Server Reference
Documentation for the home infrastructure — two servers working together.
Servers
| Server | Role | Docs |
|---|---|---|
| Homelab | Primary server. Runs most services. | homelab/README |
| Pihole / Raspberry Pi | Secondary server. DNS, Home Assistant, Tailscale bridging. | pihole/README |
Tailscale Sidecar Setup
The standard pattern for exposing a service via Tailscale. Used across nearly every stack.
- Create your service container and a Tailscale sidecar container
- On the sidecar, set:
network_mode: "service:[service-name]" - Connect to the sidecar via SSH or the Tailscale admin console and run:
tailscale funnel --bg [port]
The sidecar shares the main container's network namespace, so Tailscale sees the service's ports as its own.
Credentials & Tokens
All credentials are stored in an encrypted file: credentials.gpg (AES256, GPG symmetric).
To decrypt:
gpg -d "credentials.gpg"
Requires GPG — available on Linux/macOS natively, or GPG4Win on Windows. Works fully offline.
File Index
21-Server Reference/
├── README.md ← You are here
├── AI-UPDATE-INSTRUCTIONS.md ← How to pull live data and update these docs
├── credentials.gpg ← Encrypted credentials (GPG AES256)
├── homelab/
│ ├── README.md — Homelab overview & stack index
│ ├── hardware.md — CPU, RAM, storage
│ ├── network.md — IPs, ports, Tailscale nodes, Docker networks
│ ├── environments.md — Dockhand environments (Homelab + Pihole)
│ └── stacks/
│ ├── README.md — All stacks at a glance
│ ├── dockhand.md
│ ├── minecraft.md
│ ├── mealie.md
│ ├── linkwarden.md
│ ├── gitea.md
│ ├── matrix.md
│ ├── homepage.md
│ ├── n8n.md
│ ├── calibre.md
│ ├── gluetun.md
│ ├── openproject.md
│ └── melodix.md
└── pihole/
├── README.md — Pi overview
└── stacks/
├── home_assistant.md
├── ts_kh_bridge.md
└── portainer_agent.md