Add portfolio

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>

content/posts/ultimate-home-server-part-3/index.md

@@ -27,7 +27,7 @@ By default, most routers use [DHCP](https://en.wikipedia.org/wiki/Dynamic_Host_C
 
 First, we need to find our server's MAC address. Open a terminal and run `ifconfig -a`. The network interface we care about should have a line starting with `ether`, `HWaddr`, or `lladdr`. If you have multiple network interfaces (both Ethernet and WiFI for example), you can run `ip route | grep default` to see which one you are using.
 
-Then, open a browser and go to your router's settings by typing the address of its default gateway (the same address that you get when running `ip route | grep default`). You should have a section named *DHCP*, *Static leases* or something similar. There, you are going to add a new entry, set its IP to whatever you like (in my case `192.168.1.254`) and fill in the above MAC address.
+Then, open a browser and go to your router's settings by typing the address of its default gateway (the same address that you get when running `ip route | grep default`). You should have a section named _DHCP_, _Static leases_ or something similar. There, you are going to add a new entry, set its IP to whatever you like (in my case `192.168.1.254`) and fill in the above MAC address.
 
 You might need to restart your server and/or router, but if everything went well, you should now be able to see the line `inet 192.168.1.254` next to the network interface when running `ifconfig -a`.
 
@@ -66,32 +66,32 @@ You first need to create a Cloudflare API key:
 2. Click Create Token
 3. Provide the token with a name, for example, `cloudflare-ddns`
 4. Grant the following permissions:
-    - Zone - Zone Settings - Read
-    - Zone - Zone - Read
-    - Zone - DNS - Edit
+   - Zone - Zone Settings - Read
+   - Zone - Zone - Read
+   - Zone - DNS - Edit
 5. Set the zone resources to:
-    - Include - All zones
+   - Include - All zones
 6. Complete the wizard and copy the generated token into the `API_KEY` variable for the container. Make sure to note this down somewhere since you won't be able to access it afterwards.
 
-After getting your API key, go to your Portainer instance, open the *stacks* tab, and add a new stack named `routing`. In the `docker-compose` field paste the following and customize to match your API key and domain:
+After getting your API key, go to your Portainer instance, open the _stacks_ tab, and add a new stack named `routing`. In the `docker-compose` field paste the following and customize to match your API key and domain:
 
 ```yaml
-version: '3.9'
+version: "3.9"
 
 services:
-    cloudflare_ddns:
-        image: oznu/cloudflare-ddns
-        container_name: cloudflare_ddns
-        restart: unless-stopped
-        environment:
-            - API_KEY=[your-api-key]
-            - ZONE=example.com
-            - SUBDOMAIN=ddns
-            - PROXIED=false
-        network_mode: bridge
+  cloudflare_ddns:
+    image: oznu/cloudflare-ddns
+    container_name: cloudflare_ddns
+    restart: unless-stopped
+    environment:
+      - API_KEY=[your-api-key]
+      - ZONE=example.com
+      - SUBDOMAIN=ddns
+      - PROXIED=false
+    network_mode: bridge
 ```
 
-Click *deploy the stack* and you should notice that a new A record has appeared on the DNS tab of your Cloudflare dashboard.
+Click _deploy the stack_ and you should notice that a new A record has appeared on the DNS tab of your Cloudflare dashboard.
 
 I have also added a couple of CNAME records pointing to the original A record specifically for SSH and VPN services: `ssh.example.com` and `vpn.example.com`.
 
@@ -118,28 +118,28 @@ $ docker run -v /mnt/storage/configs/openvpn:/etc/openvpn --rm -e PUID=1000 -e P
 After running these commands, go to Potainer and deploy a new `vpn` stack:
 
 ```yaml
-version: '3.9'
+version: "3.9"
 
 services:
-    vpn:
-        image: kylemanna/openvpn
-        container_name: openvpn
-        restart: unless-stopped
-        volumes:
-            - '/mnt/storage/configs/openvpn:/etc/openvpn'
-        environment:
-            - PUID=1000
-            - PGID=1000
-        ports:
-            - '1194:1194/udp'
-        networks:
-            - vpn
-        cap_add:
-            - NET_ADMIN
+  vpn:
+    image: kylemanna/openvpn
+    container_name: openvpn
+    restart: unless-stopped
+    volumes:
+      - "/mnt/storage/configs/openvpn:/etc/openvpn"
+    environment:
+      - PUID=1000
+      - PGID=1000
+    ports:
+      - "1194:1194/udp"
+    networks:
+      - vpn
+    cap_add:
+      - NET_ADMIN
 
 networks:
-    vpn:
-        name: vpn
+  vpn:
+    name: vpn
 ```
 
