Differences

This shows you the differences between two versions of the page.

--- infrastructure:automation-stack [2026/02/07 10:36] – external edit 127.0.0.1
+++ infrastructure:automation-stack [2026/02/07 17:21] (current) – Added Forgejo, updated services admin
@@ Line 1: / Line 1: @@
 ====== Automation Stack ======
-Self-hosted automation and monitoring stack on Proxmox (hv-04).
+Proxmox hv-04 | Subnet 10.100.161.0/23 | TLS: *.home.miskam.xyz (Let's Encrypt)
 ===== Services =====
-^ CT ^ IP ^ Service ^ RAM ^ Port ^ URL ^
+^ CT ^ Service ^ URL ^ Port ^
-| 110 | 10.100.161.110 | PostgreSQL | 1GB | 5432 | - |
+| 110 | PostgreSQL | — | 5432 |
-| 111 | 10.100.161.111 | n8n | 1GB | 5678 | [[https://n8n.home.miskam.xyz|n8n.home.miskam.xyz]] |
+| 111 | n8n | [[https://n8n.home.miskam.xyz]] | 5678 |
-| 112 | 10.100.161.112 | Vaultwarden | 512MB | 8080 | [[https://vault.home.miskam.xyz|vault.home.miskam.xyz]] |
+| 112 | Vaultwarden | [[https://vault.home.miskam.xyz]] | 8080 |
-| 113 | 10.100.161.113 | DokuWiki | 512MB | 80 | [[https://wiki.home.miskam.xyz|wiki.home.miskam.xyz]] |
+| 113 | DokuWiki | [[https://wiki.home.miskam.xyz]] | 80 |
-| 114 | 10.100.161.114 | Uptime Kuma | 512MB | 3001 | [[https://status.home.miskam.xyz|status.home.miskam.xyz]] |
+| 114 | Uptime Kuma | [[https://status.home.miskam.xyz]] | 3001 |
-| 115 | 10.100.161.115 | Prometheus/Grafana | 1GB | 9090/3000 | [[https://monitoring.home.miskam.xyz|monitoring.home.miskam.xyz]] |
+| 115 | Grafana | [[https://monitoring.home.miskam.xyz]] | 3000 |
+| 116 | Forgejo | [[https://git.home.miskam.xyz]] | 3000 |
-**Total RAM:** ~4.5GB
+===== Monitoring =====
-===== Network =====
+Prometheus (CT 115:9090) scrapes node_exporter (:9100) on all hosts.
-  * Subnet: 10.100.161.0/23
+Targets: prometheus, openclaw, n8n, vaultwarden, postgres, dokuwiki, uptime-kuma, traefik, hv-04
-  * Gateway: 10.100.161.254
-  * DNS: 10.100.161.254 (UniFi)
-  * Traefik: 10.100.161.102
-===== TLS/SSL =====
+===== Git / Ansible =====
-  * **Domain:** *.home.miskam.xyz
+  * **Repo:** [[https://git.home.miskam.xyz/mxm-bot/automation-stack]]
-  * **Certificate:** Let's Encrypt wildcard (auto-renew)
-  * **Challenge:** Cloudflare DNS-01
-  * See [[infrastructure:tls-certificates|TLS Certificates]]
-===== Prometheus Monitoring =====
-All hosts run node_exporter on port 9100.
-^ Host ^ IP ^ Status ^
-| prometheus | 10.100.161.115 | ✅ up |
-| openclaw | 10.100.160.249 | ✅ up |
-| n8n | 10.100.161.111 | ✅ up |
-| vaultwarden | 10.100.161.112 | ✅ up |
-| postgres | 10.100.161.110 | ✅ up |
-| dokuwiki | 10.100.161.113 | ✅ up |
-| uptime-kuma | 10.100.161.114 | ✅ up |
-| traefik | 10.100.161.102 | ✅ up |
-| hv-04 | 10.100.160.100 | ✅ up |
-===== Ansible =====
-Infrastructure as Code für reproduzierbare Deployments.
-  * **Repository:** ''/root/.openclaw/workspace/automation-stack/ansible/''
-  * **Ansible Version:** 2.20.2
   * **Control Node:** openclaw (10.100.160.249)
+  * **Ansible:** 2.20.2
-Playbooks:
-  * ''site.yml'' — Hauptplaybook für alle Services
-  * ''provision.yml'' — LXC-Erstellung (Referenz)
-Secrets werden zur Laufzeit aus Vaultwarden geholt (Bitwarden Lookup Plugin).
-===== Backups =====
-  * **Daily:** PostgreSQL (CT 110)
-  * **Weekly:** App containers (CT 111-115)
-  * **Location:** ''/var/lib/vz/dump/''
 ===== Credentials =====
-Alle Credentials in Vaultwarden gespeichert:
+Vaultwarden → mxmlabs org → Network Automation collection
-  * **Organisation:** mxmlabs
-  * **Collection:** Network Automation
-----
-//Letzte Aktualisierung: 2026-02-07//