Systems & Services

From Sea of Fate
Jump to navigationJump to search

📖introduction

As an alternative to showing all of the services in the 🪜Virtual Machines section we will start listing them here as a service, it would make more sense as the Home Lab grows to cross reference in alternative links, especially as there are two 🚜Proxmox Servers.

List of Services

We have a variety of services available including Webservers, AI engine and associated tools, information and research tools, monitoring and heath services.

🛡️Firewall

We have one 🛡️Firewall that will cover both Pear and Kiwi with a managed switch to carry traffic between them. At this time we are using Pfsense but we will swap to Opensense if the licencing from Netgate becomes a problem

Webservers

There are several Webservers that are of the full LAMP stack type that are setup with wikimedia, Joomla, Piwigo and Nextcloud. As we have a few websites to host they are have a 🔄Reverse Proxy to separate them. Also due to the problem of allowing the webservers to send emails there is a Postfix relay setup to make it easy. Further webserver details can be found here. Initially, the three main websites were hosted on different 🪜Virtual Machines as we were not sure which applications we were going to use and how they would be setup but now the three have merged into one on Plum.

  • www.seaoffate.net (the default domain) was on 🟢Lime it also had the Postfix relay. The host is now retired and it's services move to plum
  • wiki.seaoffate.net (this wiki) was on Logan and is retired but it never had a page of it's own so no link required
  • photo.seaoffate.net has remained on 🫐 Plum and inherited Webservers and email from Lime and Logan
  • files.seaoffate.net has the 🔗Nextcloud installaion hosted as a full lamp stack on the host 🌿Fig.🔗Nextcloud is a large and resource intensive application so it should remain on it's own VM so it does not hog all of the cpu and ram from the main three, at least until it has been properly evaluated.

There are a few Webserver Setup Scripts to make the setup and installation of any new webservers easier

🗄️MySQL Server

We have a separate 🗄️MySQL Server hosted on the VM mandarin. It seemed rational to have MySQL seperate as then it can be isolated from the web and no external hostile bots could have any real control over the DBs that are running the webservices and if any of the webservers were to be compromised the damage would be limited to that specific database.

Perfomance monitoring

There was a need to monitor how the health of the various VM so 🕯️Prometheus & 📈Grafana were installed to to VMs 🍍Pineapple for 🍍 🕯️Prometheus install and 🍈Granadilla for 📈Grafana . Long term storage of the health data is handled by 🕰️Victoria Metrics on Victoria . These three could have been merged on to one VM but at the moment they are all on separate VMs. It should be noted that the data that they provide is sensitive in that it is the health data for the entire suite of VMs so it can only be accessed from within the Proxmox management environment. The plan to merge these three will be happening now with the new host Mango.

Update We should merge these three in to one host VM at some point at the same time we should use Vitoria Metrics as the scrapper but remember to preserve the Prometheus yaml file as then we can use the existing agents

Second Update All three VMs are to be decommissioned as now we have the new Unified Monitoring Stack on Mango that replaces the separate hosts for each service.

Management kiosk

Following on from the performance monitoring we have also started with a Management kiosk so that all of the Virtual Machines and Services can be viewed from a single location. The first dashboard under trial will be Dashy installed on Blackberry More information can be seen here

File Import

There is a need to get some files imported into and exported out of the Proxmox environment so that it can be easily transferred to any one of the VMs via ssh and rather than using putty from outside of the environment through the firewall it was decided to have a VM with a fairly large (one tb) had that could be shared as SMB currently that host is 🍊Satsuma. Satsuma is a full desktop 🟠Ubuntu installation that can be used as a webrowser inside the Proxmox environment for any non administration tasks.

Nameserver

The original nameserver was a VM called ns1. It was decided to scrap that VM and use a LXC for DNS within the homelab so the new Nameserver is ctns1. As all that was required of the namserver was to keep the internal hosts organised with the local IP addresses and have a DNS cache we use DNSmasq. To make the admin of the domain names simple and consistent there are a few simple scripts to add, delete and list the DNS entries written by Gemini, they work well enough and more importantly they are all consistent with no typos. Since then we have added another nameserver outside of Proxmox with Adguard installed. The new Adguard is still DNSmasq under the hood but it has a nice web interface in place of the basic shell of ctns1. To make ctns1 filter the same set of adverts it has the Adguard IP address as the upstream DNS.

AI and Jellyfin Docker

We have a few VMs that have docker. Quince has the 5060ti passed through to it so it is running the docker apps that benefit from the GPU eg AI and Jellyfin.

Data Archive

The Main Data Archive is another VM hostname Blackberry has a The Kiwix Archive docker application that will serve as an encyclopaedia with a load of ZIMs. There is also a 🕸️The Web Archive (ArchiveBox) on the same VM. To enable some automation to be linked the is a N8N application as well. We did have OpenAlex in this space but it has been moved to VM Tayberry on Kiwi as it proved to be too much of a resource drain and would not have been able to index or serve anything like the full set of papers, it is not certain that it will be able to run satisfactorily on kiwi if not it will be disabled and left until there is more ram available.

Dashboards
URL Name Purpose
http://blackberry:5001 Dockge Docker Management
http://tarberry:5001 Dockge Docker Management
http://Quince:5001 Dockge Docker Management
http://blackberry:8081 Kiwix Offline Wikipedia/Encyclopedias)
http://blackberry:8080 ArchiveBox Personal Web Archive
http://tarberry:5601 Opensearch Massive, open-source index of the world's scholarly research

Minecraft

There are to be at lest two Minecraft servers setup one with a vanilla Minecraft and another with ATM10


Silvan Reporter

A Prolog based application that can monitor and report on the state of the silvan Proxmox cluster

Retrieved from "https://wiki.seaoffate.net/index.php?title=Systems_%26_Services&oldid=1487"