Skip to content

Tools

NixOS : A beautiful declarative OS

I am using NixOS on all of my machines (my laptop and my server). That allows me multiple things :

  • A reproducible architecture : If I wipe my system I can recreate it perfectly using my config, and no package will stop working because of undeclared dependency

  • My environnement everywhere : My config is set up so that all my cli tools are installed on the 2 machines (with the same config), so I find myself at home wherever I am. However while the 2 have a common config, they also each have their separate config, for example only my laptop has a graphic environment, and only the server has the proxy config.

  • A declarative system : I make a lot of mess when I debug an issue and I tend to touch a lot of stuff to ty to fix my problem, so some obscure config could turn against me month later. But when your system is completely declared in one place, and that config represent exaclty the state of my computer, everything is easier to clean.

Docker : A container System

to document

nginx : A reverse Proxy

to document

Cloudflare : My domain (penwing.org) and Some Tunnels

to document

services:
  cloudflared:
    image: cloudflare/cloudflared
    container_name: cloudflare-tunnel
    restart: unless-stopped
    command: tunnel run
    environment:
      - TUNNEL_TOKEN=your-token

Portainer : A dashboard ⌨

local network only x)

Being as new to docker container as I was (and still am), I wanted a pretty dashboard to motinor and tinker with the containers I run on the server. I chose portainer for its beginner-friendliness, and it never failed me (yet).

services:
  portainer:
    image: portainer/portainer-ce:latest
    ports:
      - 9000:9000
    volumes:
      - ./data:/data
      - /var/run/docker.sock:/var/run/docker.sock
    restart: unless-stopped

MkDocs : This website

www.penwing.org

to document

SearXNG : A search engine 🔍

search.penwing.org

I am not a big corporate fan (as a linux user, surprising), so I was unhappy about relying on google for my searchs. Not because of its hunger for data but merely because I want to search for informations and not accept whatever google says the best result is. SearXNG is a self-hostable meta search engine (a bit of a mouthful). What it means in practice is that it will sort results according to multiple sources instead of just one (and you can choose the sources !)

services:
  searxng:
    image: searxng/searxng
    container_name: searxng
    restart: unless-stopped
    ports:
      - "32768:8080"
    volumes:
      - ./settings:/etc/searxng:rw
    environment:
      - BASE_URL=https://search.penwing.org/
      - INSTANCE_NAME=penwing

Forgejo : Some git versioning 🗃

git.penwing.org

I am a big fan of github, with its only downside being microsoft. Not because I don't like this company particularly, but because I do not like to depend on a big company to host my git repos. So I looked and found gitea (since gitlab is too heavy for my needs). It seemed promising until I found forgejo which is a gitea fork that recently separated. I liked the features and the philosophy more, so that was what I set up.

For the ssh connection it was a bit tricky : - git.penwing.org goes through a cloudflare tunnel (http protocol) - ssh.penwing.org goes to my router and is redirected to the docker container

I had to have separate adresses since ssh cannot go through a cloudflare tunnel.


networks:
  forgejo:
    external: false

services:
  server:
    image: codeberg.org/forgejo/forgejo:7
    container_name: forgejo
    environment:
      - USER_UID=1000
      - USER_GID=1000
      - FORGEJO__database__DB_TYPE=mysql
      - FORGEJO__database__HOST=db:3306
      - FORGEJO__database__NAME=forgejo
      - FORGEJO__database__USER=forgejo
      - FORGEJO__database__PASSWD=forgejo
    restart: always
    networks:
      - forgejo
    volumes:
      - ./forgejo:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    ports:
      - "3000:3000"
      - "4023:22"
    depends_on:
      - db

  db:
    image: mysql:8
    restart: always
    environment:
      - MYSQL_ROOT_PASSWORD=forgejo
      - MYSQL_USER=forgejo
      - MYSQL_PASSWORD=forgejo
      - MYSQL_DATABASE=forgejo
    networks:
      - forgejo
    volumes:
      - ./mysql:/var/lib/mysql

Jellyfin : My movies 🎬

movie.penwing.org

As a huge movie watcher, which I collect very legally, I had to make myself a collection. But why not share it with my friends ? So I use my server to host a Jellyfin instance

services:
  jellyfin:
    image: jellyfin/jellyfin
    container_name: jelly_compose
    environment:
      - VIRTUAL_HOST=movie.penwing.org
    ports:
      - "8096:8096"
    volumes:
      - jellyfin-config:/config
      - jellyfin-cache:/cache
      - /media/storage:/media
    restart: unless-stopped

volumes:
  jellyfin-config:
  jellyfin-cache:

Stirling : A pdf "edition" tool

pdf.penwing.org

Disclaimer : a pdf is compiled so it cannot be edited per say, only scanned, and recompiled

You may know the pdf editor I love PDF, the service I host (Stirling) is roughly the same, but with a bit more capabilities. For example you can chain together different modifications like :

scan to pdf - merge pdf - page number - compress - lock

Also I did not like to upload scan of sensitive documents to a random website.

services:
  stirling-pdf:
    image: frooodle/s-pdf:latest
    restart: unless-stopped
    ports:
      - '1280:8080'
    volumes:
      - ./trainingData:/usr/share/tessdata
      - ./extraConfigs:/configs
      - ./logs:/logs/
    environment:
      - DOCKER_ENABLE_SECURITY=false
      - INSTALL_BOOK_AND_ADVANCED_HTML_OPS=false
      - LANGS=en_GB

h5ai : Remote access of my storage

storage.penwing.org

to document