jazzymc/infrastructure
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update docs: Slurpit deployment, static IPs, Traefik fixes
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details

Browse Source 
- Added Slurpit server stack (6 containers) to infrastructure
- Updated service table with all current containers and static IPs
- Documented docker-compose managed stacks
- Added Slurpit, NetBox plugin fixes to changelog
- Fixed actual-budget and netbox Traefik routing
- Updated container IP assignments with Slurpit stack
This commit is contained in:
XTRM-Unraid
2026-01-21 12:50:57 +02:00
parent 80073c61d3
commit 266a45125a
3 changed files with 194 additions and 238 deletions
Download Patch File Download Diff File Expand all files Collapse all files

349
docs/00-CURRENT-STATE.md
View File

@@ -2,7 +2,7 @@
## Current Infrastructure State
**Document Updated:** 2026-01-18
**Document Updated:** 2026-01-21
**Target Domain:** xtrm-lab.org
---
@@ -29,7 +29,6 @@
- `docker-bridge` - Container network (172.17.0.1/24)
- `back-to-home-vpn` - WireGuard VPN (192.168.216.1/24)
**SNMP Configuration:**
| Device | Community | Access | Status |
|--------|-----------|--------|--------|
@@ -52,10 +51,6 @@
| Ports | 24x Gigabit + 2x SFP |
| OS | SwOS (MikroTik Switch OS) |
| Web UI | http://192.168.31.9/index.html |
| Username | admin |
| Password | M0stW4nt3d@xtrm |
**Uplink:** Connected to hAP ax³ via eth4_CCS324_Uplink
### MikroTik cAP ac (192.168.31.6)
@@ -64,142 +59,111 @@
| Role | CAPsMAN Managed Access Point |
| RouterOS Version | 7.20.1 (stable) |
| Identity | CAP XL ac |
| Board | RBcAPGi-5acD2nD |
| SSH Access | `ssh -p 2222 xtrm@192.168.31.6` |
| SSH Password | M0stW4nt3d@xtrm |
**Note:** SSH key (id_ed25519 from Desktop) installed for key-based auth.
---
### WiFi Networks
| SSID | Password | Bands | Security | Purpose |
|------|----------|-------|----------|---------|
| XTRM | M0stW4nt3d@home | 2.4GHz + 5GHz | WPA/WPA2 (2.4GHz), WPA2/WPA3 (5GHz) | Main network |
| XTRM2 | M0stW4nt3d@IoT | 2.4GHz | WPA/WPA2 | Legacy/IoT devices |
**CAPsMAN:** hAP ax³ manages cAP ac via CAPsMAN (WiFi controller). See [09-MIKROTIK-WIFI-CAPSMAN.md](./09-MIKROTIK-WIFI-CAPSMAN.md) for full configuration.
### Unraid Server (192.168.31.2)
## Unraid Server (192.168.31.2)
**Tailscale IP:** 100.100.208.70
**SSH Access:** `ssh -i ~/.ssh/id_ed25519_unraid root@192.168.31.2 -p 422`
**Key Services:**
### Docker Networks
| Service | Container Name | Port(s) | Network | External URL |
|---------|---------------|---------|---------|--------------|
| Portainer | portainer | 9002→9000, 9444→9443 | bridge | http://100.100.208.70:9002 (Tailscale) |
| Pi-hole | binhex-official-pihole | 53, 80, 67 | br0 (192.168.31.4) | ph1.xtrm-lab.org |
| Unbound | unbound | 53 | br0 (192.168.31.5) | - |
| Traefik | traefik | 8001→80, 44301→443 | dockerproxy | traefik.xtrm-lab.org |
| Authentik | authentik | 9000, 9443 | dockerproxy | auth.xtrm-lab.org |
| Authentik Worker | authentik-worker | - | authentik | - |
| Vaultwarden | vaultwarden | 4743→80 | bridge | vault.xtrm-lab.org |
| Plex | plex | 32400 | host | plex.xtrm-lab.org |
