feat: Add monitoring services

2025-11-15 21:05:38 +02:00
parent bb50bd75af
commit 7ad966014e
2 changed files with 95 additions and 14 deletions
--- a/README.md
+++ b/README.md
@@ -1,11 +1,17 @@
-# Homelab Setup (Vaultwarden + 2FAuth + Caddy + DuckDNS)
+# Homelab Setup

 This repository contains the configuration for my personal homelab stack, including:

- **Vaultwarden** – self-hosted password manager (Bitwarden-compatible)
- **2FAuth** – self-hosted two-factor authentication manager
- **Caddy** – reverse proxy with automatic HTTPS via DuckDNS (DNS-01)
- **DuckDNS Updater** – updates my dynamic IP address automatically
+| Service | Description | Access URL |
+|---------|-------------|------------|
+| **Vaultwarden** | Self-hosted password manager (Bitwarden-compatible) | `https://vault.example.com` |
+| **2FAuth** | Self-hosted two-factor authentication manager | `https://auth.example.com` |
+| **Caddy** | Reverse proxy with automatic HTTPS via DuckDNS (DNS-01) | *No direct UI* |
+| **Portainer** | Makes Docker life 100x easier (visual container manager) | `https://<SERVER_IP>:9443` |
+| **Uptime Kuma** | Monitors homelab/domain uptime | `http://<SERVER_IP>:3001` |
+| **Dozzle** | Displays logs super easily (real-time Docker logs) | `http://<SERVER_IP>:9999` |
+| **Netdata** | Beautiful system and container monitoring | `http://<SERVER_IP>:19999` |
+| **DuckDNS Updater** | Updates current dynamic IP address automatically | Runs from `./duckdns/duck.sh` |

 The setup is built with Docker Compose and is designed to be simple, secure, and easy to maintain.

@@ -18,7 +24,7 @@ The setup is built with Docker Compose and is designed to be simple, secure, and
 │   └── duck.sh         # DuckDNS update script (runs via cron)
 └── homelab
    ├── Caddyfile       # Reverse proxy configuration for Caddy
-    └── compose.yml     # Docker Compose stack for Vaultwarden + 2FAuth + Caddy
+    └── compose.yml     # Docker Compose stack for all services
 ```

 ## Secrets and Environment Variables
@@ -71,6 +77,15 @@ The **homelab/** folder contains:

 ```bash
 cd homelab
+mkdir -p services/vaultwarden \
+         services/2fauth \
+         services/uptimekuma \
+         services/portainer \
+         services/caddy/config \
+         services/caddy/data \
+         services/netdata/config \
+         services/netdata/lib \
+         services/netdata/cache
 docker compose up -d
 ```

@@ -108,18 +123,16 @@ sudo systemctl enable docker
 Run:

 ```bash
-sudo chown -R 1000:1000 homelab/vaultwarden
-sudo chmod -R 755 homelab/vaultwarden
-
-sudo chown -R 1000:1000 homelab/2fauth
-sudo chmod -R 755 homelab/2fauth
+cd homelab
+sudo chown -R 1000:1000 services
+sudo chmod -R 755 services
 ```

 Then restart the containers:

 ```bash
 cd homelab
-docker compose restart vaultwarden 2fauth
+docker compose restart vaultwarden 2fauth portainer dozzle uptime-kuma netdata
 ```

 ## Updating
--- a/homelab/compose.yml
+++ b/homelab/compose.yml
@@ -1,19 +1,25 @@
 services:
+  # ==========================
+  # Vaultwarden (Password manager)
+  # ==========================
  vaultwarden:
    image: vaultwarden/server:latest
    container_name: vaultwarden
    restart: always
    volumes:
-      - ./vaultwarden:/data
+      - ./services/vaultwarden:/data
    environment:
      DOMAIN: "https://vault.example.com" # Change to yours

+  # ==========================
+  # 2FAuth (2FA manager)
+  # ==========================
  2fauth:
    image: 2fauth/2fauth:latest
    container_name: 2fauth
    restart: always
    volumes:
-      - ./2fauth:/data
+      - ./services/2fauth:/data
    environment:
      - APP_NAME=2FAuth
      - APP_ENV=production
@@ -29,6 +35,9 @@ services:
    networks:
      - default

+  # ==========================
+  # Caddy (Reverse proxy)
+  # ==========================
  caddy:
    image: caddy:2
    container_name: caddy
@@ -50,6 +59,65 @@ services:
      DUCKDNS_TOKEN: "TOKEN" # Change to yours
      LOG_FILE: "/data/access.log"

+  # ==========================
+  # Portainer (Docker manager)
+  # ==========================
+  portainer:
+    image: portainer/portainer-ce:latest
+    container_name: portainer
+    restart: always
+    ports:
+      - 9443:9443
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - ./services/portainer:/data
+
+  # ==========================
+  # Uptime Kuma (uptime monitor)
+  # ==========================
+  uptimekuma:
+    image: louislam/uptime-kuma:latest
+    container_name: uptime-kuma
+    restart: always
+    ports:
+      - 3001:3001
+    volumes:
+      - ./services/uptimekuma:/app/data
+
+  # ==========================
+  # Dozzle (live logs viewer)
+  # ==========================
+  dozzle:
+    image: amir20/dozzle:latest
+    container_name: dozzle
+    restart: always
+    ports:
+      - 9999:8080
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+
+  # ==========================
+  # Netdata (system monitoring)
+  # ==========================
+  netdata:
+    image: netdata/netdata:latest
+    container_name: netdata
+    restart: always
+    ports:
+      - 19999:19999
+    cap_add:
+      - SYS_PTRACE
+    security_opt:
+      - apparmor:unconfined
+    volumes:
+      - ./services/netdata/config:/etc/netdata
+      - ./services/netdata/lib:/var/lib/netdata
+      - ./services/netdata/cache:/var/cache/netdata
+      - /var/run/docker.sock:/var/run/docker.sock
+      - /proc:/host/proc:ro
+      - /sys:/host/sys:ro
+
 networks:
  default:
    driver: bridge
+