Welcome to my self-hosted lab β a playground for learning, automation, media streaming, and security testing. This setup runs on Raspberry Pi, Proxmox, and external storage, tied together with Docker, Portainer, and Cloudflare Tunnels.
- π Authenticated access via GitHub OAuth + NGINX
- π©οΈ Reverse proxy + automatic HTTPS
- π‘ Monitored by alerting stack with notifications
- π₯ Streaming, π reading, π syncing β all automated
- π§ Integrated with a private dashboard + VS Code in browser
Core services that make everything else possible.
image: jc21/nginx-proxy-manager:latest
ports:
- '80:80'
- '81:81'
- '443:443'image: lscr.io/linuxserver/nextcloud:latest
volumes:
- /mnt/.docker/nginx/nextcloud/appdata:/config
- /mnt/.docker/nginx/nextcloud/data:/dataimage: lscr.io/linuxserver/homeassistant:latest
volumes:
- /mnt/.docker/nginx/hass/config:/config
image: quay.io/oauth2-proxy/oauth2-proxy:v7.6.0
ports:
- "4180:4180"
# Note: Secrets have been redactedimage: lscr.io/linuxserver/code-server:latest
volumes:
- /mnt/.docker/code-server/config:/configimage: ghcr.io/anthonygress/lab-dash:latest
volumes:
- /var/run/docker.sock:/var/run/docker.sockimage: frooodle/s-pdf:latest
volumes:
- /mnt/.docker/pdf/stirling-data:/usr/share/tessdataimage: eigenfocus/eigenfocus:1.2.0-freeAutomated content pipeline β books, movies, and torrents.
image: lscr.io/linuxserver/qbittorrent:latest
volumes:
- /mnt/nfs-media/downloads:/downloadsimage: lscr.io/linuxserver/readarr:develop
volumes:
- /mnt/nfs-media/books:/books
- /mnt/nfs-media/downloads:/downloads
image: linuxserver/calibre-web
volumes:
- /mnt/nfs-media/books:/booksimage: lscr.io/linuxserver/radarr:latest
volumes:
- /mnt/nfs-media/movies:/movies
- /mnt/nfs-media/downloads:/downloads
image: jellyfin/jellyfin:latest
volumes:
- /mnt/nfs-media/movies:/media/moviesimage: lscr.io/linuxserver/bazarr:latest
volumes:
- /mnt/nfs-media/movies:/movies
- /mnt/nfs-media/tv:/tvimage: lscr.io/linuxserver/jackett:latest
volumes:
- /mnt/nfs-media/jackett/config:/config
- /mnt/nfs-media/downloads:/downloadsKnow when anything goes down. Instantly.
image: gotify/server
volumes:
- /mnt/.docker/gotify-data:/app/data
```yaml
image: ghcr.io/androidseb25/igotify-notification-assist:latest
# Note: Secrets have been redactedimage: louislam/uptime-kuma:latest
volumes:
- /mnt/.docker/uptime-kuma:/app/dataimage: prom/alertmanager
volumes:
- /mnt/.docker/alertmanager:/etc/alertmanagerAll services share the same secure network:
networks:
shared-net:
external: trueGitHub OAuth secrets and notification tokens have been redacted
Services like OAuth2 Proxy, Gotify, and iGotify require proper environment setup for secure production use
Before running your Docker Compose stacks, make sure all the necessary host directories exist. Use this script to automate creating them.
Save the script below as create-docker-volumes.sh
Make it executable
chmod +x create-docker-volumes.shRun the script
./create-docker-volumes.sh#!/bin/bash
set -e
# Create all necessary volume directories for the home lab
mkdir -p "/mnt/.docker/alertmanager"
mkdir -p "/mnt/.docker/bazarr/config"
mkdir -p "/mnt/.docker/calibre-web/config"
mkdir -p "/mnt/.docker/code-server/config"
mkdir -p "/mnt/.docker/eigenfocus/app-data"
mkdir -p "/mnt/.docker/gotify-data"
mkdir -p "/mnt/.docker/gotify-data/api-data"
mkdir -p "/mnt/.docker/homepage/config"
mkdir -p "/mnt/.docker/jellyfin/config"
mkdir -p "/mnt/.docker/lab-dash/config"
mkdir -p "/mnt/.docker/lab-dash/uploads"
mkdir -p "/mnt/.docker/nginx/data"
mkdir -p "/mnt/.docker/nginx/letsencrypt"
mkdir -p "/mnt/.docker/nginx/hass/config"
mkdir -p "/mnt/.docker/nginx/nextcloud/appdata"
mkdir -p "/mnt/.docker/nginx/nextcloud/data"
mkdir -p "/mnt/.docker/nginx-stack"
mkdir -p "/mnt/.docker/pdf/configs"
mkdir -p "/mnt/.docker/pdf/stirling-data"
mkdir -p "/mnt/.docker/qbittorrent/config"
mkdir -p "/mnt/.docker/radarr/config"
mkdir -p "/mnt/.docker/readarr/config"
mkdir -p "/mnt/.docker/uptime-kuma"
mkdir -p "/mnt/nfs-media/books"
mkdir -p "/mnt/nfs-media/downloads"
mkdir -p "/mnt/nfs-media/jackett/config"
mkdir -p "/mnt/nfs-media/movies"
mkdir -p "/mnt/nfs-media/tv"-
𧱠Infrastructure stack
-
ποΈ Media stack
-
π Monitoring stack
-
Avoids permission issues at runtime
-
Keeps host filesystem organized under /mnt/.docker/ and /mnt/nfs-media/
You can modify the paths if your setup uses different mount points or external drives.
This repository contains all the stack definitions and tools for spinning up your self-hosted home lab.
.
βββ README.md # π Youβre reading it!
βββ create-docker-volumes.sh # π Directory setup script
βββ infrastructure-stack/ # 𧱠Core infrastructure services
β βββ Dockerfile
βββ media-stack/ # ποΈ Media automation and streaming
β βββ Dockerfile
βββ monitoring-stack/ # π Notifications and uptime tracking
β βββ Dockerfile
β
Docker + Docker Compose installed
β
/mnt/.docker/ and /mnt/nfs-media/ available on host
β
Optional: NFS share or external storage mounted
β
(Recommended) Reverse proxy and DNS management via NGINX Proxy Manager + Cloudflare
git clone https://github.com/muhammedabdelkader/home-lab.git
cd home-labchmod +x create-docker-volumes.sh
./create-docker-volumes.shAdd secrets like GitHub OAuth or Gotify tokens in a secure .env file or use secrets manager.
You can use docker compose or Portainer for each stack:
cd infrastructure-stack
docker compose up -d
cd ../media-stack
docker compose up -d
cd ../monitoring-stack
docker compose up -d| Stack | Service | Access URL Example |
|---|---|---|
| Infrastructure | NGINX Proxy Manager | https://proxy.yourdomain.com |
| Media | Jellyfin | https://media.yourdomain.com |
| Monitoring | Uptime Kuma | https://status.yourdomain.com |
This home lab project is not only a passion but a learning platform. It helps me:
-
Practice infrastructure automation
-
Self-host powerful alternatives to SaaS tools
-
Monitor uptime and notifications
-
Stay sharp for bug bounty and security testing
Have suggestions, issues, or ideas? Feel free to open an issue or submit a pull request!