The iNethi Platform is a comprehensive, self-hosted solution for creating offline digital communities and local networks. It provides a complete ecosystem of services that can be deployed on a single Ubuntu server and accessed over a Local Area Network (LAN).
- Media Services: Jellyfin for movies, music, and photos
- File Sharing: Nextcloud for file storage and collaboration
- Learning: Moodle for educational content and courses
- Web Publishing: WordPress for websites and blogs
- Identity Management: Keycloak for user authentication
- Network Management: RADIUSdesk for network access control
- Offline Content: Kiwix for offline Wikipedia and educational resources
- Internet Radio: Azuracast for broadcasting
- Reverse Proxy: Traefik for SSL termination and service routing
- Offline-First: All services work without internet connectivity
- Docker-Based: Containerized services for easy deployment and management
- Centralized Management: Single interface for all services
- Production-Ready: Secure, scalable, and maintainable
- Community-Focused: Designed for schools, libraries, community centers, and remote areas
Run the following and follow the prompts on-screen:
git clone https://github.com/iNethi/inethi.git
cd inethi
./pre-installation.sh
source venv/bin/activate
python3 main.py
- Host Machine: Ubuntu (recommended) or any Linux with Python 3
- Target Server: Ubuntu server with SSH access
- Network: Both machines on same LAN or accessible network
.env.example→.env- Main configuration templatedefault_passwords.json.example→default_passwords.json- Service password templatesansible/group_vars/all.yml- Centralized Ansible variablesansible/vault/production.yml- Encrypted sensitive data (created during setup)
pre-installation.sh- Installs Python, Ansible, and dependenciesmain.py- Main deployment orchestratorsetup_config.py- Interactive configuration setupvalidate_config.py- Configuration validation
ansible/*.yml- Service deployment playbooksansible/roles/*/- Individual service configurationsansible/ansible.cfg- Ansible configuration
-
Clone the repository:
git clone https://github.com/iNethi/inethi.git cd inethi -
Run pre-installation:
./pre-installation.sh
This script:
- Installs Python 3, pip3, Ansible, SSH tools
- Creates Python virtual environment
- Installs required packages
- Copies configuration templates
-
Activate virtual environment:
source venv/bin/activate
python3 main.pyThis will:
- Check configuration - Ensure all required files exist
- Setup vault - Create encrypted password storage
- Validate environment - Check all prerequisites
- Server configuration - Collect server details (IP, user, password)
- Service selection - Choose which services to deploy
- System setup - Install Docker, Traefik, and prerequisites
- Service deployment - Deploy selected services
# Deploy specific services
python3 main.py --services nextcloud,jellyfin
# Deploy all services
python3 main.py --services all
# Skip system setup (Docker, Traefik)
python3 main.py --skip-setup
# Non-interactive mode (uses .env configuration)
python3 main.py --non-interactive
# Verbose output
python3 main.py --verbose.env- Server connection details, data mount location, domaindefault_passwords.json- Service passwords (optional, can use defaults)
ansible/group_vars/all.yml- Service configurations, ports, settingsansible/vault/production.yml- Encrypted passwords (useansible-vault edit)
ansible/roles/*/defaults/main.yml- Individual service settingsansible/roles/*/files/- Service configuration files
# Server Configuration
DEFAULT_SERVER_IP=192.168.1.100
DEFAULT_SERVER_USER=ubuntu
DEFAULT_AUTH_METHOD=password
DEFAULT_AUTH_VALUE=your_server_password
# Storage
DATA_MOUNT=/mnt/data
# Domain
INETHI_LOCAL_DOMAIN=inethilocal.net# Deploy core services only
DEFAULT_SERVICES=traefik,keycloak,nextcloud
# Deploy everything
DEFAULT_SERVICES=allAfter deployment, services are available at:
- Traefik Dashboard:
https://traefik.inethilocal.net - Nextcloud:
https://nextcloud.inethilocal.net - Jellyfin:
https://jellyfin.inethilocal.net - Moodle:
https://moodle.inethilocal.net - WordPress:
https://wordpress.inethilocal.net
Services are accessed through DNS names ending in *.inethilocal.net.
There are two supported DNS setup options depending on your environment.
For quick testing from a single workstation, configure wildcard DNS resolution to point to the server running this stack.
This can be done via:
/etc/hosts(limited, manual)- Local DNS resolver
- Development DNS tools
Example conceptually:
*.inethilocal.net → <server-ip>
⚠️ This approach is intended only for local testing and does not scale.
For shared or production-like environments, DNS should be handled centrally by the network firewall.
This setup assumes:
- pfSense or OPNsense
- DNS Forwarder enabled (dnsmasq)
- LAN subnet:
10.2.0.0/16 - Firewall IP:
10.2.0.1 - Services host IP:
10.2.0.10
Add the following entries to the DNS Forwarder → Options section:
address=/pfsense.inethilocal.net/10.2.0.1
address=/.inethilocal.net/10.2.0.10
Explanation:
pfsense.inethilocal.netresolves directly to the firewall- All other
*.inethilocal.netnames resolve to the services host
Ensure the following ports are allowed to the services host:
- TCP 80 — HTTP
- TCP 443 — HTTPS
These ports must be reachable from the LAN for Traefik to function correctly.
- SSL certificates are automatically generated and renewed by Traefik
- Certificates are valid only within the local DNS scope
- No manual certificate creation or management is required
- Services Overview - Information about available services