| Home Assistant | HomeAssistant_inabox | 8123 | host (192.168.31.15) | ha.xtrm-lab.org |
| Transmission | transmission | 9091, 51413 | bridge | - |
| Nextcloud | Nextcloud | 8666→80 | bridge | - |
| PostgreSQL | postgresql17 | 5432 | bridge | - |
| Redis | Redis | 6379 | bridge | - |
| Uptime Kuma | UptimeKuma | 3001 | bridge | - |
| NetAlertX | NetAlertX | 20211 | host | netalert.xtrm-lab.org |
| UrBackup | UrBackup | 55414 | host | urbackup.xtrm-lab.org |
| Homarr | homarr | 10004→7575 | bridge | - |
| NetBox | netbox | 8090→8080 | dockerproxy | netbox.xtrm-lab.org |
| NetBox Worker | netbox-worker | - | netbox | - |
| NetBox Housekeeping | netbox-housekeeping | - | netbox | - |
| NetBox PostgreSQL | netbox-postgres | 5432 | netbox | - |
| NetBox Redis | netbox-redis | 6379 | netbox | - |
| NetBox Redis Cache | netbox-redis-cache | 6379 | netbox | - |
| Nebula Sync | nebula-sync | - | - | Pi-hole sync |
| DoH Server | DoH-Server | 8053 | dockerproxy | doh.xtrm-lab.org |
| stunnel DoT | stunnel-dot | 853 | bridge | dns.xtrm-lab.org:853 |
| Pangolin | pangolin | 3003→3001, 3004→3002 | bridge | Fossorial controller |
| Gitea | gitea | 3005→3000, 2222→22 | dockerproxy | git.xtrm-lab.org |
| Woodpecker Server | woodpecker-server | 8008→8000 | dockerproxy | ci.xtrm-lab.org |
| Woodpecker Agent | woodpecker-agent | - | dockerproxy | - |
| RustDesk ID | rustdesk-hbbs | 21115-21116, 21118-21119 | bridge | rustdesk.xtrm-lab.org |
| RustDesk Relay | rustdesk-hbbr | 21117 | bridge | rustdesk.xtrm-lab.org |
| NetDisco Web | netdisco-web | 5000 | dockerproxy | https://netdisco.xtrm-lab.org |
| NetDisco Backend | netdisco-backend | - | dockerproxy | SNMP polling daemon |
| Network | Subnet | Purpose |
|---------|--------|---------|
| dockerproxy | 172.18.0.0/16 | Traefik-accessible services |
| netbox | 172.24.0.0/16 | NetBox stack |
| slurpit_slurpit-network | Auto | Slurp'it stack |
| br0 | 192.168.31.0/24 | LAN macvlan |
| bridge | 172.17.0.0/16 | Default Docker bridge |
| host | - | Host network stack |
### Key Services
| Service | Container | Static IP | External URL |
|---------|-----------|-----------|--------------|
| **Core Infrastructure** |
| Reverse Proxy | traefik | 172.18.0.3 | traefik.xtrm-lab.org |
| Docker Socket | dockersocket | 172.18.0.2 | - |
| Dashboard | homarr | 172.18.0.4 | xtrm-lab.org |
| **Security** |
| Identity Provider | authentik | 172.18.0.11 | auth.xtrm-lab.org |
| Authentik Worker | authentik-worker | 172.18.0.12 | - |
| Password Manager | vaultwarden | 172.18.0.15 | vault.xtrm-lab.org |
| **Databases** |
| PostgreSQL | postgresql17 | 172.18.0.13 | - |
| Redis | Redis | 172.18.0.14 | - |
| **DNS** |
| Pi-hole (Unraid) | binhex-official-pihole | 192.168.31.4 | ph1.xtrm-lab.org |
| Unbound (Unraid) | unbound | 192.168.31.5 | - |
| DoH Server | DoH-Server | 172.18.0.22 | doh.xtrm-lab.org |
| **DevOps** |
| Git Server | gitea | 172.18.0.31 | git.xtrm-lab.org |
| CI/CD Server | woodpecker-server | 172.18.0.32 | ci.xtrm-lab.org |
| CI/CD Agent | woodpecker-agent | 172.18.0.33 | - |
| **Network Management** |
| NetBox | netbox | 172.24.0.5 | netbox.xtrm-lab.org |
