Systems & Services: Difference between revisions
Wikisailor (talk | contribs) |
Wikisailor (talk | contribs) |
||
| Line 7: | Line 7: | ||
We have a variety of services available including '''[[Webservers]]''', AI engine and associated tools, information and research tools, monitoring and heath services. | We have a variety of services available including '''[[Webservers]]''', AI engine and associated tools, information and research tools, monitoring and heath services. | ||
===[[Pfsense|Firewall]]=== | ===🛡️[[Pfsense|Firewall]]=== | ||
We have one '''[[Pfsense| | We have one '''[[Pfsense|🛡️Firewall]]''' that will cover both Pear and Kiwi with a managed switch to carry traffic between them. At this time we are using Pfsense but we will swap to Opensense if the licencing from Netgate becomes a problem | ||
===[[Webservers]]=== | ===[[Webservers]]=== | ||
Revision as of 02:16, 9 February 2026
📖introduction
As an alternative to showing all of the services in the 🪜Virtual Machines section we will start listing them here as a service, it would make more sense as the Home Lab grows to cross reference in alternative links, especially as there are two 🚜Proxmox Servers.
List of Services
We have a variety of services available including Webservers, AI engine and associated tools, information and research tools, monitoring and heath services.
🛡️Firewall
We have one 🛡️Firewall that will cover both Pear and Kiwi with a managed switch to carry traffic between them. At this time we are using Pfsense but we will swap to Opensense if the licencing from Netgate becomes a problem
Webservers
There are several Webservers that are of the full LAMP stack type that are setup with wikimedia, Joomla, Piwigo and Nextcloud. As we have a few websites to host they are have a 🔄Reverse Proxy to separate them. Also due to the problem of allowing the webservers to send emails there is a Postfix relay setup to make it easy. Further webserver details can be found here. Initially, the three main websites were hosted on different 🪜Virtual Machines as we were not sure which applications we were going to use and how they would be setup but now the three have merged into one on Plum.
- www.seaoffate.net (the default domain) was on 🟢Lime it also had the Postfix relay. The host is now retired and it's services move to plum
- wiki.seaoffate.net (this wiki) was on Logan and is retired but it never had a page of it's own so no link required
- photo.seaoffate.net has remained on 🫐 Plum and inherited Webservers and email from Lime and Logan
- files.seaoffate.net has the 🔗Nextcloud installaion hosted as a full lamp stack on the host 🌿Fig.🔗Nextcloud is a large and resource intensive application so it should remain on it's own VM so it does not hog all of the cpu and ram from the main three, at least until it has been properly evaluated.
There are a few Webserver Setup Scripts to make the setup and installation of any new webservers easier
MySQL Server
We have a separate MySQL Server hosted on the VM mandarin. It seemed rational to have MySQL seperate as then it can be isolated from the web and no external hostile bots could have any real control over the DBs that are running the webservices and if any of the webservers were to be compromised the damage would be limited to that specific database.
Perfomance monitoring
There was a need to monitor how the health of the various VM so Prometheus & Grafana were installed to to VMs Pineapple for Prometheus install and Granadilla for Grafana . Long term storage of the health data is handled by Victoria Metrics on Victoria . these thre could have been merged on to one VM but at the moment they are all on separate VMs. It should be noted that the data that they provide is sensitive in that it is the health data for the entire suite of VMs so it can only be accessed from within the Proxmox management environment.
File Import
There is a need to get some files imported into and exported out of the Proxmox environment so that it can be easily transferred to any one of the VMs via ssh and rather than using putty from outside of the environment through the firewall it was decided to have a VM with a fairly large (one tb) had that could be shared as SMB currently that host is Satsuma. Satsuma is a full desktop ubuntu installation that can be used as a webrowser inside the Proxmox environment for any non administration tasks.
Nameserver
The original nameserver was a VM called ns1. It was decided to scrap that VM and use a LXC for DNS within the homelab so the new Nameserver is ctns1. As all that was required of the namserver was to keep the internal hosts organised with the local IP addresses and have a DNS cache we use DNSmasq. To make the admin of the domain names simple and consistent there are a few simple scripts to add, delete and list the DNS entries written by Gemini, they work well enough and more importantly they are all consistent with no typos. Since then we have added another nameserver outside of Proxmox with Adguard installed. The new Adguard is still DNSmasq under the hood but it has a nice web interface in place of the basic shell of ctns1. To make ctns1 filter the same set of adverts it has the Adguard IP address as the upstream DNS.
AI and Jellyfin Docker
We have a few VMs that have docker. Quince has the 5060ti passed through to it so it is running the docker apps that benefit from the GPU eg AI and Jellyfin.
Data Archive
The Main Data Archive is another VM hostname Blackberry has a Kiwix docker application that will serve as an encyclopaedia with a load of ZIMs. There is also a ArchiveBox Application on the same VM. To enable some automation to be linked the is a N8N application as well. We did have OpenAlex in this space but it has been moved to VM Tayberry on Kiwi as it proved to be too much of a resource drain and would not have been able to index or serve anything like the full set of papers, it is not certain that it will be able to run satisfactorily on kiwi if not it will be disabled and left until there is more ram available.
Minecraft
There are to be at lest two Minecraft servers setup one with a vanilla Minecraft and another with ATM10
