ben/homefoam
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3866609e9b9a11f4ff0e8c53c4481cfd8972fc32
homefoam/homelab.md
Ben Miller 3866609e9b Jun 15, 2025, 11:47 AM
2025-06-15 17:47:24 +00:00

123 lines
7.0 KiB
Markdown
Raw Blame History

# homelab
* OPNsense firewall: https://opnsense.hh.lan
* Proxmox virtualization cluster: https://proxmox1.hh.lan
## services
* HomeAssistant home automation
* http://homeassistant.local:8123/
* https://ha.hh.lan
* Frigate NVR (security cameras): https://frigate.local:8971
* Paperless document repository: https://paperless.hh.lan
### Gitea
* http://gitea.hh.lan:3000
* SSH key stored in bitwarden
* used `docker-compose-template` VM template
* Moved host `sshd` to `tcp:2222` so gitea container can use `tcp:22`
## things to set up
### Caddy
### Authentik
### CrashPlan (or other backup service)
### Home auth
## Hardware
* Mikrotik CSS318-16G-2S+IN
* [manual](https://help.mikrotik.com/docs/spaces/SWOS/pages/76415036/CRS3xx+and+CSS326-24G-2S+series+Manual#CRS3xxandCSS32624G2S+seriesManual-LAG)
## Network
```mermaid
graph TD;
internet((Internet))<-->nest_wifi_pro(Nest Wifi Pro);
nest_wifi_pro<-->mikrotik;
mikrotik<==>LACP(LACP/VLAN trunk);
LACP<-->vlan86;
LACP<-->vlan200;
vlan86<-->proxmox_eth0[eth0]<-->proxmox;
vlan86<-->proxmox_eth1[eth1]<-->proxmox;
vlan200<-->proxmox_eth0[eth0]<-->proxmox;
vlan200<-->proxmox_eth1[eth1]<-->proxmox;
proxmox<-->bond0<-->vmbr0<-->VMs;
vlan200<-->vault_eth3[eth3]<-->vault;
vlan200<-->vault_eth4[eth4]<-->vault;
```
### DNS
```mermaid
graph LR;
internet((Internet))<-->porkbun;
porkbun<-->hobbithole_org(hobbithole.org);
hobbithole_org<-->opnsense;
opnsense<-->caddy;
caddy<-->vault;
caddy<-->proxmox;
opnsense<-->hh_lan(hh.lan)<-->bind<-->unbound;
unbound<-->vault;
unbound<-->proxmox;
proxmox[proxmox + VMs];
```
* External domain: `hobbithole.org`
* Hosted on SquareSpace, about to move over to PorkBun
* Transfer requested [[2025-06-15]]
* Email forwarding
* gandalf@hobbithole.org --> gibsta@gmail.com
* treasury@hobbithole.org --> hobbitholetreasury@googlegroups.com
* Records
| Host | Type | Priority | TTL | Data |
| -------------- | ----- | -------- | ----- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| @ | A | N/A | 4 hrs | 66.186.208.83 |
| backup | CNAME | N/A | 4 hrs | hobbithole.org |
| frigate | CNAME | N/A | 4 hrs | hobbithole.org |
| home | CNAME | N/A | 4 hrs | hobbithole.org |
| nestmtx | CNAME | N/A | 4 hrs | hobbithole.org |
| radarr | CNAME | N/A | 4 hrs | hobbithole.org |
| sab | CNAME | N/A | 4 hrs | hobbithole.org |
| sonarr | CNAME | N/A | 4 hrs | hobbithole.org |
| tv | CNAME | N/A | 4 hrs | hobbithole.org |
| vault | CNAME | N/A | 4 hrs | hobbithole.org |
| y3t4fz4ttvom | CNAME | N/A | 4 hrs | gv-3ccjjbudvp5ki7.dv.googlehosted.com |
| @ | MX | N/A | 4 hrs | mxa.mailgun.org |
| @ | MX | N/A | 4 hrs | mxb.mailgun.org |
| @ | TXT | N/A | 4 hrs | v=spf1 include:mailgun.org ~all |
| krs._domainkey | TXT | N/A | 4 hrs | k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDDjzUREnJNjiTg2oKAUdaFixMkblPmbiQTW2kinGFIFji16qN50L02DyBxanRz9Z2IK/uhLJ0I4angMTuSr338/ZE6xfjuJIqNMIOw0kgPnxo4qj5HxDiygUSbLHuxMnWzlOddzGgHpytPgpk9gYlw3b2Tt0K5Ym20ie7GaAXv+QIDAQAB |
* Internal domain: `hh.lan`
* Unbound transparent domain --> BIND authoritative domain
* Hosted on OPNsense
*
### IPAM
* wifi: `192.168.86.0/24`
* services: `192.168.200.0/24`
*
## Proxmox
### Hosts
* `proxmox1.hh.lan`
* 192.168.200.101
* `proxmox2.hh.lan`
* 192.168.200.102
* `proxmox3.hh.lan`
* 192.168.200.103
[//begin]: # "Autogenerated link references for markdown compatibility"
[2025-06-15]: 2025-06-15.md "2025-06-15"
[//end]: # "Autogenerated link references"
Reference in New Issue View Git Blame Copy Permalink