Vish/homelab-optimized
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
78b73f37a4615032caabd2c7088424f0ed48a243
homelab-optimized/docs/hosts/seattle.md
Gitea Mirror Bot 78b73f37a4
Some checks failed
Documentation / Deploy to GitHub Pages (push) Has been cancelled
Details
Documentation / Build Docusaurus (push) Has been cancelled
Details
Sanitized mirror from private repository - 2026-04-19 08:20:38 UTC
2026-04-19 08:20:38 +00:00

3.2 KiB
Raw Blame History

Seattle

Contabo cloud VPS in Seattle, US. Public internet-facing host for services that need a stable external IP, plus Tailscale exit node / DERP relay for the mesh.

Specs
Hostname vmi2076105
OS Ubuntu 24.04.4 LTS (Noble)
Public IP YOUR_WAN_IP
Tailscale IP 100.82.197.124 (Headscale node ID:2)
RAM 62 GB
Disk 290 GB root (~110 GB free)
Tailscale 1.96.4

SSH aliases (see ~/.ssh/config): seattle (public IP, Contabo SSH), seattle-tailscale (via Tailscale IP).

Role

  • Public exit node for Tailscale mesh
  • DERP relay (derper) — self-hosted DERP, advertised to Headscale
  • Stoatchat (Revolt fork) full stack — see docs/admin/stoatchat-operational-status.md
  • AI coding workstation (HolyClaude, :3059)
  • Personal productivity (Obsidian remote, Wallabag, KeeWeb, Padloc)
  • Matrix / LiveKit signalling + TURN for video calls
  • DDNS updaters for *.vish.gg records pointing to this VPS

Running services

All managed via docker compose. Twenty containers as of 2026-04-18.

Container Purpose Ports
holyclaude Web UI for Claude Code via coderluii/holyclaude 100.82.197.124:3059 → 3001
derper Tailscale DERP relay :3478/udp, :8444/tcp
livekit WebRTC SFU for Matrix calls :7880-7881/tcp, :50000-50100/udp
fluxer_server Fluxer backend 127.0.0.1:8088
nats-core NATS messaging internal
nats-jetstream NATS persistence internal
elasticsearch Stoatchat search :9200
valkey Redis-compatible cache (Stoatchat) internal
meilisearch Full-text search :7700
padloc-nginx / padloc-server / padloc-pwa Padloc password manager :5500
keeweb KeeWeb password vault :8443
obsidian Headless Obsidian via LinuxServer image 127.0.0.1:3000-3001
wallabag Read-later service 127.0.0.1:8880
dozzle-agent Remote log agent :7007, :8080
diun Docker image update notifier
ddns-ddns-seattle-derp-1 Cloudflare DDNS for DERP DNS
ddns-ddns-seattle-proxied-1 Cloudflare DDNS for proxied records
ddns-ddns-seattle-stoatchat-1 Cloudflare DDNS for Stoatchat

Nginx runs on the host (not in Docker) on :80/:443 with Let's Encrypt and terminates SSL for all public-facing services.

Networking

  • eth0 — Contabo public IP (YOUR_WAN_IP)
  • tailscale0 — 100.82.197.124, advertises as exit node
  • Firewall: Contabo panel + ufw; ports 80, 443, 2222 (SSH), 7880-7881, 50000-50100/udp, 8444, 5500, 3478/udp open
  • DDNS: three Cloudflare DDNS containers keep DNS records synced to the public IP

Related docs

Host access

ssh seattle                 # public IP, port 2222
ssh seattle-tailscale       # via Tailscale (100.82.197.124)

SSH login is root (key-based); no password auth.

Reference in New Issue View Git Blame Copy Permalink