Infrastructure Overview¶
Cluster¶
- Hypervisor: Proxmox on big-boi (192.168.1.21)
- k8s: MicroK8s 5-node cluster (nebula-1 through nebula-5, 192.168.1.15–19)
- Namespace:
heezyfor all apps - Storage: Longhorn (block/RWO), NFS via TrueNAS (RWX for media/receipts)
- Ingress: SWAG (nginx) at 192.168.1.25, SSL via Let's Encrypt
- DNS: Pi-hole split DNS — all .heezy.info + .trentnielsen.me → 192.168.1.25 internally
Networking¶
- LAN: 192.168.1.x
- DMZ: 192.168.3.x (VLAN 3, game servers)
- Firewall: FortiGate
- External: Cloudflare Tunnel for most services, Cloudflare Access for internal-only
Key Hosts¶
| Host | IP | Role |
|---|---|---|
| big-boi | 192.168.1.21 | Proxmox hypervisor, Ollama GPU, n8n, Postgres |
| nebula-1 | 192.168.1.15 | k8s node (Gitea, OpenBao, Pi-hole) |
| nebula-2 | 192.168.1.16 | k8s node |
| nebula-3 | 192.168.1.17 | k8s node |
| nebula-4 | 192.168.1.18 | k8s node |
| nebula-5 | 192.168.1.19 | k8s node (Overseerr) |
| shared-lgtm | 192.168.1.10 | Grafana + Loki + Prometheus + Tempo |