Vish/homelab-optimized
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sanitized mirror from private repository - 2026-04-05 12:11:15 UTC
Some checks failed
Documentation / Deploy to GitHub Pages (push) Has been cancelled
Details
Documentation / Build Docusaurus (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Gitea Mirror Bot
2026-04-05 12:11:15 +00:00
commit 5cdf36e545
1395 changed files with 358118 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

666
docs/infrastructure/hosts.md Normal file
View File

@@ -0,0 +1,666 @@
# 🏗️ Host Infrastructure Overview
**🟡 Intermediate Guide**
This homelab consists of multiple hosts running **159 containers** across various hardware platforms. Each host serves specific roles and runs services optimized for its capabilities.
**Last Verified**: 2026-02-08 via SSH verification (jellyfish added)
## 📊 Infrastructure Summary
| Host Category | Count | Total Services | Primary Purpose |
|---------------|-------|----------------|-----------------|
| **Synology NAS** | 2 | 105 containers | Storage, media, always-on services |
| **Proxmox VMs** | 1 | 30 containers | Monitoring, privacy frontends, AI |
| **Physical Hosts** | 2 | 24 containers | Home automation, media, networking |
| **Edge Devices** | 1 | 4 containers | Uptime monitoring, NAS services |
> **Note**: This covers Portainer-managed endpoints only. Total: 159 containers across 5 endpoints.
---
## 📦 Synology NAS Cluster
### 🏛️ **Atlantis** - Primary Media & Infrastructure Hub
**Hardware**: Synology DS1823xs+ (8-bay enterprise NAS)
**Services**: 51 containers
**Role**: Core infrastructure, media services, monitoring
#### 🎯 **Primary Services**
| Category | Services | Purpose |
|----------|----------|---------|
| **Media Streaming** | Plex, Immich, Tautulli | Personal Netflix and Google Photos |
| **Content Management** | Arr Suite (Sonarr, Radarr, etc.) | Automated media acquisition |
| **Monitoring** | Grafana, Prometheus, Uptime Kuma | Infrastructure monitoring |
| **Security** | Vaultwarden, Pi-hole, Wireguard | Password management, ad blocking |
| **Development** | GitLab, Dozzle, Portainer | Code management, container monitoring |
#### 🔧 **Technical Specifications**
- **CPU**: AMD Ryzen Embedded V1780B (4-core/8-thread, 3.35GHz)
- **RAM**: 32GB DDR4 ECC (installed, upgradeable to 64GB)
- **Storage**: 8x 16TB Seagate IronWolf Pro (ST16000NT001) - 128TB total capacity
- **Drive specs**: Enterprise NAS, CMR, 3.5", SATA 6Gb/s, 7,200 RPM, 256MB cache
- **RAID**: Configured for high availability and performance
- **Cache**: 2x 480GB WD Black SN750 NVMe SSDs (M.2 slots)
- **Network**: 2x Gigabit Ethernet + 10GbE (connected to TP-Link TL-SX1008)
- **Power**: ~65W average consumption (with full drive array)
#### 📁 **Storage Layout**
```
/volume1/ (128TB total capacity)
├── docker/ # Container persistent data
├── media/ # Movies, TV shows, music (massive 4K library)
├── photos/ # Photo library for Immich (high-resolution storage)
├── documents/ # Paperless-NGX documents
├── backups/ # Local backup storage
├── archive/ # Long-term data archival
└── cache/ # NVMe cache acceleration (2x 480GB WD Black SN750)
# RAID Configuration:
# - 8x 16TB Seagate IronWolf Pro drives
# - Enterprise-grade CMR technology
# - 7,200 RPM, 256MB cache per drive
# - Configured for optimal performance and redundancy
```
#### 🌐 **Key Ports & Access**
- **Plex**: `atlantis.local:32400`
