Nix Podman Stacks

Collection of opinionated Podman stacks managed by Home Manager.

The goal is to easily deploy various self-hosted projects, including a reverse proxy, dashboard and monitoring setup. Under the hood rootless Podman (Quadlets) will be used to run the containers. It works on most Linux distros including Ubuntu, Arch, Mint, Fedora & more and is not limited to NixOS.

The projects also contains integrations with Traefik, Homepage, Grafana and more. Some examples include:

• Enabling a stack will add the respective containers to Traefik and Homepage
• Enabling CrowdSec or Authelia will automatically configure necessary Traefik plugins and middlewares
• When stacks support exporting metrics, scrape configs for Prometheus can be automatically set up
• Similariy, Grafana dashboards for Traefik, Blocky & others can be automatically added
• and more ...

While most stacks can be activated by setting a single flag, some stacks require setting mandatory values, especially for secrets. For managing secrets, projects such as sops-nix or agenix can be used, which allow you to store your secrets along with the configuration inside a single Git repository.

Example

Simple example of how to enable Traefik (including LetsEncrypt certificates & Geoblocking), Paperless & Homepage:

{config, ...}:
{
  nps.stacks = {
    homepage.enable = true;
    paperless = {
      enable = true;
      secretKeyFile = config.sops.secrets."paperless/secret_key".path;
      db.passwordFile = config.sops.secrets."paperless/db_password".path;
    };
    traefik = {
      enable = true;
      domain = "example.com";
      geoblock.allowedCountries = ["DE"];
      extraEnv.CF_DNS_API_TOKEN.fromFile = config.sops.secrets."traefik/cf_api_token".path;
    };
  };
}

Services will be automatially added to Homepage and are available via the Traefik reverse proxy.

📔 Option Documentation

Refer to the documentation to get a started and see a list of available options.

There is also an Option Search to easily explore existing options.

📦 Available Stacks

• Adguard
• AdventureLog
• AIOStreams
• Anchor
• Audiobookshelf
• Authelia
• Baikal
• BentoPDF
• Beszel
• Blocky
• Booklore
• ByteStash
• Calibre-Web Automated
• Changedetection
  • Changedetection
  • Sock Puppet Browser
• CrowdSec
• Davis
• Dawarich
• DDNS-Updater
• DockDNS
• Docker Socket Proxy
• Donetick
• Dozzle
• Ephemera
• Filebrowser
• Filebrowser Quantum
• Flaresolverr
• Forgejo
• Free Games Claimer
• FreshRSS
• Gatus
• Glance
• Guacamole
• Healthchecks
• Home Assistant
• HomeBox
• Homepage
• HortusFox
• Immich
• IT-Tools
• Jotty
• Kaneo
• Karakeep
• Kimai
• KitchenOwl
• Komga
• Leantime
• LLDAP
• Mazanoke
• Mealie
• Memos
• MicroBin
• 🔍 Monitoring
  • Alloy
  • Grafana
  • Loki
  • Prometheus
  • Alertmanager
  • Alertmanager-ntfy
  • Podman Metrics Exporter
• n8n
• Navidrome
• Networking Toolbox
• Norish
• ntfy
• OmniTools
• Outline
• Pangolin-Newt
• Paperless-ngx
  • Paperless-ngx
  • 📂 FTP Server
• Papra
• Reactive Resume
• RomM
• SearXNG
• Shelfmark
• Sshwifty
• Stirling-PDF
• Storyteller
• 📺 Streaming
  • Bazarr
  • Gluetun
  • Jellyfin
  • Profilarr
  • Prowlarr
  • qBittorrent
  • qui
  • Seerr
  • Radarr
  • Sonarr
• Tandoor
• TimeTracker
• Traefik
• Trek
• Trip
• Uptime-Kuma
• Vaultwarden
• Vikunja
• Wallos
• WatchState
• Webtop
• wg-easy
• wg-portal
• Yopass

💡 Missing a Stack / Option / Integration ?

Is your favorite self-hosted app not included yet? Or would you like to see additional options or integrations? I'm always looking to expand the collection! Feel free to open an issue or contribute directly with a pull request.

When contributing a new service/stack, you can refer to the example stack as a starting point.