commit 77d0366f80eb53b58628f129204c22b6a53e5c9e Author: mo Date: Sun May 10 02:24:36 2026 +0200 Reorganised: pure infrastructure configs - Docker compose, nginx, deploy scripts diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..0b35aa4 --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +# Infra configs +.DS_Store +Thumbs.db +*.bak diff --git a/README.md b/README.md new file mode 100644 index 0000000..0e96699 --- /dev/null +++ b/README.md @@ -0,0 +1,16 @@ +# Homelab Infrastructure Configuration + +Docker compose, nginx, deploy scripts voor Synology NAS (192.168.1.211). + +## Repos +| Service | Repo | +| HA Voice Control MCP | [ha-voice-control-mcp](http://192.168.1.211:3000/mo/ha-voice-control-mcp) | + +## Structuur +``` +docker/ + gitea/ # Gitea self-hosted Git + ha-voice-control/ # HA Voice Control (apart repo) +nginx/ # Reverse proxy configs +scripts/ # Deploy en setup scripts +``` diff --git a/docker/gitea/docker-compose.yml b/docker/gitea/docker-compose.yml new file mode 100644 index 0000000..227a145 --- /dev/null +++ b/docker/gitea/docker-compose.yml @@ -0,0 +1,35 @@ +# docker-compose.yml — Gitea self-hosted Git op Synology NAS +# Plaats op NAS: /volume1/docker/gitea/ +# +# Bouwen & starten: docker-compose up -d +# Web UI: http://192.168.1.211:3000 +# Git SSH clone: git clone ssh://git@192.168.1.211:2222/gebruiker/repo.git + +services: + gitea: + image: gitea/gitea:latest + container_name: gitea + restart: unless-stopped + + network_mode: host + + environment: + - USER_UID=1026 + - USER_GID=100 + - TZ=Europe/Brussels + # SSH op alternatieve poort (2222) — NAS gebruikt poort 22 + - GITEA__server__SSH_PORT=2222 + - GITEA__server__SSH_LISTEN_PORT=2222 + - GITEA__server__DOMAIN=192.168.1.211 + - GITEA__server__ROOT_URL=http://192.168.1.211:3000 + - GITEA__server__HTTP_PORT=3000 + - GITEA__server__DISABLE_SSH=false + - GITEA__server__START_SSH_SERVER=true + + volumes: + - gitea-data:/data + - gitea-config:/etc/gitea + +volumes: + gitea-data: + gitea-config: diff --git a/docker/ha-voice-control/README.md b/docker/ha-voice-control/README.md new file mode 100644 index 0000000..7f3095f --- /dev/null +++ b/docker/ha-voice-control/README.md @@ -0,0 +1,2 @@ +# HA Voice Control - zie aparte repo +# http://192.168.1.211:3000/mo/ha-voice-control-mcp diff --git a/nginx/ha.el-kadi.nl.conf b/nginx/ha.el-kadi.nl.conf new file mode 100644 index 0000000..f629c3b --- /dev/null +++ b/nginx/ha.el-kadi.nl.conf @@ -0,0 +1,76 @@ +# Home Assistant — nginx reverse proxy config +# Domein: www.ha.el-kadi.nl → backend op localhost:8765 +# +# Plaats dit bestand in /etc/nginx/sites-available/ en symlink naar sites-enabled/ +# Of in /etc/nginx/conf.d/ (afhankelijk van je nginx setup) +# +# Zorg dat je SSL certificaten klaarliggen (bijv. via Let's Encrypt / certbot). + +server { + listen 80; + server_name www.ha.el-kadi.nl ha.el-kadi.nl; + + # Redirect alle HTTP naar HTTPS + return 301 https://$host$request_uri; +} + +server { + listen 443 ssl http2; + server_name www.ha.el-kadi.nl ha.el-kadi.nl; + + # ── SSL certificaten ───────────────────────────────────────────────── + # Vervang deze paden met jouw certificaat-locatie + ssl_certificate /etc/letsencrypt/live/ha.el-kadi.nl/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/ha.el-kadi.nl/privkey.pem; + + # ── SSL beveiliging ────────────────────────────────────────────────── + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384; + ssl_prefer_server_ciphers off; + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 1d; + + # ── security headers ───────────────────────────────────────────────── + add_header Strict-Transport-Security "max-age=63072000" always; + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-Content-Type-Options "nosniff" always; + + # ── logging ────────────────────────────────────────────────────────── + access_log /var/log/nginx/ha-voice-access.log; + error_log /var/log/nginx/ha-voice-error.log; + + # ── proxy naar de FastAPI web server ───────────────────────────────── + location / { + proxy_pass http://127.0.0.1:8765; + proxy_http_version 