- **Grafana**: `atlantis.local:7099`
- **Portainer**: `atlantis.local:9000`
- **DokuWiki**: `atlantis.local:8399`
---
### 🏢 **Calypso** - Development & Secondary Services
**Hardware**: Synology DS723+ (2-bay plus NAS)
**Services**: 54 containers
**Role**: Development tools, backup services, package caching, SSO authentication
#### 🎯 **Primary Services**
| Category | Services | Purpose |
|----------|----------|---------|
| **Development** | Gitea, Reactive Resume, Gitea Runner | Git hosting, CI/CD, resume builder |
| **Finance** | Actual Budget | Personal finance management |
| **Authentication** | Authentik SSO | Single sign-on for all services |
| **Infrastructure** | APT-Cacher-NG, Nginx Proxy Manager | Package caching, reverse proxy |
| **Media** | Immich, Arr Suite, Tdarr | Media services, transcoding |
| **Documents** | Paperless-NGX | Document management |
#### 🔧 **Technical Specifications**
- **CPU**: AMD Ryzen R1600 (2-core, 2.6GHz)
- **RAM**: 32GB DDR4 (fully upgraded from 2GB)
- **Storage**: 2x 12TB Seagate IronWolf Pro (ST12000NT001) - 24TB total capacity
- **Drive specs**: Enterprise NAS, CMR, 3.5", SATA 6Gb/s, 7,200 RPM, 256MB cache
- **RAID**: RAID 1 for redundancy
- **Cache**: 2x 480GB WD Black SN750 NVMe SSDs (M.2 slot)
- **Network**: 2x Gigabit Ethernet + 10GbE PCIe card (connected to TP-Link TL-SX1008)
- **Expansion**: 10 Gigabit Ethernet PCIe card for high-speed connectivity
- **Power**: ~25W average consumption
#### 📁 **Storage Layout**
```
/volume1/ (24TB total capacity - RAID 1)
├── docker/ # Container data
├── apt-cache/ # Debian package cache (high-speed access)
├── backups/ # Backup destination from Atlantis
├── development/ # Git repositories and development data
└── cache/ # NVMe cache acceleration (2x 480GB WD Black SN750)
# RAID Configuration:
# - 2x 12TB Seagate IronWolf Pro drives in RAID 1
# - Enterprise-grade CMR technology
# - 7,200 RPM, 256MB cache per drive
# - Full redundancy with 10GbE connectivity
```
---
### 🔍 **Setillo** - Remote Monitoring & Offsite Backup
**Hardware**: Synology DS223j (2-bay entry-level NAS)
**Services**: 4 containers
**Role**: Remote monitoring, offsite backup, Plex server (Tucson, AZ)
#### 🎯 **Primary Services**
| Category | Services | Purpose |
|----------|----------|---------|
| **Monitoring** | Prometheus, AdGuard | Network monitoring, DNS filtering |
| **Network** | SNMP Exporter | Network device monitoring |
| **Media** | Plex Media Server | Remote media streaming |
| **Backup** | HyperBackup | Offsite backup destination |
#### 🔧 **Technical Specifications**
- **CPU**: Realtek RTD1619B (4-core, 1.7GHz ARM Cortex-A55, aarch64)
- **RAM**: 1GB DDR4 (non-upgradeable)
- **Storage**: 2x 10TB WD Gold Enterprise drives (SHR, ~8.9TB usable)
- **Network**: 1x Gigabit Ethernet
- **Tailscale IP**: 100.125.0.20
- **Location**: Tucson, AZ (remote, Tailscale-only access)
- **Power**: ~8W average consumption
---
## 💻 Proxmox Virtual Machines
### 🏠 **Homelab VM** - General Purpose Experimentation
**Host**: Proxmox VE
**Services**: 30 containers
**Role**: Monitoring hub, privacy frontends, AI tools
#### 🎯 **Primary Services**
| Category | Services | Purpose |
|----------|----------|---------|
| **Monitoring** | Grafana, Prometheus, Alertmanager | Centralized monitoring |
| **Notifications** | NTFY, Signal API | Push notifications |
