jazzymc/infrastructure
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update docs: Slurpit deployment, static IPs, Traefik fixes
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details

Browse Source 
- Added Slurpit server stack (6 containers) to infrastructure
- Updated service table with all current containers and static IPs
- Documented docker-compose managed stacks
- Added Slurpit, NetBox plugin fixes to changelog
- Fixed actual-budget and netbox Traefik routing
- Updated container IP assignments with Slurpit stack
This commit is contained in:
XTRM-Unraid
2026-01-21 12:50:57 +02:00
parent 80073c61d3
commit 266a45125a
3 changed files with 194 additions and 238 deletions
Download Patch File Download Diff File Expand all files Collapse all files

349
docs/00-CURRENT-STATE.md
View File

@@ -2,7 +2,7 @@
## Current Infrastructure State ## Current Infrastructure State
**Document Updated:** 2026-01-18 **Document Updated:** 2026-01-21
**Target Domain:** xtrm-lab.org **Target Domain:** xtrm-lab.org
--- ---
@@ -29,7 +29,6 @@
- `docker-bridge` - Container network (172.17.0.1/24) - `docker-bridge` - Container network (172.17.0.1/24)
- `back-to-home-vpn` - WireGuard VPN (192.168.216.1/24) - `back-to-home-vpn` - WireGuard VPN (192.168.216.1/24)
**SNMP Configuration:** **SNMP Configuration:**
| Device | Community | Access | Status | | Device | Community | Access | Status |
|--------|-----------|--------|--------| |--------|-----------|--------|--------|
@@ -52,10 +51,6 @@
| Ports | 24x Gigabit + 2x SFP | | Ports | 24x Gigabit + 2x SFP |
| OS | SwOS (MikroTik Switch OS) | | OS | SwOS (MikroTik Switch OS) |
| Web UI | http://192.168.31.9/index.html | | Web UI | http://192.168.31.9/index.html |
| Username | admin |
| Password | M0stW4nt3d@xtrm |
**Uplink:** Connected to hAP ax³ via eth4_CCS324_Uplink
### MikroTik cAP ac (192.168.31.6) ### MikroTik cAP ac (192.168.31.6)
@@ -64,142 +59,111 @@
| Role | CAPsMAN Managed Access Point | | Role | CAPsMAN Managed Access Point |
| RouterOS Version | 7.20.1 (stable) | | RouterOS Version | 7.20.1 (stable) |
| Identity | CAP XL ac | | Identity | CAP XL ac |
| Board | RBcAPGi-5acD2nD |
| SSH Access | `ssh -p 2222 xtrm@192.168.31.6` |
| SSH Password | M0stW4nt3d@xtrm |
**Note:** SSH key (id_ed25519 from Desktop) installed for key-based auth. ---
### WiFi Networks ## Unraid Server (192.168.31.2)
| SSID | Password | Bands | Security | Purpose |
|------|----------|-------|----------|---------|
| XTRM | M0stW4nt3d@home | 2.4GHz + 5GHz | WPA/WPA2 (2.4GHz), WPA2/WPA3 (5GHz) | Main network |
| XTRM2 | M0stW4nt3d@IoT | 2.4GHz | WPA/WPA2 | Legacy/IoT devices |
**CAPsMAN:** hAP ax³ manages cAP ac via CAPsMAN (WiFi controller). See [09-MIKROTIK-WIFI-CAPSMAN.md](./09-MIKROTIK-WIFI-CAPSMAN.md) for full configuration.
