Differences

This shows you the differences between two versions of the page.

--- infrastructure:automation-stack [2026/02/06 15:06] – created - external edit 127.0.0.1
+++ infrastructure:automation-stack [2026/02/07 17:21] (current) – Added Forgejo, updated services admin
@@ Line 1: / Line 1: @@
 ====== Automation Stack ======
-Deployed: 2026-02-06
+Proxmox hv-04 | Subnet 10.100.161.0/23 | TLS: *.home.miskam.xyz (Let's Encrypt)
 ===== Services =====
-^ Service ^ Container ^ IP ^ Port ^ URL ^
+^ CT ^ Service ^ URL ^ Port ^
-| PostgreSQL | CT 110 | 10.100.161.110 | 5432 | - |
+| 110 | PostgreSQL | — | 5432 |
-| n8n | CT 111 | 10.100.161.111 | 5678 | [[https://n8n.srv.internal]] |
+| 111 | n8n | [[https://n8n.home.miskam.xyz]] | 5678 |
-| Vaultwarden | CT 112 | 10.100.161.112 | 8080 | [[https://vault.srv.internal]] |
+| 112 | Vaultwarden | [[https://vault.home.miskam.xyz]] | 8080 |
-| DokuWiki | CT 113 | 10.100.161.113 | 80 | [[https://wiki.srv.internal]] |
+| 113 | DokuWiki | [[https://wiki.home.miskam.xyz]] | 80 |
-| Uptime Kuma | CT 114 | 10.100.161.114 | 3001 | [[https://status.srv.internal]] |
+| 114 | Uptime Kuma | [[https://status.home.miskam.xyz]] | 3001 |
+| 115 | Grafana | [[https://monitoring.home.miskam.xyz]] | 3000 |
+| 116 | Forgejo | [[https://git.home.miskam.xyz]] | 3000 |
-===== Architecture =====
+===== Monitoring =====
-<code>
+Prometheus (CT 115:9090) scrapes node_exporter (:9100) on all hosts.
-                    ┌─────────────┐
-                    │   Traefik   │
-                    │ .161.102:443│
-                    └──────┬──────┘
-                           │
-        ┌──────────┬───────┼───────┬──────────┐
-        ▼          ▼       ▼       ▼          ▼
-   ┌─────────┐ ┌───────┐ ┌─────┐ ┌──────┐ ┌───────┐
-   │   n8n   │ │ Vault │ │Wiki │ │Status│ │  DB   │
-   │  :5678  │ │ :8080 │ │ :80 │ │:3001 │ │ :5432 │
-   └────┬────┘ └───┬───┘ └─────┘ └──────┘ └───┬───┘
-        │          │                          │
-        └──────────┴──────────────────────────┘
-                    PostgreSQL
-</code>
-  * **Database:** PostgreSQL 15 (shared for n8n + Vaultwarden)
+Targets: prometheus, openclaw, n8n, vaultwarden, postgres, dokuwiki, uptime-kuma, traefik, hv-04
-  * **Reverse Proxy:** Traefik (CT 102, 10.100.161.102)
-  * **DNS:** UniFi (*.srv.internal → Traefik)
-  * **TLS:** Lets Encrypt via Traefik
-===== Credentials =====
+===== Git / Ansible =====
-All credentials stored in Vaultwarden under **"Automation Stack"** folder.
+  * **Repo:** [[https://git.home.miskam.xyz/mxm-bot/automation-stack]]
+  * **Control Node:** openclaw (10.100.160.249)
+  * **Ansible:** 2.20.2
-===== Database =====
+===== Credentials =====
-==== PostgreSQL ====
-  * **Host:** 10.100.161.110:5432
-  * **Admin:** pgadmin (superuser)
-  * **App Users:** n8n, vaultwarden
-<code bash>
-# Connect as admin
-psql -h 10.100.161.110 -U pgadmin -d postgres
-# List databases
-\l
-# Connect to specific DB
-psql -h 10.100.161.110 -U pgadmin -d n8n
-</code>
-===== Service Management =====
-<code bash>
-# n8n
-pct exec 111 -- systemctl status n8n
-pct exec 111 -- journalctl -u n8n -f
-# Vaultwarden
-pct exec 112 -- systemctl status vaultwarden
-pct exec 112 -- journalctl -u vaultwarden -f
-# DokuWiki (nginx + php-fpm)
-pct exec 113 -- systemctl status nginx
-pct exec 113 -- systemctl status php8.2-fpm
-# Uptime Kuma
-pct exec 114 -- systemctl status uptime-kuma
-# PostgreSQL
-pct exec 110 -- systemctl status postgresql
-pct exec 110 -- su - postgres -c "psql -l"
-</code>
-===== Configuration Files =====
-| Service | Config Location |
-| n8n | /etc/systemd/system/n8n.service |
-| Vaultwarden | /etc/systemd/system/vaultwarden.service |
-| DokuWiki | /var/www/dokuwiki/conf/ |
-| Uptime Kuma | /opt/uptime-kuma/ |
-| PostgreSQL | /etc/postgresql/15/main/ |
-| Traefik | /etc/traefik/conf.d/automation.yml |
-===== Backup =====
-TODO: Configure Proxmox backup jobs
-Recommended:
+Vaultwarden → mxmlabs org → Network Automation collection
-  * **Daily:** CT 110 (PostgreSQL) — critical data
-  * **Weekly:** CT 111-114 — can be rebuilt