jazzymc/infrastructure
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update documentation with correct VLAN IPs
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details

Browse Source 
Hardware Inventory:
- Unraid server: 192.168.10.20
- Unraid AdGuard (macvlan): 192.168.10.10
- Router: 192.168.10.1
- CSS326 switch: 192.168.10.9
- ZX switch: 192.168.10.7
- cAP XL: 192.168.10.6

Critical Services:
- Updated DNS section with correct container IPs
- Added failover details and Web UI URLs
- Updated routing to reflect VLAN structure
- Updated DHCP pools for all VLANs

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Kaloyan Danchev
2026-01-31 22:22:10 +02:00
parent f56a43741d
commit 7470d3f502
2 changed files with 32 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
docs/02-SERVICES-CRITICAL.md
View File

@@ -1,6 +1,6 @@
# Critical Services
**Last Updated:** 2026-01-25
**Last Updated:** 2026-01-31
Services that must remain operational for network functionality and security.
@@ -21,21 +21,23 @@ Services that must remain operational for network functionality and security.
| Instance | Host | IP | Role |
|----------|------|-----|------|
| Primary | HAP1 | 172.17.0.5 | Main DNS, DoH/DoT/DoQ |
| Secondary | XTRM-U | 192.168.31.4 | Failover DNS |
| Primary | HAP1 (container) | 172.17.0.2 | Main DNS |
| Secondary | XTRM-U (macvlan) | 192.168.10.10 | Failover DNS |
**Endpoints:**
- DoH: `https://dns.xtrm-lab.org/dns-query`
- DoT: `tls://dns.xtrm-lab.org:853`
- DoQ: `quic://dns.xtrm-lab.org:8853`
**Failover:** Automatic via Netwatch (ping + DNS resolution checks)
**Config Sync:** adguardhome-sync (every 30 min)
**Config Sync:** adguardhome-sync (every 30 min, Unraid → MikroTik)
**Upstream:** Quad9 DoH (`https://dns10.quad9.net/dns-query`)
**Upstream:** Quad9 DoH (`https://dns.quad9.net/dns-query`)
**Web UI:**
- Primary: http://192.168.10.1:3000
- Secondary: http://192.168.10.10:3000
- Credentials: jazzymc / 7RqWElENNbZnPW
**Recovery:**
1. If primary fails → clients use secondary (192.168.31.4)
2. Restart container on HAP1: `/container/start adguardhome`
1. If primary fails → automatic failover to secondary (192.168.10.10)
2. Manual restart: `/container start [find name~"adguard"]`
---
@@ -44,25 +46,28 @@ Services that must remain operational for network functionality and security.
| Function | Details |
|----------|---------|
| WAN | 62.73.120.142 via Vivacom fiber |
| LAN | 192.168.31.0/24 |
| NAT | Port forwarding to XTRM-U |
| VLANs | 10 (Mgmt), 20 (Trusted), 25 (Kids), 30 (IoT), 40 (CatchAll) |
| NAT | Port forwarding to XTRM-U (192.168.10.20) |
| Firewall | RouterOS firewall rules |
**Recovery:**
1. Physical access to HAP1
2. Reset: hold reset button 5s
3. Reconfigure via WinBox or SSH
3. Reconfigure via WinBox or SSH (port 2222)
---
### DHCP (HAP1)
| Pool | Range |
|------|-------|
| Dynamic | 192.168.31.100-200 |
| Lease Time | 24 hours |
| VLAN | Pool | Range |
|------|------|-------|
| 10 (Mgmt) | pool-vlan10 | 192.168.10.100-200 |
| 20 (Trusted) | pool-vlan20 | 192.168.20.100-200 |
| 25 (Kids) | pool-vlan25 | 192.168.25.100-200 |
| 30 (IoT) | pool-vlan30 | 192.168.30.100-200 |
| 40 (CatchAll) | dhcp | 192.168.1.10-254 |
**Static Leases:** Managed in RouterOS DHCP server
**Lease Time:** 30 minutes
---