OwnTracks

OwnTracks allows you to keep track of your own location. You can build your private location diary or share it with your family and friends. OwnTracks is open-source and uses open protocols for communication so you can be sure your data stays secure and private.

OwnTracks Screenshot

Using a smartphone app, OwnTracks allows you to collect and analyse your own location data without sharing this data with a cloud provider (i.e. Apple, Google). Potential use cases are:

Sharing family locations without relying on Apple Find-My-friends
Performing automated actions in HomeAssistant when you arrive/leave home

OwnTracks Requirements

Ingredients

Already deployed:

Docker swarm cluster with persistent shared storage
Traefik configured per design
DNS entry for the hostname you intend to use (or a wildcard), pointed to your keepalived IP

Traefik Forward Auth or Authelia to secure your Traefik-exposed services with an additional layer of authentication

Preparation

Setup data locations

We'll need a directory so store OwnTracks' data , so create /var/data/owntracks:

mkdir /var/data/owntracks

Prepare OwnTracks environment

Create owntracks.env, and populate with the following variables

OTR_USER=recorder
OTR_PASS=yourpassword
OTR_HOST=owntracks.example.com

OwnTracks Docker Swarm config

Create a docker swarm config file in docker-compose syntax (v3), something like the example below:

Fast-track with premix! 🚀

I automatically and instantly share (with my sponsors) a private "premix" git repository, which includes necessary docker-compose and env files for all published recipes. This means that sponsors can launch any recipe with just a git pull and a docker stack deploy 👍.

🚀 Update: Premix now includes an ansible playbook, so that sponsors can deploy an entire stack + recipes, with a single ansible command! (more here)

version: "3.0"

services:
    owntracks-app:
      image: funkypenguin/owntracks
      env_file : /var/data/config/owntracks/owntracks.env
      volumes:
        - /var/data/owntracks:/owntracks
      networks:
        - internal
        - traefik_public
      ports:
        - 1883:1883
        - 8883:8883
        - 8083:8083
      deploy:
        labels:
          # traefik common
          - traefik.enable=true
          - traefik.docker.network=traefik_public

          # traefikv1
          - traefik.frontend.rule=Host:owntracks-app.example.com
          - traefik.port=8083     

          # traefikv2
          - "traefik.http.routers.owntracks.rule=Host(`owntracks-app.example.com`)"
          - "traefik.http.services.owntracks.loadbalancer.server.port=8083"
          - "traefik.enable=true"

          # Remove if you wish to access the URL directly
          - "traefik.http.routers.owntracks.middlewares=forward-auth@file"


networks:
  traefik_public:
    external: true
  internal:
    driver: overlay
    ipam:
      config:
        - subnet: 172.16.15.0/24

Note

Setup unique static subnets for every stack you deploy. This avoids IP/gateway conflicts which can otherwise occur when you're creating/removing stacks a lot. See my list here.

Serving

Launch OwnTracks stack

Launch the OwnTracks stack by running docker stack deploy owntracks -c <path -to-docker-compose.yml>

Log into your new instance at https://YOUR-FQDN, with user "root" and the password you specified in gitlab.env.

Chef's notes 📓

If you wanted to expose the Owntracks UI directly, you could remove the traefik-forward-auth from the design. ↩
I'm using my own image rather than owntracks/recorderd, because of a potentially swarm-breaking bug I found in the official container. If this gets resolved (or if I was mistaken) I'll update the recipe accordingly. ↩
By default, you'll get a fully accessible, unprotected MQTT broker. This may not be suitable for public exposure, so you'll want to look into securing mosquitto with TLS and ACLs. ↩

Did you receive excellent service? Want to compliment the chef? (..and support development of current and future recipes!) Sponsor me on Github / Ko-Fi / Patreon, or see the contribute page for more (free or paid) ways to say thank you! 👏

Employ your chef (engage) 🤝

Is this too much of a geeky PITA? Do you just want results, stat? I do this for a living - I'm a full-time Kubernetes contractor, providing consulting and engineering expertise to businesses needing short-term, short-notice support in the cloud-native space, including AWS/Azure/GKE, Kubernetes, CI/CD and automation.

Learn more about working with me here.

Want to know now when this recipe gets updated, or when future recipes are added? Subscribe to the RSS feed, or leave your email address below, and we'll keep you updated.