wompmacho/docs-public
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update homelab folder to include full docs, rename folders and files to be more relevent, also adding in some proxmox project with notes on our gemini cide assitant issue.
All checks were successful
deploy-docs / build-and-deploy (push) Successful in 1m23s
Details

Browse Source
This commit is contained in:
Michael
2026-04-11 22:24:30 +00:00
parent 07e353751d
commit cd2780dfdf
7 changed files with 263 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

166
projects/homelab/homelab.md Normal file
View File

@@ -0,0 +1,166 @@
---
title: Homelab Infrastructure
description: This document outlines the internal infrastructure of the my homelab.
author: wompmacho
date: 2026-03-27
tags:
- homelab
- infrastructure
- networking
- virtualization
---
# Homelab Infrastructure
This document outlines the internal infrastructure of the **wompmacho** homelab. The lab is built on a high-speed **10GbE backbone** and utilizes a hybrid architecture of dedicated NAS storage, Proxmox virtualization, and containerized services for media, self-hosting, and development.
[TOC]
## Physical and hardware registry
### Compute and virtualization
| Node Name | Hardware | OS | Primary Role |
| --------------------------------- | -------------------------------------------------------- | ---------------- | --------------------------------------- |
| **router** (`10.0.0.1`) | GMKtec M5 Plus, Ryzen 7 5825U, 32GB RAM, Dual NIC 2.5GbE | OPNsense 25.1 | Routing, Firewall, VPN |
| **truenas** (`10.0.0.2`) | Core i7-7700K, 32GB RAM, Broadcom SAS 3008 (SAS 9300-8i) | TrueNAS-25.04.1 | Primary Storage (10GbE), Media Apps |
| **laptop-proxmox** (`10.0.0.142`) | Ryzen 7 5800H, 64GB RAM, 1TB WD BLACK + 500GB SSD | Proxmox VE 8.4.1 | Virtualization Host (2.5GbE) |
| **game-pc** | Core i9-13900K, 64GB DDR5 6400, RTX 4080, Z790-Creator | Windows 11 | High-end Gaming / AI Inference (Ollama) |
### Networking hardware
* **Switch**: NICGIGA 8-Port 10G Unmanaged Switch (10GbE Base-T).
* **WiFi**: Linksys WiFi in bridge mode.
* **Modem**: Comcast gateway (Bridged mode).
* **Camera**: Amcrest IP Camera (WiFi) - IP: `10.0.0.194`.
### Power and environment
* **UPS**: CyberPower CP1500PFCLCD (1500VA/1000W, Sine Wave).
* **Smart Control**: TP-Link Tapo P115 Smart Plugs (15A/1800W Max).
### Detailed hardware specifications
#### Storage node (`truenas`)
* **CPU**: Intel Core i7-7700K @ 4.20GHz
* **Memory**: 32GB RAM
* **HBA Controller**: Broadcom SAS 3008 (SAS 9300-8i equivalent) PCIe 3.0 X8, 2x Mini SAS SFF-8643
* **Cables**: Sonilco Mini SAS HDD SFF-8643 to 4 SFF-8482 with 15-pin Power Port Cord
* **Drives**: 10x Seagate Enterprise Capacity 3.5 HDD (ST6000NM0034), 6TB 7.2K RPM SAS 12Gb/s 128MB Cache
#### Virtualization node (`laptop-proxmox`)
* **CPU**: AMD Ryzen 7 5800H (8 Cores, 16 Threads)
* **Memory**: 64GB Crucial RAM Kit (2x32GB) DDR4 3200MHz CL22 (CT2K32G4SFD832A)
* **Storage**: 1TB WD_BLACK NVMe SSD (VM disks), 500GB SSD (Boot disk)
#### Router node (`router`)
* **Model**: GMKtec M5 Plus Gaming Mini PC
* **CPU**: AMD Ryzen 7 5825U with Radeon Graphics (8 cores, 16 threads)
* **Memory**: 32GB RAM
* **Storage**: 1TB SSD
#### Workstation / Gaming (`game-pc`)
* **CPU**: Intel Core i9-13900K (24 cores: 8 P-cores + 16 E-cores)
* **Cooler**: Noctua NH-D15 chromax.Black Dual-Tower CPU Cooler
* **Motherboard**: ASUS ProArt Z790-Creator WiFi 6E LGA 1700
* **Memory**: 64GB G.Skill Trident Z5 RGB Series (2 x 32GB) DDR5 6400 CL32-39-39-102 1.40V (F5-6400J3239G32GX2-TZ5RK)
* **GPU**: ZOTAC Gaming GeForce RTX 4080 16GB AMP Extreme AIRO (ZT-D40810B-10P)
* **Storage**: 1TB WD_BLACK SN770 NVMe Gaming SSD (WDS100T3X0E)
* **Power Supply**: Corsair RM1000x (2021) Fully Modular ATX 80 PLUS Gold
#### Networking and power peripherals
* **Switch**: NICGIGA 8-Port 10G Ethernet Switch Unmanaged (8x 10Gb Base-T Ports)
* **UPS**: CyberPower CP1500PFCLCD PFC Sinewave UPS Battery Backup (1500VA/1000W)
* **Smart Plugs**: TP-Link Tapo P115 Smart Plug Wi-Fi Mini (15A/1800W Max)
## Networking architecture
### Logical structure
* **LAN Subnet**: `10.0.0.0/16`
* **Default Gateway**: `10.0.0.1` (OPNsense)
* **Primary DNS**: `10.0.0.11` (Pi-hole)
### VPN
* **Tunnel Subnet**: `10.10.10.0/24`
* **Phone Peer**: `10.10.10.3/32`
## Storage infrastructure
### Pool configuration
* **Topology**: 1 x RAIDZ2 | 10-wide | 6TB SAS Drives.
* **Drives**: Seagate Enterprise Capacity ST6000NM0034 (6TB 7.2K RPM SAS 12Gb/s).
* **HBA**: Broadcom SAS 3008 (SAS 9300-8i equivalent) with Mini SAS SFF-8643 to 4 SFF-8482 cables.
* **Capacity**: ~37.27 TiB Usable.
