Initial commit: KavCorp infrastructure documentation
- CLAUDE.md: Project configuration for Claude Code - docs/: Infrastructure documentation - INFRASTRUCTURE.md: Service map, storage, network - CONFIGURATIONS.md: Service configs and credentials - CHANGELOG.md: Change history - DECISIONS.md: Architecture decisions - TASKS.md: Task tracking - scripts/: Automation scripts 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
132
docs/network.md
Normal file
132
docs/network.md
Normal file
@@ -0,0 +1,132 @@
|
||||
# Network Architecture
|
||||
|
||||
**Last Updated**: 2025-11-16
|
||||
|
||||
## Network Overview
|
||||
|
||||
- **Primary Network**: 10.4.2.0/24
|
||||
- **Gateway**: 10.4.2.254
|
||||
- **Bridge**: vmbr0 (standard on all nodes)
|
||||
|
||||
## Node Network Configuration
|
||||
|
||||
All Proxmox nodes use a similar network configuration:
|
||||
- **Physical Interface**: eno1 (1Gbps Ethernet)
|
||||
- **Bridge**: vmbr0 (Linux bridge)
|
||||
- **Bridge Config**: STP off, forward delay 0
|
||||
|
||||
### Example Configuration (pm2)
|
||||
```
|
||||
auto vmbr0
|
||||
iface vmbr0 inet static
|
||||
address 10.4.2.6/24
|
||||
gateway 10.4.2.254
|
||||
bridge-ports eno1
|
||||
bridge-stp off
|
||||
bridge-fd 0
|
||||
```
|
||||
|
||||
## IP Address Allocation
|
||||
|
||||
### Infrastructure Devices
|
||||
| IP | Device | Type | Notes |
|
||||
|---|---|---|---|
|
||||
| 10.4.2.2 | pm1 | Proxmox Node | 4 cores, 16GB RAM |
|
||||
| 10.4.2.3 | pm3 | Proxmox Node | 16 cores, 33GB RAM |
|
||||
| 10.4.2.5 | pm4 | Proxmox Node | 12 cores, 31GB RAM |
|
||||
| 10.4.2.6 | pm2 | Proxmox Node | 12 cores, 31GB RAM (primary mgmt) |
|
||||
| 10.4.2.13 | KavNas | Synology DS918+ | Primary NFS storage |
|
||||
| 10.4.2.14 | elantris | Proxmox Node | 16 cores, 128GB RAM, Storage node |
|
||||
| 10.4.2.254 | Gateway | Router | Network gateway |
|
||||
|
||||
### Service IPs (LXC/VM)
|
||||
|
||||
#### Reverse Proxy & Auth
|
||||
| IP | Service | VMID | Node | Purpose |
|
||||
|---|---|---|---|---|
|
||||
| 10.4.2.10 | traefik | 104 | pm2 | Reverse proxy |
|
||||
| 10.4.2.23 | authelia | 116 | pm2 | Authentication |
|
||||
|
||||
#### Media Automation Stack
|
||||
| IP | Service | VMID | Node | Purpose |
|
||||
|---|---|---|---|---|
|
||||
| 10.4.2.15 | sonarr | 105 | pm2 | TV show management |
|
||||
| 10.4.2.16 | radarr | 108 | pm2 | Movie management |
|
||||
| 10.4.2.17 | prowlarr | 114 | pm2 | Indexer manager |
|
||||
| 10.4.2.18 | bazarr | 119 | pm2 | Subtitle management |
|
||||
| 10.4.2.19 | whisparr | 117 | pm2 | Adult content management |
|
||||
| 10.4.2.24 | notifiarr | 118 | pm2 | Notification service |
|
||||
|
||||
#### Media Servers
|
||||
| IP | Service | VMID | Node | Purpose |
|
||||
|---|---|---|---|---|
|
||||
| 10.4.2.20 | jellyseerr | 115 | pm2 | Request management |
|
||||
| 10.4.2.21 | kometa | 120 | pm2 | Metadata manager |
|
||||
| 10.4.2.22 | jellyfin | 121 | elantris | Media server |
|
||||
|
||||
### Dynamic/DHCP Services
|
||||
The following services currently use DHCP or don't have static IPs documented:
|
||||
- VMID 100: haos12.1 (Home Assistant)
|
||||
- VMID 101: twingate
|
||||
- VMID 102: zwave-js-ui
|
||||
- VMID 103: shinobi
|
||||
- VMID 106: mqtt
|
||||
- VMID 107: dockge
|
||||
- VMID 109: docker-pm3
|
||||
- VMID 110: docker-pm4
|
||||
- VMID 111: frigate
|
||||
- VMID 112: foundryvtt
|
||||
- VMID 113: docker-pm2
|
||||
|
||||
## Reserved IP Ranges
|
||||
|
||||
**Recommendation**: Reserve IP ranges for different service types:
|
||||
- `10.4.2.1-10.4.2.20`: Infrastructure and core services
|
||||
- `10.4.2.21-10.4.2.50`: Media services
|
||||
- `10.4.2.51-10.4.2.100`: Home automation and IoT
|
||||
- `10.4.2.101-10.4.2.150`: General applications
|
||||
- `10.4.2.151-10.4.2.200`: Testing and development
|
||||
|
||||
## NFS Mounts
|
||||
|
||||
### KavNas (10.4.2.13)
|
||||
- **Source**: Synology DS918+ NAS
|
||||
- **Mount**: Available on all Proxmox nodes
|
||||
- **Capacity**: 23TB total
|
||||
- **Usage**: ~9.2TB used
|
||||
- **Purpose**: Primary shared storage for LXC rootfs, backups, ISOs, templates
|
||||
- **Mount Point on Nodes**: `/mnt/pve/KavNas`
|
||||
|
||||
### elantris-downloads (10.4.2.14)
|
||||
- **Source**: elantris node
|
||||
- **Mount**: Available on all Proxmox nodes
|
||||
- **Capacity**: 23TB total
|
||||
- **Usage**: ~10.6TB used
|
||||
- **Purpose**: Download storage, media staging
|
||||
- **Mount Point on Nodes**: `/mnt/pve/elantris-downloads`
|
||||
|
||||
### elantris-media
|
||||
- **Source**: elantris node
|
||||
- **Mount**: Used by media services
|
||||
- **Purpose**: Media library storage
|
||||
- **Mounted in LXCs**: sonarr, radarr (mounted at `/media`)
|
||||
|
||||
## Firewall Notes
|
||||
|
||||
*TODO: Document firewall rules and port forwarding as configured*
|
||||
|
||||
## VLAN Configuration
|
||||
|
||||
Currently using a flat network (no VLANs configured). Consider implementing VLANs for:
|
||||
- Management network (Proxmox nodes)
|
||||
- Service network (LXC/VM services)
|
||||
- IoT network (smart home devices)
|
||||
- Storage network (NFS traffic)
|
||||
|
||||
## Future Network Improvements
|
||||
|
||||
- [ ] Implement VLANs for network segmentation
|
||||
- [ ] Document all static IP assignments
|
||||
- [ ] Set up monitoring for network traffic
|
||||
- [ ] Consider 10GbE for storage traffic between nodes
|
||||
- [ ] Implement proper DNS (currently using gateway)
|
||||
Reference in New Issue
Block a user