| **Privacy** | Redlib, Binternet, Proxitok | Privacy-respecting frontends |
| **Archiving** | ArchiveBox, Hoarder/Karakeep | Web archiving, bookmarks |
| **AI** | Perplexica, OpenHands | AI search, development agent |
#### 🔧 **VM Specifications**
- **vCPU**: 4 cores
- **RAM**: 8GB
- **Storage**: 100GB SSD
- **Network**: Bridged to main network
- **OS**: Ubuntu 22.04 LTS
---
### 🌍 **matrix-ubuntu** - Communication Services VM
**Host**: Atlantis (Synology Virtual Machine Manager)
**Services**: Matrix Synapse, Mattermost, Mastodon
**Role**: Decentralized communication platform
#### 🎯 **Primary Services**
| Category | Services | Purpose |
|----------|----------|---------|
| **Communication** | Matrix (Synapse) | Decentralized chat server (mx.vish.gg) |
| **Chat** | Mattermost | Team messaging (mm.crista.love) |
| **Social** | Mastodon | Federated social network (mastodon.vish.gg) |
#### 🔧 **VM Specifications**
- **vCPU**: 4 cores (AMD Ryzen Embedded V1780B)
- **RAM**: 8GB
- **Storage**: 100GB (87GB available)
- **OS**: Ubuntu 24.04.3 LTS
- **LAN IP**: 192.168.0.154
- **Tailscale IP**: 100.85.21.51
- **SSH Port**: 65533
---
## 🖥️ Physical Hosts
### 🎨 **Shinku-Ryuu** - Primary Desktop Workstation
**Hardware**: Custom built gaming/workstation in HYTE Y70 Red case
**Services**: Development environment, creative workstation
**Role**: Primary development machine, creative work, high-performance computing
#### 🎯 **Primary Use Cases**
| Category | Purpose | Applications |
|----------|---------|-------------|
| **Development** | Software development, coding | VS Code, IDEs, Docker Desktop |
| **Creative** | Content creation, design | Adobe Creative Suite, Blender |
| **Gaming** | High-end gaming, streaming | Steam, OBS, game development |
| **AI/ML** | Machine learning development | PyTorch, TensorFlow, CUDA workloads |
| **Homelab Management** | Infrastructure administration | SSH clients, monitoring dashboards |
#### 🔧 **Technical Specifications**
- **CPU**: Intel Core i7-14700K (20-core, 3.4GHz base, 5.6GHz boost)
- **RAM**: 96GB DDR4 (high-capacity for AI/ML workloads)
- **GPU**: NVIDIA RTX 4080 (16GB VRAM for AI/gaming)
- **Storage**: 2TB+ NVMe SSD (high-speed storage)
- **Case**: HYTE Y70 Red (premium gaming case with excellent airflow)
- **Network**: Gigabit Ethernet + WiFi 6E + 10GbE (connected to TP-Link TL-SX1008)
- **OS**: Windows 11 Pro (with WSL2 for Linux development)
---
### ⚡ **Anubis** - Legacy Mac Mini Server
**Hardware**: Apple Mac Mini (Late 2014)
**Services**: 8 containers
**Role**: Legacy services, lightweight workloads, testing
#### 🎯 **Primary Services**
| Category | Services | Purpose |
|----------|----------|---------|
| **AI/ML** | ChatGPT Interface | AI chat applications |
| **Media** | PhotoPrism | AI-powered photo management |
| **Communication** | Element, Conduit | Matrix client and server |
| **Productivity** | Draw.io, ArchiveBox | Diagramming, web archiving |
| **Monitoring** | Pi Alert | Network device discovery |
| **Privacy** | Proxitok | TikTok privacy frontend |
#### 🔧 **Technical Specifications**
- **CPU**: Intel Core i5-4278U (2-core, 2.6GHz, Haswell)
- **RAM**: 8GB DDR3L (soldered, non-upgradeable)
- **GPU**: Intel Iris 5100 (integrated graphics)
- **Storage**: 1TB Fusion Drive (128GB SSD + 1TB HDD hybrid)
- **Network**: Gigabit Ethernet + 802.11ac WiFi
- **Ports**: 2x Thunderbolt 2, 4x USB 3.0, HDMI, SDXC