### Unraid Server (192.168.31.2)
**Tailscale IP:** 100.100.208.70 **Tailscale IP:** 100.100.208.70
**SSH Access:** `ssh -i ~/.ssh/id_ed25519_unraid root@192.168.31.2 -p 422`
**Key Services:** ### Docker Networks
| Service | Container Name | Port(s) | Network | External URL | | Network | Subnet | Purpose |
|---------|---------------|---------|---------|--------------| |---------|--------|---------|
| Portainer | portainer | 9002→9000, 9444→9443 | bridge | http://100.100.208.70:9002 (Tailscale) | | dockerproxy | 172.18.0.0/16 | Traefik-accessible services |
| Pi-hole | binhex-official-pihole | 53, 80, 67 | br0 (192.168.31.4) | ph1.xtrm-lab.org | | netbox | 172.24.0.0/16 | NetBox stack |
| Unbound | unbound | 53 | br0 (192.168.31.5) | - | | slurpit_slurpit-network | Auto | Slurp'it stack |
| Traefik | traefik | 8001→80, 44301→443 | dockerproxy | traefik.xtrm-lab.org | | br0 | 192.168.31.0/24 | LAN macvlan |
| Authentik | authentik | 9000, 9443 | dockerproxy | auth.xtrm-lab.org | | bridge | 172.17.0.0/16 | Default Docker bridge |
| Authentik Worker | authentik-worker | - | authentik | - | | host | - | Host network stack |
| Vaultwarden | vaultwarden | 4743→80 | bridge | vault.xtrm-lab.org |
| Plex | plex | 32400 | host | plex.xtrm-lab.org | ### Key Services
| Home Assistant | HomeAssistant_inabox | 8123 | host (192.168.31.15) | ha.xtrm-lab.org |
| Transmission | transmission | 9091, 51413 | bridge | - | | Service | Container | Static IP | External URL |
| Nextcloud | Nextcloud | 8666→80 | bridge | - | |---------|-----------|-----------|--------------|
| PostgreSQL | postgresql17 | 5432 | bridge | - | | **Core Infrastructure** |
| Redis | Redis | 6379 | bridge | - | | Reverse Proxy | traefik | 172.18.0.3 | traefik.xtrm-lab.org |
| Uptime Kuma | UptimeKuma | 3001 | bridge | - | | Docker Socket | dockersocket | 172.18.0.2 | - |
| NetAlertX | NetAlertX | 20211 | host | netalert.xtrm-lab.org | | Dashboard | homarr | 172.18.0.4 | xtrm-lab.org |
| UrBackup | UrBackup | 55414 | host | urbackup.xtrm-lab.org | | **Security** |
| Homarr | homarr | 10004→7575 | bridge | - | | Identity Provider | authentik | 172.18.0.11 | auth.xtrm-lab.org |
| NetBox | netbox | 8090→8080 | dockerproxy | netbox.xtrm-lab.org | | Authentik Worker | authentik-worker | 172.18.0.12 | - |
| NetBox Worker | netbox-worker | - | netbox | - | | Password Manager | vaultwarden | 172.18.0.15 | vault.xtrm-lab.org |
| NetBox Housekeeping | netbox-housekeeping | - | netbox | - | | **Databases** |
| NetBox PostgreSQL | netbox-postgres | 5432 | netbox | - | | PostgreSQL | postgresql17 | 172.18.0.13 | - |
| NetBox Redis | netbox-redis | 6379 | netbox | - | | Redis | Redis | 172.18.0.14 | - |
| NetBox Redis Cache | netbox-redis-cache | 6379 | netbox | - | | **DNS** |
| Nebula Sync | nebula-sync | - | - | Pi-hole sync | | Pi-hole (Unraid) | binhex-official-pihole | 192.168.31.4 | ph1.xtrm-lab.org |
| DoH Server | DoH-Server | 8053 | dockerproxy | doh.xtrm-lab.org | | Unbound (Unraid) | unbound | 192.168.31.5 | - |
| stunnel DoT | stunnel-dot | 853 | bridge | dns.xtrm-lab.org:853 | | DoH Server | DoH-Server | 172.18.0.22 | doh.xtrm-lab.org |
| Pangolin | pangolin | 3003→3001, 3004→3002 | bridge | Fossorial controller | | **DevOps** |
