Skip to content

Homepage

Developed using ghcr.io/gethomepage/homepage docker image available at gethomepage.dev

  • workflow runs on changes to the configuration of homepage
  • uses a self-hosted github runner to securly copy files to the directory where the container is mapped then restarts the container
  • uses the a dockerproxy for security
  • environment vars configured in portainer
  • secrets held in 1Password and used in GitHub Actions
Workflow
name: "[homepage] Update Config Files"

on:
  push:
    branches:
      - main
    paths:
      - "docker/homepage/config/**"
  workflow_dispatch:

jobs:
  deploy:
    runs-on: "self-hosted"

    steps:
      - name: Checkout Repository
        uses: actions/checkout@v4

      - name: Create SSH Key File
        run: |
          echo "${{ secrets.SSH_TNA_KEY }}" > ~/.ssh/homepage_key
          chmod 600 ~/.ssh/homepage_key

      - name: Copy Config Files via SCP
        run: |
          scp -i ~/.ssh/homepage_key \
              -o StrictHostKeyChecking=no \
              -r ./docker/homepage/config/* \
              ${{ secrets.SSH_TNA_USERNAME }}@${{ secrets.HOST }}:/mnt/store/containers/homepage/

      - name: Restart Docker Container via SSH
        run: |
          ssh -i ~/.ssh/homepage_key \
              -o StrictHostKeyChecking=no \
              ${{ secrets.SSH_TNA_USERNAME }}@${{ secrets.HOST }} \
              "docker container restart homepage"

      - name: Remove SSH Key File
        if: always()
        run: |
          rm -f ~/.ssh/homepage_key
Compose
---
networks:
  default:
    external: true
    name: proxynet

services:
  dockerproxy:
    image: ghcr.io/tecnativa/docker-socket-proxy:latest
    container_name: dockerproxy
    environment:
      - CONTAINERS=1 # Allow access to viewing containers
      - POST=0 # Disallow any POST operations (effectively read-only)
    ports:
      - 127.0.0.1:2375:2375
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro # Mounted as read-only
    restart: unless-stopped

  homepage:
    container_name: homepage
    image: ghcr.io/gethomepage/homepage:latest
    hostname: homepage
    volumes:
      - /mnt/store/containers/homepage:/app/config
    restart: unless-stopped
    environment:
      HOMEPAGE_VAR_NPM_USERNAME: ${HOMEPAGE_VAR_NPM_USERNAME}
      HOMEPAGE_VAR_NPM_PASSWORD: ${HOMEPAGE_VAR_NPM_PASSWORD}
      HOMEPAGE_VAR_TRUENAS_KEY: ${HOMEPAGE_VAR_TRUENAS_KEY}
      HOMEPAGE_VAR_PORTAINER_KEY: ${HOMEPAGE_VAR_PORTAINER_KEY}
      HOMEPAGE_VAR_ADGUARD_USERNAME: ${HOMEPAGE_VAR_ADGUARD_USERNAME}
      HOMEPAGE_VAR_ADGUARD_PASSWORD: ${HOMEPAGE_VAR_ADGUARD_PASSWORD}
      HOMEPAGE_VAR_CLOUDFLARED_ACCOUNTID: ${HOMEPAGE_VAR_CLOUDFLARED_ACCOUNTID}
      HOMEPAGE_VAR_CLOUDFLARED_TUNNELID: ${HOMEPAGE_VAR_CLOUDFLARED_TUNNELID}
      HOMEPAGE_VAR_CLOUDFLARED_KEY: ${HOMEPAGE_VAR_CLOUDFLARED_KEY}
      HOMEPAGE_VAR_WGEASY_PASSWORD: ${HOMEPAGE_VAR_WGEASY_PASSWORD}
      HOMEPAGE_VAR_SYNO_USERNAME: ${HOMEPAGE_VAR_SYNO_USERNAME}
      HOMEPAGE_VAR_SYNO_PASSWORD: ${HOMEPAGE_VAR_SYNO_PASSWORD}
      HOMEPAGE_VAR_WATCHTOWER_KEY: ${HOMEPAGE_VAR_WATCHTOWER_KEY}
      HOMEPAGE_ALLOWED_HOSTS: homepage.lan