"vault backup: 2026-03-08 13:31:23 from Flow"

2026-03-08 13:31:23 -05:00
parent 5d6995903a
commit b8686e57ef
7 changed files with 364 additions and 0 deletions
--- a/Reference/README.md
+++ b/Reference/README.md
@@ -0,0 +1,50 @@
+# Homelab Server Documentation
+
+Living documentation for the `homelab` server. Goal: a new admin with zero prior context should be able to read this and understand everything about the server.
+
+## Quick Reference
+
+| Property | Value |
+|---|---|
+| Hostname | `homelab` |
+| LAN IP | `192.168.2.114` |
+| Tailscale IP | `100.72.0.62` |
+| OS | Ubuntu 25.10 (Questing Quokka) |
+| Kernel | 6.17.0-14-generic |
+| Docker Files | `/home/artanis/DockerFiles/` |
+| Docker Manager | [dockhand.bunny-wyvern.ts.net](https://dockhand.bunny-wyvern.ts.net) |
+
+## Documentation Index
+
+- [[hardware]] — CPU, RAM, storage
+- [[network]] — Interfaces, Tailscale, ports in use
+- [[environments]] — Dockhand-managed environments (Homelab + Pihole)
+- [[stacks/README]] — Overview of all Docker stacks
+
+### Stacks
+| Stack | Purpose | Access |
+|---|---|---|
+| [[stacks/dockhand]] | Docker management UI | [dockhand.bunny-wyvern.ts.net](https://dockhand.bunny-wyvern.ts.net) |
+| [[stacks/minecraft]] | Minecraft server (TerraFirmaGreg) | `:25565` |
+| [[stacks/mealie]] | Recipe manager | [mealie.bunny-wyvern.ts.net](https://mealie.bunny-wyvern.ts.net) |
+| [[stacks/linkwarden]] | Bookmark manager | [linkwarden.bunny-wyvern.ts.net](https://linkwarden.bunny-wyvern.ts.net) |
+| [[stacks/gitea]] | Self-hosted Git | [gitea.bunny-wyvern.ts.net](https://gitea.bunny-wyvern.ts.net) |
+| [[stacks/matrix]] | Matrix homeserver + bridges | [matrix.bunny-wyvern.ts.net](https://matrix.bunny-wyvern.ts.net) |
+| [[stacks/homepage]] | Dashboard | [homepage.bunny-wyvern.ts.net](https://homepage.bunny-wyvern.ts.net) |
+| [[stacks/n8n]] | Workflow automation | [n8n.bunny-wyvern.ts.net](https://n8n.bunny-wyvern.ts.net) |
+| [[stacks/calibre]] | E-book library (STOPPED) | [calibre.bunny-wyvern.ts.net](https://calibre.bunny-wyvern.ts.net) |
+| [[stacks/gluetun]] | VPN gateway (Mullvad) | `:8001` (control) |
+| [[stacks/openproject]] | Project management | [openproject.bunny-wyvern.ts.net](https://openproject.bunny-wyvern.ts.net) |
+| [[stacks/melodix]] | Discord music bot | Internal only |
+
+## Key Architectural Patterns
+
+### Tailscale Sidecar
+Nearly every service uses a **Tailscale sidecar** pattern for remote access:
+- A `tailscale/tailscale` container runs alongside the main service container
+- It uses `network_mode: "service:[main]"` to share the main container's network namespace
+- This registers the main service as a Tailscale node (e.g. `mealie.bunny-wyvern.ts.net`)
+- Services are **not exposed to the public internet** — only accessible via Tailscale VPN
+
+### Credentials
+Credentials (DB passwords, API keys, Tailscale auth keys) live in the compose files on disk at `/home/artanis/DockerFiles/`. They are redacted in this documentation. See individual stack files for variable names and the actual compose files for values.