# Dalidou Home Server - Complete Documentation > **Last Updated:** December 18, 2025 > **Server Name:** dalidou > **Owner:** Antoine Letarte --- ## Table of Contents 1. [Server Overview](#server-overview) 2. [Network Configuration](#network-configuration) 3. [User Accounts](#user-accounts) 4. [Installed Services](#installed-services) 5. [Service Details & Configuration](#service-details--configuration) 6. [Docker Infrastructure](#docker-infrastructure) 7. [Directory Structure](#directory-structure) 8. [Backup Strategy](#backup-strategy) 9. [Maintenance Commands](#maintenance-commands) 10. [Disaster Recovery](#disaster-recovery) 11. [Troubleshooting](#troubleshooting) --- ## Server Overview ### Hardware - **Type:** ThinkPad W520 home server running Docker containers - **OS:** Ubuntu Linux - **Location:** Home network ### Storage Drives | Device | Model | Size | Mount Point | Purpose | |--------|-------|------|-------------|---------| | sda | Samsung SSD 850 | 232GB | `/` (root) | Operating system | | sdb | Crucial BX500 SSD | 3.6TB | `/srv/storage` | Service data, Obsidian, shared files | | sdc | WD Elements 14TB | 12.7TiB | `/mnt/hdd` | Immich photos, backups | **Note:** sdc is connected via USB 3.0 (SuperSpeed) ### Purpose Self-hosted infrastructure replacing cloud services: - Google Photos → Immich - Google Drive → Seafile - Dropbox → Syncthing - GitHub → Gitea - Document management → Paperless-ngx --- ## Network Configuration ### IP Addresses | Network | IP Address | Usage | |---------|------------|-------| | WiFi (Primary) | `192.168.86.50` | Main local access | | Wired | `10.0.0.77` | Backup/alternate | | Tailscale VPN | `100.80.199.40` | Remote access from anywhere | ### SSH Access ```bash # Local network ssh papa@192.168.86.50 # Via Tailscale (remote) ssh papa@100.80.199.40 # Using hostname (if DNS configured) ssh papa@dalidou ``` ### Ports in Use | Port | Service | Protocol | |------|---------|----------| | 22 | SSH (host) | TCP | | 80 | Caddy (reverse proxy) | TCP | | 2222 | Gitea SSH | TCP | | 2283 | Immich | TCP | | 3000 | Gitea Web | TCP | | 3001 | Homepage Dashboard | TCP | | 8080 | Home Assistant | TCP | | 8081 | Filebrowser | TCP | | 8082 | Paperless-ngx | TCP | | 8083 | Seafile | TCP | | 8384 | Syncthing Web UI | TCP | | 21027 | Syncthing Discovery | UDP | | 22000 | Syncthing Transfer | TCP/UDP | --- ## User Accounts ### System Users | Username | Password | Role | |----------|----------|------| | papa | Ladygaga | Admin (SSH, sudo) | ### Service Accounts | Service | Username | Password | Email | |---------|----------|----------|-------| | Gitea | Antoine | Ladygaga | antoine.letarte@gmail.com | | Filebrowser | Antoine | Ladygaga2024 | - | | Seafile | antoine.letarte@gmail.com | Ladygaga2025 | antoine.letarte@gmail.com | | Immich | Antoine | (see Bitwarden) | antoine.letarte@gmail.com | | Paperless | Antoine | (see Bitwarden) | - | ### Family Accounts | Name | Password | Notes | |------|----------|-------| | Odile | Adalidou948 | Family member access | --- ## Installed Services ### Quick Access URLs | Service | Local URL | Direct IP URL | |---------|-----------|---------------| | **Homepage** (Dashboard) | http://home.dalidou.home | http://192.168.86.50:3001 | | **Immich** (Photos) | http://photos.dalidou.home | http://192.168.86.50:2283 | | **Filebrowser** | http://files.dalidou.home | http://192.168.86.50:8081 | | **Paperless** (Docs) | http://docs.dalidou.home | http://192.168.86.50:8082 | | **Gitea** (Git) | http://git.dalidou.home | http://192.168.86.50:3000 | | **Syncthing** | http://sync.dalidou.home | http://192.168.86.50:8384 | | **Seafile** (Cloud) | http://cloud.dalidou.home | http://192.168.86.50:8083 | | **Home Assistant** | - | http://192.168.86.50:8080 | ### Remote Access (Tailscale) When away from home, use Tailscale IP: - Immich: http://100.80.199.40:2283 - Seafile: http://100.80.199.40:8083 - Gitea: http://100.80.199.40:3000 - etc. --- ## Service Details & Configuration ### 1. Immich - Photo Management **Purpose:** Google