- **OS**: macOS (potentially running Docker via VM or Linux)
---
### 🧠 **Guava** - TrueNAS Scale Workstation
**Hardware**: Custom built AMD workstation in SilverStone SUGO 16 case
**Services**: 12+ containers (TrueNAS apps)
**Role**: Storage server, media, AI/ML, development, compute-intensive tasks
#### 🎯 **Primary Services**
| Category | Services | Purpose |
|----------|----------|---------|
| **Media** | Jellyfin | Media streaming server |
| **AI/ML** | Ollama, LlamaGPT | Local language models |
| **Development** | Gitea, CoCalc | Git hosting, collaborative computing |
| **Health** | Fasten Health | Personal health record management |
| **Infrastructure** | Portainer, Nginx, Fenrus | Container management, dashboard |
| **Networking** | WireGuard, Tailscale | VPN server, mesh networking |
#### 🔧 **Technical Specifications**
- **OS**: TrueNAS Scale 25.04.2.6 (Dragonfish, Debian-based)
- **Motherboard**: ASRock B850I Lightning WiFi (Mini-ITX)
- **CPU**: AMD Ryzen 5 8600G (6-core/12-thread, 4.3GHz base, 5.0GHz boost, Zen 4)
- **RAM**: 32GB DDR5-5600
- **GPU**: Integrated AMD Radeon 760M (RDNA 3 iGPU)
- **Storage**: ZFS Mirror — 2x WD Blue SA510 4TB SATA SSD (data pool) + WD Black SN770 500GB NVMe (boot)
- **Case**: SilverStone SUGO 16 (compact Mini-ITX case)
- **Network**: Mellanox ConnectX-5 10GbE (connected to TP-Link TL-SX1008)
- **LAN IP**: 192.168.0.100
- **Tailscale IP**: 100.75.252.64
---
### 💻 **MSI Prestige 13 AI Plus** - Travel Laptop
**Hardware**: MSI Prestige 13 AI Plus Ukiyo-e Edition (A2VMX)
**Role**: Primary travel workstation with AI acceleration
**Connectivity**: Tailscale mesh networking for homelab access
#### 🎯 **Primary Use Cases**
| Category | Use Case | Homelab Integration |
|----------|----------|-------------------|
| **Development** | Remote coding, Git operations | Full GitLab access via Tailscale |
| **Content Creation** | Photo/video editing, AI processing | Access to Atlantis media storage |
| **Productivity** | Document editing, presentations | Paperless-NGX, file sync |
| **Communication** | Video calls, messaging | Matrix, Jitsi via homelab |
| **Security** | Password management, 2FA | Vaultwarden access |
#### 🔧 **Technical Specifications**
- **CPU**: Intel Core Ultra 7 258V (8-core, up to 4.8GHz, Meteor Lake)
- **GPU**: Intel Arc Graphics (integrated, AI-optimized)
- **AI Accelerator**: Intel AI Boost NPU (up to 47 TOPS)
- **RAM**: 32GB LPDDR5X (high-speed, soldered)
- **Storage**: 1TB PCIe 4.0 NVMe SSD
- **Display**: 13.3" OLED 2.8K (2880x1800) 100% DCI-P3, touch-enabled
- **Network**: Wi-Fi 7 (802.11be), Bluetooth 5.4
- **Ports**: 2x Thunderbolt 4, 1x USB-A 3.2, 1x HDMI 2.1, 1x Audio
- **Battery**: 75Wh with fast charging support
- **Weight**: 2.18 lbs (990g) ultra-portable
- **OS**: Windows 11 Pro with WSL2 for Linux development
- **Tailscale IP**: 100.80.0.26 (msi)
#### 🌐 **Connectivity Features**
- **Wi-Fi 7**: Latest wireless standard for maximum performance
- **Thunderbolt 4**: High-speed external storage and displays
- **HDMI 2.1**: 4K@120Hz external monitor support
- **Tailscale Integration**: Seamless homelab access from anywhere
- **GL.iNet Compatibility**: Works with all travel router configurations
#### 🎨 **Special Edition Features**
- **Ukiyo-e Design**: Traditional Japanese art-inspired aesthetics
- **Premium Build**: Magnesium-aluminum alloy construction
