Personal NAS infrastructure

Requirements

Note

To create random password you can use command openssl rand -hex 32

Prepare env file. Copy .env.example to .env and change all changeme to secure passwords. Also update VOLUMES_BIND_ROOT variable if you want to store data in specific folder.
Setup domain variables in .env files.

2.1. For local run (dev purposes for example) you can use .local domains Just add them to your hosts file (/etc/hosts for Linux and C:\Windows\System32\drivers\etc for Windows)
```
127.0.0.1     id.traefik.local
127.0.0.1     budget.traefik.local
127.0.0.1     affine.traefik.local
127.0.0.1     immich.traefik.local
```
Also set this vars in .env to disable https on Keycloak. It is required to avoid tls checks with self-signed certificates by other services with OAuth.
```
KC_PROTO=http
KC_HTTP_ENABLED=true
KC_PROXY_TLS_ENABLED=false
```
2.2 For production run with real domain you should add DNS records at first for subdomains and update next vars in .env
```
KC_DOMAIN=id.example.com
ACTUAL_DOMAIN=budget.example.com
AF_DOMAIN=affine.example.com
IMM_DOMAIN=immich.example.com

KC_PROTO=https
KC_HTTP_ENABLED=false
KC_PROXY_TLS_ENABLED=true
```
Run docker compose up -d
Finish setup for actual budget container with next commands sh docker exec -it nas-actual-budget-1 node src/scripts/reset-password.js docker exec -it nas-actual-budget-1 node src/scripts/enable-openid.js
Open keycloak domain and create users
Open Affine domain and finish setup with creation admin account
Open Immich domain and finish setup with creation admin account
Start usage

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
actual-budget		actual-budget
affine		affine
auth		auth
immich		immich
shared		shared
torrserve		torrserve
traefik		traefik
.env.example		.env.example
.gitignore		.gitignore
README.md		README.md
compose.yml		compose.yml