Photos replacement - backup, organize, and share photos **Containers:** - `immich_server` - Main application - `immich_postgres` - Database - `immich_redis` - Cache **Data Location:** `/srv/immich/` **Features:** - Mobile app backup (iOS/Android) - Face recognition - Location mapping - Sharing albums **Mobile App:** "Immich" on App Store / Play Store - Server URL: http://192.168.86.50:2283 (local) or http://100.80.199.40:2283 (remote) --- ### 2. Filebrowser - Web File Manager **Purpose:** Browse and manage server files via web browser **Container:** `filebrowser` **Data Location:** - Config: `/srv/filebrowser/config/` - Database: `/srv/filebrowser/database/` - Serves: `/srv/storage/shared/` **Login:** Antoine / Ladygaga2024 **Use Cases:** - Quick file access without SSH - Share files with family - Upload/download files --- ### 3. Paperless-ngx - Document Management **Purpose:** Scan, OCR, organize, and search documents **Containers:** - `paperless` - Main application - `paperless_postgres` - Database - `paperless_redis` - Cache **Data Location:** `/srv/paperless/` **Features:** - OCR scanning - Full-text search - Tagging and categorization - Correspondent tracking **Workflow:** 1. Scan documents to consume folder 2. Paperless auto-processes and OCRs 3. Search and organize in web UI --- ### 4. Gitea - Git Repository Hosting **Purpose:** Self-hosted GitHub - version control for code and CAD files **Containers:** - `gitea` - Main application - `gitea_postgres` - Database **Data Location:** `/srv/gitea/` **Configuration:** - Web Port: 3000 - SSH Port: 2222 - LFS Enabled: Yes (for large CAD files) - LFS Path: `/data/git/lfs` **Git LFS:** Enabled for large file storage (CAD files, binaries) **Clone via HTTPS:** ```bash git clone http://192.168.86.50:3000/Antoine/CADTOMASTE.git ``` **Clone via SSH:** ```bash git clone ssh://git@192.168.86.50:2222/Antoine/CADTOMASTE.git ``` --- ### 5. Syncthing - File Synchronization **Purpose:** Sync files between devices (like Dropbox but self-hosted) **Container:** `syncthing` **Data Location:** `/srv/syncthing/` **Ports:** - 8384: Web UI - 22000: Sync (TCP/UDP) - 21027: Discovery (UDP) **Use Cases:** - Sync folders between laptop and server - Backup important directories - Share folders with family --- ### 6. Seafile - Cloud Storage **Purpose:** Self-hosted Google Drive / Dropbox alternative **Containers:** - `seafile` - Main application - `seafile-mysql` - Database (MariaDB) - `seafile-memcached` - Cache **Data Location:** `/srv/seafile/` **Configuration:** - Web Port: 8083 - Admin: antoine.letarte@gmail.com / Ladygaga2025 - Timezone: America/Toronto **Clients:** - **SeaDrive (Windows):** Creates virtual drive letter (S:\) - **Mobile App:** "Seafile" on App Store / Play Store **Desktop Client Setup:** 1. Install SeaDrive from https://www.seafile.com/en/download/ 2. Server: http://192.168.86.50:8083 3. Login with your credentials 4. Choose drive letter (e.g., S:\) --- ### 7. Home Assistant - Smart Home **Purpose:** Home automation and smart device control **Container:** `homeassistant` **Access:** http://192.168.86.50:8080 **Additional:** Matter Server (`matter-server`) for Matter/Thread devices --- ### 8. Homepage - Server Dashboard **Purpose:** Centralized dashboard to view and access all server services at a glance **Container:** `homepage` **Image:** `ghcr.io/gethomepage/homepage:latest` **Data Location:** `/srv/homepage/` **Configuration:** - Web Port: 3001 - Theme: Dark (slate color) - Docker integration enabled (monitors container status) **Access:** - Local: http://192.168.86.50:3001 - Wired: http://10.0.0.77:3001 - Tailscale: http://100.80.199.40:3001 **Features:** - Real-time Docker container status monitoring - Quick links to all services (Immich, Paperless, Gitea, Seafile, etc.) - Customizable widgets and bookmarks - Dark theme with clean interface **Configuration Files:** - `services.yaml` - Define services and their icons/links - `settings.yaml` - Theme, layout, and general settings - `widgets.yaml` - System