- **OLED Display**: True blacks, vibrant colors for creative work
- **AI Optimization**: Hardware-accelerated AI workloads
#### 🔗 **Homelab Integration**
- **Remote Development**: Full access to development environments
- **Media Access**: Stream from Plex/Jellyfin via Tailscale
- **File Synchronization**: Seamless access to NAS storage
- **Monitoring**: View Grafana dashboards and system status
- **Security**: Vaultwarden for password management
- **Communication**: Matrix, Element for team collaboration
---
## 🌐 Edge Devices
### 🏠 **Concord NUC** - Home Automation Hub
**Hardware**: Intel NUC6i3SYB (6th gen NUC)
**Services**: 9 containers
**Role**: Home automation, IoT hub, edge computing
#### 🎯 **Primary Services**
| Category | Services | Purpose |
|----------|----------|---------|
| **Home Automation** | Home Assistant | Smart home control center |
| **Security** | AdGuard Home, Wireguard | DNS filtering, VPN access |
| **Media** | Invidious, YourSpotify | Privacy-focused media |
| **Infrastructure** | Dynamic DNS, Syncthing | Network services, file sync |
| **Gaming** | Don't Starve Together | Game server hosting |
#### 🔧 **Technical Specifications**
- **CPU**: Intel Core i3-6100U (2-core, 2.3GHz)
- **RAM**: 16GB DDR4 (upgraded from 4GB)
- **Storage**: 256GB M.2 SATA SSD
- **Network**: Gigabit Ethernet + WiFi AC
- **Power**: ~10W average consumption
- **OS**: Ubuntu 22.04 LTS
---
### 🥧 **Raspberry Pi Cluster**
#### **Pi-5 (Vish)** - Primary Pi Node
**Hardware**: Raspberry Pi 5 16GB in PiRonMan 5 Max case
**Services**: 1 container
**Role**: Lightweight services, sensors, development
- **CPU**: Broadcom BCM2712 (4-core, 2.4GHz)
- **RAM**: 16GB LPDDR4X (maximum capacity model)
- **Storage**: 235GB microSD + USB SSD
- **Case**: SunFounder PiRonMan 5 Max (premium case with cooling and expansion)
- **Network**: Gigabit Ethernet + WiFi 6
- **Features**: Enhanced cooling, GPIO expansion, OLED display
#### **Pi-5-Kevin** - Secondary Pi Node
**Hardware**: Raspberry Pi 5 8GB
**Services**: 1 container
**Role**: Backup services, IoT sensors
**Status**: Frequently offline (typically powered off or disconnected)
- **CPU**: Broadcom BCM2712 (4-core, 2.4GHz)
- **RAM**: 8GB LPDDR4X
- **Storage**: 64GB microSD
- **Network**: Gigabit Ethernet + WiFi 6
> **Note**: This Pi node may be unavailable as it is occasionally disconnected and not always actively managed.
#### **Jellyfish** - NAS & Media Server Pi
**Hardware**: Raspberry Pi 5 Model B Rev 1.0 (4GB)
**Services**: Docker containers, NAS storage
**Role**: Network Attached Storage, media server, lightweight services
#### 🎯 **Primary Services**
| Category | Services | Purpose |
|----------|----------|---------|
| **Storage** | NAS services | 3.6TB external storage mounted at /srv/nas |
| **Network** | Tailscale VPN | Remote access via 100.69.121.120 |
| **Infrastructure** | Docker containers | Container orchestration |
#### 🔧 **Technical Specifications**
- **CPU**: ARM Cortex-A76 (4-core, 1.5-2.4GHz)
- **RAM**: 4GB LPDDR4X
- **Storage**: 29GB microSD (root) + 3.6TB external SSD (NAS)
- **Network**: Gigabit Ethernet (192.168.12.181) + WiFi (192.168.12.182) + Tailscale VPN
- **OS**: Debian GNU/Linux 13 (trixie) with kernel 6.12.47+rpt-rpi-2712
- **Uptime**: 38+ days (highly stable)
- **Power**: Low power consumption ARM architecture
#### 🌐 **Network Configuration**
- **Local Ethernet**: 192.168.12.181/24 (MAC: 2c:cf:67:24:39:d6)
