# 🏡 Homelab Inventory and Recovery Reference ## 🖥️ Physical Hosts ### proxmox04 - **IP**: `192.168.1.37` - **Hostname**: `proxmox04` - **URL**: `https://proxmox4.wtfsolutions.cc` - **Proxmox Version**: 8.4.0 - **Kernel**: 6.8.12-9-pve - **Boot Drive**: Crucial 256GB SATA SSD - **Rack**: 10" Lab Rax (3D-printed) - **Firewall**: Enabled (host-level) - **NTP**: Enabled - **Root Access**: Enabled - **SSH**: Enabled (static IP) #### 🧠 Hardware - **Motherboard**: ASRock B550 Phantom Gaming-ITX/AX - **CPU**: AMD Ryzen 5 5600G (6c/12t) - **RAM**: 62 GiB DDR4 - **Swap**: 8 GiB #### 💾 Storage - **ZFS Pool: `vm_data` (NVMe)** - `/vm_data/subvol-###-disk-0` - `/vm_data/vm-100-disk-1` - **ZFS Pool: `zfs_pool` (RAIDZ1)** - 5x 6TB HDDs - Usable: ~21.7TB - `/zfs_pool/nc_data` → Nextcloud - `/zfs_pool/immich/immich_library` → Immich media - `/zfs_pool/immich/immich_database` → Immich PostgreSQL - **Additional SSD**: `/dev/sda`, 525GB, used for torrents → `/mnt/torrents` ## 🔁 Backup & Sync Overview ### PBS (proxmox-backup-server) - **Hostname**: `backup` - **IP**: `192.168.1.35` - **Datastore**: `/mnt/backup_nvme` (name: `proxmox04-backups`) - **Prune Policy**: - Hourly: 7 - Daily: 4 - Weekly: 6 - Monthly: 2 - Yearly: 1 - **GC Schedule**: Daily - **PBS Encryption**: ❌ Disabled (using rclone crypt only) - **Offsite Sync**: Daily to B2 via `rclone` with encryption (`b2-pbs-encrypted`) - **rclone path**: All of `/mnt/backup_nvme` ## 📦 Database Backups ### ✅ Immich - **Runs in**: LXC 109 (Proxmox04) - **DB Engine**: PostgreSQL - **DB Path**: `/zfs_pool/immich/immich_database` - **Script**: `/usr/local/bin/immich-db-backup.sh` (on proxmox04) - **Dump Path**: `/mnt/backup_nvme/db_dumps/` - **Cron**: `30 4 * * *` → Immich DB dump ### ✅ Nextcloud - **Runs in**: LXC 115 (Nextcloud AIO via Docker) - **DB Engine**: PostgreSQL 17.5 - **DB Container**: `nextcloud-aio-database` - **Script**: `/usr/local/bin/nextcloud-db-backup.sh` (inside LXC 115) - **Dump Path**: `/mnt/nc_data/db_dumps/` - **Cron**: `0 4 * * *` → Nextcloud DB dump ## 🧠 Credential Management - All critical secrets are stored in **Bitwarden** under `homelab/` - rclone crypt keys - PBS access - Database passwords (Nextcloud, Immich) - Cloudflare tunnel tokens ## 🌐 Reverse Proxy & DNS All services are proxied through **Nginx Proxy Manager** (NPM) at `192.168.1.58`. - **Internal DNS**: Pi-hole wildcard `*.wtfsolutions.cc → 192.168.1.58` (LXC 103) - **External DNS**: Cloudflare (migrating to Pangolin self-hosted tunnel on Oracle Cloud) - **SSL**: Wildcard cert `*.wtfsolutions.cc` via Let's Encrypt (NPM cert ID 4) ## 🧩 LXC Containers & Apps (Proxmox04) | CT ID | Name | IP Address | Port | DNS / URL | Notes | |-------|-------------------|----------------|-------|--------------------------------------------------|------------------------------| | 100 | Home Assistant | 192.168.1.36 | 8123 | https://ha.wtfsolutions.cc | VM (not LXC); Cloudflare tunnel