Iron-Legion/documentation
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
43 Commits 1 Branch 0 Tags
c1bb49d51a293af9d2c4698031a83e50aabf9dee
Commit Graph

43 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
F.R.I.D.A.Y.
c1bb49d51a Terraform LXC PRD: promote validated draft to PRDs, archive stale F.R.I.D.A.Y. draft 
- terraform-lxc-deployment.md → PRDs/ (validated, tested, canonical)
- terraform-proxmox-lxc-automation.md → ARCHIVED- (superseded by live POC)
- Matches Phase 1 POC results from terraform-pve repo
 2026-06-04 22:58:19 -04:00
F.R.I.D.A.Y.
bc8d7c8449 Terraform LXC deployment PRD + Phase 1 scaffold (Dockerfile, compose, run.sh, providers) 2026-06-04 21:38:49 -04:00
F.R.I.D.A.Y.
3dd46ca963 PVE cluster formation: MK33/MK34/MK39 as pve-swarm. NFS active. HA groups configured. N150 corrected. 2026-06-04 20:59:11 -04:00
F.R.I.D.A.Y.
c879051b86 Add NetBird domain column to standalone nodes — mslnath.me (Igor/MK-46), bobbysh.me (Neo) 2026-06-04 15:57:07 -04:00
F.R.I.D.A.Y.
43ed44e09a Add MK-46 (Homecoming) — HP Elitedesk, Trilium/ARR stack, 192.168.26.130 2026-06-04 15:55:13 -04:00
F.R.I.D.A.Y.
69ae7ff9ae Split Igor: 192.168.10.211 is Ugreen DXP4800 NAS. 192.168.26.130 is HP Elitedesk (Trilium/ARR) 2026-06-04 15:47:54 -04:00
F.R.I.D.A.Y.
6135fdf6ae Update Igor IP: 192.168.26.130 — ZimaOS NAS, Trilium, ARR Media Stack, Beszel agent 2026-06-04 15:45:19 -04:00
F.R.I.D.A.Y.
ba84a78268 procedures/ansible-playbook: Add NFS client role documentation 
- Full README.md with task breakdown, inventory targeting, TrueNAS requirements
- ADDITIONAL_NOTES.md with per-node key nuances, repogroup mapping, mount opts evolution
- Included canonical copies of: inventory.yml, main.yml, roles/nfs_client/tasks/main.yml
- Covers TrueNAS maproot/ACL interaction and jarvis write access patterns
 2026-06-04 09:28:50 -04:00
F.R.I.D.A.Y.
26917ecdd7 draft: Ansible Base Testing Environment PRD (validated 10/10 green) 2026-06-03 20:02:13 -04:00
F.R.I.D.A.Y.
f624bf03db draft: Add fleet inventory.yml appendix to Ansible WebUI PRD 2026-06-03 13:51:00 -04:00
F.R.I.D.A.Y.
dbeaeab60d draft: Git Repo Setup & Peer Review PRD (v1) 2026-06-03 10:02:20 -04:00
F.R.I.D.A.Y.
d6ed7f6ead draft: Fleet User Standard PRD (v1) 2026-06-03 09:30:16 -04:00
F.R.I.D.A.Y.
1b6c73d13b docs: Update vscode-server procedure for Traefik file provider 
- Remove host port publish (8443) from compose
- Document Traefik file provider route requirement
- Add example dynamic config for vscode.ai.home
- Fix DNS guidance: CNAME to traefik.ai.home
 2026-06-02 21:35:01 -04:00
F.R.I.D.A.Y.
11d70c9531 docs: Add VS Code: Server MK7 deployment procedure 
- Documents openvscode-server on MK7 Swarm
- Enables native Remote-SSH via Microsoft marketplace
- Includes compose, DNS, and SSH config setup
- Notes PVE nodes deferred for key deployment
 2026-06-02 21:08:36 -04:00
F.R.I.D.A.Y.
0962ea5cad Update pveuser integration chart - both nas-iso and nas-repo now active (2026-06-02) 2026-06-02 14:01:21 -04:00
F.R.I.D.A.Y.
75b0bd8f8d Add TrueNAS pveuser + PVE mk33 integration chart - 2026-06-02 2026-06-02 09:59:45 -04:00
F.R.I.D.A.Y.
5ef8314c0e Add TrueNAS hardening changelog JSONL - 2026-06-02 2026-06-02 09:34:44 -04:00
F.R.I.D.A.Y.
9372e0fe69 Add TrueNAS hardening execution chart - 2026-06-02 2026-06-02 09:34:38 -04:00
F.R.I.D.A.Y.
ce06f845e0 Add TrueNAS security audit report - 2026-06-02 2026-06-02 08:31:47 -04:00
F.R.I.D.A.Y.
fa7a6a2669 PRD Updates: Fix MK7/Neo references; add Atlantis section; new Ansible Web UI comparison PRD 2026-06-02 06:32:16 -04:00
F.R.I.D.A.Y.
4377ffaffa Add PRD: Terraform LXC Automation for Proxmox VE 9.2 
New directories:
- PRD Drafts/      — Active PRDs pending review
- PRD archived/    — Approved/archived PRDs