| Gitea | gitea | 3005→3000, 2222→22 | dockerproxy | git.xtrm-lab.org | | Git Server | gitea | 172.18.0.31 | git.xtrm-lab.org |
| Woodpecker Server | woodpecker-server | 8008→8000 | dockerproxy | ci.xtrm-lab.org | | CI/CD Server | woodpecker-server | 172.18.0.32 | ci.xtrm-lab.org |
| Woodpecker Agent | woodpecker-agent | - | dockerproxy | - | | CI/CD Agent | woodpecker-agent | 172.18.0.33 | - |
| RustDesk ID | rustdesk-hbbs | 21115-21116, 21118-21119 | bridge | rustdesk.xtrm-lab.org | | **Network Management** |
| RustDesk Relay | rustdesk-hbbr | 21117 | bridge | rustdesk.xtrm-lab.org | | NetBox | netbox | 172.24.0.5 | netbox.xtrm-lab.org |
| NetDisco Web | netdisco-web | 5000 | dockerproxy | https://netdisco.xtrm-lab.org | | NetBox Worker | netbox-worker | 172.24.0.6 | - |
| NetDisco Backend | netdisco-backend | - | dockerproxy | SNMP polling daemon | | NetBox PostgreSQL | netbox-postgres | 172.24.0.4 | - |
| NetBox Redis | netbox-redis | 172.24.0.2 | - |
| NetBox Redis Cache | netbox-redis-cache | 172.24.0.3 | - |
| NetDisco Web | netdisco-web | 172.18.0.41 | netdisco.xtrm-lab.org |
| NetDisco Backend | netdisco-backend | 172.18.0.42 | - |
| Unimus | unimus | host | unimus.xtrm-lab.org |
| **Slurp'it Discovery** |
| Slurp'it Portal | slurpit-portal | dockerproxy | slurpit.xtrm-lab.org |
| Slurp'it Scanner | slurpit-scanner | slurpit-network | - |
| Slurp'it Scraper | slurpit-scraper | slurpit-network | - |
| Slurp'it Warehouse | slurpit-warehouse | slurpit-network | - |
| Slurp'it MariaDB | slurpit-mariadb | slurpit-network | - |
| Slurp'it MongoDB | slurpit-mongodb | slurpit-network | - |
| **Monitoring** |
| Uptime Kuma | UptimeKuma | 172.18.0.20 | uptime.xtrm-lab.org |
| Uptime Kuma API | Uptime-Kuma-API | 172.18.0.18 | - |
| AutoKuma | AutoKuma | 172.18.0.19 | - |
| NetAlertX | NetAlertX | host | netalert.xtrm-lab.org |
| Speedtest Tracker | speedtest-tracker | 172.18.0.21 | speedtest.xtrm-lab.org |
| **Productivity** |
| Actual Budget | actual-budget | 172.18.0.16 | actual.xtrm-lab.org |
| n8n | n8n | 172.18.0.17 | n8n.xtrm-lab.org |
| Karakeep | karakeep | 172.18.0.25 | karakeep.xtrm-lab.org |
| **Media & Storage** |
| Plex | plex | host | plex.xtrm-lab.org |
| Nextcloud | Nextcloud | 172.18.0.24 | nextcloud.xtrm-lab.org |
| Libation | Libation | 172.18.0.23 | - |
| Transmission | transmission | 172.18.0.26 | - |
| Time Machine | TimeMachine | 192.168.31.12 | - |
| **Remote Access** |
| RustDesk ID | rustdesk-hbbs | bridge | rustdesk.xtrm-lab.org |
| RustDesk Relay | rustdesk-hbbr | bridge | - |
| **Other** |
| Home Assistant | HomeAssistant_inabox | host | ha.xtrm-lab.org |
| UrBackup | UrBackup | host | urbackup.xtrm-lab.org |
| Portainer | portainer | bridge | 192.168.31.2:9002 |
| Pangolin | pangolin | 172.18.0.51 | - |
--- ---
## Current NAT/Port Forwarding (MikroTik) ## Docker Compose Managed Stacks
| Rule | Protocol | WAN Port | Destination | Purpose | | Stack | Location | Containers |
|------|----------|----------|-------------|---------| |-------|----------|------------|
| Forward HTTP | TCP | 80 | 192.168.31.2:8001 | Traefik HTTP | | NetBox | `/mnt/user/appdata/netbox/docker-compose.yml` | netbox, netbox-worker, netbox-postgres, netbox-redis, netbox-redis-cache |
