infrastructure/CLAUDE.md

# Home Network - Unraid Server

## Connect to Unraid

When user says "connect unraid", use this command:
```bash
ssh -i ~/.ssh/id_ed25519_unraid root@192.168.10.20 -p 422
```

## Connect to Nobara (Failover Node)

```bash
ssh nobara
# or: ssh -i ~/.ssh/id_ed25519_nobara jazzymc@192.168.10.103
# sudo password: (same as SSH login)
```

Failover stack: `/home/failover/docker-compose.yml`
Keepalived: `systemctl status keepalived`

## Connect to MikroTik HAP ax³

SSH port is **2222** (not 22):

From Mac (user **xtrm**):
```bash
ssh -i ~/.ssh/mikrotik_key -p 2222 xtrm@192.168.10.1
```

From Unraid (user **unraid**):
```bash
ssh -p 2222 unraid@192.168.10.1
```

Alternative IPs (depending on your VLAN):
- VLAN 10 (Management): 192.168.10.1
- VLAN 20 (Trusted): 192.168.20.1
- VLAN 40 (Catch-All): 192.168.1.1

WinBox (port 8291) and WebFig (port 80) also available.

## Key Paths on Unraid Server

| Item | Path |
|------|------|
| Claude binary | `/root/.local/bin/claude` |
| Claude data | `/mnt/user/appdata/claude-code/` |
| Infrastructure repo | `/tmp/infrastructure` (git clone) |

## Infrastructure Documentation (Git-Managed)

**Repository:** https://git.xtrm-lab.org/jazzymc/infrastructure

All infrastructure documentation is version-controlled in Gitea:

```
infrastructure/
├── README.md
├── CLAUDE.md
└── docs/
    ├── 01-NETWORK-MAP.md             # Network topology
    ├── 02-SERVICES-CRITICAL.md       # P0/P1 services (DNS, Auth, Proxy)
    ├── 03-SERVICES-OTHER.md          # Non-critical services
    ├── 04-HARDWARE-INVENTORY.md      # Hardware list
    ├── 05-PORT-UTILIZATION.md        # Device port assignments
    ├── 06-VLAN-DEVICE-ASSIGNMENT.md  # VLAN device mapping
    ├── 07-WIFI-CAPSMAN-CONFIG.md     # WiFi and CAPsMAN settings
    ├── 08-DNS-ARCHITECTURE.md        # DNS failover architecture
    ├── 09-TAILSCALE-VPN.md           # Tailscale VPN setup
    ├── 10-FAILOVER-NOBARA.md        # VRRP failover to Nobara
    ├── CHANGELOG.md                  # Change history
    ├── archive/                      # Completed/legacy docs
    │   └── vlan-migration/           # VLAN migration project artifacts
    ├── incidents/                    # Incident reports
    └── wip/                          # Work in progress
```

## On Connect - Clone/Pull Docs First

Always ensure you have the latest infrastructure documentation:

```bash
# Clone if not exists, or pull latest
cd /tmp && \
  ([ -d infrastructure ] && cd infrastructure && git pull || \
   git clone 'https://jazzymc:zRuHTu%5D7Q3LC%2Bq%3F@git.xtrm-lab.org/jazzymc/infrastructure.git')
```

## Documentation Update Routine (Git-Based)

**IMPORTANT:** After any infrastructure change, commit to Git:

### When to Update
- Service added/removed/changed
- Container started/stopped/crashed
- NAT rules changed on MikroTik
- Network configuration changed
- Phase task completed or status changed

### Update Process
1. **Pull latest:** `cd /tmp/infrastructure && git pull`
2. **Check current state:** `docker ps -a` on Unraid
3. **Update docs:** Edit files in `/tmp/infrastructure/docs/`
4. **Commit & push:**
   ```bash
   cd /tmp/infrastructure
   git add docs/
   git commit -m "Description of changes"
   git push
   ```

### Changelog Format (docs/CHANGELOG.md)
```markdown
## YYYY-MM-DD
- [PHASE X] Task description - COMPLETED/FIXED/ISSUE
- [SERVICE] service-name: status change or config change
```

### Quick Status Check Command
```bash
ssh -i ~/.ssh/id_ed25519_unraid root@192.168.10.20 -p 422 "docker ps -a --format 'table {{.Names}}\t{{.Status}}' | grep -vE '^NAMES'"
```

## GitOps Services

| Service | URL | Purpose |
|---------|-----|---------|
| Gitea | https://git.xtrm-lab.org | Git repository hosting |
| Woodpecker CI | https://ci.xtrm-lab.org | CI/CD pipelines |
| Dockge | http://192.168.10.20:5001 | Docker Compose stack management |

## Git Credentials (for automation)

- **Username:** jazzymc
- **Repo URL (with auth):** `https://jazzymc:zRuHTu%5D7Q3LC%2Bq%3F@git.xtrm-lab.org/jazzymc/infrastructure.git`