kenjim/appa-net
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
22d17d39f9522683bf37278c3f22d8d2d8c47dab
appa-net/zet.home.arpa
History
Kenji M 22d17d39f9 zet: document UFW rules required for nginx on LAN 
Ports 80 and 443 must be open in UFW so LAN clients using split DNS
can reach nginx directly without going through pfSense NAT.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-19 15:08:17 +00:00
..
git-server
added git server info
2026-04-22 14:59:04 -05:00
nfs
zet.home.arpa: document all services and SSL/nginx setup
2026-06-19 14:37:04 +00:00
nginx
zet: document UFW rules required for nginx on LAN
2026-06-19 15:08:17 +00:00
pihole
zet.home.arpa: document all services and SSL/nginx setup
2026-06-19 14:37:04 +00:00
samba
zet.home.arpa: document all services and SSL/nginx setup
2026-06-19 14:37:04 +00:00
squid
zet.home.arpa: document all services and SSL/nginx setup
2026-06-19 14:37:04 +00:00
ssl
zet.home.arpa: document all services and SSL/nginx setup
2026-06-19 14:37:04 +00:00
PROXY-SETUP.md
Add pfSense backup utility and documentation
2026-04-22 14:42:43 -05:00
README.md
zet.home.arpa: document all services and SSL/nginx setup
2026-06-19 14:37:04 +00:00
storage.md
zet.home.arpa: document all services and SSL/nginx setup
2026-06-19 14:37:04 +00:00

README.md

zet.home.arpa

Home lab server providing file sharing, DNS filtering, web proxy, and git hosting.

Server Overview

Field Value
Hostname zet / zet.home.arpa / zet.kenjim.com
Primary IP 172.27.0.35
OS Ubuntu 24.04.4 LTS (Noble)
Kernel 6.8.0-124-generic
Network 172.27.0.0/24

Services

Service Port(s) How It Runs Docs
nginx (SSL reverse proxy) 80, 443/tcp systemd (nginx) nginx/
Pi-hole (DNS + ad blocking) 53/tcp+udp, 8081/tcp, 67/udp Docker container pihole/
Samba (SMB file sharing) 445, 139 systemd (smbd, nmbd) samba/
NFS 2049/tcp+udp systemd nfs/
Squid (web proxy) 3128/tcp systemd (squid) squid/
Gitea (git server) 3000/tcp systemd (gitea) git-server/
SSH 22/tcp systemd (ssh)
Docker systemd (docker)

Public Hostnames (HTTPS via nginx)

Hostname Target Notes
git.kenjim.com Gitea (:3000) Public
www.kenjim.com Docker container Public
kenji.kenjim.com Docker container Public
gt.kenjim.com CNAME elsewhere Cert covers it, nginx drops it
zet.kenjim.com SSH only No web — dynamic DNS entry

All HTTPS subdomains share one Let's Encrypt cert. See ssl/ and nginx/.

Storage

See storage.md for full disk layout. Summary:

Mount Device Size Use
/ nvme0n1p3 (LVM) 950 GB OS + apps
/data/ssd-photos sda (LVM, Crucial MX500) 916 GB Photos SSD
/data/hsgt10a sdb1 (HGST 10 TB) 9.1 TB Primary bulk storage
/data/hsgt10b sdc1 (HGST 10 TB) 9.1 TB Secondary bulk storage

Network

The server holds four IPs on a single USB NIC (enx00242788c03a):

  • 172.27.0.35 — primary (DHCP, used for most services)
  • 172.27.0.36, 172.27.0.37, 172.27.0.38 — secondary aliases

The built-in NIC (enp1s0) and WiFi (wlp2s0) are both DOWN.

Quick Service Commands

# nginx (SSL reverse proxy)
sudo systemctl restart nginx
sudo nginx -t                                 # test config before reload

# Pi-hole (admin UI now on :8081)
cd ~/docker-pi-hole && docker compose up -d   # start
cd ~/docker-pi-hole && docker compose down    # stop
docker exec pihole pihole version             # version check

# Samba
sudo systemctl restart smbd nmbd

# NFS
sudo systemctl restart nfs-server

# Squid
sudo systemctl restart squid

# Gitea
sudo systemctl restart gitea
Reference in New Issue View Git Blame Copy Permalink