jazzymc/infrastructure
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
102fd101f37253a0db5ffcded2ab3513207c0f9d
infrastructure/docs/00-CHANGELOG.md
XTRM-Unraid e5e76871bb
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
Add Tailscale container and bridge setup 
- Added mikrotik-containers-bridge-setup.rsc for shared container networking
- Added mikrotik-tailscale-setup.rsc for Tailscale container
- Added docs/10-MIKROTIK-TAILSCALE.md with full documentation
- Both containers now use containers-br bridge (172.17.0.1/24)
- AdGuard: 172.17.0.2, Tailscale: 172.17.0.3
2026-01-25 15:33:34 +02:00

105 lines
3.9 KiB
Markdown
Raw Blame History

# Infrastructure Changelog
**Purpose:** Major infrastructure events only. Minor changes are in git commit messages.
---
## 2026-01
### 2026-01-25
- **[INCIDENT]** DNS outage after MikroTik restart - multiple root causes fixed:
- NAT rules blocking AdGuard outbound DNS (added exception rules)
- DHCP pushing wrong DNS (8.8.8.8 → 192.168.31.1)
- NAT redirect pointing to wrong IP/port (172.17.0.5:5355 → 192.168.31.4:53)
- Asymmetric routing (added srcnat masquerade for DNS redirect)
- **[SERVICE]** Removed MikroTik AdGuard Home container (storage/overlay errors)
- **[SERVICE]** Removed MikroTik Tailscale container (root directory missing)
- **[SERVICE]** Removed Pi-hole/Unbound leftovers from MikroTik (veth, mounts, envs)
- **[NETWORK]** Consolidated DNS architecture: MikroTik → Unraid AdGuard (192.168.31.4) only
- **[DOCS]** Created incident reports in docs/incidents/
- **[DOCS]** Restructured documentation - consolidated into 5 core docs + archive
- **[NETBOX]** Added shelf devices for rack organization (U9, U7, U3)
### 2026-01-24
- **[NETBOX]** Standardized device names to NetBox convention (HAP1, CSS1, ZX1)
- **[DOCS]** Created NETWORK-PHYSICAL-MAP.md with complete port maps
### 2026-01-23
- **[SERVICE]** Deployed Diode network discovery stack
- **[SERVICE]** Removed Slurp'it (replaced by Diode + NetDisco)
- **[SERVICE]** Consolidated NetBox Redis to shared instance
- **[SERVICE]** Removed redundant DNS services (Unbound, DoH-Server, stunnel-dot)
### 2026-01-22
- **[SERVICE]** Migrated NetBox to shared PostgreSQL 17
- **[SERVICE]** Deployed AdGuard Home on MikroTik (primary DNS)
- **[SERVICE]** Deployed AdGuard Home on Unraid (secondary DNS)
- **[SERVICE]** Removed Pi-hole (replaced by AdGuard Home)
- **[DOCS]** Created INFRASTRUCTURE-DIAGRAM.md
### 2026-01-21
- **[BACKUP]** Configured Rclone sync to Google Drive
### 2026-01-19
- **[SERVICE]** Deployed NetBox IPAM/DCIM
- **[SERVICE]** Deployed NetDisco network discovery
- **[NETWORK]** Enabled SNMP on all MikroTik devices
### 2026-01-18
- **[SERVICE]** Deployed Gitea git server
- **[SERVICE]** Deployed Woodpecker CI
- **[NETWORK]** Configured CAPsMAN on HAP1
- **[WIRELESS]** CAP added to CAPsMAN management
### 2026-01-17
- **[SERVICE]** Deployed Portainer CE
---
## Format Guide
```markdown
### YYYY-MM-DD
- **[CATEGORY]** Brief description
Categories:
- [DEVICE] - Hardware added/removed/changed
- [SERVICE] - Container/service deployed/removed
- [NETWORK] - Network topology/config changes
- [WIRELESS] - WiFi/CAPsMAN changes
- [BACKUP] - Backup configuration
- [DOCS] - Major documentation changes
- [INCIDENT] - Outages and fixes
```
---
## Previous History
For detailed history before 2026-01-17, see archived changelogs:
- `archive/06-CHANGELOG.md`
- `archive/07-CHANGELOG.md`
- `archive/00-CHANGELOG.md`
## 2026-01-25
- [PHASE DNS] MikroTik AdGuard Home container installed - COMPLETED
- Container: adguardhome v0.107.71 on veth-adguard (172.17.0.2/24)
- Upstreams: 192.168.31.4 (Unraid AdGuard), 8.8.8.8, 1.1.1.1
- TLS enabled with Let's Encrypt cert for dns.xtrm-lab.org
- DoT on port 853, DoH on port 8443 (external)
- LAN DNS redirect updated to use MikroTik AdGuard
- Old docker-bridge removed (routing conflict)
- Web UI at http://192.168.31.1:3000
- [ISSUE] Container failed after restart with 'could not load config json'
- Fix: Removed and recreated container, added mountlists, restarted
- AdGuard config preserved (on separate mount)
- Documented fix in 09-MIKROTIK-ADGUARD-DOT-DOH.md
- [CONTAINERS] Created container bridge (containers-br) for shared networking
- Both AdGuard and Tailscale containers now use the same bridge
- Added NAT masquerade for container outbound traffic
- [SERVICE] Tailscale container installed and running
- Image: tailscale/tailscale:latest
- IP: 172.17.0.3/24 on veth-tailscale
- State persisted to usb1/tailscale/state
- Userspace mode enabled
Reference in New Issue View Git Blame Copy Permalink