- **Local WiFi**: 192.168.12.182/24 (MAC: 2c:cf:67:24:39:d7)
- **Tailscale VPN**: 100.69.121.120/32 (secure remote access)
- **Docker Networks**: Bridge networks for container isolation
#### 💾 **Storage Layout**
```
/dev/mmcblk0p2 29G 8.4G 20G 31% / # Root filesystem (SD card)
/dev/mapper/ssd 3.6T 1.8T 1.7T 53% /srv/nas # External NAS storage
```
---
## 🌍 Remote Systems
### 🌙 **Moon** - Remote Desktop Workstation
**Hardware**: MSI MS-7E03 (Z790), Intel i7-14700K
**Hostname**: moon
**Headscale IP**: 100.64.0.6
**LAN IP**: 192.168.12.223 (behind GL-MT3000)
**SSH**: `ssh moon` (direct via Tailscale)
**Role**: Remote workstation, runs local Headscale instance
#### 🎯 **Primary Services**
| Service | Purpose |
|---------|---------|
| Headscale v0.23.0-rc.1 | Local Headscale instance (primary runs on Calypso) |
| Docker | Container runtime |
| Glances | System monitoring |
| iperf3 | Network performance testing |
#### 🔧 **Technical Specifications**
- **CPU**: Intel Core i7-14700K (20-core, Raptor Lake-S)
- **RAM**: 48GB DDR5
- **Storage**: 2x NVMe SSD (WD Black SN770 + SanDisk SN8000S), 456GB root
- **GPU**: Intel UHD Graphics 770 (iGPU)
- **OS**: Debian 12 (bookworm) with GNOME desktop
- **Network**: Intel I226-V 2.5GbE + Intel CNVi WiFi
#### 📝 **Notes**
- Migrated from public Tailscale to self-hosted Headscale on 2026-03-14
- `accept_routes=true` — routes `192.168.0.0/24` via Calypso for home LAN access
- Headscale runs as a systemd service (not Docker)
---
### ☁️ **Seattle (Contabo VPS)** - Cloud Services & Exit Node
**Provider**: Contabo GmbH
**Tailscale Name**: `seattle` (100.82.197.124)
**Hostname**: `vmi2076105.contaboserver.net`
**Services**: Multiple Docker stacks
**Role**: Cloud services, public-facing apps, Tailscale exit node
#### 🎯 **Primary Services**
| Container | Purpose |
|-----------|---------|
| `padloc` (nginx/server/pwa) | Padloc password manager |
| `keeweb` | KeeWeb password manager |
| `obsidian` | Obsidian sync server |
| `wallabag` | Read-it-later / article archiving |
| `derper` | DERP relay server for Headscale |
| `diun` | Docker image update notifier |
| `dozzle-agent` | Log viewer agent |
| `ddns-*` | Cloudflare DDNS updaters |
#### 🔧 **VM Specifications**
- **vCPU**: 16 cores (AMD EPYC)
- **RAM**: 62GB
- **Storage**: 290GB NVMe (142GB used)
- **Network**: Unmetered (Contabo)
- **Location**: Seattle, WA (US West)
- **OS**: Ubuntu 24.04.4 LTS
- **Tailscale**: Exit node (100.82.197.124)
---
## 🌐 Network Architecture
### 🚀 **10 Gigabit Ethernet Infrastructure**
#### **TP-Link TL-SX1008 - 10GbE Switch**
**Hardware**: 8-port 10 Gigabit Ethernet unmanaged switch
**Role**: High-speed backbone for storage and compute-intensive systems
#### **10GbE Connected Systems**
| Host | 10GbE Interface | Primary Use Case |
|------|----------------|------------------|
| **Atlantis** | Built-in 10GbE | Media streaming, backup operations |
| **Calypso** | PCIe 10GbE card | Development, package caching |
| **Shinku-Ryuu** | PCIe 10GbE card | Gaming, creative work, large file transfers |
| **Guava** | PCIe 10GbE card | AI/ML datasets, model training |
#### **Network Performance Benefits**
- **Media Streaming**: 4K/8K content delivery without buffering
- **Backup Operations**: Fast inter-NAS synchronization
- **Development**: Rapid Docker image pulls, package caching
- **AI/ML**: High-speed dataset transfers for training