add-on | | 102 | Gitea | 192.168.1.40 | 3000 | https://gitea.wtfsolutions.cc | Internal docs repo | | 103 | Pi-hole | 192.168.1.3 | 80 | https://pihole.wtfsolutions.cc | DNS + ad blocker | | 104 | Sonarr | 192.168.1.39 | 8989 | https://sonarr.wtfsolutions.cc | TV show automation | | 105 | Radarr | 192.168.1.43 | 7878 | https://radarr.wtfsolutions.cc | Movie automation | | 106 | Jackett | 192.168.1.45 | 9117 | https://jackett.wtfsolutions.cc | Indexer proxy | | 107 | FlareSolverr | 192.168.1.46 | 8191 | Internal only | Cloudflare captcha bypass | | 108 | qBittorrent | 192.168.1.47 | 8080 | https://qbittorrent.wtfsolutions.cc | Torrent client | | 109 | Immich | 192.168.1.48 | 2283 | https://immich.wtfsolutions.cc | Photo/video library | | 110 | Overseerr | 192.168.1.44 | 5055 | https://request.wtfsolutions.cc | Media requests (alias: overseerr.wtfsolutions.cc) | | 112 | Homarr | 192.168.1.33 | 7575 | https://homarr.wtfsolutions.cc | Dashboard | | 113 | Prowlarr | 192.168.1.34 | 9696 | https://prowlarr.wtfsolutions.cc | Indexer manager | | 114 | Cloudflared | 192.168.1.49 | - | Internal only | ⚠️ Retiring — replacing with Pangolin | | 115 | Nextcloud AIO | 192.168.1.50 | 11000 | https://drive.wtfsolutions.cc | File storage (alias: nextcloud.wtfsolutions.cc) | | 116 | MySpeed | 192.168.1.52 | 5216 | https://myspeed.wtfsolutions.cc | Network speed monitor | | 117 | Tautulli | 192.168.1.31 | 8181 | https://tautulli.wtfsolutions.cc | Plex statistics | | 118 | InfluxDB | 192.168.1.53 | 8086 | https://influxdb.wtfsolutions.cc | Time-series metrics DB | | 119 | Grafana | 192.168.1.54 | 3000 | https://grafana.wtfsolutions.cc | Metrics dashboards | | 121 | Paperless-NGX | 192.168.1.56 | 8000 | https://paperless.wtfsolutions.cc | Document management | | 123 | Nginx Proxy Mgr | 192.168.1.58 | 81 | https://npm.wtfsolutions.cc | Reverse proxy + SSL | | 125 | Uptime Kuma | 192.168.1.60 | 3001 | https://kuma.wtfsolutions.cc | Uptime monitoring | | 126 | Homepage | 192.168.1.61 | 3000 | https://homepage.wtfsolutions.cc | Service dashboard | ## 🖥️ Other Devices | Device | IP | Port | URL | Notes | |----------|----------------|-------|--------------------------------------|--------------------------| | MEDIA02 | 192.168.1.32 | 32400 | Plex app / plex.tv | Windows — runs Plex | | Proxmox4 | 192.168.1.37 | 8006 | https://proxmox4.wtfsolutions.cc | Main Proxmox host | | PBS | 192.168.1.35 | 8007 | http://192.168.1.35:8007 | Proxmox Backup Server | | Unifi | 192.168.1.1 | - | https://unifi.ui.com | Network controller | ## 🎯 Restore Strategy (high-level) - **PBS Restore**: - Use GUI or CLI to select CT/VM → restore to new ID - **Database Restore**: - `gunzip` the `.sql.gz` dump - Use `psql` inside Immich (109) or docker exec for Nextcloud - **Media Restore**: - ZFS rollback or `rsync` from backup --- This doc should be stored in Gitea (`HomeLabDocs`) and printed to paper or PDF for offline disaster recovery.