| NetBox Worker | netbox-worker | 172.24.0.6 | - |
| NetBox PostgreSQL | netbox-postgres | 172.24.0.4 | - |
| NetBox Redis | netbox-redis | 172.24.0.2 | - |
| NetBox Redis Cache | netbox-redis-cache | 172.24.0.3 | - |
| NetDisco Web | netdisco-web | 172.18.0.41 | netdisco.xtrm-lab.org |
| NetDisco Backend | netdisco-backend | 172.18.0.42 | - |
| Unimus | unimus | host | unimus.xtrm-lab.org |
| **Slurp'it Discovery** |
| Slurp'it Portal | slurpit-portal | dockerproxy | slurpit.xtrm-lab.org |
| Slurp'it Scanner | slurpit-scanner | slurpit-network | - |
| Slurp'it Scraper | slurpit-scraper | slurpit-network | - |
| Slurp'it Warehouse | slurpit-warehouse | slurpit-network | - |
| Slurp'it MariaDB | slurpit-mariadb | slurpit-network | - |
| Slurp'it MongoDB | slurpit-mongodb | slurpit-network | - |
| **Monitoring** |
| Uptime Kuma | UptimeKuma | 172.18.0.20 | uptime.xtrm-lab.org |
| Uptime Kuma API | Uptime-Kuma-API | 172.18.0.18 | - |
| AutoKuma | AutoKuma | 172.18.0.19 | - |
| NetAlertX | NetAlertX | host | netalert.xtrm-lab.org |
| Speedtest Tracker | speedtest-tracker | 172.18.0.21 | speedtest.xtrm-lab.org |
| **Productivity** |
| Actual Budget | actual-budget | 172.18.0.16 | actual.xtrm-lab.org |
| n8n | n8n | 172.18.0.17 | n8n.xtrm-lab.org |
| Karakeep | karakeep | 172.18.0.25 | karakeep.xtrm-lab.org |
| **Media & Storage** |
| Plex | plex | host | plex.xtrm-lab.org |
| Nextcloud | Nextcloud | 172.18.0.24 | nextcloud.xtrm-lab.org |
| Libation | Libation | 172.18.0.23 | - |
| Transmission | transmission | 172.18.0.26 | - |
| Time Machine | TimeMachine | 192.168.31.12 | - |
| **Remote Access** |
| RustDesk ID | rustdesk-hbbs | bridge | rustdesk.xtrm-lab.org |
| RustDesk Relay | rustdesk-hbbr | bridge | - |
| **Other** |
| Home Assistant | HomeAssistant_inabox | host | ha.xtrm-lab.org |
| UrBackup | UrBackup | host | urbackup.xtrm-lab.org |
| Portainer | portainer | bridge | 192.168.31.2:9002 |
| Pangolin | pangolin | 172.18.0.51 | - |
---
## Current NAT/Port Forwarding (MikroTik)
## Docker Compose Managed Stacks
| Rule | Protocol | WAN Port | Destination | Purpose |
|------|----------|----------|-------------|---------|
| Forward HTTP | TCP | 80 | 192.168.31.2:8001 | Traefik HTTP |
| Forward HTTPS | TCP | 443 | 192.168.31.2:44301 | Traefik HTTPS |
| Plex | TCP | 32400 | 192.168.31.2:32400 | Plex Media Server |
| Transmission | TCP/UDP | 51413 | 192.168.31.2:51413 | BitTorrent |
| DoT | TCP | 853 | 172.17.0.2:853 | DNS over TLS |
| DoH | TCP/UDP | 5443 | 172.17.0.2:443 | DNS over HTTPS |
| DNS Force | UDP/TCP | 53 | 172.17.0.2:53 | Force LAN DNS to Pi-hole |
| RustDesk NAT Test | TCP | 21115 | 192.168.31.2:21115 | RustDesk NAT Test |
| RustDesk ID TCP | TCP | 21116 | 192.168.31.2:21116 | RustDesk ID Server |
| RustDesk ID UDP | UDP | 21116 | 192.168.31.2:21116 | RustDesk ID Server |
| RustDesk Relay | TCP | 21117 | 192.168.31.2:21117 | RustDesk Relay |
| Stack | Location | Containers |
|-------|----------|------------|
| NetBox | `/mnt/user/appdata/netbox/docker-compose.yml` | netbox, netbox-worker, netbox-postgres, netbox-redis, netbox-redis-cache |