widgets (CPU, memory, etc.) - `bookmarks.yaml` - External bookmarks - `docker.yaml` - Docker socket configuration **Customization:** ```bash # Edit service definitions nano /srv/homepage/services.yaml # Restart to apply changes docker restart homepage ``` --- ## Docker Infrastructure ### View Running Containers ```bash ssh papa@192.168.86.50 "docker ps --format 'table {{.Names}}\t{{.Status}}\t{{.Ports}}'" ``` ### Container Management ```bash # Restart a service docker restart # View logs docker logs docker logs -f # Follow logs # Stop/Start docker stop docker start # Check resource usage docker stats ``` ### Docker Compose Locations | Service | Compose File Location | |---------|----------------------| | Seafile | `/srv/seafile/docker-compose.yml` | | Immich | `/srv/immich/docker-compose.yml` | | Gitea | `/srv/gitea/docker-compose.yml` | | Paperless | `/srv/paperless/docker-compose.yml` | | Homepage | `/home/papa/docker-compose.yml` | ### Restart All Services ```bash cd /srv/ docker compose down docker compose up -d ``` --- ## Directory Structure ### SSD Storage (`/srv/storage` - 3.6TB Crucial SSD) ``` /srv/storage/ ├── docs/ ← Paperless consume folder ├── shared/ ← Filebrowser root ├── repos/ ← Gitea repositories ├── obsidian/ ← Obsidian vault (synced) └── photos/ ← External photos (read-only in Immich) ``` ### HDD Storage (`/mnt/hdd` - 14TB WD Elements) ``` /mnt/hdd/ ├── immich/ ← Primary Immich storage (photos/videos) │ ├── upload/ ← All user uploads (~535GB) │ ├── postgres/ ← Immich database │ ├── model-cache/ ← ML models │ └── redis/ ← Redis cache │ └── backups/ ├── restic-repo/ ← Incremental backups (deduplicated) └── system-images/ ← Weekly full system tarballs ``` ### Service Configuration (`/srv/`) ``` /srv/ ├── filebrowser/ │ ├── config/ │ └── database/ │ ├── gitea/ │ ├── data/ │ │ └── git/ │ │ ├── repositories/ │ │ └── lfs/ │ └── postgres/ │ ├── immich -> /srv/storage/immich ← Symlink │ ├── paperless/ │ ├── consume/ ← Drop documents here │ ├── data/ │ ├── media/ │ └── postgres/ │ ├── seafile/ │ ├── data/ │ │ └── seafile/ │ │ ├── conf/ │ │ └── seafile-data/ │ └── mysql/ │ ├── syncthing/ │ └── config/ │ ├── homepage/ │ ├── services.yaml ← Service definitions │ ├── settings.yaml ← Theme and layout │ ├── widgets.yaml ← Dashboard widgets │ ├── bookmarks.yaml ← External links │ └── docker.yaml ← Docker integration │ ├── pihole/ │ ├── etc-pihole/ │ └── etc-dnsmasq.d/ │ └── storage/ ← Main SSD storage mount ``` --- ## Backup Strategy ### Automated Backup System (Restic + Cron) The server uses a dual backup approach: 1. **Daily incremental backups** at midnight using restic 2. **Weekly full system images** on Sundays at 3 AM ### How Restic Backups Work (Efficiency) Restic uses **deduplication and incremental backups**, making it very efficient: | Aspect | Behavior | |--------|----------| | **First backup** | Full backup (~535GB for Immich, takes 1-2 hours) | | **Daily backups** | Only new/changed data (typically minutes, not hours) | | **Storage** | Deduplicated - identical files stored once | | **CPU/Energy** | Low - only processes changes | **Example:** If you add 20 new photos (100MB) today: - Backup uploads ~100MB (not 535GB) - Takes ~2-5 minutes (not hours) - HDD spins briefly, then sleeps This makes nightly backups energy-efficient and fast after the initial backup. ### Backup Storage | Location | Purpose | Size | |----------|---------|------| | `/mnt/hdd/backups/restic-repo` | Incremental backups (versioned, deduplicated) | ~500GB+ | | `/mnt/hdd/backups/system-images` | Weekly full system tarballs | ~50GB x 4 | | `/mnt/hdd/immich` | Primary Immich photo storage | ~535GB | ### Backup Credentials **Restic Repository Password:** `dalidou-backup-2025` ⚠️ **IMPORTANT:** Store this password securely (e.g., Bitwarden). Without it, backups are irrecoverable! ### What Gets Backed Up Daily | Data | Location | Priority | |------|----------|----------| | Immich photos & DB | `/mnt/hdd/immich` | HIGH | | Obsidian vault | `/srv/storage/obsidian` | HIGH | | Documents | `/srv/storage/docs` | HIGH | | Shared files | `/srv/storage/shared` | MEDIUM | | Gitea repos & DB | `/srv/gitea` | HIGH | | Paperless docs & DB | `/srv/paperless` | HIGH | | Syncthing config | `/srv/syncthing` | LOW | | Homepage config | `/srv/homepage` | LOW | | Pi-hole config | `/srv/pihole` | LOW | | Docker compose | `/home/papa` | MEDIUM | ### Backup Scripts | Script | Schedule | Purpose | |--------|----------|---------| | `/usr/local/bin/backup-daily.sh` | Daily at midnight | Incremental restic backup | | `/usr/local/bin/backup-weekly-image.sh` | Sundays 3 AM | Full system tarball | ### Retention Policy - **Daily backups:** Keep 7 days - **Weekly backups:** Keep 4 weeks - **Monthly backups:** Keep 12 months - **System images:** Keep 4 most recent ### Manual Backup Commands ```bash # Check backup status export RESTIC_REPOSITORY=/mnt/hdd/backups/restic-repo export RESTIC_PASSWORD='dalidou-backup-2025' restic snapshots # Run manual backup /usr/local/bin/backup-daily.sh # Restore a file from backup restic restore latest --target /tmp/restore --include /srv/storage/obsidian # List files in a snapshot restic ls latest # Check backup integrity restic check # View backup logs tail -100 /var/log/backup-daily.log tail -100 /var/log/backup-weekly.log ``` ### Legacy Manual Backup Commands ```bash # Backup Immich tar -czvf immich-backup-$(date +%Y%m%d).tar.gz /srv/immich/ # Backup Paperless tar -czvf paperless-backup-$(date +%Y%m%d).tar.gz /srv/paperless/ # Backup Gitea tar -czvf gitea-backup-$(date +%Y%m%d).tar.gz /srv/gitea/ # Backup Seafile (stop first for consistency) docker compose -f /srv/seafile/docker-compose.yml stop seafile tar -czvf seafile-backup-$(date +%Y%m%d).tar.gz /srv/seafile/ docker compose -f /srv/seafile/docker-compose.yml start seafile ``` --- ## Maintenance Commands ### System Updates ```bash # Update system packages sudo apt update && sudo apt upgrade -y # Update Docker images docker compose pull docker compose up -d ``` ### Check Disk Space ```bash df -h /srv du -sh /srv/* ``` ### View All Container Logs ```bash docker logs --tail 50 ``` ### Restart Docker ```bash sudo systemctl restart docker ``` --- ## Disaster Recovery ### What You Need to Recover 1. **The 14TB WD Elements HDD** (contains all backups and Immich photos) 2. **Any new Linux machine** (Ubuntu 22.04+ recommended) 3. **The restic password:** `dalidou-backup-2025` ### Complete Recovery Steps #### Step 1: Install Fresh Ubuntu Install Ubuntu Server or Desktop on the new machine. #### Step 2: Install Required Software ```bash # Install Docker curl -fsSL https://get.docker.com | sh sudo usermod -aG docker $USER newgrp docker # Install restic sudo apt update && sudo apt install -y restic # Install Tailscale (for remote access) curl -fsSL https://tailscale.com/install.sh | sh ``` #### Step 3: Connect and Mount the 14TB HDD ```bash # Find the drive lsblk # Create mount point and mount (replace sdX with actual device) sudo mkdir -p /mnt/hdd sudo mount /dev/sdX1 /mnt/hdd # Add to fstab for auto-mount (get UUID first) sudo blkid /dev/sdX1 # Add line to /etc/fstab: # UUID= /mnt/hdd ext4 defaults,nofail 0 2 ``` #### Step 4: Restore from Restic Backup ```bash # Set up restic environment export RESTIC_REPOSITORY=/mnt/hdd/backups/restic-repo export RESTIC_PASSWORD='dalidou-backup-2025' # List available backups restic snapshots # Restore everything to root filesystem sudo -E restic restore latest --target / # This restores: # - /mnt/hdd/immich (Immich photos & database) # - /srv/storage/obsidian (Obsidian vault) # - /srv/storage/docs (Documents) # - /srv/gitea (Git repositories) # - /srv/paperless (Paperless documents) # - /srv/homepage, /srv/pihole, /srv/syncthing (configs) # - /home/papa (docker-compose.yml) ``` #### Step 5: Create Required Directories ```bash sudo mkdir -p /srv/storage # Mount SSD if you have one, or create directories ``` #### Step 6: Start All Services ```bash cd /home/papa docker compose up -d # Verify all containers are running docker ps ``` #### Step 7: Configure Tailscale ```bash sudo tailscale up # Follow the link to authenticate ``` #### Step 8: Verify Services - Immich: http://localhost:2283 - Gitea: http://localhost:3000 - Paperless: http://localhost:8082 - Homepage: http://localhost:3001 ### Recovery Time Estimate | Step | Time | |------|------| | Install Ubuntu | 15-30 min | | Install Docker/restic | 5 min | | Mount HDD | 2 min | | Restore from backup | 30-60 min (depends on data size) | | Start services | 5 min | | **Total** | **~1-2 hours** | ### Key Files in Backup | Location | Contents | |----------|----------| | `/mnt/hdd/immich` | All photos, videos, thumbnails, postgres DB | | `/srv/storage/obsidian` | Obsidian vault | | `/srv/gitea` | Git repositories and database | | `/srv/paperless` | Scanned documents and database | | `/home/papa/docker-compose.yml` | All service definitions | ### Alternative: Weekly System Image Recovery If you prefer a full system restore (slower but includes OS configs): ```bash # Mount the HDD sudo mount /dev/sdX1 /mnt/hdd # List available images ls -la /mnt/hdd/backups/system-images/ # Extract to new system sudo tar -xzvf /mnt/hdd/backups/system-images/system-image-YYYYMMDD.tar.gz -C / ``` --- ## Troubleshooting ### Service Not Accessible ```bash # Check if container is running docker ps | grep # Check container logs docker logs # Restart the service docker restart ``` ### Port Already in Use ```bash # Find what's using a port sudo lsof -i : sudo netstat -tlnp | grep ``` ### Container Won't Start ```bash # Check logs for errors docker logs # Check disk space df -h # Check Docker status sudo systemctl status docker ``` ### Database Issues ```bash # Enter postgres container docker exec -it psql -U -d # Check database health docker exec pg_isready ``` ### DNS Resolution Issues If external domains fail to resolve (e.g., `api.anthropic.com`, `google.com`): ```bash # Check current DNS config cat /etc/resolv.conf # Test DNS resolution ping -4 google.com # If using Tailscale MagicDNS and it's failing: # Option 1: Disable Tailscale DNS management tailscale set --accept-dns=false # Option 2: Add fallback DNS to systemd-resolved cat > /etc/systemd/resolved.conf.d/fix-dns.conf << 'EOF' [Resolve] DNS=8.8.8.8 1.1.1.1 FallbackDNS=8.8.4.4 1.0.0.1 EOF systemctl restart systemd-resolved # Switch to systemd-resolved rm /etc/resolv.conf ln -s /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf ``` **Current DNS Configuration (as of Dec 2025):** - Tailscale DNS disabled (`--accept-dns=false`) - Using systemd-resolved with Google (8.8.8.8) and Cloudflare (1.1.1.1) DNS --- ### Reset Service Password **Filebrowser:** ```bash docker stop filebrowser docker run --rm -v /srv/filebrowser/database:/database filebrowser/filebrowser \ users update admin --password newpassword -d /database/filebrowser.db docker start filebrowser ``` **Gitea:** ```bash docker exec -it gitea gitea admin user change-password --username Antoine --password newpassword ``` --- ## Quick Reference Card ### SSH Access ```bash ssh papa@192.168.86.50 # Local ssh papa@100.80.199.40 # Tailscale ``` ### Most Used Commands ```bash # Check all containers docker ps # Restart a service docker restart # View logs docker logs -f # Disk space df -h /srv ``` ### Service URLs (Local) - Dashboard: http://192.168.86.50:3001 - Photos: http://192.168.86.50:2283 - Files: http://192.168.86.50:8081 - Docs: http://192.168.86.50:8082 - Git: http://192.168.86.50:3000 - Cloud: http://192.168.86.50:8083 - Sync: http://192.168.86.50:8384 --- ## Document History | Date | Change | |------|--------| | 2025-11-27 | Initial documentation created | | 2025-11-27 | Added Seafile setup | | 2025-11-27 | Added Git LFS for CAD versioning | | 2025-12-06 | Added Homepage dashboard documentation | | 2025-12-18 | Added 14TB WD Elements HDD for Immich storage and backups | | 2025-12-18 | Configured automated backup system (restic daily + weekly images) | | 2025-12-18 | Fixed DNS resolution issues (Tailscale MagicDNS → systemd-resolved) |