| Forward HTTPS | TCP | 443 | 192.168.31.2:44301 | Traefik HTTPS | | NetDisco | `/mnt/user/appdata/netdisco/docker-compose.yml` | netdisco-web, netdisco-backend |
| Plex | TCP | 32400 | 192.168.31.2:32400 | Plex Media Server | | Gitea | `/mnt/user/appdata/gitea/docker-compose.yml` | gitea |
| Transmission | TCP/UDP | 51413 | 192.168.31.2:51413 | BitTorrent | | Woodpecker | `/mnt/user/appdata/woodpecker/docker-compose.yml` | woodpecker-server, woodpecker-agent |
| DoT | TCP | 853 | 172.17.0.2:853 | DNS over TLS | | Pangolin | `/mnt/user/appdata/pangolin/docker-compose.yml` | pangolin |
| DoH | TCP/UDP | 5443 | 172.17.0.2:443 | DNS over HTTPS | | Slurp'it | `/mnt/user/appdata/slurpit/docker-compose.yml` | slurpit-portal, slurpit-scanner, slurpit-scraper, slurpit-warehouse, slurpit-mariadb, slurpit-mongodb |
| DNS Force | UDP/TCP | 53 | 172.17.0.2:53 | Force LAN DNS to Pi-hole |
| RustDesk NAT Test | TCP | 21115 | 192.168.31.2:21115 | RustDesk NAT Test |
| RustDesk ID TCP | TCP | 21116 | 192.168.31.2:21116 | RustDesk ID Server |
| RustDesk ID UDP | UDP | 21116 | 192.168.31.2:21116 | RustDesk ID Server |
| RustDesk Relay | TCP | 21117 | 192.168.31.2:21117 | RustDesk Relay |
--- ---
## Current WireGuard Configuration ## NetBox Plugins
**Interface:** `back-to-home-vpn` | Plugin | Version | Status |
- Listen Port: 59188 |--------|---------|--------|
- Address: 192.168.216.1/24 | slurpit_netbox | 1.2.7 | Active |
- Public Key: `3e+p++SJ6f5EURt6WCKApOLMQHWpURm/vn/0s9+EKzs=`
**Existing Peers:** **Note:** Plugin config mounted from `/mnt/user/appdata/netbox/config/plugins.py`
1. hAP ax³ (secondary device)
2. Kaloyan's S25 Ultra (mobile)
3. Additional peer (unnamed)
---
## Traefik Configuration
**Entry Points:**
- HTTP (:80) → Redirects to HTTPS
- HTTPS (:443)
**Certificate Resolver:** Cloudflare DNS Challenge
- Email: admin@xtrm-lab.org
- DNS Provider: Cloudflare
**Existing Middlewares:**
- `default-headers` - Security headers (HSTS, XSS protection, etc.)
- `authentik-forward-auth` - Forward auth to Authentik (configured but not applied)
- `pihole1-redirect` / `pihole2-redirect` - Redirect root to /admin/
---
## Authentik Configuration
| Parameter | Value |
|-----------|-------|
| Version | 2025.8.1 |
| URL | auth.xtrm-lab.org |
| PostgreSQL Host | postgresql17 |
| Database | authentik_db |
| Redis Host | redis |
| Network | dockerproxy |
**Status:** Deployed but not yet integrated with services
---
## Portainer Configuration (Phase 6)
| Parameter | Value |
|-----------|-------|
| Version | CE Latest |
| HTTP Port | 9002 |
| HTTPS Port | 9444 |
| Data Path | /mnt/user/appdata/portainer |
| Tailscale URL | http://100.100.208.70:9002 |
| Local URL | http://192.168.31.2:9002 |
**Status:** Deployed, awaiting initial setup and MikroTik connection (Phase 6.2/6.3)
--- ---
@@ -241,113 +205,44 @@
--- ---
## Service Interruption Risk Assessment ## Current NAT/Port Forwarding (MikroTik)
| Phase | Component | Interruption Risk | Mitigation | | Rule | Protocol | WAN Port | Destination | Purpose |
|-------|-----------|-------------------|------------| |------|----------|----------|-------------|---------|
| 1 | Tailscale Integration | LOW | Add-on service, no changes to existing | | Forward HTTP | TCP | 80 | 192.168.31.2:8001 | Traefik HTTP |
| 1 | DoH Endpoint | LOW | New endpoint, existing DNS unaffected | | Forward HTTPS | TCP | 443 | 192.168.31.2:44301 | Traefik HTTPS |
