Fix VPS IP address (66.63.182.168 → 51.222.12.162) + Add Minecraft port forwarding

CRITICAL CORRECTION: - Old deprecated VPS: 66.63.182.168 (DO NOT USE) - Current VPS: 51.222.12.162 (vps-3fce361e.vps.ovh.ca, OVH Canada) - WireGuard IP: 10.0.9.1 (confirmed via SSH) Added Minecraft ATM10 port forwarding: - External: 51.222.12.162:25568 - Internal: 10.0.10.46:25568 (via WireGuard tunnel) - iptables DNAT + MASQUERADE rules configured - Rules saved to /etc/iptables/rules.v4 (persists across reboots) - SRV record: _minecraft._tcp.atmons.deadeyeg4ming.vip → 51.222.12.162:25568 Updated files: - All 6 documentation files with correct VPS IP - Added port forwarding section to NETWORK-ARCHITECTURE.md
2026-02-06 02:55:11 +00:00
parent db9ea38783
commit 01bc8995c2
6 changed files with 43 additions and 17 deletions
--- a/docs/COMPLETE-HOMELAB-INVENTORY-2026-02-05.md
+++ b/docs/COMPLETE-HOMELAB-INVENTORY-2026-02-05.md
@@ -10,7 +10,7 @@

 **Main Network:** 10.0.10.0/24  
 **VPN Network:** 10.0.9.0/24 (WireGuard)  
-**External VPS:** 66.63.182.168 (vps.nianticbooks.com)
+**External VPS:** 51.222.12.162 (vps.nianticbooks.com)

 **Proxmox Hosts:** 3 active  
 **Total LXC Containers:** 16 (15 running, 1 stopped)  
@@ -144,7 +144,7 @@ None (all workloads in VM)

 ## External Infrastructure

-### VPS (66.63.182.168 - vps.nianticbooks.com)
+### VPS (51.222.12.162 - vps.nianticbooks.com)
 - **SSH Access:** ❌ Not configured (no public key)
 - **WireGuard IP:** 10.0.9.1
 - **Known Services:**
--- a/docs/INFRASTRUCTURE-AUDIT-COMPLETE-2026-02-05.md
+++ b/docs/INFRASTRUCTURE-AUDIT-COMPLETE-2026-02-05.md
@@ -42,7 +42,7 @@ Fred's homelab is a well-structured Proxmox-based infrastructure supporting smar
 - Secure remote access to homelab

 **External Access:**
- VPS: 66.63.182.168 (vps.nianticbooks.com)
+- VPS: 51.222.12.162 (vps.nianticbooks.com)
 - Caddy reverse proxy handling public access
 - Routes to internal services via WireGuard

@@ -153,7 +153,7 @@ Fred's homelab is a well-structured Proxmox-based infrastructure supporting smar

 ## External Infrastructure

-### VPS (66.63.182.168 - vps.nianticbooks.com)
+### VPS (51.222.12.162 - vps.nianticbooks.com)

 **Platform:** Cloud VPS
 **Purpose:** External reverse proxy and public access point
@@ -192,7 +192,7 @@ Fred's homelab is a well-structured Proxmox-based infrastructure supporting smar

 **WireGuard VPN**
 - Network: 10.0.9.0/24
- VPS: 10.0.9.1 (66.63.182.168 - vps.nianticbooks.com)
+- VPS: 10.0.9.1 (51.222.12.162 - vps.nianticbooks.com)
 - UCG Ultra: 10.0.9.2 (client mode, routes to 10.0.10.0/24)
 - Provides secure remote access to homelab
 - Used by VPS Caddy to route traffic internally
@@ -454,7 +454,7 @@ Fred's homelab is a well-structured Proxmox-based infrastructure supporting smar
                        Internet
                           |
                    [VPS - Caddy]
-                     (66.63.182.168)
+                     (51.222.12.162)
                           |
                    [WireGuard VPN]
                           |
@@ -512,7 +512,7 @@ External Nodes:
 ### External Services
 | Service | IP | Port | Purpose | Status |
 |---------|-----|------|---------|--------|
-| VPS Caddy | 66.63.182.168 | 443 | Reverse proxy | ✅ Running |
+| VPS Caddy | 51.222.12.162 | 443 | Reverse proxy | ✅ Running |

 ---

--- a/docs/INVENTORY-SUMMARY.md
+++ b/docs/INVENTORY-SUMMARY.md
@@ -57,7 +57,7 @@ I verified ALL IP addresses by SSHing into every container. Here's the complete
 ### ⚠️ Things to Address

 1. **One stopped container** - CT 199 (migration-test) - Can probably delete
-2. **VPS SSH access** - I don't have a key for 66.63.182.168 (can't audit Caddy)
+2. **VPS SSH access** - I don't have a key for 51.222.12.162 (can't audit Caddy)
 3. **Backup system undocumented** - n8n has "backup verification" but unclear what it checks
 4. **Many services I didn't know about** - Pterodactyl, RustDesk, Bar Assistant, etc.

