ilia/ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ansible/docs/guides/homelab-status-2026-05-22.md
ilia de49b34cdc
Some checks failed
CI / skip-ci-check (pull_request) Successful in 6s
Details
CI / lint-and-test (pull_request) Failing after 9s
Details
CI / ansible-validation (pull_request) Failing after 6s
Details
CI / secret-scanning (pull_request) Successful in 5s
Details
CI / dependency-scan (pull_request) Successful in 8s
Details
CI / sast-scan (pull_request) Failing after 5s
Details
CI / license-check (pull_request) Successful in 11s
Details
CI / vault-check (pull_request) Failing after 6s
Details
CI / playbook-test (pull_request) Failing after 6s
Details
CI / container-scan (pull_request) Failing after 6s
Details
CI / sonar-analysis (pull_request) Failing after 2s
Details
CI / workflow-summary (pull_request) Successful in 4s
Details
Add homelab monitoring, portfolio site, and vault tooling. 
Document pve10 static IPs, monitoring stack, and site LXCs; add portfolio
to inventory; Mailcow mailbox automation; vault import/export scripts;
security audit guides and UniFi DHCP reference.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-22 16:25:07 -04:00

2.8 KiB
Raw Blame History

Homelab status — 2026-05-22

Quick checklist after monitoring / sites / git pass.

Done (automation)

Item Notes
Mailcow alerts@levkine.ca Created via API
Kuma + Dockge + Umami LXC 218 @ 10.0.10.22; Dockge stack monitoring active
Old Kuma pve201 LXC 305 Stopped, onboot off
stats.levkin.ca Caddy → Umami :3000
Tracking scripts caseware + auto + portfolio (iliadobkin.com)
Portfolio iliadobkin.com Migrated pve201 LXC 306 → pve10 LXC 219 @ 10.0.10.106; Caddy → nginx :80
Kuma SMTP Working (user confirmed)
Git remote git@git.levkin.ca:ilia/... (SSH → 10.0.10.169 via ~/.ssh/config on site LXCs)
auto repo Pushed/pulled on git.levkin.ca
caseware repo Pushed to Gitea via bundle on server; LXCs pull via internal SSH
Vault Mailcow, Umami, Mattermost in vault; make vault-export-env.env; make vault-pull-infra-secrets = hosts → vault
Caddy root SSH Works (make bootstrap-root-ssh-caddy)
Hermes Mattermost mattermost.env on VM; Telegram optional/off

Your list — still to do

You (UI / hardware / DNS)

  • Kuma SMTP — working
  • UniFi DHCP reservationsunifi-static-dhcp.md @ https://192.168.2.1/
  • Cal.com → Authentik OIDC — first SSO (~12 h) — levkin-selfhost-plan-2.md
  • Nextcloud VM 201 retire — remove Kuma monitor, Caddy nextcloud.levkin.ca, stop VM
  • NAS.SP00 disk replace — then start Jellyfin (VM 101)
  • Gitea deploy key (portfolio)git pull works on LXC 219; Gitea VM SSH fixed (/home/git/.ssh/authorized_keys + sudo to gitea)
  • .env — optional mirror: make vault-export-env (vault already has secrets)
  • Rotate any secrets pasted in chat (Hermes token, etc.)

Later / defer

  • Caddy → edge LXC .20
  • Immich, Crater, Beszel
  • Public SSH for git.levkin.ca:22 (optional Caddy layer4 or DNS split)

Site LXCs (marketing)

VMID Name IP Git remote
215 caseware 10.0.10.105 git@git.levkin.ca:ilia/caseware.git
216 auto 10.0.10.59 git@git.levkin.ca:ilia/auto.git
219 portfolio 10.0.10.106 git@git.levkin.ca:ilia/sdetProfile.git

Git SSH note: git.levkin.ca in the URL; traffic goes to 10.0.10.169:22 (not 10.0.30.169, not public :22).

# On each site LXC /root/.ssh/config
Host git.levkin.ca
    HostName 10.0.10.169
    User git
    IdentityFile ~/.ssh/id_ed25519

Dockge

Stack monitoring in UI = correct. Compose at /opt/stacks/monitoring/compose.yaml. Live stack also at /opt/monitoring (same containers). Use Dockge for edits/restarts; avoid starting a second copy.