| 2 | Pangolin/Gerbil | MEDIUM | New containers, may conflict with WG port 51820 | | Plex | TCP | 32400 | 192.168.31.2:32400 | Plex Media Server |
| 2 | Newt Connector | LOW | Outbound only | | Transmission | TCP/UDP | 51413 | 192.168.31.2:51413 | BitTorrent |
| 3 | Authentik Forward Auth | HIGH | Will gate all services - test thoroughly | | DoT | TCP | 853 | 172.17.0.2:853 | DNS over TLS |
| 4 | Sunshine/Moonlight | LOW | New service, Tailscale-only access | | DoH | TCP/UDP | 5443 | 172.17.0.2:443 | DNS over HTTPS |
| 5 | RustDesk | MEDIUM | New ports required on MikroTik | | DNS Force | UDP/TCP | 53 | 172.17.0.2:53 | Force LAN DNS to Pi-hole |
| 6 | Portainer | LOW | Management tool only, no service impact | | RustDesk | TCP/UDP | 21115-21119 | 192.168.31.2 | RustDesk Server |
--- ---
## Ports Required for Full Implementation ## Traefik Configuration
### New MikroTik Port Forwards Needed: **Entry Points:**
- HTTP (:80) → Redirects to HTTPS
- HTTPS (:443)
| Service | Protocol | Port(s) | Destination | Phase | **Certificate Resolver:** Cloudflare DNS Challenge
|---------|----------|---------|-------------|-------|
| WireGuard (Fossorial) | UDP | 51820 | 192.168.31.2:51820 | 2 | **Docker Provider Constraint:** `traefik.constraint=valid`
| RustDesk ID TCP | TCP | 21115-21117 | 192.168.31.2:21115-21117 | 5 | - Containers need this label to be auto-discovered
| RustDesk Relay | TCP | 21118-21119 | 192.168.31.2:21118-21119 | 5 | - Otherwise add routes to `/mnt/user/appdata/traefik/dynamic.yml`
| RustDesk NAT | UDP | 21116 | 192.168.31.2:21116 | 5 |
--- ---
## Next Steps ## Reference Documents
Proceed to individual phase documents: - [Phase 1: Global DNS Portability](./01-PHASE1-DNS-PORTABILITY.md)
1. [Phase 1: Global DNS Portability](./01-PHASE1-DNS-PORTABILITY.md) - [Phase 2: Fossorial Tunnel Stack](./02-PHASE2-FOSSORIAL-STACK.md)
2. [Phase 2: Fossorial Tunnel Stack](./02-PHASE2-FOSSORIAL-STACK.md) - [Phase 3: Identity & Zero Trust](./03-PHASE3-AUTHENTIK-ZEROTRUST.md)
3. [Phase 3: Identity & Zero Trust](./03-PHASE3-AUTHENTIK-ZEROTRUST.md) - [Phase 4: Remote Gaming](./04-PHASE4-REMOTE-GAMING.md)
4. [Phase 4: Remote Gaming](./04-PHASE4-REMOTE-GAMING.md) - [Phase 5: RustDesk Setup](./05-PHASE5-RUSTDESK.md)
5. [Phase 5: RustDesk Setup](./05-PHASE5-RUSTDESK.md) - [Phase 6: Portainer Management](./06-PHASE6-PORTAINER-MANAGEMENT.md)
6. [Phase 6: Portainer Management](./06-PHASE6-PORTAINER-MANAGEMENT.md) - [Phase 7: Gitea GitOps](./08-PHASE7-GITEA-GITOPS.md)
7. [Phase 7: Gitea GitOps](./08-PHASE7-GITEA-GITOPS.md) - [Phase 8: NetDisco Integration](./12-PHASE8-NETDISCO-INTEGRATION.md)
8. [Phase 8: NetDisco Integration](./12-PHASE8-NETDISCO-INTEGRATION.md) - [Container IP Assignments](./13-CONTAINER-IP-ASSIGNMENTS.md)
- [MikroTik WiFi & CAPsMAN](./09-MIKROTIK-WIFI-CAPSMAN.md)
**Reference Documents:**
- [MikroTik WiFi & CAPsMAN Configuration](./09-MIKROTIK-WIFI-CAPSMAN.md)
---
## Completed Infrastructure Tasks
### Static IP Assignment for Critical Services
**Status:** COMPLETED (2026-01-18)
**Priority:** High
**Reason:** Critical services should have static IPs outside DHCP/dynamic lease range to prevent IP conflicts and ensure reliable inter-container communication.
