infrastructure:automation-stack

This is an old revision of the document!

Table of Contents

Automation Stack
- Services
- Network
- TLS/SSL
- Prometheus Monitoring
- Ansible
- Backups
- Credentials

Automation Stack

Self-hosted automation and monitoring stack on Proxmox (hv-04).

Services

CT	IP	Service	RAM	Port	URL
110	10.100.161.110	PostgreSQL	1GB	5432	-
111	10.100.161.111	n8n	1GB	5678	n8n.home.miskam.xyz
112	10.100.161.112	Vaultwarden	512MB	8080	vault.home.miskam.xyz
113	10.100.161.113	DokuWiki	512MB	80	wiki.home.miskam.xyz
114	10.100.161.114	Uptime Kuma	512MB	3001	status.home.miskam.xyz
115	10.100.161.115	Prometheus/Grafana	1GB	9090/3000	monitoring.home.miskam.xyz

Total RAM: ~4.5GB

Network

Subnet: 10.100.161.0/23
Gateway: 10.100.161.254
DNS: 10.100.161.254 (UniFi)
Traefik: 10.100.161.102

TLS/SSL

Domain: *.home.miskam.xyz
Certificate: Let's Encrypt wildcard (auto-renew)
Challenge: Cloudflare DNS-01
See TLS Certificates

Prometheus Monitoring

All hosts run node_exporter on port 9100.

Host	IP	Status
prometheus	10.100.161.115	✅ up
openclaw	10.100.160.249	✅ up
n8n	10.100.161.111	✅ up
vaultwarden	10.100.161.112	✅ up
postgres	10.100.161.110	✅ up
dokuwiki	10.100.161.113	✅ up
uptime-kuma	10.100.161.114	✅ up
traefik	10.100.161.102	✅ up
hv-04	10.100.160.100	✅ up

Ansible

Infrastructure as Code für reproduzierbare Deployments.

Repository: /root/.openclaw/workspace/automation-stack/ansible/
Ansible Version: 2.20.2
Control Node: openclaw (10.100.160.249)

Playbooks:

site.yml — Hauptplaybook für alle Services
provision.yml — LXC-Erstellung (Referenz)

Secrets werden zur Laufzeit aus Vaultwarden geholt (Bitwarden Lookup Plugin).

Backups

Daily: PostgreSQL (CT 110)
Weekly: App containers (CT 111-115)
Location: /var/lib/vz/dump/

Credentials

Alle Credentials in Vaultwarden gespeichert:

Organisation: mxmlabs
Collection: Network Automation

Letzte Aktualisierung: 2026-02-07

infrastructure/automation-stack.1770460574.txt.gz · Last modified: 2026/02/07 10:36 by 127.0.0.1