Adds terraform-proxmox-lxc-automation.md:
- Provider: bpg/proxmox (actively maintained, 11M+ downloads)
- Scope: LXC creation, networking, storage, auth patterns
- Includes complete sample project tree with working HCL
- Covers API token, cloud-init, DHCP/static IP, mount points
- State backend + CI/CD integration guidance

Author: F.R.I.D.A.Y.
Date: 2026-06-01
 2026-06-01 14:48:14 -04:00
F.R.I.D.A.Y.
3da2689e4d Add fleet operational reports 
- mk7-service-restoration-report.md: Restored Swarm stacks after relocation, fixed NTP drift, rejoined MK-42 as worker
- netbird-evaluation-report.md: Full evaluation of self-hosted Netbird control plane for tailscale coexistence/replacement

Author: F.R.I.D.A.Y.
 2026-06-01 07:45:13 -04:00
F.R.I.D.A.Y.
2175a93312 fix(fleet): correct admin cheat sheet armor names, DNS, Igor 
Changes:
- Fix armor codenames: MK-34=Southpaw (was Igor), MK-39=Gemini (was Starboost), MK-42=Extremis (was Bones)
- Add Igor (MK-38) as utility node (192.168.10.211, ZimaOS NAS)
- Add DNS Configuration section with correct fallbacks (192.168.18.1, 1.1.1.1)
- Add Cinnamint portable host entry
- Add DNS Reminders table
- Add Shield IP drift note
- Fix SSH topology notes (friday@hermes key, ts- prefix)
- Add igor.ai.home A record
 2026-05-31 22:26:01 -04:00
F.R.I.D.A.Y.
784e6ab658 fix(procedure): correct DNS fallbacks in PVE post-install 2026-05-31 22:25:50 -04:00
F.R.I.D.A.Y.
794ed411e0 docs(fleet): add PegaProx users table to admin cheat sheet 
- Document 3 admin accounts: pegaprox, artemis, friday
- Add connected clusters table (ID, host, status)
- Clean up PegaProx section into Users/Clusters/API subsections
 2026-05-31 22:16:06 -04:00
F.R.I.D.A.Y.
8df3127ff2 Add PVE post-install optimization procedure 
Covers:
- LVM thin pool removal and root expansion
- Proxmox storage.cfg cleanup (local-lvm removal)
- Adding disk images and containers to local storage
- Disabling enterprise AND ceph repos
- No-subscription repo setup
- Subscription nag screen removal
- DNS resolution fix for PXE-installed nodes
- Full verification checklist

