mucas-central/homelab/applications/README.md

NAxS Homelab

Prerequisites

0. Make sure that your user is part of the docker group

• cat /etc/group | grep docker - if the entry looks like docker:x:<Group ID>:<username>, you're good to go
• Otherwise please run sudo usermod -aG docker <username>, followed by logging out & in again for these changes to take into effect

1. Create a default network called homelab

docker network create homelab

2. Set up 1Password for access to secrets

• Install pass & gpg
• Generate key with gpg --full-generate-key
  • stick to defaults
  • as password, use GPG cert password stored inside the NAxS Homelab vault in 1Password
• Initialize password storage with pass init "GPG key ID"
  • You can check out the ID by using gpg --list-secret-keys --keyid-format LONG - you should see a line with sec, containing the following information <encryption technology>/ID
• Store the 1Password service account token in pass as op-sa_token by executing pass insert op-sa_token
• Make sure your .zshrc file loads the token into the OP_SERVICE_ACCOUNT_TOKEN (this is needed by the 1Password CLI for authentication purposes when loading the secrets) environment variable by executing export OP_SERVICE_ACCOUNT_TOKEN="$(pass op-sa_token)"

// TODO: Create template script Template script which helps with setting up new applications (asks for potential secrets needs, adds default network to compose file, creates new users/groups to run containers rootless)