerName=remnawave-node 8 + 9 + Environment=NODE_PORT=2223 10 + Secret=remnawave-node-secret-key,type=env,target=SECRET_KEY 11 + 12 + Label="glance.parent=remnawave" 13 + Label="glance.name=Remnawave Node" 14 + Label="glance.hide=false" 15 + 16 + Network=reverse-proxy.network 17 + 18 + [Service] 19 + TimeoutStartSec=900 20 + Restart=always 21 + 22 + [Install] 23 + WantedBy=multi-user.target default.target
+50
configs/containers/systemd/remnawave/remnawave-panel.container.tftpl
··· 1 + [Unit] 2 + Description=Remnawave Panel Quadlet 3 + Wants=remnawave-postgres.service remnawave-valkey.service 4 + After=remnawave-postgres.service remnawave-valkey.service 5 + 6 + [Container] 7 + Image=docker.io/remnawave/backend:2 8 + AutoUpdate=registry 9 + ContainerName=remnawave-panel 10 + 11 + User=1000:1000 12 + 13 + Environment=APP_PORT=3000 14 + Environment=METRICS_PORT=3001 15 + Environment=API_INSTANCES=1 16 + Environment=REDIS_HOST=remnawave-valkey 17 + Environment=REDIS_PORT=6379 18 + Environment=FRONT_END_DOMAIN="rw.${base_domain}" 19 + Environment=SUB_PUBLIC_DOMAIN="rw.${base_domain}/api/sub" 20 + Environment=METRICS_USER=admin 21 + Secret=remnawave-database-url,type=env,target=DATABASE_URL 22 + Secret=remnawave-jwt-auth-secret,type=env,target=JWT_AUTH_SECRET 23 + Secret=remnawave-jwt-api-tokens-secret,type=env,target=JWT_API_TOKENS_SECRET 24 + Secret=remnawave-metrics-pass,type=env,target=METRICS_PASS 25 + 26 + Label="glance.id=remnawave" 27 + Label="glance.name=Remnawave" 28 + Label="glance.icon=di:remnawave" 29 + Label="glance.url=https://rw.${base_domain}" 30 + Label="glance.description=Proxy Management Platform" 31 + Label="glance.hide=false" 32 + 33 + Label="traefik.enable=true" 34 + Label="traefik.http.routers.remnawave.rule=Host(`rw.${base_domain}`)" 35 + Label="traefik.http.services.remnawave.loadbalancer.server.port=3000" 36 + 37 + HealthCmd=curl -f http://localhost:3001/health 38 + HealthInterval=30s 39 + HealthTimeout=5s 40 + HealthRetries=3 41 + HealthStartPeriod=30s 42 + 43 + Pod=remnawave.pod 44 + 45 + [Service] 46 + TimeoutStartSec=900 47 + Restart=always 48 + 49 + [Install] 50 + WantedBy=multi-user.target default.target
+32
configs/containers/systemd/remnawave/remnawave-postgres.container.tftpl
··· 1 + [Unit] 2 + Description=Remnawave Postgres Quadlet 3 + 4 + [Container] 5 + Image=docker.io/postgres:18-trixie 6 + AutoUpdate=registry 7 + ContainerName=remnawave-postgres 8 + 9 + User=1000:1000 10 + 11 + Environment=POSTGRES_USER=remnawave 12 + Environment=POSTGRES_DB=remnawave 13 + Secret=remnawave-postgres-password,type=env,target=POSTGRES_PASSWORD 14 + 15 + Label="glance.parent=remnawave" 16 + Label="glance.name=Postgres" 17 + Label="glance.hide=false" 18 + 19 + HealthCmd=pg_isready --dbname="$$${POSTGRES_DB}" --username="$$${POSTGRES_USER}" || exit 1; 20 + HealthStartupInterval=5s 21 + 22 + Volume=/var/mnt/docker/app_data/remnawave/postgres:/var/lib/postgresql:Z 23 + 24 + Pod=remnawave.pod 25 + Notify=healthy 26 + 27 + [Service] 28 + TimeoutStartSec=900 29 + Restart=always 30 + 31 + [Install] 32 + WantedBy=multi-user.target default.target
+27
configs/containers/systemd/remnawave/remnawave-valkey.container.tftpl
··· 1 + [Unit] 2 + Description=Remnawave Valkey Quadlet 3 + 4 + [Container] 5 + Image=docker.io/valkey/valkey:8.1-alpine 6 + AutoUpdate=registry 7 + ContainerName=remnawave-valkey 8 + 9 + User=1000:1000 10 + 11 + Label="glance.parent=remnawave" 12 + Label="glance.name=Valkey" 13 + Label="glance.hide=false" 14 + 15 + HealthCmd=valkey-cli ping || exit 1 16 + 17 + Volume=/var/mnt/docker/app_data/remnawave/valkey:/data:Z 18 + 19 + Pod=remnawave.pod 20 + Notify=healthy 21 + 22 + [Service] 23 + TimeoutStartSec=900 24 + Restart=always 25 + 26 + [Install] 27 + WantedBy=multi-user.target default.target
+4
fcos.tf
··· 59 59 data "bitwarden_secret" "matrix_rtc_livekit_secret" { 60 60 id = var.containers_secret_config.matrix_rtc_livekit_secret 61 61 } 62 + data "bitwarden_secret" "remnawave_metrics_pass" { 63 + id = var.containers_secret_config.remnawave_metrics_pass 64 + } 62 65 63 66 locals { 64 67 // Add secrets into quadlets config ··· 86 89 matrix_authentication_service_smtp_password : data.bitwarden_secret.matrix_authentication_service_smtp_password.value 87 90 matrix_rtc_livekit_key : data.bitwarden_secret.matrix_rtc_livekit_key.value 88 91 matrix_rtc_livekit_secret : data.bitwarden_secret.matrix_rtc_livekit_secret.value 92 + remnawave_metrics_pass : data.bitwarden_secret.remnawave_metrics_pass.value 89 93 } 90 94 }) 91 95
+6
variables.tf
··· 88 88 matrix_authentication_service_secrets_p384_key = "557701bc-7430-4dc8-98ae-b37b0000e3c1" 89 89 matrix_authentication_service_secrets_secp256k1_key = "a6624b6b-1f2c-4883-94dd-b37b00010dc9" 90 90 matrix_authentication_service_smtp_password = "e25452b1-480c-4581-b407-b37b00042943" 91 + remnawave_jwt_auth_secret = "9fb99592-a129-4669-848f-b3b800f42a01" 92 + remnawave_jwt_api_tokens_secret = "aaec18fb-81d8-4e22-9f14-b3b800f4539a" 93 + remnawave_postgres_password = "940eafe8-28fb-49fb-bc60-b3b800f48af5" 94 + remnawave_database_url = "53437e56-c71e-4887-bfd1-b3b800f50ea5" 95 + remnawave_metrics_pass = "1cb78e43-698f-48db-a76d-b3b800fb7524" 96 + remnawave_node_secret_key = "87cadb81-1969-4625-b57e-b3b80105ce9e" 91 97 } 92 98 } 93 99