- config/docker/daemon.json: Docker security hardening with logging limits and security options
- config/systemd/nginx.service.d/rate-limit.conf: Nginx resource limits and connection throttling
- Includes deployment instructions for container and service security
- config/fail2ban/jail.local: Main jail configuration with SSH, web, and service protection
- config/fail2ban/filter.d/sshd-ddos.conf: SSH connection flooding protection
- config/fail2ban/filter.d/nginx-badbots.conf: Web scanner and bot detection
- config/fail2ban/filter.d/gitea-auth.conf: Gitea authentication failure detection
- Includes deployment instructions for automated IP banning
- config/systemd/ssh-honeypot.service: Systemd service for port 22 honeypot
- config/honeypot/response.sh: Response script that logs connections and sends fake SSH banner
- Both files include deployment instructions and setup commands
- Add Netdata config with cloud features disabled
- Configure localhost-only binding for security
- Disable telemetry and registry features
- Add systemd service configuration for Glances web server
- Ensure monitoring services run with proper isolation
- Remove Cockpit reverse proxy configuration
- Add Netdata reverse proxy with basic auth protection
- Configure same authentication as Glances for consistency
- Maintain security headers and WebSocket support
- Use port 19999 for Netdata service
- Add tabbed navigation with Home and Admin tabs
- Organize Admin tab into Server Administration and Local Network sections
- Update service names to actual application names (Copyparty, Jellyfin)
- Add NAS Storage link for network management
- Improve service descriptions and icons
- Implement responsive design with Font Awesome icons
- Change proxy_pass to preserve original request URI for URL encoding
- Add HTTP/1.1 and Connection header fixes for copyparty compatibility
- Remove path manipulation that broke files with spaces/special characters
Fixes HTTP 400 "bad headers" errors when uploading files with spaces
in filenames via WebDAV clients like X-plore.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Complete Docker Compose setup with MariaDB and Redis
- External storage mounts for existing homelab folders
- Secure password handling using Docker secrets from ~/creds/
- Configured for /cloud path with proper reverse proxy settings
Note: Nextcloud was tested but disabled in favor of copyparty for
file server functionality due to performance and complexity concerns.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add merge_slashes off to prevent automatic redirects
- Add proxy_redirect off to stop nginx from modifying WebDAV responses
- Add explicit WebDAV method support (PUT, DELETE, PROPFIND, etc.)
- Add WebDAV-specific headers (Depth, Destination, etc.)
- Optimize for large file uploads and streaming
Fixes HTTP 301 errors that prevented WebDAV file uploads in clients
like X-plore File Manager.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Add explicit 'd' (delete) permission to user accounts to enable
WebDAV DELETE operations. Changed from 'rwm' to 'rwmd' permissions
for all user folders.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Mount /home/hoborg/private as /media/private for shared access with copyparty
- Enable read-only access to private media files uploaded via copyparty WebDAV
- Maintain consistency between file server and media server folder access
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add SSL certificate configuration from Let's Encrypt
- Include WebDAV headers for copyparty upload support (Depth, Destination, Overwrite, If)
- Configure HTTP to HTTPS redirect for all services
- Add SSL security settings managed by certbot
- Enable proxy_request_buffering off for WebDAV compatibility
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Change Copyparty URL path from /cloud to /files
- Add Jellyfin media server reverse proxy at /media path
- Optimize streaming settings for video content
- Enable websocket support for real-time updates
- Configure large file handling and timeouts
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Docker compose setup with hardware acceleration support
- Network host mode for optimal streaming performance
- Volume mounts for config, cache, and media directories
- Memory limits and resource management
- Device access for GPU hardware transcoding
- Integration with existing media folder structure
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Configure copyparty file server with user authentication
- Set up multi-volume structure (shared, documents, music, videos, private)
- Create systemd service for automatic startup
- Add Nginx reverse proxy integration on /cloud/ path
- Update documentation with complete setup and management guide
- Mark Gitea and file server tasks as completed in TODO
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Resolve SSH lockout after reboot caused by systemd lid switch suspend
- Add systemd-logind configuration to disable lid switch handling
- Add NetworkManager configuration for static IP and power management
- Update network troubleshooting documentation with complete solution
- Include diagnostic commands and deployment steps
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Create organized directory structure:
- docs/ for all documentation files
- config/ for deployment configurations and scripts
- Add CLAUDE.md with project architecture and development workflow
- Update README.md with new structure and current status
- Move all documentation to docs/ directory
- Organize Docker and Nginx configurations under config/
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