1.1; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + # WebSocket ondersteuning (voor toekomstige live updates) + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + + # Timeouts voor lange audio uploads + proxy_read_timeout 120s; + proxy_send_timeout 120s; + client_max_body_size 10M; + } + + # ── API specifiek ──────────────────────────────────────────────────── + location /api/ { + proxy_pass http://127.0.0.1:8765; + proxy_http_version 1.1; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + proxy_read_timeout 120s; + proxy_send_timeout 120s; + client_max_body_size 10M; + } +} diff --git a/scripts/deploy_to_nas.ps1 b/scripts/deploy_to_nas.ps1 new file mode 100644 index 0000000..6033672 --- /dev/null +++ b/scripts/deploy_to_nas.ps1 @@ -0,0 +1,72 @@ +# deploy_to_nas.ps1 — Kopieer project naar Synology NAS en start Docker +# Gebruik: powershell -ExecutionPolicy Bypass -File deploy_to_nas.ps1 + +param( + [string]$NasHost = "192.168.1.211", + [string]$NasUser = "mo", + [string]$NasPath = "/volume1/docker/ha-voice-control" +) + +$ErrorActionPreference = "Stop" +$localDir = Split-Path -Parent $MyInvocation.MyCommand.Path + +Write-Host "=== Deploy HA Voice Control naar Synology NAS ===" -ForegroundColor Cyan +Write-Host "" + +# Bestanden die mee moeten naar de NAS +$files = @( + "Dockerfile", + "docker-compose.yml", + ".dockerignore", + "config.py", + "requirements.txt", + "requirements-neo4j.txt" +) + +$dirs = @( + "src", + "static" +) + +# 1. Maak target directory op NAS +Write-Host "[1/4] Directory aanmaken op NAS..." -ForegroundColor Yellow +ssh "${NasUser}@${NasHost}" "mkdir -p ${NasPath}" + +# 2. Kopieer losse bestanden +Write-Host "[2/4] Bestanden kopieren..." -ForegroundColor Yellow +foreach ($file in $files) { + $src = Join-Path $localDir $file + if (Test-Path $src) { + scp $src "${NasUser}@${NasHost}:${NasPath}/" + Write-Host " OK: $file" -ForegroundColor Green + } else { + Write-Host " SKIP: $file (niet gevonden)" -ForegroundColor Gray + } +} + +# 3. Kopieer mappen +Write-Host "[3/4] Mappen kopieren..." -ForegroundColor Yellow +foreach ($dir in $dirs) { + $src = Join-Path $localDir $dir + if (Test-Path $src) { + scp -r $src "${NasUser}@${NasHost}:${NasPath}/" + Write-Host " OK: $dir/" -ForegroundColor Green + } else { + Write-Host " SKIP: $dir/ (niet gevonden)" -ForegroundColor Gray + } +} + +# 4. Bouwen en starten +Write-Host "[4/4] Docker bouwen en starten..." -ForegroundColor Yellow +Write-Host "" +Write-Host "Nu op de NAS (ssh):" +Write-Host " cd ${NasPath}" +Write-Host " docker-compose up -d --build" +Write-Host "" +Write-Host "Dashboard wordt bereikbaar op: http://192.168.1.211:8765/dashboard" -ForegroundColor Cyan +Write-Host "" + +$sshCmd = Read-Host "Wil je direct verbinden met SSH? (y/n)" +if ($sshCmd -eq "y") { + ssh -t "${NasUser}@${NasHost}" "cd ${NasPath} && docker-compose up -d --build && echo '' && echo 'Dashboard: http://192.168.1.211:8765/dashboard' && docker-compose logs --tail=10" +} diff --git a/scripts/setup_dbeaver.ps1 b/scripts/setup_dbeaver.ps1 new file mode 100644 index 0000000..e3ee4a2 --- /dev/null +++ b/scripts/setup_dbeaver.ps1 @@ -0,0 +1,165 @@ +# PowerShell script — DBeaver Connecties Automatisch Toevoegen +# ============================================================ +# Dit script detecteert DBeaver en voegt PostgreSQL + Neo4j connecties toe. +# +# Gebruik: +# powershell -ExecutionPolicy Bypass -File setup_dbeaver.ps1 + +$ErrorActionPreference = "Stop" + +Write-Host "=== DBeaver Connectie Setup ===" -ForegroundColor Cyan +Write-Host "" + +# 1. Zoek DBeaver installatie +$dbeaverPaths = @( + "$env:APPDATA\DBeaverData", + "$env:LOCALAPPDATA\DBeaver", + "$env:USERPROFILE\AppData\Roaming\DBeaverData", + "$env:USERPROFILE\.dbeaver" +) + +$found = $false +foreach ($path in $dbeaverPaths) { + if (Test-Path $path) { + Write-Host "DBeaver data gevonden op: $path" -ForegroundColor Green + $found = $true + + # Zoek alle workspace directories + $workspaces = Get-ChildItem -Path $path -Directory -Filter "workspace*" -ErrorAction SilentlyContinue + + foreach ($ws in $workspaces) { + $dbeaverDir = Join-Path $ws.FullName "General\.dbeaver" + if (-not (Test-Path $dbeaverDir)) { + New-Item -ItemType Directory -Path $dbeaverDir -Force | Out-Null + } + + $configFile = Join-Path $dbeaverDir "data-sources.json" + + Write-Host " Workspace: $($ws.Name) -> $configFile" -ForegroundColor Gray + + # Lees bestaande config (of maak nieuwe) + $config = $null + if (Test-Path $configFile) { + try { + $config = Get-Content $configFile -Raw | ConvertFrom-Json + Write-Host " Bestaande config gevonden: $(($config.connections.PSObject.Properties | Measure-Object).Count) connecties" -ForegroundColor Gray + } catch { + Write-Host " Waarschuwing: Kon bestaande config niet lezen, maak nieuwe" -ForegroundColor Yellow + } + } + + if (-not $config -or -not $config.connections) { + $config = [PSCustomObject]@{ + folders = @{} + connections = @{} + } + } + + # Voeg PostgreSQL connectie toe (als die nog niet bestaat) + $pgConnId = "postgresql-homelab-dashboard" + if (-not $config.connections.$pgConnId) { + $config.connections | Add-Member -MemberType NoteProperty -Name $pgConnId -Value ([PSCustomObject]@{ + provider = "postgresql" + driver = "postgresql-jdbc" + name = "Homelab PostgreSQL (Dashboard)" + host = "192.168.1.211" + port = "5433" + database = "homelab" + user = "mo" + password = "WaQTUw2t" + savePassword = $true + configurationType = "MANUAL" + showSystemObjects = $false + properties = @{ + connectTimeout = "20" + loginTimeout = "20" + } + }) + Write-Host " + PostgreSQL connectie toegevoegd" -ForegroundColor Green + } else { + Write-Host " PostgreSQL connectie bestaat al" -ForegroundColor Gray + } + + # Voeg Neo4j connectie toe + $neoConnId = "neo4j-homelab-network" + if (-not $config.connections.$neoConnId) { + $config.connections | Add-Member -MemberType NoteProperty -Name $neoConnId -Value ([PSCustomObject]@{ + provider = "neo4j" + driver = "neo4j-jdbc" + name = "Homelab Neo4j (Netwerk)" + host = "192.168.1.211" + port = "49153" + url = "neo4j://192.168.1.211:49153" + user = "neo4j" + password = "WaQTUw2t" + savePassword = $true + configurationType = "MANUAL" + }) + Write-Host " + Neo4j connectie toegevoegd" -ForegroundColor Green + } else { + Write-Host " Neo4j connectie bestaat al" -ForegroundColor Gray + } + + # Schrijf config terug + $config | ConvertTo-Json -Depth 5 | Set-Content $configFile -Encoding UTF8 + Write-Host " Config opgeslagen!" -ForegroundColor Green + } + break + } +} + +if (-not $found) { + Write-Host "DBeaver NIET gevonden op dit systeem!" -ForegroundColor Yellow + Write-Host "" + Write-Host "Handmatig DBeaver connecties toevoegen:" -ForegroundColor White + Write-Host "" + Write-Host "1. Open DBeaver" + Write-Host "2. Database → New Database Connection" + Write-Host "" + Write-Host "PostgreSQL:" + Write-Host " Host: 192.168.1.211 Port: 5433" + Write-Host " Database: homelab User: mo" + Write-Host "" + Write-Host "Neo4j:" + Write-Host " URI: neo4j://192.168.1.211:49153" + Write-Host " User: neo4j" + Write-Host "" + + # Maak een import-bestand voor later gebruik + $importConfig = @" +{ + "folders": {}, + "connections": { + "postgresql-homelab": { + "provider": "postgresql", + "driver": "postgresql-jdbc", + "name": "Homelab PostgreSQL", + "host": "192.168.1.211", + "port": "5433", + "database": "homelab", + "user": "mo", + "savePassword": true, + "configurationType": "MANUAL" + }, + "neo4j-homelab": { + "provider": "neo4j", + "driver": "neo4j-jdbc", + "name": "Homelab Neo4j", + "url": "neo4j://192.168.1.211:49153", + "user": "neo4j", + "savePassword": true, + "configurationType": "MANUAL" + } + } +} +"@ + $importFile = Join-Path $PSScriptRoot "dbeaver-connections-import.json" + $importConfig | Set-Content $importFile -Encoding UTF8 + Write-Host "Import-bestand gemaakt: $importFile" -ForegroundColor Green + Write-Host "" + Write-Host "In DBeaver: File → Import → DBeaver → Connections" + Write-Host "Selecteer: $importFile" +} + +Write-Host "" +Write-Host "Let op: herstart DBeaver om de connecties te zien!" -ForegroundColor Cyan