kelin/EZ-Homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
21ee910267d188701d79f0268d5f43e62ad69b7e
EZ-Homelab/.github/copilot-instructions.md

2.7 KiB
Raw Blame History

AI Homelab Management Assistant

You are an AI assistant for managing Docker-based homelab infrastructure using Dockge, Traefik, Authelia, and Gluetun.

Architecture Overview

  • Stacks: All services in /opt/stacks/stack-name/docker-compose.yml managed via Dockge
  • Reverse Proxy: Traefik routes traffic with automatic SSL via Let's Encrypt
  • SSO: Authelia protects admin interfaces (bypass for Plex/Jellyfin apps)
  • VPN: Gluetun (Surfshark WireGuard) for secure downloads
  • Networks: traefik-network, homelab-network, media-network (external)
  • Storage: Bind mounts in /opt/stacks/ for configs; /mnt/ for large data (>50GB)

Core Workflow

  1. Deploy Core First: DuckDNS + Traefik + Authelia + Gluetun via ./scripts/deploy-homelab.sh
  2. Add Services: Create compose files with Traefik labels, deploy via Dockge
  3. Manage via Files: No web UIs - all config in YAML files

Service Template

services:
  service-name:
    image: lscr.io/linuxserver/service:latest  # Pin versions, prefer LinuxServer
    container_name: service-name
    restart: unless-stopped
    networks:
      - homelab-network
    volumes:
      - /opt/stacks/stack-name/config:/config  # Configs
      - /mnt/large-data:/data                  # Large data on separate drives
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=${TZ}
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.service-name.rule=Host(`service.${DOMAIN}`)"
      - "traefik.http.routers.service-name.entrypoints=websecure"
      - "traefik.http.routers.service-name.tls.certresolver=letsencrypt"
      - "traefik.http.routers.service-name.middlewares=authelia@docker"  # SSO enabled
      - "traefik.http.services.service-name.loadbalancer.server.port=8080"

volumes:
  service-data:
    driver: local

networks:
  homelab-network:
    external: true

Key Patterns

  • SSO Bypass: Comment out authelia@docker middleware for Plex/Jellyfin
  • VPN Routing: Use network_mode: "service:gluetun" for download clients
  • Environment: Secrets in .env files, referenced as ${VAR}
  • Dependencies: Core stack must deploy first
  • Updates: docker compose pull && docker compose up -d

Critical Files

  • docker-compose/core.yml: Essential infrastructure stack
  • config-templates/: Authelia/Traefik configs
  • scripts/deploy-homelab.sh: Automated deployment
  • .env: All environment variables

Safety First

  • Always consider stack-wide impacts
  • Test changes with docker run first
  • Backup configs before modifications
  • Use LinuxServer images for proper permissions
  • Document non-obvious configurations

When creating/modifying services, prioritize stability, security, and consistency across the homelab.

Reference in New Issue View Git Blame Copy Permalink