mo
4.4 KiB
4.4 KiB
Homelab architectuur
Overzicht van hoe de diensten bij elkaar hangen na de verplaatsing van de security stack naar Proxmox VM 102. Vaste IP-referentie: HOMELAB_IPS.md.
Fysieke hosts
flowchart TB
subgraph lan [LAN 192.168.1.0/24]
NAS["Synology NAS\n192.168.1.211"]
VM102["Proxmox VM 102 Postgress\n192.168.1.105"]
VM105["Proxmox VM 105 docker\n192.168.1.227"]
PVE216["Proxmox pve\n192.168.1.216"]
PVE56["Proxmox dell\n192.168.1.56"]
UDM["UniFi / gateway\n192.168.1.24"]
HA["Home Assistant\n192.168.1.235"]
end
User["Browser / Git client"] --> NAS
User --> VM102
Security stack (productie op VM 102)
Het hart van monitoring, syslog, graph en agent-draait op één VM. De NAS toont nog dashboards in Homarr/Homepage en beheert Git + metrics.
flowchart LR
subgraph sources [Data-bronnen LAN]
UniFi[UniFi controller .24]
SyslogDev[Routers / switches / APs]
Zeek[Zeek / Suricata]
end
subgraph vm102 [VM 102 — 192.168.1.105]
UI[homelab-command :8765]
SyslogUDP[Syslog UDP :5514]
PG[(postgres-homelab :5433)]
Neo[(Neo4j :49153 / UI :49154)]
NATS[NATS :4222]
Mesh[mesh-normalizer]
Agent[el-kadi-security-agent]
end
subgraph nas [NAS — 192.168.1.211]
Gitea[Gitea :3000]
PgAdmin[pgAdmin :5434]
Graf[Grafana :3002]
Prom[Prometheus :9090]
PGexp[postgres-exporter :9187]
AdGuard[AdGuard :3001]
PGBkp[(postgres-homelab backup :5433)]
end
User2[Gebruiker] --> UI
User2 --> PgAdmin
PgAdmin --> PG
Graf --> PG
Prom --> PGexp
PGexp --> PG
SyslogDev -->|UDP 5514| SyslogUDP
UniFi -->|API| UI
Zeek -->|NATS publish| NATS
NATS --> Mesh
SyslogUDP --> PG
UI --> PG
UI --> Neo
Mesh --> PG
Agent --> PG
AdGuard -->|DNS stats API| UI
PG -.->|rollback kopie| PGBkp
Datastromen
| Stroom | Van | Naar | Poort / protocol |
|---|---|---|---|
| Dashboard UI | Browser | VM 102 | HTTP 8765 |
| SQL (homelab DB) | homelab-command, agent, mesh | Postgres VM 102 | 5433 |
| Syslog ingest | Netwerkapparaten | homelab-command | UDP 5514 → mesh.syslog_entries |
| Zeek/Suricata events | Sensors | NATS → mesh-normalizer | 4222 → Postgres |
| Netwerk-topologie | homelab-command | Neo4j VM 102 | Bolt 49153 |
| DB beheer | pgAdmin (NAS) | Postgres VM 102 | 5433 |
| Metrics | Prometheus (NAS) | postgres-exporter → VM 102 | 9187 scrape |
| Git configs | Ontwikkelaar | Gitea (NAS) | 3000 / SSH 2222 |
NAS — overige Docker (niet op VM 102)
flowchart TB
NAS["192.168.1.211"]
NAS --> Gitea
NAS --> AdGuard
NAS --> Portainer
NAS --> Homarr
NAS --> Homepage
NAS --> PromGraf[Prometheus + Grafana]
NAS --> PgAdmin
NAS --> PGbak[Postgres backup]
| Service | Poort | Opmerking |
|---|---|---|
| Gitea | 3000 | Config-repo's, Git SSH 2222 |
| AdGuard | 3001 | DNS (dashboard haalt stats op) |
| Portainer | 9000 | Containerbeheer NAS |
| Homarr / Homepage | 4755 / 3010 | Links naar .105 voor security |
| Grafana | 3002 | Postgres-datasource → .105:5433 |
| Prometheus | 9090 | Scrapes o.a. Neo4j .105:2004 |
| postgres (backup) | 5433 | Oude kopie; stoppen na validatie |
Proxmox VM 105 docker (apart)
| VM | IP | Rol |
|---|---|---|
| 102 Postgress | 192.168.1.105 | Security + Postgres + Neo4j |
| 105 docker | 192.168.1.227 | office_desk_agent :8000 (Proxmox/office tooling) |
Repo-structuur (Gitea)
flowchart LR
Gitea["Gitea :3000\n192.168.1.211"]
Gitea --> CFG[homelab-configs\nDocker compose per app]
Gitea --> CMD[homelab-command\nDashboard broncode]
CFG --> DeployNAS[Deploy NAS apps]
CFG --> DeployVM[Documentatie VM 102]
CMD --> BuildVM[Build op VM 102\n~/homelab-command]
| Repository | Inhoud |
|---|---|
homelab-configs |
Compose, env-voorbeelden, Homarr/Homepage, monitoring |
homelab-command |
FastAPI dashboard, mesh-ingest, Grafana-dockerfile |
Snelle URL-lijst
| Wat | URL |
|---|---|
| Security dashboard | http://192.168.1.105:8765/dashboard |
| Neo4j Browser | http://192.168.1.105:49154 |
| pgAdmin | http://192.168.1.211:5434 |
| Gitea | http://192.168.1.211:3000 |
| Grafana | http://192.168.1.211:3002 |
| Portainer | http://192.168.1.211:9000 |
Rollback
- Postgres: zie repo
homelab-command→docs/POSTGRES_ROLLBACK.md—PG_HOSTterug naar.211, NAS-container herstarten.