Go to file

kavren 13966f2b09 docs: Add firewall fixes and OPNsense config patterns

- Document LAN→IoT firewall rule for HA/Frigate access
- Add OPNsense interface naming (opt1, not lan in config.xml)
- Document IPv6 rule fix that was blocking ruleset loading
- Add pfctl troubleshooting commands
- Mark network isolation tests complete

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2025-12-21 23:01:34 -05:00

.claude

docs: Add DHCP-based network isolation strategy

2025-12-21 19:20:07 -05:00

docs

docs: Add firewall fixes and OPNsense config patterns

2025-12-21 23:01:34 -05:00

scripts/cleanup

Initial commit: KavCorp infrastructure documentation

2025-12-07 22:07:01 -05:00

CLAUDE.md

docs: Add git commit policy to CLAUDE.md

2025-12-07 22:18:42 -05:00

README.md

Initial commit: KavCorp infrastructure documentation

2025-12-07 22:07:01 -05:00

README.md

KavCorp Proxmox Infrastructure

Documentation and management repository for the KavCorp Proxmox cluster.

Quick Start

# Connect to primary management node
ssh pm2

# View cluster status
pvecm status

# List all containers
pvesh get /cluster/resources --type vm --output-format json

Repository Structure

proxmox-infra/
├── CLAUDE.md              # Development guidance for Claude Code
├── README.md              # This file
├── docs/                  # Documentation
│   ├── cluster-state.md   # Current cluster topology
│   ├── inventory.md       # VM/LXC inventory with specs
│   ├── network.md         # Network topology and IP assignments
│   ├── storage.md         # Storage layout and usage
│   └── services.md        # Service mappings and dependencies
└── scripts/               # Management scripts
    ├── backup/            # Backup automation
    ├── provisioning/      # LXC/VM creation scripts
    └── monitoring/        # Health checks and monitoring

Cluster Overview

Cluster Name: KavCorp
Nodes: 5 (pm1, pm2, pm3, pm4, elantris)
Total VMs: 2
Total LXCs: 19
Primary Network: 10.4.2.0/24
Management Node: pm2 (10.4.2.6)

Nodes

Node	IP	CPU	RAM	Role
pm1	10.4.2.2	4 cores	16GB	General purpose
pm2	10.4.2.6	12 cores	31GB	Primary management, media stack
pm3	10.4.2.3	16 cores	33GB	Docker, NVR, gaming
pm4	10.4.2.5	12 cores	31GB	Docker, NVR
elantris	10.4.2.14	16 cores	128GB	Storage node, media server

Key Services

Traefik (10.4.2.10): Reverse proxy
Jellyfin (10.4.2.22): Media server - Recently added to Traefik
Media Automation: Sonarr, Radarr, Prowlarr, Bazarr, Whisparr (on pm2)
Home Assistant (VMID 100): Home automation
Frigate (VMID 111): NVR with object detection

Recent Changes

2025-11-16:

✅ Created initial repository structure and documentation
✅ Documented 5-node cluster configuration
✅ Added Jellyfin to Traefik configuration (jellyfin.kavcorp.com)
✅ Inventoried 21 containers (2 VMs, 19 LXCs)

Documentation

See the docs/ directory for detailed information:

Cluster State - Node details and health
Inventory - Complete VM/LXC listing
Network - IP allocations and network topology
Storage - Storage pools and usage
Services - Service mappings and access URLs

Common Tasks

Managing LXCs

# Start/stop/restart
pct start <vmid>
pct stop <vmid>
pct restart <vmid>

# View config
pct config <vmid>

# Execute command
pct exec <vmid> -- <command>

Checking Resources

# Cluster-wide resources
pvesh get /cluster/resources --output-format json

# Storage usage
pvesh get /cluster/resources --type storage --output-format json

Access

Web UI: https://pm2.kavcorp.com:8006 (or any node)
Traefik Dashboard: https://traefik.kavcorp.com
Jellyfin: https://jellyfin.kavcorp.com

Notes

This is a migration project from a messy ~/infrastructure repo
Goal: Move services from Docker to LXCs where appropriate
Primary new LXC deployment node: pm2
Most services use community helper scripts from https://helper-scripts.com