--- a/docs/NETWORK-ARCHITECTURE.md
+++ b/docs/NETWORK-ARCHITECTURE.md
@@ -28,7 +28,7 @@ Fred's homelab uses a multi-layer network architecture with WireGuard VPN connec
 **Purpose:** Secure tunnel between VPS and homelab

 **Peers:**
- **10.0.9.1** - VPS (vps.nianticbooks.com, 66.63.182.168)
+- **10.0.9.1** - VPS (vps.nianticbooks.com, 51.222.12.162)
  - WireGuard server
  - Runs Caddy for *.nianticbooks.com and *.deadeyeg4ming.vip
  
@@ -47,7 +47,7 @@ Internet User
  ↓
 DNS Resolution (*.nianticbooks.com or *.deadeyeg4ming.vip)
  ↓
-VPS: 66.63.182.168 (Caddy reverse proxy)
+VPS: 51.222.12.162 (Caddy reverse proxy)
  ↓ WireGuard tunnel
 10.0.9.1 (VPS) → 10.0.9.2 (UCG Ultra)
  ↓ Internal routing
@@ -61,7 +61,7 @@ Internet User
 ```
 Player connects to atmons.deadeyeg4ming.vip
  ↓
-DNS → 66.63.182.168
+DNS → 51.222.12.162
  ↓
 VPS Caddy reverse_proxy 10.0.10.46:25567
  ↓ WireGuard
@@ -83,7 +83,7 @@ VPS Caddy reverse_proxy 10.0.10.46:25567
 - **Routing:** Bridges 10.0.9.0/24 ↔ 10.0.10.0/24

 ### VPS (vps.nianticbooks.com)
- **Public IP:** 66.63.182.168
+- **Public IP:** 51.222.12.162
 - **Provider:** (Unknown - document later)
 - **WireGuard IP:** 10.0.9.1
 - **Services:**
@@ -141,7 +141,7 @@ atmons.deadeyeg4ming.vip {
 ### ❌ Old VPS (55.XX.X.X)
 - **Old peer:** 10.0.9.3
 - **Status:** DECOMMISSIONED
- **Reason:** Replaced with current VPS (66.63.182.168)
+- **Reason:** Replaced with current VPS (51.222.12.162)

 **Action:** Remove any references to 10.0.8.0/24 or old VPS from documentation and configs.

@@ -177,3 +177,29 @@ atmons.deadeyeg4ming.vip {

 *Maintained by: Funky (OpenClaw AI Agent)*  
 *Source: http://10.0.10.2:3000/fred/homelab-docs*
+
+---
+
+## Port Forwarding (Added 2026-02-06)
+
+### Minecraft Server - ATM10
+- **External:** 51.222.12.162:25568
+- **Internal:** 10.0.10.46:25568
+- **Protocol:** TCP + UDP
+- **Method:** iptables DNAT + MASQUERADE
+- **SRV Record:** `_minecraft._tcp.atmons.deadeyeg4ming.vip` → `51.222.12.162:25568`
+
+**Players connect to:** `atmons.deadeyeg4ming.vip` (SRV record handles port automatically)
+
+**iptables rules:**
+```bash
+# Forward incoming traffic
+iptables -t nat -A PREROUTING -p tcp --dport 25568 -j DNAT --to-destination 10.0.10.46:25568
+iptables -t nat -A PREROUTING -p udp --dport 25568 -j DNAT --to-destination 10.0.10.46:25568
+
+# Masquerade for return traffic
+iptables -t nat -A POSTROUTING -d 10.0.10.46 -p tcp --dport 25568 -j MASQUERADE
+iptables -t nat -A POSTROUTING -d 10.0.10.46 -p udp --dport 25568 -j MASQUERADE
+```
+
+**Rules saved to:** `/etc/iptables/rules.v4` (persists across reboots)
--- a/docs/SERVICE-MAP.md
+++ b/docs/SERVICE-MAP.md
@@ -86,7 +86,7 @@

 | IP | Service | Purpose | Access |
 |----|---------|---------|--------|
-| 66.63.182.168 | VPS (vps.nianticbooks.com) | Caddy reverse proxy, WireGuard VPN | ❌ No SSH |
+| 51.222.12.162 | VPS (vps.nianticbooks.com) | Caddy reverse proxy, WireGuard VPN | ❌ No SSH |
 | 10.0.10.11 | Fred's iMac | OpenClaw desktop node | ✅ Node access |

 ---
@@ -111,7 +111,7 @@
 - **Twingate** (CT 101) - Zero-trust VPN
 - **Authentik** (10.0.10.21) - SSO provider
 - **RustDesk** (10.0.10.23) - Remote desktop
- **VPS Caddy** (66.63.182.168) - External proxy
+- **VPS Caddy** (51.222.12.162) - External proxy

 ### Management Tools
 - **Dockge** (10.0.10.27) - Docker management
--- a/infrastructure/TOOLS.md
+++ b/infrastructure/TOOLS.md
@@ -7,9 +7,9 @@ Skills define *how* tools work. This file is for *your* specifics — the stuff
 ### Network
 - Main Network: 10.0.10.0/24
 - VPN: WireGuard tunnel at 10.0.9.0/24
-  - VPS WireGuard IP: 10.0.9.1 (66.63.182.168 - vps.nianticbooks.com)
+  - VPS WireGuard IP: 10.0.9.1 (51.222.12.162 - vps.nianticbooks.com)
  - UCG Ultra WireGuard IP: 10.0.9.2 (WireGuard client mode)
- VPS: 66.63.182.168 (vps.nianticbooks.com) running Caddy reverse proxy
+- VPS: 51.222.12.162 (vps.nianticbooks.com) running Caddy reverse proxy
  - Handles: *.nianticbooks.com and *.deadeyeg4ming.vip

 ### Proxmox Hosts