Welcome to my personal project dedicated to building a self-hosted, modular, and scalable environment based on:
- Ubuntu Server
- Docker
- Portainer
- AdGuard Home (DNS filtering)
- WireGuard (VPN)
- Caddy (reverse proxy)
- Ip tables/UFW
- Cloudflare DDNS
- Crowdsec & FAIL2BAN
- Netdata
The purpose of this repository is to document step-by-step the configuration of the entire system in a simple, repeatable way, suitable for both VirtualBox environments and dedicated hardware like Raspberry Pi or mini PCs.
I tried to include the issues encountered and their solutions.
The project started in November 2025 and is still under constant integration and updates.
πTable of Contents
π Step 1 β Ubuntu Server
π Step 2 β Docker
π Step 3 β Portainer
π Step 4 β AdGuard Home
π Step 5 β WireGuard
π Step 6 β Raspberry Pi 5
π Step 7 β Caddy
π Step 8 β Ufw
π Step 9 β Crowdsec
π Step 10 β Cloudflare
π Step 11 β Fail2ban
π Step 12 β hardening
𧱠Project Goals
- Centralized Home Server Infrastructure: Implement a Docker-based home server environment to centralize and manage network services and self-hosted applications in a modular and efficient way.
- Filter DNS traffic at the network level to block ads and tracking.
- Ensure secure remote access via VPN.
- Apply container hardening practices (e.g., non-root users, read-only filesystem, capability limitations) to reduce the attack surface.
- Deploy Custom Applications: Host internally developed applications with a focus on modern architectures (reverse proxy with automatic HTTPS, isolated networks).
- Reproducibility and Documentation: Document the entire configuration (Infrastructure as Code) through docker-compose.yml files, scripts, and step-by-step guides to enable rapid disaster recovery and system replicability on other nodes.
β If you liked my project, give it a star!
Enrico Soci