- **Creative Work**: Large video/photo file transfers
### 🔗 **Network Topology**
```
Internet (25Gbps Fiber)
├── TP-Link Archer BE800 Router (192.168.0.1)
│ ├── Main Network (192.168.0.0/24) - trusted devices
│ └── TP-Link TL-SX1008 (10GbE Switch)
│ ├── Atlantis (192.168.0.200) - 10GbE
│ ├── Calypso (192.168.0.250) - 10GbE
│ ├── Guava (192.168.0.100) - 10GbE
│ └── Shinku-Ryuu (192.168.0.3) - 10GbE
├── GL-MT3000 Router (192.168.12.1) — remote location
│ ├── moon (192.168.12.223) — i7-14700K desktop
│ ├── jellyfish (192.168.12.181) — Pi 5 NAS
│ └── homeassistant (192.168.12.202) — HA Green
└── Headscale VPN Overlay (self-hosted at headscale.vish.gg:8443, runs on Calypso)
├── Atlantis (100.83.230.112)
├── Calypso (100.103.48.78) ← advertises 192.168.0.0/24 subnet route
├── Guava (100.75.252.64) ← accept_routes=false (avoids routing loop)
├── Setillo (100.125.0.20) ← Tucson, AZ
├── Seattle VPS (100.82.197.124) ← Contabo, exit node
├── Homelab VM (100.67.40.126)
├── moon (100.64.0.6) ← accept_routes=true
└── All other 10+ nodes...
```
### 🏷️ **Tailscale Network Status**
Based on current network status (`tailscale status`):
#### **Active Homelab Infrastructure**
| Host | Tailscale IP | Status | Connection | Primary Access |
|------|--------------|--------|------------|----------------|
| **Atlantis** | 100.83.230.112 | Active | Direct (192.168.0.200) | atlantis.tail.vish.gg | OOB: 192.168.0.80 |
| **Calypso** | 100.103.48.78 | Active | Direct (192.168.0.250) | calypso.tail.vish.gg |
| **Setillo** | 100.125.0.20 | Active | Direct (98.97.118.125) | setillo.tail.vish.gg |
| **Homelab VM** | 100.67.40.126 | Online | Local | homelab.tail.vish.gg |
| **Pi-5** | 100.77.151.40 | Active | Direct (192.168.0.66) | pi-5.tail.vish.gg |
| **PVE** | 100.87.12.28 | Active | Direct (192.168.0.205) | pve.tail.vish.gg |
| **TrueNAS Scale** | 100.75.252.64 | Active | Direct (192.168.0.100) | truenas-scale.tail.vish.gg |
| **Shinku-Ryuu** | 100.98.93.15 | Active | Direct (184.23.52.219) | shinku-ryuu.tail.vish.gg |
| **Concord NUC** | 100.72.55.21 | Active | Direct (YOUR_WAN_IP) | vish-concord-nuc.tail.vish.gg |
| **Seattle VPS** | 100.82.197.124 | Active | Direct | seattle.tail.vish.gg |
#### **Mobile & Travel Devices**
| Device | Tailscale IP | Status | Type | Access |
|--------|--------------|--------|------|--------|
| **MSI Prestige 13 AI** | 100.80.0.26 | Offline (1h ago) | Windows | msi.tail.vish.gg |
| **iPhone 16** | 100.79.252.108 | Offline (1d ago) | iOS | iphone16.tail.vish.gg |
| **iPad Pro 12.9"** | 100.68.71.48 | Offline (19h ago) | iOS | ipad-pro-12-9-6th-gen-wificellular.tail.vish.gg |
| **GL-BE3600** | 100.105.59.123 | Offline (7h ago) | Linux | gl-be3600.tail.vish.gg |
| **GL-MT3000** | 100.126.243.15 | Offline | Linux | gl-mt3000.tail.vish.gg |
| **GL-RM1 KVM** | 100.64.137.1 | Offline (20d ago) | Linux | glkvm.tail.vish.gg |
#### **Secondary Systems**
| Host | Tailscale IP | Status | Purpose | Access |
|------|--------------|--------|---------|--------|
| **moon** | 100.64.0.6 | Active | Remote desktop workstation | `ssh moon` |
| **Pi-5-Kevin** | 100.123.246.75 | Offline | Secondary Pi | pi-5-kevin.tail.vish.gg |
| **Home Assistant VM** | 100.125.209.124 | Idle | Smart Home | homeassistant-vm.tail.vish.gg |
| **NVIDIA Shield** | 100.89.79.99 | Offline | Media Player | nvidia-shield-android-tv.tail.vish.gg |
