# NAxS Homelab
## Prerequisites
0. Make sure that your user is part of the docker group
  - `cat /etc/group | grep docker` - if the entry looks like `docker:x:<Group ID>:<username>`, you're good to go
  - Otherwise please run `sudo usermod -aG docker <username>`, followed by logging out & in again for these changes to take into effect

1. Create a default network called homelab
```
docker network create homelab
```
2. Set up 1Password for access to secrets
  - Install `pass` & `gpg`
  - Generate key with `gpg --full-generate-key`
    - stick to defaults
    - as password, use `GPG cert password` stored inside the `NAxS Homelab` vault in 1Password
  - Initialize password storage with `pass init "GPG key ID"`
    - You can check out the ID by using `gpg --list-secret-keys --keyid-format LONG` - you should see a line with `sec`, containing the following information `<encryption technology>/ID`
  - Store the 1Password service account token in `pass` as `op-sa_token` by executing `pass insert op-sa_token`
  - Make sure your .zshrc file loads the token into the `OP_SERVICE_ACCOUNT_TOKEN` (this is needed by the 1Password CLI for authentication purposes when loading the secrets) environment variable by executing `export OP_SERVICE_ACCOUNT_TOKEN="$(pass op-sa_token)"`

// TODO: Create template script
Template script which helps with setting up new applications (asks for potential secrets needs, adds default network to compose file, creates new users/groups to run containers rootless)