 If everything went well, you should be able to download an OpenVPN client from one of these sources and import your certificate.
@@ -278,45 +278,44 @@ $ docker network create proxy
 Finally, open the `routing` stack you created earlier in Portainer and edit it like so:
 
 ```yaml
-version: '3.9'
+version: "3.9"
 
 services:
-    nginx-proxy-manager:
-        image: jlesage/nginx-proxy-manager
-        container_name: nginx_proxy_manager
-        restart: unless-stopped
-        environment:
-            - USER_ID=1000
-            - GROUP_ID=1000
-            - UMASK=002
-            - TZ=Europe/Athens
-            - DISABLE_IPV6=1
-            - KEEP_APP_RUNNING=1
-        volumes:
-            - '/mnt/storage/configs/routing/nginx:/config'
-            - '/mnt/storage/configs/routing/nginx/nginx.conf:/etc/nginx/nginx.conf'
-            - '/mnt/storage:/static:ro'
-        ports:
-            - '80:8080'
-            - '81:8181'
-            - '443:4443'
-        networks:
-            - proxy
+  nginx-proxy-manager:
+    image: jlesage/nginx-proxy-manager
+    container_name: nginx_proxy_manager
+    restart: unless-stopped
+    environment:
+      - USER_ID=1000
+      - GROUP_ID=1000
+      - UMASK=002
+      - TZ=Europe/Athens
+      - DISABLE_IPV6=1
+      - KEEP_APP_RUNNING=1
+    volumes:
+      - "/mnt/storage/configs/routing/nginx:/config"
+      - "/mnt/storage/configs/routing/nginx/nginx.conf:/etc/nginx/nginx.conf"
+      - "/mnt/storage:/static:ro"
+    ports:
+      - "80:8080"
+      - "81:8181"
+      - "443:4443"
+    networks:
+      - proxy
 
-    whoami:
-        image: containous/whoami
-        container_name: whoami
-        restart: unless-stopped
-        networks:
-            - proxy
+  whoami:
+    image: containous/whoami
+    container_name: whoami
+    restart: unless-stopped
+    networks:
+      - proxy
 
-    cloudflare_ddns:
-        [...]
+  cloudflare_ddns: [...]
 
 networks:
-    proxy:
-        external: true
-        name: proxy
+  proxy:
+    external: true
+    name: proxy
 ```
 
 After deploying the stack, you can open a browser and go to `[your-server-ip]:81` to access NPM's web UI, or `[your-server-ip]:80` to test your installation. However, you still won't be able to actually use the proxy.
@@ -344,31 +343,27 @@ Then, follow the instructions on your terminal and save the `cert.pem` file at `
 Finally, edit the `routing` stack again and add the following:
 
 ```yaml
-version: '3.9'
+version: "3.9"
 
 services:
-    nginx-proxy-manager:
-        [...]
+  nginx-proxy-manager: [...]
 
-    whoami:
-        [...]
+  whoami: [...]
 
-    cloudflare_ddns:
-        [...]
+  cloudflare_ddns: [...]
 
-    cloudflare_argo_tunnel:
-        image: cloudflare/cloudflared
-        container_name: cloudflare_tunnel
-        restart: unless-stopped
-        volumes:
-            - '/mnt/storage/configs/routing/cloudflared:/etc/cloudflared'
-        networks:
-            - proxy
-        command: tunnel --no-autoupdate --origincert /etc/cloudflared/cert.pem --hostname example.com --no-tls-verify --origin-server-name *.example.com --url https://nginx-proxy-manager:4443
-        user: '1000:1000'
+  cloudflare_argo_tunnel:
+    image: cloudflare/cloudflared
+    container_name: cloudflare_tunnel
+    restart: unless-stopped
+    volumes:
+      - "/mnt/storage/configs/routing/cloudflared:/etc/cloudflared"
+    networks:
+      - proxy
+    command: tunnel --no-autoupdate --origincert /etc/cloudflared/cert.pem --hostname example.com --no-tls-verify --origin-server-name *.example.com --url https://nginx-proxy-manager:4443
+    user: "1000:1000"
 
-networks:
-    [...]
+networks: [...]
 ```
 
 After deploying, you should notice a new AAAA record on your Cloudflare dashboard. If you want to use any other subdomain, you simply need to add a CNAME alias pointing to that record.
@@ -379,7 +374,6 @@ To test if everything is working correctly, add a new CNAME alias for `whoami.ex
 
 ![](npm-1.png)
 
-
 ```nginx
   proxy_set_header   Host               $server;
   proxy_set_header   X-Forwarded-Proto  $forward_scheme;
@@ -395,7 +389,7 @@ Wait a couple of minutes for the changes to propagate and you should be able to
 
 The primary reason why SSL is used is to keep sensitive information sent across the Internet encrypted so that only the intended recipient can access it. One of the main selling points of NPM is automatic SSL certificate management.
 
-In order to create a wildcard certificate for all of your subdomains, you can follow [this](https://www.reddit.com/r/unRAID/comments/kniuok/howto_add_a_wildcard_certificate_in_nginx_proxy/) guide by [u/Sunsparc](https://www.reddit.com/user/Sunsparc/) on Reddit. After creating your certificate, you should always select it, as well as turn on *Force SSL* and *HTTP/2 Support* on any proxy host you create.
+In order to create a wildcard certificate for all of your subdomains, you can follow [this](https://www.reddit.com/r/unRAID/comments/kniuok/howto_add_a_wildcard_certificate_in_nginx_proxy/) guide by [u/Sunsparc](https://www.reddit.com/user/Sunsparc/) on Reddit. After creating your certificate, you should always select it, as well as turn on _Force SSL_ and _HTTP/2 Support_ on any proxy host you create.
 
 ## Final Thoughts