kavren/proxmox-infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e93030ba9b16e166ff6303869eb47e79066c04aa
proxmox-infra/docs/TASKS.md
kavren e93030ba9b docs: Complete OPNsense VLAN and firewall configuration 
- Updated CHANGELOG with implemented VLAN config (VLANs 10, 20, 30)
- Updated DECISIONS with complete VLAN architecture and firewall rules
- Updated INFRASTRUCTURE with VLANs/subnets table and bridge configs
- Updated TASKS to mark VLAN/firewall work complete, add UniFi VLAN tasks
- Updated README last updated date

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-21 20:52:38 -05:00

70 lines
2.4 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Current Tasks
> **Last Updated**: 2025-12-21
## In Progress
None currently.
## Pending
### OPNsense WAN Cutover (Priority)
OPNsense VM 130 configured with VLANs and firewall rules. Ready for WAN cutover.
**Pending:**
- [ ] Connect USB NIC (vmbr1) to AT&T modem
- [ ] Configure OPNsense WAN interface (DHCP or PPPoE from AT&T)
- [ ] Test internet connectivity through OPNsense
- [ ] Update gateway on all devices from 10.4.2.254 → 10.4.2.1
### UniFi VLAN Configuration
VLANs configured on OPNsense. Need to configure UniFi APs to tag traffic.
**Pending:**
- [ ] Configure KavCorp-IOT SSID with VLAN 20 tag
- [ ] Configure KavCorp-Guest SSID with VLAN 30 tag
- [ ] Test isolation (IoT device cannot ping LAN device)
- [ ] Test Smart Home access (Home Assistant can reach IoT devices)
### Future Network Upgrades
- [ ] Order hardware (2× GiGaPlus 10G PoE, 2× U7 Pro) for 10G backhaul
- [ ] Consider managed 2.5G PoE switches for proper VLAN support
- [ ] Consider OPNsense HA (CARP) with second USB NIC on another node
### Media Organization
- [ ] Verify Jellyfin can see all imported media
- [ ] Clean up `.processing-loose-episodes` folder
- [ ] Review and potentially restore TV shows from processing folder
### Configuration
- [ ] Consider custom format to prefer English audio releases
- [ ] Review Sonarr language profiles for non-English releases
### Infrastructure
- [ ] Define backup strategy and schedule
- [ ] Set up monitoring/alerting system
- [ ] Document disaster recovery procedures
## Completed (Recent)
- [x] Configured OPNsense VLANs (10, 20, 30) on vtnet0
- [x] Configured VLAN interfaces with IPs (10.4.10.1, 10.4.20.1, 10.4.30.1)
- [x] Configured DHCP on all VLAN interfaces
- [x] Implemented firewall rules for IoT/Guest isolation
- [x] Added Traefik routes for UniFi Controller and OPNsense
- [x] Resized Traefik LXC 104 rootfs from 2GB to 4GB
- [x] Configured pm4 vmbr1 bridge with USB 2.5G NIC for OPNsense WAN
- [x] Added net1 (vmbr1) to OPNsense VM 130
- [x] Deployed UniFi Controller LXC 111 on pm4
- [x] Fixed SSH access between cluster nodes (pm2 can access all nodes)
- [x] Fixed NZBGet permissions (UMask=0000 for 777 files)
- [x] Fixed Sonarr permissions (chmod 777 on imports)
- [x] Fixed Jellyfin LXC mounts (restarted LXC)
- [x] Fixed Jellyseerr IP in Traefik config
- [x] Consolidated documentation structure
- [x] Created documentation index
## Blocked
None currently.
Reference in New Issue View Git Blame Copy Permalink