#### **Exit Nodes Available**
- **Concord NUC** (100.72.55.21) - Family network bridge
- **Home Assistant VM** (100.125.209.124) - Smart home network
#### **Network Health Notes**
- Some peers advertising routes but `--accept-routes` is false
- Direct connections established for most active systems
- Relay connections used when direct connection unavailable
---
## 📊 Resource Utilization
### 💾 **Storage Distribution**
| Host | Total Storage | Used | Available | Type |
|------|---------------|------|-----------|------|
| **Atlantis** | 128TB | ~60TB | ~68TB | 8x 16TB IronWolf Pro + NVMe cache |
| **Calypso** | 24TB | ~12TB | ~12TB | 2x 12TB IronWolf Pro RAID 1 + NVMe cache |
| **Setillo** | 1TB | 400GB | 600GB | Single drive |
| **Anubis** | 1TB | 600GB | 400GB | Fusion Drive (hybrid SSD/HDD) |
| **Guava** | 6TB | 2TB | 4TB | NVMe + HDD |
### ⚡ **Power Consumption**
| Host Category | Power Usage | Annual Cost* |
|---------------|-------------|--------------|
| **Synology NAS** | ~90W | $195 |
| **Proxmox Host** | ~150W | $325 |
| **Physical Hosts** | ~280W | $610 |
| **Edge Devices** | ~25W | $55 |
| **Total** | ~545W | $1,185 |
*Based on $0.25/kWh electricity rate
---
## 🔧 Management & Automation
### 🤖 **Ansible Inventory**
All hosts are managed through Ansible with the following groups:
```ini
[synology]
atlantis ansible_host=100.83.230.112 ansible_port=60000
calypso ansible_host=100.103.48.78 ansible_port=62000
setillo ansible_host=100.125.0.20
[proxmox_vms]
homelab ansible_host=100.67.40.126
matrix-ubuntu ansible_host=100.85.21.51 ansible_port=65533
[physical_hosts]
shinku-ryuu ansible_host=100.98.93.15
guava ansible_host=100.75.252.64
[edge_devices]
concord-nuc ansible_host=100.72.55.21
pi-5 ansible_host=100.77.151.40
pi-5-kevin ansible_host=100.123.246.75
jellyfish ansible_host=100.69.121.120
[remote]
seattle ansible_host=100.82.197.124
```
### 📋 **Common Management Tasks**
- **Health Checks**: Automated service monitoring
- **Updates**: Coordinated system and container updates
- **Backups**: Automated backup orchestration
- **Deployment**: New service deployment across hosts
- **Configuration**: Consistent configuration management
---
## 🚀 Scaling Strategy
### 📈 **Horizontal Scaling**
- **Add new VMs**: Easy to provision on Proxmox
- **Expand Pi cluster**: Add more Raspberry Pi nodes
- **Cloud integration**: Utilize remote VPS for specific workloads
### 📊 **Vertical Scaling**
- **Memory upgrades**: Most hosts support RAM expansion
- **Storage expansion**: Add drives to NAS units
- **CPU upgrades**: Replace older hardware as needed
### 🔄 **Load Distribution**
- **Service placement**: Optimize services based on host capabilities
- **Database clustering**: Distribute database workloads
- **CDN integration**: Use edge nodes for content delivery
---
## 📋 Related Documentation
| Document | Description |
|----------|-------------|
| **[Network Architecture](networking.md)** | 25Gbps internet, 10GbE backbone, Cloudflare, DNS |
| **[Security Model](security.md)** | Firewall, authentication, secrets, backups |
| **[Storage Systems](storage.md)** | RAID configs, backup strategy, 3-2-1 compliance |
| **[Service Categories](../services/categories.md)** | What services run where |
---
*This infrastructure has evolved over time and continues to grow. Each host serves specific purposes while contributing to the overall homelab ecosystem.*
*Last updated: March 2026*