## Virtualization cluster
The Proxmox virtualization host (`laptop-proxmox`) is an entirely separate physical node from the TrueNAS storage server. They communicate with each other primarily over the 10GbE backbone switch.
### Proxmox node (`laptop-proxmox` - `10.0.0.142`)
| ID | Type | Hostname | IP | Role |
| --- | ---- | --------------- | ---------- | ------------------------------- |
| - | LXC | **pihole** | 10.0.0.11 | DNS Sinkhole / Local DNS |
| - | VM | **docker** | 10.0.0.190 | Main Docker Host (Ubuntu 24.04) |
| - | VM | **pterodactyl** | 10.0.0.110 | Game Server Panel (Debian) |
## Docker services
These services run on the main Docker Host VM (`10.0.0.190`) and are proxied via Nginx Proxy Manager (SSL via Cloudflare).
| Container Name | Mapped Ports | Access | Description / Role |
| ----------------------- | ---------------------- | ------------ | ------------------------------------------------------------------------- |
| **nginx-proxy-manager** | 80, 81, 443 | Internal/VPN | Reverse proxy for all internal and external domains |
| **portainer** | 8000, 9000, 9001, 9443 | Internal/VPN | Docker container management GUI |
| **cloudflare-ddns** | - | Internal/VPN | Automatically updates dynamic IP to Cloudflare DNS |
| **immich_server** | 2283 | Public | Photo/Video backup and gallery (`immich.wompmacho.com`) |
| **immich_postgres** | 5432 (Internal) | Internal/VPN | Database for Immich |
| **immich_redis** | 6379 (Internal) | Internal/VPN | Cache for Immich |
| **vaultwarden** | 9998, 9999 | Public | Self-hosted Bitwarden password manager (`vaultwarden.wompmacho.com`) |
| **gitea** | 222, 3001 | Public | Internal Git repository host (`git.wompmacho.com`) |
| **gitea-db-1** | 5432 (Internal) | Internal/VPN | PostgreSQL Database for Gitea |
| **gitea_runner** | - | Internal/VPN | CI/CD Action Runner for Gitea pipelines |
| **frigate** | 5000, 8554, 8555, 8971 | Public | AI NVR actively recording the Amcrest IP camera (`frigate.wompmacho.com`) |
| **homepage** | 7676 | Internal/VPN | Dashboard for navigation (`http://homepage/`) |
| **docs-public** | 9895 | Public | Nginx serving public Hugo documentation (`wiki.wompmacho.com`) |
| **docs-private** | 9897 | Internal/VPN | Nginx serving private Hugo documentation (`private`) |
| **paperless-ngx** | 3003 | Internal/VPN | Document management system (`http://paperless/`) |
| **sure** | 3006 | Internal/VPN | Self-hosted shared finance tracking application (`http://sure/`) |
| **audiobookshelf** | 13378 | Public | Audiobook and podcast server (`audiobookshelf.wompmacho.com`) |
| **webtop** | 7978, 7979 | Public | Browser-based desktop environment (`webtop.wompmacho.com`) |
| **open-webui** | 3007 | Internal/VPN | ChatGPT-like web interface connected to Ollama LLMs (`http://gemma/`) |
| **linkstack** | 80, 8190 | Public | Personal link landing page |
| **torrent** | 8181, 8999 | Internal/VPN | Internal/VPN (`http://torrent/`) |
| **dozzle** | 4343 | Internal/VPN | Internal/VPN (`http://dozzle/`) |
## Media stack
These services are hosted on the TrueNAS node (`truenas`) and proxied via the Docker VM (`10.0.0.190`).
| Service | Upstream Port | Description |
| -------------- | ------------- | ------------------------------------------ |
| **Sonarr** | 30027 | TV Show Management |
| **Radarr** | 30025 | Movie Management |
| **Lidarr** | 30014 | Music Management |
| **Readarr** | 30045 | Book Management |
| **Prowlarr** | 30050 | Indexer Management |
| **Bazarr** | 30046 | Subtitle Management |
| **Jellyfin** | 30013 | Media Streaming Server |
| **Jellyseerr** | 30042 | Media Requests (`jellyseer.wompmacho.com`) |
## Self-Hosted AI Infrastructure
The lab includes a distributed self-hosted AI architecture utilizing the high-speed local network:
* **Compute Backend**: The **game-pc** (`10.0.0.109`) runs **Ollama**, utilizing the RTX 4080 GPU to serve large language models (e.g., `gemma4:26b`, `gemma4:e4b`) over port `11434`.
* **Web Interface**: The **open-webui** container runs on the Docker VM (`10.0.0.190`), providing a ChatGPT-like RAG interface for general use, mapping `/srv/open-webui` for persistent chat and vector databases.
* **Developer Integration**: VS Code instances (like `code-server` running directly on the Proxmox host) utilize the **Continue.dev** extension configured with MCP (Model Context Protocol) to execute autonomous terminal commands via the remote Ollama models.
## Security and maintenance
* **SSL/TLS**: Managed via Nginx Proxy Manager with Cloudflare DNS challenge.
* **Firewall**: OPNsense handles all inter-VLAN and external routing.
* **Monitoring**: Portainer for container health; UPS for power stability.