Right. So as my server project is more or less finished (only adding more storage and later on backup is in the immediate plans of mine), I am now sharing my whole setup.
Feel free to criticise – I am happy to learn, if there is a better way.

Design overview

This is my file structure on the docker-compose part. As you can see, I currently have 6 different stacks, each has an associated docker-compose file, which I am adjusting, if I implement changes. They are all synced to Git, so I always have a backup of the configuration, should something go south. I guess the naming makes it quite obvious, what are the uses of each stack. Perhaps 4 & 6 deserves some explanation..

[4] This is something that you might call an “application stack”. It contains Guacamole – a client to access the server via SSH from a browser (anywhere really). I consider it mission-critical, as I am often in need to access my server from places – such as my office – where SSH outgoing is not enabled. While – you might guess – accessing websites is a little less restricted 🙂 I originally had this in the “core” part, but since it has it’s own database, I prefer to keep it separate. Also, while logged in, this way I can potentially restart the “core” stack while still logged in GUAC – although reconnecting at that point would not be possible, since the reverse proxy is in the “core”.

[6] STATPING was a container that I spent a lot of time making work – not much of a database-guru myself – so at some point I separated it for better manageability. As I actually see very little use of it, I consider removing this stack entirely.

I keep the mapped volumes of each container – where tis is applicable and where they are not using actual Linux-system files – in a a separate folder. This is currently not backed up, so in case of a server meltdown I would need to recreate all of these using Git, and quite possibly reconfigure the applications. Hopefully soon I will acquire more storage – or go cloud – and will have a backup of this. At that time I plan to add a  Duplicati container to one of my (quite possibly “core”) stack.

Apart from these folders/files, I am also relying on /etc/environment file, as I keep all my environment variables in this. I know I could use an .env file, and I am considering moving to this one. It just would require adding this to each service in each stacks, for which I need to fine some time.

Networking

I like to not over-complicate things.

• there are some system networks
• there are traefik_proxy and bridge networks, which use the 172...* networks. T
• the rest of my networks were created with the assumption I will rarely exceed 254 IP-s (hence the /24 ranges); and for convenience they are around 192.168.1.0/24 which is my home network.

In depth look on the stacks

Core stack

The core stack is my mission critical application collection. These are:

• Traefik – a reverse proxy, so that I can connect to each of my *.mydomain.com addresses (just need to add their subdomain to the CNAME)
• OAuth – so that I can log in with my 2FA (Gmail) using SSL and using all the subdomains
• DDClient – so that in the event of my home ISP decides to change my external IP, my domain (hosted on Google domains) gets updated with it
• Portainer – which I found the best so far for Docker
• Heimdall – a frontend so that all my apps are on one page, accessible
• Cloud Commander – again, specific to my situation, as I sometimes need file access via a browser
• DockerGC – this runs every evening and removes images / volumes not used –> saves my precious space
• Watchtower – probably the best thing since the fallafell 😀 A thingy to check, if there are new images for each services and automatically updates them.
• Dozzle – a new addition, which allows me quick-view of the docker loggs of each container (yes, I know, I can do it from cli, also from Portainer…but this one is quicker)

Mediaplayer stack

This is the purpose of the existence of my whole server.I use this host to manage my multimedia, and the hear of it is Plex. most people are probably familiar with it – if not, I recommend Google-ing, it is a very good media streaming app.
This allows me to access my own personal “Netflix”, from everywhere, and on most Android/Linux/Windows devices.

So the core of the stack is:

• PlexMS – the Plex media server
• PlexSync – sync agent for Plex
• Tautuli – Plex statistics

Additionally there is a plethora of software serving Plex:

• Sonarr – managing my TV shows
• Radarr – managing my movies
• Lidarr – managing my music
• Ombi – tv shows / movies / music management + requests
• Grafana + Varken – analysing my usage of the apps listed so far (not 100% working yet)
• Transmission – for downloads
• Jackett – indexer helper
• Bazarr – subtitle manager

And some independent containers:

• Calibre – my ebook library
• Calibre web – ebook access on the web
• Domoticz – smart home assistant (still in testing)
• HomeAssistant – – another smart home assistant in testing
• HA Dockermon – Home Assistant integration for docker

Also for the time being some useful tools are left here – possibly to be moved to another stack later:

• Firefox – browser container, to accessing things such as PiHole, while away and no access to it directly
• Glances – one page system status view

And the rest

The rest of the stacks:

• As mentioned before, there is Guacamole for remote access
• Statping for overal monitoring
• The Devops stack serves as my learning playground, around infrastructure-as-a-code, etc.
• A Blog stack, where I am currently running a Ghost installation (this blog is currently on hosted WordPress, but I consider moving to self hosting)