| NetDisco | `/mnt/user/appdata/netdisco/docker-compose.yml` | netdisco-web, netdisco-backend |
| Gitea | `/mnt/user/appdata/gitea/docker-compose.yml` | gitea |
| Woodpecker | `/mnt/user/appdata/woodpecker/docker-compose.yml` | woodpecker-server, woodpecker-agent |
| Pangolin | `/mnt/user/appdata/pangolin/docker-compose.yml` | pangolin |
| Slurp'it | `/mnt/user/appdata/slurpit/docker-compose.yml` | slurpit-portal, slurpit-scanner, slurpit-scraper, slurpit-warehouse, slurpit-mariadb, slurpit-mongodb |
---
## Current WireGuard Configuration
## NetBox Plugins
**Interface:** `back-to-home-vpn`
- Listen Port: 59188
- Address: 192.168.216.1/24
- Public Key: `3e+p++SJ6f5EURt6WCKApOLMQHWpURm/vn/0s9+EKzs=`
| Plugin | Version | Status |
|--------|---------|--------|
| slurpit_netbox | 1.2.7 | Active |
**Existing Peers:**
1. hAP ax³ (secondary device)
2. Kaloyan's S25 Ultra (mobile)
3. Additional peer (unnamed)
---
## Traefik Configuration
**Entry Points:**
- HTTP (:80) → Redirects to HTTPS
- HTTPS (:443)
**Certificate Resolver:** Cloudflare DNS Challenge
- Email: admin@xtrm-lab.org
- DNS Provider: Cloudflare
**Existing Middlewares:**
- `default-headers` - Security headers (HSTS, XSS protection, etc.)
- `authentik-forward-auth` - Forward auth to Authentik (configured but not applied)
- `pihole1-redirect` / `pihole2-redirect` - Redirect root to /admin/
---
## Authentik Configuration
| Parameter | Value |
|-----------|-------|
| Version | 2025.8.1 |
| URL | auth.xtrm-lab.org |
| PostgreSQL Host | postgresql17 |
| Database | authentik_db |
| Redis Host | redis |
| Network | dockerproxy |
**Status:** Deployed but not yet integrated with services
---
## Portainer Configuration (Phase 6)
| Parameter | Value |
|-----------|-------|
| Version | CE Latest |
| HTTP Port | 9002 |
| HTTPS Port | 9444 |
| Data Path | /mnt/user/appdata/portainer |
| Tailscale URL | http://100.100.208.70:9002 |
| Local URL | http://192.168.31.2:9002 |
**Status:** Deployed, awaiting initial setup and MikroTik connection (Phase 6.2/6.3)
**Note:** Plugin config mounted from `/mnt/user/appdata/netbox/config/plugins.py`
---
@@ -241,113 +205,44 @@
---
## Service Interruption Risk Assessment
## Current NAT/Port Forwarding (MikroTik)
| Phase | Component | Interruption Risk | Mitigation |
|-------|-----------|-------------------|------------|
| 1 | Tailscale Integration | LOW | Add-on service, no changes to existing |
| 1 | DoH Endpoint | LOW | New endpoint, existing DNS unaffected |
| 2 | Pangolin/Gerbil | MEDIUM | New containers, may conflict with WG port 51820 |
| 2 | Newt Connector | LOW | Outbound only |
| 3 | Authentik Forward Auth | HIGH | Will gate all services - test thoroughly |
| 4 | Sunshine/Moonlight | LOW | New service, Tailscale-only access |
| 5 | RustDesk | MEDIUM | New ports required on MikroTik |
| 6 | Portainer | LOW | Management tool only, no service impact |
| Rule | Protocol | WAN Port | Destination | Purpose |
|------|----------|----------|-------------|---------|
| Forward HTTP | TCP | 80 | 192.168.31.2:8001 | Traefik HTTP |
| Forward HTTPS | TCP | 443 | 192.168.31.2:44301 | Traefik HTTPS |