#### dockerproxy Network (172.18.0.0/16)
Static IP range: 172.18.0.2 - 172.18.0.50
| Service | Static IP |
|---------|-----------|
| dockersocket | 172.18.0.2 |
| traefik | 172.18.0.3 |
| authentik | 172.18.0.11 |
| authentik-worker | 172.18.0.12 |
| postgresql17 | 172.18.0.13 |
| Redis | 172.18.0.14 |
| vaultwarden | 172.18.0.15 |
#### bridge Network (172.17.0.0/16)
Static IP range: 172.17.0.2 - 172.17.0.50
| Service | Static IP |
|---------|-----------|
| portainer | 172.17.0.2 |
| rustdesk-hbbs | 172.17.0.3 |
| rustdesk-hbbr | 172.17.0.4 |
#### Implementation Steps
1. [x] Update Docker network IPAM config to reserve static range
2. [x] Recreate critical containers with --ip flag or docker-compose static IP
3. [x] Update any hardcoded references to old IPs
4. [x] Test inter-container connectivity
5. [x] Document final IP assignments
**Note:** IPs assigned via `docker network connect --ip`. To persist across container recreation, update Unraid Docker templates or use docker-compose.
---
## Unraid Docker Organization
### FolderView2 Plugin
Docker containers are organized into categories using the FolderView2 plugin.
**Icon Collection:** [Dazzle Line Icons](https://www.svgrepo.com/collection/dazzle-line-icons/) from SVGRepo
**Categories:**
| Category | Containers | Icon |
|----------|------------|------|
| Infrastructure | traefik, unbound, binhex-official-pihole, DoH-Server, stunnel-dot, pangolin, dockersocket, nebula-sync | network.svg |
| Security | authentik, authentik-worker, vaultwarden | shield-lock.svg |
| Monitoring | UptimeKuma, Uptime-Kuma-API, AutoKuma, NetAlertX, speedtest-tracker, netbox, netbox-worker, netbox-housekeeping | monitoring.svg |
| DevOps | gitea, woodpecker-server, woodpecker-agent, postgresql17, Redis, pgAdmin4, netbox-postgres, netbox-redis, netbox-redis-cache | database-03.svg |
| Media | plex, Libation, transmission | media-play-circle.svg |
| Storage/Backup | rustfs, UrBackup, TimeMachine, Nextcloud | clock-rewind.svg |
| Productivity | actual-budget, n8n, karakeep, homarr | dashboard.svg |
| Smart Home | HomeAssistant_inabox | smart-home.svg |
| Remote Access | rustdesk-hbbs, rustdesk-hbbr | remote.svg |
| Management | portainer, unimus | settings.svg |
**Config Location:** `/boot/config/plugins/folder.view2/docker.json`

41
docs/06-CHANGELOG.md
View File

@@ -42,3 +42,44 @@
### NetBox Stack Rebuild ### NetBox Stack Rebuild
- [FIX] Recreated netbox containers with correct Redis/Postgres IPs - [FIX] Recreated netbox containers with correct Redis/Postgres IPs
- [CONFIG] NetBox stack now uses static IPs (172.24.0.2-7) - [CONFIG] NetBox stack now uses static IPs (172.24.0.2-7)
## 2026-01-21 - Slurp'it Server Deployment & Fixes
### Persistent Static IP Configuration
- [CONFIG] Updated Unraid Docker templates with MyIP and --ip flags
- [CONFIG] Created docker-compose files for compose-managed stacks:
- /mnt/user/appdata/netbox/docker-compose.yml
- /mnt/user/appdata/netdisco/docker-compose.yml
- /mnt/user/appdata/gitea/docker-compose.yml
- /mnt/user/appdata/woodpecker/docker-compose.yml
- /mnt/user/appdata/pangolin/docker-compose.yml
- [DOC] Updated 13-CONTAINER-IP-ASSIGNMENTS.md with compose locations
### Slurp'it NetBox Plugin Fixes
- [FIX] Mounted plugins.py config to enable slurpit_netbox plugin
- [FIX] Added missing owner_id column to 6 slurpit tables (NetBox 4.5 compatibility)
- [FIX] Added missing cable_connector column to slurpitinterface table
- [STATUS] Plugin now fully functional at /plugins/slurpit/
### Slurp'it Server Deployment
- [DEPLOY] Full Slurp'it stack deployed (6 containers)
- [URL] https://slurpit.xtrm-lab.org
- [CONTAINERS]:
- slurpit-portal (Web UI)
- slurpit-scanner (Network scanner)
- slurpit-scraper (Device data collector)
- slurpit-warehouse (Data API)
- slurpit-mariadb (Portal database)
- slurpit-mongodb (Discovery database)
- [CONFIG] /mnt/user/appdata/slurpit/docker-compose.yml
- [CREDS] admin / 12345678 (change on first login)
### NetBox Traefik Fix
- [FIX] Connected netbox container to dockerproxy network
- [FIX] Added dockerproxy network to netbox docker-compose.yml
- [STATUS] https://netbox.xtrm-lab.org now accessible
### Actual Budget Traefik Fix
- [FIX] Added actual-budget route to /mnt/user/appdata/traefik/dynamic.yml
- [STATUS] https://actual.xtrm-lab.org now accessible

42
docs/13-CONTAINER-IP-ASSIGNMENTS.md
View File

@@ -1,9 +1,9 @@
# Container Static IP Assignments # Container Static IP Assignments
**Last Updated:** 2026-01-20 **Last Updated:** 2026-01-21
This document lists all static IP assignments for Docker containers on Unraid. This document lists all static IP assignments for Docker containers on Unraid.
