# Homelab Network - Agent Reference **Last Updated:** 2026-01-20 | **Owner:** Fred | **Purpose:** Automation agent context --- ## HOSTS & HARDWARE ### VPS - **Primary:** 51.222.12.162 (vps.nianticbooks.com) | 2vCPU/4GB | Caddy, WireGuard, RustDesk (ID+Relay) - **Gaming:** 51.222.12.162 (deadeyeg4ming.vip) | WireGuard VPN (10.0.9.1) ### Proxmox - **main-pve:** 10.0.10.3 | 32c/96GB | 13 LXC containers (CT 102-131) - **pve-router:** 10.0.10.2 | 8c/8GB | Home Assistant VM, local dev - **pve-storage:** 10.0.10.4 | OMV VM 400 (10.0.10.5, 12TB NFS) ### Network - **Gateway:** 10.0.10.1 (UCG Ultra) | DHCP 10.0.10.50-254 - **WireGuard:** 10.0.9.0/24 (active), 10.0.8.0/24 (legacy) --- ## SERVICES (IP:PORT) ### Auth & Infrastructure | IP | Service | CT | Ports | Notes | |---|---|---|---|---| | 10.0.10.15 | Step-CA | 115 | 8443 | ACME: https://10.0.10.15:8443/acme/acme/directory | | 10.0.10.20 | PostgreSQL | 102 | 5432 | Shared DB (n8n, rustdesk, grafana, authentik) | | 10.0.10.21 | Authentik | 121 | 9000 | SSO (admin: akadmin), OAuth2/OIDC | | 10.0.10.22 | n8n | 106 | 5678 | Workflow automation | | 51.222.12.162 | RustDesk | VPS | 21116-17 | ID+Relay, pubkey: EPO75IeD+yJo5S5wtKePpyokHGXv9FN1w5Fx+Db5UCk= | | 10.0.10.25 | Prometheus/Grafana | 125 | 9090/3000 | Monitoring | | 10.0.10.26 | Uptime Kuma | 128 | 3001 | Status monitoring | ### Apps & Gaming | IP | Service | CT | Ports | Notes | |---|---|---|---|---| | 10.0.10.24 | Home Assistant | VM 104 | 8123 | Smart home (pve-router) | | 10.0.10.27 | Dockge/Vikunja | 127 | 5001/3456 | Docker UI, tasks | | 10.0.10.40 | Bar Assistant | 103 | 8080 | Cocktails (Meilisearch, Redis) | | 10.0.10.41 | Minecraft Forge | 130 | 25565 | CFMRPGU modpack | | 10.0.10.42 | Minecraft Stoneblock | 131 | 25565 | FTB Stoneblock 4 | | 10.0.10.45/46 | Pterodactyl | 105/107 | 80/8080 | Game panel + wings | ### Other - **OMV:** 10.0.10.5 (VM 400) | 12TB NFS backup target - **HOMELAB-COMMAND:** 10.0.10.10 | Claude Code, Wyoming STT/TTS, Ollama - **Twingate:** 10.0.10.179 (CT 101) | Zero-trust access --- ## PUBLIC DOMAINS (via Caddy @ 66.63.182.168) | Domain | Backend | Service | |---|---|---| | freddesk.nianticbooks.com | 10.0.10.3:8006 | Proxmox | | bob.nianticbooks.com | 10.0.10.24:8123 | Home Assistant | | auth.nianticbooks.com | 10.0.10.21:9000 | Authentik | | ad5m.nianticbooks.com | 10.0.10.30:80 | 3D Printer | | cocktails.nianticbooks.com | 10.0.10.40 | Bar Assistant | | tasks.nianticbooks.com | 10.0.10.27:3456 | Vikunja | --- ## SSH ACCESS (All key-based, NO passwords) ```bash ssh fred@66.63.182.168 # VPS Primary ssh ubuntu@51.222.12.162 # VPS Gaming ssh root@10.0.10.3 # main-pve ssh root@10.0.10.2 # pve-router ssh root@10.0.10.4 # pve-storage ``` **Rule:** Generate/add SSH keys when adding new servers/devices. --- ## SERVICE CREDENTIALS & API ACCESS ### Authentik (10.0.10.21:9000) - Admin: akadmin | Integrations: Proxmox (OIDC), Grafana (OAuth2) ### PostgreSQL (10.0.10.20:5432) - Shared by: n8n, rustdesk, grafana, authentik - Backup: Daily 2:00 AM → OMV NFS (~13MB) ### Step-CA (10.0.10.15:8443) - ACME: `https://10.0.10.15:8443/acme/acme/directory` - Provisioners: JWK (admin@nianticbooks.home), ACME ### RustDesk (51.222.12.162 / vps.nianticbooks.com) - ID Server: 51.222.12.162:21116 - Relay Server: 51.222.12.162:21117 - Pubkey: `EPO75IeD+yJo5S5wtKePpyokHGXv9FN1w5Fx+Db5UCk=` ### Home Assistant (10.0.10.24:8123) - Never commit secrets.yaml | Use secrets.yaml.example template - LocalTuya: Requires device keys from Tuya IoT Platform - Trusted proxies: 10.0.9.0/24, 10.0.8.0/24, 10.0.9.3 --- ## CRITICAL CONSTRAINTS - **VPS:** 2CPU/4GB only - lightweight services ONLY - **Proxmox Storage:** ALWAYS `local`, NEVER `local-lvm` - **SSH:** ALWAYS keys, NEVER passwords - **Trusted Proxies:** Services must accept 10.0.9.0/24, 10.0.8.0/24, 10.0.9.3 - **HOMELAB-COMMAND:** SSH requires system restart to enable --- ## QUICK COMMANDS ### Container Ops ```bash ssh root@10.0.10.3 "pct exec -- bash -c 'command'" # Execute in CT pct status # Check status pct exec -- docker logs --tail 50 # View logs pct exec -- docker restart # Restart ``` ### Caddy (VPS) ```bash ssh fred@66.63.182.168 "nano /etc/caddy/Caddyfile" # Edit ssh fred@66.63.182.168 "sudo systemctl reload caddy" # Reload ssh fred@66.63.182.168 "sudo journalctl -u caddy --tail 50" # Logs ``` ### Backups - PostgreSQL: Daily 2:00 AM → 10.0.10.5:/export/backups (7d/4w/3m retention) - Proxmox: Daily 2:30 AM → OMV NFS - Log: `/var/log/homelab-backup.log` --- ## ACTIVE TODOS ### High Priority 1. Configure Prometheus targets + Grafana dashboards 2. Remove deprecated VMs (Spoolman 10.0.10.71, Authelia 10.0.10.112) ### Medium Priority - DNS: omv.nianticbooks.home → 10.0.10.5 - n8n service monitoring workflow (#4833) - Authentik SSO integrations (Home Assistant, others) ### Low Priority - Tier 2/3 backups (off-site, cloud) - Home Assistant HTTPS certificates --- ## AVAILABLE IPs **Reserved blocks:** - 10.0.10.6-9 (infrastructure) - 10.0.10.11-12, 14, 16-19 (management) - 10.0.10.28-29, 32-39, 43-44, 47-49 (utility) --- **Source:** C:/Users/Fred/projects/infrastructure/.claude/docs/