My home lab has a mild amount of complexity and Iโd like practice some good habits about documenting it. Stuff like, what each system does, the OS, any notable software installed and, most importantly, any documentation around configuration or troubleshooting.
i.e. I have an internal SMTP relay that uses a letsencrypt SSL cert that I need to use the DNS challenge to renew. Iโve got the steps around that sitting in a Google Doc. Iโve got a couple more google docs like that.
I donโt want to get super complicated but Iโd like something a bit more structured than a folder full of google docs. Iโd also like to pull it in-house.
Thanks
Edit: I appreciate all the feedback Iโve gotten on this post so far. There have been a lot of tools suggested and some great discussion about methods. This will probably be my weekend now.
I deploy as much as I possibly can via Ansible. Then the Ansible code serves as the documentation. I also keep the underlying OS the same on all machines to avoid different OS conventions. All my machines run Debian. The few things I cannot express in Ansible, such as network topology, I draw a diagram for in draw.io, but thatโs it.
Also, why not automate the certificate renewal with certbot? I have two reverse proxies and they renew their certificates themselves.
My reverse proxy can do automated renewal just fine. The SMTP relay requires a DNS challenge that is manual.
Why not have the reverse proxy also do renewal for the SMTP relay certificate and just rsync it to the relay? For a while I had one of my proxies do all the renewals and the other would rsync it.
It certainly wouldnโt be because Iโve been doing it this way for so long that it never occurred to me. Nope. Certainly not that.
In fairness, I very recently switched from a cobbled together apache web server/rev proxy config Iโve been carrying along in some form for well over a decade (I remember converting the config to 2.4), to an NPM container. I had some initial trouble switching my certs over to NPM and havenโt revisited that yet.
Iโm in the middle of a major overhaul of my tech stack. Fixing certs is on my short list.
Thanks for pointing out where I was stuck in my ways.