Static IPs are now configured in docker-compose files and Unraid templates for persistence. Static IPs are configured in docker-compose files and Unraid templates for persistence.
--- ---
@@ -80,6 +80,24 @@ Static IP range: 172.24.0.2 - 172.24.0.20
| netbox | 172.24.0.5 | NetBox web UI | Compose | | netbox | 172.24.0.5 | NetBox web UI | Compose |
| netbox-worker | 172.24.0.6 | NetBox worker | Compose | | netbox-worker | 172.24.0.6 | NetBox worker | Compose |
**Note:** NetBox container is also on dockerproxy network for Traefik access.
---
## slurpit_slurpit-network (Auto-assigned)
Slurp'it stack uses its own internal network with auto-assigned IPs.
Portal is also connected to dockerproxy for Traefik access.
| Container | Purpose | Config |
|-----------|---------|--------|
| slurpit-portal | Web UI | Compose |
| slurpit-scanner | Network scanner | Compose |
| slurpit-scraper | Device data collector | Compose |
| slurpit-warehouse | Data API | Compose |
| slurpit-mariadb | Portal database | Compose |
| slurpit-mongodb | Discovery database | Compose |
--- ---
## br0 Network (LAN Macvlan - 192.168.31.x) ## br0 Network (LAN Macvlan - 192.168.31.x)
@@ -125,15 +143,14 @@ These containers share the host network stack.
## Docker Compose Files ## Docker Compose Files
Compose-managed stacks with persistent static IPs: | Stack | Location |
|-------|----------|
| Stack | Location | Containers | | NetBox | `/mnt/user/appdata/netbox/docker-compose.yml` |
|-------|----------|------------| | NetDisco | `/mnt/user/appdata/netdisco/docker-compose.yml` |
| NetBox | `/mnt/user/appdata/netbox/docker-compose.yml` | netbox, netbox-worker, netbox-postgres, netbox-redis, netbox-redis-cache | | Gitea | `/mnt/user/appdata/gitea/docker-compose.yml` |
| NetDisco | `/mnt/user/appdata/netdisco/docker-compose.yml` | netdisco-web, netdisco-backend | | Woodpecker | `/mnt/user/appdata/woodpecker/docker-compose.yml` |
| Gitea | `/mnt/user/appdata/gitea/docker-compose.yml` | gitea | | Pangolin | `/mnt/user/appdata/pangolin/docker-compose.yml` |
| Woodpecker | `/mnt/user/appdata/woodpecker/docker-compose.yml` | woodpecker-server, woodpecker-agent | | Slurp'it | `/mnt/user/appdata/slurpit/docker-compose.yml` |
| Pangolin | `/mnt/user/appdata/pangolin/docker-compose.yml` | pangolin |
--- ---
@@ -160,4 +177,7 @@ Use Unraid Docker UI to update/recreate - static IP is preserved in template.
```bash ```bash
# Check all IPs on a network # Check all IPs on a network
docker network inspect <network> --format '{{range .Containers}}{{.Name}}: {{.IPv4Address}}{{"\n"}}{{end}}' docker network inspect <network> --format '{{range .Containers}}{{.Name}}: {{.IPv4Address}}{{"\n"}}{{end}}'
# Check specific container
docker inspect <container> | jq '.[0].NetworkSettings.Networks'
``` ```