| Plex | TCP | 32400 | 192.168.31.2:32400 | Plex Media Server |
| Transmission | TCP/UDP | 51413 | 192.168.31.2:51413 | BitTorrent |
| DoT | TCP | 853 | 172.17.0.2:853 | DNS over TLS |
| DoH | TCP/UDP | 5443 | 172.17.0.2:443 | DNS over HTTPS |
| DNS Force | UDP/TCP | 53 | 172.17.0.2:53 | Force LAN DNS to Pi-hole |
| RustDesk | TCP/UDP | 21115-21119 | 192.168.31.2 | RustDesk Server |
---
## Ports Required for Full Implementation
## Traefik Configuration
### New MikroTik Port Forwards Needed:
**Entry Points:**
- HTTP (:80) → Redirects to HTTPS
- HTTPS (:443)
| Service | Protocol | Port(s) | Destination | Phase |
|---------|----------|---------|-------------|-------|
| WireGuard (Fossorial) | UDP | 51820 | 192.168.31.2:51820 | 2 |
| RustDesk ID TCP | TCP | 21115-21117 | 192.168.31.2:21115-21117 | 5 |
| RustDesk Relay | TCP | 21118-21119 | 192.168.31.2:21118-21119 | 5 |
| RustDesk NAT | UDP | 21116 | 192.168.31.2:21116 | 5 |
**Certificate Resolver:** Cloudflare DNS Challenge
**Docker Provider Constraint:** `traefik.constraint=valid`
- Containers need this label to be auto-discovered
- Otherwise add routes to `/mnt/user/appdata/traefik/dynamic.yml`
---
## Next Steps
## Reference Documents
Proceed to individual phase documents:
1. [Phase 1: Global DNS Portability](./01-PHASE1-DNS-PORTABILITY.md)
2. [Phase 2: Fossorial Tunnel Stack](./02-PHASE2-FOSSORIAL-STACK.md)
3. [Phase 3: Identity & Zero Trust](./03-PHASE3-AUTHENTIK-ZEROTRUST.md)
4. [Phase 4: Remote Gaming](./04-PHASE4-REMOTE-GAMING.md)
5. [Phase 5: RustDesk Setup](./05-PHASE5-RUSTDESK.md)
6. [Phase 6: Portainer Management](./06-PHASE6-PORTAINER-MANAGEMENT.md)
7. [Phase 7: Gitea GitOps](./08-PHASE7-GITEA-GITOPS.md)
8. [Phase 8: NetDisco Integration](./12-PHASE8-NETDISCO-INTEGRATION.md)
**Reference Documents:**
- [MikroTik WiFi & CAPsMAN Configuration](./09-MIKROTIK-WIFI-CAPSMAN.md)
---
## Completed Infrastructure Tasks
### Static IP Assignment for Critical Services
**Status:** COMPLETED (2026-01-18)
**Priority:** High
**Reason:** Critical services should have static IPs outside DHCP/dynamic lease range to prevent IP conflicts and ensure reliable inter-container communication.
#### dockerproxy Network (172.18.0.0/16)
Static IP range: 172.18.0.2 - 172.18.0.50
| Service | Static IP |
|---------|-----------|
| dockersocket | 172.18.0.2 |
| traefik | 172.18.0.3 |
| authentik | 172.18.0.11 |
| authentik-worker | 172.18.0.12 |
| postgresql17 | 172.18.0.13 |
| Redis | 172.18.0.14 |
| vaultwarden | 172.18.0.15 |
#### bridge Network (172.17.0.0/16)
Static IP range: 172.17.0.2 - 172.17.0.50
| Service | Static IP |
|---------|-----------|
| portainer | 172.17.0.2 |
| rustdesk-hbbs | 172.17.0.3 |
| rustdesk-hbbr | 172.17.0.4 |
#### Implementation Steps
1. [x] Update Docker network IPAM config to reserve static range
2. [x] Recreate critical containers with --ip flag or docker-compose static IP
3. [x] Update any hardcoded references to old IPs
4. [x] Test inter-container connectivity
5. [x] Document final IP assignments
**Note:** IPs assigned via `docker network connect --ip`. To persist across container recreation, update Unraid Docker templates or use docker-compose.
