- Deployed Ollama + Open WebUI on Unraid
- Created custom unraid-assistant model with full infrastructure knowledge:
- Network topology (8 VLANs, all IPs/gateways)
- 45+ Docker containers with ports and purposes
- RouterOS 7 commands and VLAN patterns
- Traefik labels and Authentik SSO middleware
- All xtrm-lab.org external URLs
- Added /usr/local/bin/ai terminal helper command
- Documented RAM optimization (stopped 5 containers)
- Added future upgrade notes for Mac Mini M4
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Ollama and Open WebUI deployed and running
- qwen2.5-coder:7b model installed (4.7GB)
- Intel GPU passthrough enabled
- Stopped non-critical containers for RAM
- Added docker commands and usage instructions
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Issues fixed after first activation attempt:
- DHCP DNS now points to each VLAN gateway
- DNS redirect rules cover all VLANs
- VLAN interfaces added to LAN firewall list
- NAT masquerade for VLAN→AdGuard traffic
CSS326 switch configured via SwOS.
MikroTik backup saved.
Ready to enable VLAN filtering when convenient.
- Actual IP: 192.168.31.22 (was documented as .7)
- Verified via ARP table and web interface access
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Enabled SFP1 on CSS326 (was disabled)
- 10G DAC link to ZX1-SFP1 now active
- Updated port utilization diagrams
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Both AdGuard instances now use Quad9 DoH (dns.quad9.net)
- Bootstrap DNS: 9.9.9.9, 149.112.112.112
- New 02-PORT-UTILIZATION.md with ASCII diagrams for all devices
- Fixed Tailscale container DNS and route configuration
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Created without disruption:
- 6 VLANs (10,20,30,35,40,50) on bridge
- DHCP pools and servers for each VLAN
- Inter-VLAN firewall rules
- WiFi SSIDs: Home-Trusted, Home-IoT, Home-Guest
- Legacy 192.168.31.0/24 still active
Next: Enable VLAN filtering to activate segmentation
- Phase 1: N100 Intel iGPU setup (Ollama, Open WebUI, Aider)
- Phase 2: Future migration to N5 Air AMD 780M
- Phase 3: Network topology for AI management
- Customized for current infrastructure (192.168.31.x)
- Added mikrotik-containers-bridge-setup.rsc for shared container networking
- Added mikrotik-tailscale-setup.rsc for Tailscale container
- Added docs/10-MIKROTIK-TAILSCALE.md with full documentation
- Both containers now use containers-br bridge (172.17.0.1/24)
- AdGuard: 172.17.0.2, Tailscale: 172.17.0.3
New Structure:
- 01-NETWORK-MAP.md - Network topology, IPs, Docker networks, services
- 02-SERVICES-CRITICAL.md - DNS, Auth, Routing (P0/P1 services)
- 03-SERVICES-OTHER.md - All non-critical services
- 04-HARDWARE-INVENTORY.md - Physical devices and specs
- 05-CHANGELOG.md - Major events only
New Folders:
- docs/archive/ - Legacy docs (read-only reference)
- docs/wip/ - Planned changes and ideas
- UPGRADE-2026-HARDWARE.md - N5 Air + N100 migration plan
- GITOPS-CONTAINERS.md - Phase 2 container GitOps
Changes:
- Moved all 22 legacy docs to archive/
- Consolidated container IPs, physical map, and services into single network map
- Extracted critical vs non-critical service classification
- Simplified changelog to major events only
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix ZX1-3 port reference (PP2-2, XU2)
- Fix CSS1-2 connection to KVM1
- Fix CSS326 PP1 port references (19-24)
- Fix CSS1-SFP1 to show ZX1 connection
- Fix CSS1-18 status (remove double check)
- Fix PP2 section title (U8)
- Add ZX1 to IP allocation table
- Regenerate topology diagram with backbone ports marked
- Add NetBox plugins documentation to current state
- Removed Pi-hole container (using MikroTik AdGuard Home as primary)
- Removed nebula-sync container (not in use)
- Added adguardhome-sync for rule syncing between MikroTik and Unraid AdGuard
- Added 27 monitors to Uptime Kuma for all services
- Updated container IP assignments
- Migrated NetBox to shared postgresql17
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
