# homelab

* OPNsense firewall: https://opnsense.hh.lan
* Proxmox virtualization cluster: https://proxmox1.hh.lan

## services

* HomeAssistant home automation
  * http://homeassistant.local:8123/
  * https://ha.hh.lan
* Frigate NVR (security cameras): https://frigate.local:8971
* Paperless document repository: https://paperless.hh.lan

## things to set up

### Gitea

* gitea.hh.lan
* used `docker-compose-template` VM template
* Moved host `sshd` to `tcp:2222` so gitea container can use `tcp:22`

### Caddy

### Authentik

### CrashPlan (or other backup service)

### Home auth

## Network

```mermaid
graph TD;
  internet((Internet))<-->nest_wifi_pro(Nest Wifi Pro);
  nest_wifi_pro<-->microtik;
  microtik<==>LACP(LACP/VLAN trunk);
  LACP<-->vlan86;
  LACP<-->vlan200;
  vlan86<-->proxmox_eth0[eth0]<-->proxmox;
  vlan86<-->proxmox_eth1[eth1]<-->proxmox;
  vlan200<-->proxmox_eth0[eth0]<-->proxmox;
  vlan200<-->proxmox_eth1[eth1]<-->proxmox;
  proxmox<-->bond0<-->vmbr0<-->VMs;
  vlan200<-->vault_eth3[eth3]<-->vault;
  vlan200<-->vault_eth4[eth4]<-->vault;
```

### DNS

```mermaid
graph LR;
  internet((Internet))<-->porkbun;
  porkbun<-->hobbithole_org(hobbithole.org);
  hobbithole_org<-->opnsense;
  opnsense<-->caddy;
  caddy<-->vault;
  caddy<-->proxmox;
  opnsense<-->hh_lan(hh.lan)<-->bind<-->unbound;
  unbound<-->vault;
  unbound<-->proxmox;
  proxmox[proxmox + VMs];

```

* External domain: `hobbithole.org`
  * Hosted on SquareSpace, about to move over to PorkBun
* Internal domain: `hh.lan`
  * Unbound transparent domain --> BIND authoritative domain
    * Hosted on OPNsense
    *

### IPAM

* wifi: `192.168.86.0/24`
* services: `192.168.200.0/24`
*

## Proxmox

### Hosts

* `proxmox1.hh.lan`
  * 192.168.200.101
* `proxmox2.hh.lan`
  * 192.168.200.102
* `proxmox3.hh.lan`
  * 192.168.200.103