---
## Unraid Docker Organization
### FolderView2 Plugin
Docker containers are organized into categories using the FolderView2 plugin.
**Icon Collection:** [Dazzle Line Icons](https://www.svgrepo.com/collection/dazzle-line-icons/) from SVGRepo
**Categories:**
| Category | Containers | Icon |
|----------|------------|------|
| Infrastructure | traefik, unbound, binhex-official-pihole, DoH-Server, stunnel-dot, pangolin, dockersocket, nebula-sync | network.svg |
| Security | authentik, authentik-worker, vaultwarden | shield-lock.svg |
| Monitoring | UptimeKuma, Uptime-Kuma-API, AutoKuma, NetAlertX, speedtest-tracker, netbox, netbox-worker, netbox-housekeeping | monitoring.svg |
| DevOps | gitea, woodpecker-server, woodpecker-agent, postgresql17, Redis, pgAdmin4, netbox-postgres, netbox-redis, netbox-redis-cache | database-03.svg |
| Media | plex, Libation, transmission | media-play-circle.svg |
| Storage/Backup | rustfs, UrBackup, TimeMachine, Nextcloud | clock-rewind.svg |
| Productivity | actual-budget, n8n, karakeep, homarr | dashboard.svg |
| Smart Home | HomeAssistant_inabox | smart-home.svg |
| Remote Access | rustdesk-hbbs, rustdesk-hbbr | remote.svg |
| Management | portainer, unimus | settings.svg |
**Config Location:** `/boot/config/plugins/folder.view2/docker.json`
- [Phase 1: Global DNS Portability](./01-PHASE1-DNS-PORTABILITY.md)
- [Phase 2: Fossorial Tunnel Stack](./02-PHASE2-FOSSORIAL-STACK.md)
- [Phase 3: Identity & Zero Trust](./03-PHASE3-AUTHENTIK-ZEROTRUST.md)
- [Phase 4: Remote Gaming](./04-PHASE4-REMOTE-GAMING.md)
- [Phase 5: RustDesk Setup](./05-PHASE5-RUSTDESK.md)
- [Phase 6: Portainer Management](./06-PHASE6-PORTAINER-MANAGEMENT.md)
- [Phase 7: Gitea GitOps](./08-PHASE7-GITEA-GITOPS.md)
- [Phase 8: NetDisco Integration](./12-PHASE8-NETDISCO-INTEGRATION.md)
- [Container IP Assignments](./13-CONTAINER-IP-ASSIGNMENTS.md)
- [MikroTik WiFi & CAPsMAN](./09-MIKROTIK-WIFI-CAPSMAN.md)

41
docs/06-CHANGELOG.md
View File

@@ -42,3 +42,44 @@
### NetBox Stack Rebuild
- [FIX] Recreated netbox containers with correct Redis/Postgres IPs
- [CONFIG] NetBox stack now uses static IPs (172.24.0.2-7)
## 2026-01-21 - Slurp'it Server Deployment & Fixes
### Persistent Static IP Configuration
- [CONFIG] Updated Unraid Docker templates with MyIP and --ip flags
- [CONFIG] Created docker-compose files for compose-managed stacks:
- /mnt/user/appdata/netbox/docker-compose.yml
- /mnt/user/appdata/netdisco/docker-compose.yml
- /mnt/user/appdata/gitea/docker-compose.yml
- /mnt/user/appdata/woodpecker/docker-compose.yml
- /mnt/user/appdata/pangolin/docker-compose.yml
- [DOC] Updated 13-CONTAINER-IP-ASSIGNMENTS.md with compose locations
### Slurp'it NetBox Plugin Fixes
- [FIX] Mounted plugins.py config to enable slurpit_netbox plugin
- [FIX] Added missing owner_id column to 6 slurpit tables (NetBox 4.5 compatibility)
- [FIX] Added missing cable_connector column to slurpitinterface table
- [STATUS] Plugin now fully functional at /plugins/slurpit/
### Slurp'it Server Deployment
- [DEPLOY] Full Slurp'it stack deployed (6 containers)
- [URL] https://slurpit.xtrm-lab.org
- [CONTAINERS]:
- slurpit-portal (Web UI)
- slurpit-scanner (Network scanner)
- slurpit-scraper (Device data collector)
- slurpit-warehouse (Data API)
- slurpit-mariadb (Portal database)
- slurpit-mongodb (Discovery database)
- [CONFIG] /mnt/user/appdata/slurpit/docker-compose.yml
- [CREDS] admin / 12345678 (change on first login)
### NetBox Traefik Fix
- [FIX] Connected netbox container to dockerproxy network
- [FIX] Added dockerproxy network to netbox docker-compose.yml
- [STATUS] https://netbox.xtrm-lab.org now accessible
### Actual Budget Traefik Fix
- [FIX] Added actual-budget route to /mnt/user/appdata/traefik/dynamic.yml
- [STATUS] https://actual.xtrm-lab.org now accessible

42
docs/13-CONTAINER-IP-ASSIGNMENTS.md
View File

@@ -1,9 +1,9 @@
# Container Static IP Assignments
**Last Updated:** 2026-01-20
**Last Updated:** 2026-01-21
This document lists all static IP assignments for Docker containers on Unraid.
Static IPs are now configured in docker-compose files and Unraid templates for persistence.
Static IPs are configured in docker-compose files and Unraid templates for persistence.
---
@@ -80,6 +80,24 @@ Static IP range: 172.24.0.2 - 172.24.0.20
| netbox | 172.24.0.5 | NetBox web UI | Compose |
| netbox-worker | 172.24.0.6 | NetBox worker | Compose |
**Note:** NetBox container is also on dockerproxy network for Traefik access.
---
## slurpit_slurpit-network (Auto-assigned)
Slurp'it stack uses its own internal network with auto-assigned IPs.
Portal is also connected to dockerproxy for Traefik access.
| Container | Purpose | Config |
|-----------|---------|--------|
| slurpit-portal | Web UI | Compose |
| slurpit-scanner | Network scanner | Compose |
| slurpit-scraper | Device data collector | Compose |
| slurpit-warehouse | Data API | Compose |
| slurpit-mariadb | Portal database | Compose |
| slurpit-mongodb | Discovery database | Compose |
---
## br0 Network (LAN Macvlan - 192.168.31.x)
@@ -125,15 +143,14 @@ These containers share the host network stack.
## Docker Compose Files
Compose-managed stacks with persistent static IPs:
| Stack | Location | Containers |
|-------|----------|------------|
| NetBox | `/mnt/user/appdata/netbox/docker-compose.yml` | netbox, netbox-worker, netbox-postgres, netbox-redis, netbox-redis-cache |
| NetDisco | `/mnt/user/appdata/netdisco/docker-compose.yml` | netdisco-web, netdisco-backend |
| Gitea | `/mnt/user/appdata/gitea/docker-compose.yml` | gitea |
| Woodpecker | `/mnt/user/appdata/woodpecker/docker-compose.yml` | woodpecker-server, woodpecker-agent |
| Pangolin | `/mnt/user/appdata/pangolin/docker-compose.yml` | pangolin |
| Stack | Location |
|-------|----------|
| NetBox | `/mnt/user/appdata/netbox/docker-compose.yml` |
| NetDisco | `/mnt/user/appdata/netdisco/docker-compose.yml` |
| Gitea | `/mnt/user/appdata/gitea/docker-compose.yml` |
| Woodpecker | `/mnt/user/appdata/woodpecker/docker-compose.yml` |
| Pangolin | `/mnt/user/appdata/pangolin/docker-compose.yml` |
| Slurp'it | `/mnt/user/appdata/slurpit/docker-compose.yml` |
---
@@ -160,4 +177,7 @@ Use Unraid Docker UI to update/recreate - static IP is preserved in template.
```bash
# Check all IPs on a network
docker network inspect <network> --format '{{range .Containers}}{{.Name}}: {{.IPv4Address}}{{"\n"}}{{end}}'
# Check specific container
docker inspect <container> | jq '.[0].NetworkSettings.Networks'
```