Author: F.R.I.D.A.Y.
Date: 2026-05-31
 2026-05-31 22:00:19 -04:00
F.R.I.D.A.Y.
4af50ec883 docs(fleet): add PegaProx, iVentoy remastering procedures, update admin cheat sheet 
- fleet/admin-cheat-sheet.md: Added PegaProx section, updated MK33/MK34/MK39
  statuses to Online (PVE), added iVentoy remastering notes, iVentoy Pro
  upgrade pending marker.
- procedures/pega-prox-deploy.md: New procedure for deploying PegaProx on
  Docker Swarm (host mode, CSRF, API gotchas).
- procedures/iventoy-remaster-procedure.md: New procedure for remastering
  Proxmox ISOs with embedded answer URLs and locked gfxmode.
- changelog/2026-05-31-pxe-pegaprox-deployment.md: Changelog entry for todays
  fleet work.
- 04-service-catalog.md: Added PegaProx to Management / Dashboard section.
 2026-05-31 21:38:45 -04:00
jarvis
484b2e6272 DNS topology: AdGuard removed, Technitium authoritative + DoT + ad blocking 
- Remove AdGuard Home from all service catalogs, deployment phases,
  persistence tables, and network architecture docs
- Update Technitium notes: authoritative .ai.home zone, recursive resolver,
  DoT forwarder to Cloudflare (tls://1.1.1.1), built-in ad blocking
- Resolve open questions #2 (Technitium upstream) and #3 (AdGuard layout)
- Add dns-topology.md: complete DNS architecture diagram, zone details,
  client assignments, Tailscale integration, troubleshooting table,
  migration history (AdGuard deployed → paused → removed)
 2026-05-29 21:01:24 -04:00
jarvis
a7e70726eb CLEAN audit complete + fleet infrastructure recovery PRD 
- AUDIT_REPORT.md: Hermes environment audit results (~1GB recovered)
  - 80 skills archived, 2 broken profiles removed, cron cleanup
  - ARTEMIS.md consolidated, rule deduplication completed
- PRDs/fleet-infrastructure-recovery.md: 6-item recovery plan
  - Portainer, Technitium DNS, Prometheus, Traefik TLS, Beszel, AdGuard
 2026-05-27 22:15:31 -04:00
jarvis
ba2b3dba82 docs: mark all PRD chunks complete 2026-05-27 13:10:53 -04:00
jarvis
f18b978602 fix(Chunk4): purge all Pi-hole references from split files 
- 08-deployment-phases: Pi-hole → AdGuard Home in Phase 1 order
- 09-open-questions: blocker replaced, decision marked resolved
- 10-appendix: removed from DockerHub table, count 16→15, dir pihole/→adguard/
- 05-network-architecture: port allocation DNS label updated
- All mirrored to master PRD
 2026-05-27 13:10:35 -04:00
jarvis
32570cb40d docs: mark Chunk 3 complete 2026-05-27 13:09:02 -04:00
jarvis
b7cc09cca2 fix(Chunk3): complete Pi-hole removal, update ACL policy 
- Replaced remaining Pi-hole references with AdGuard throughout master PRD
- Constraints, Service Catalog, Data Persistence, Open Questions, Appendix all updated
- ACL policy: fixed placeholder (MK7,MK7,MK7,MK7) to actual worker nodes
- Appendix skeleton: removed pihole/ directory, updated image count 16→15
- Outstanding Decisions: Pi-hole inclusion marked as resolved
 2026-05-27 13:08:50 -04:00
jarvis
fae739f3fa docs: update tracker for Chunk 2 reconciliation commit 2026-05-27 12:03:44 -04:00
jarvis
a3fc718a34 fix(Chunk2): reconcile PRD with live fleet state 
- AdGuard Home: Replicated(2) → Replicated(1) (single instance on MK7)
- Portainer: Manager Constraint → Replicated(1) (deployed as replicated, not manager-only)
- Beszel Agent: Global → Pending (not yet deployed across workers)
- DNS Resolution: Added status table — Technitium deployed but *.ai.home zone not yet authoritative
- Swarm service count: 16 → 15 active + 1 pending

All changes mirrored to split files and master PRD.
 2026-05-27 12:03:06 -04:00
jarvis
26c66590d1 docs: mark Chunk 2 complete, Chunk 3 ready 2026-05-27 11:47:48 -04:00
jarvis
e6cfa11ca6 docs: add fleet change log 2026-05-27 (ansible branch consolidation), add PRD status tracker 2026-05-27 11:16:20 -04:00
jarvis
73e42cc8ab fix: homepage host dashboard.ai.home (was home.ai.home) 2026-05-25 20:43:30 -04:00
jarvis
44ae3ed48f Add swarm.md — live fleet reference for G9 cluster (Phase 1 deployed) 2026-05-25 20:41:10 -04:00
jarvis
b873e981c7 Remove Vaultwarden/Nextcloud from swarm catalog — they exist on Neo. Add 'Existing External Services' section. 2026-05-25 18:29:15 -04:00
jarvis
f0ed97d25a Fix catalog: Swarm placements (Global, Replicated, Manager Constraint), remove per-node assignments 2026-05-25 18:27:03 -04:00
jarvis
fea42f892b Remove Mark5/Bones/Neo/Mark44 — G9 Swarm Cluster is the ONLY deployment target 
All services reassigned to MK7 (Swarm Manager) or swarm-distributed.
Per Bobby: Mark5, Bones, Neo, Mark44 are NOT part of this homelab services stack.

Phase 1 infra (Traefik, DNS, AdGuard, Portainer, Prometheus, Beszel, Dozzle, Authelia, Homepage) → MK7
Phase 2 media (Jellyfin, Sonarr, Radarr, Prowlarr) → Swarm distributed
Phase 3 dashboards (Grafana, Homepage) → Swarm distributed

Also updates:
- Backup target: MK7 secondary storage (was Bones)
- Network/DNS/Security model: all refs to Bones/Neo/Mark5/Mark44 corrected
 2026-05-25 18:24:22 -04:00
jarvis
4cff1b5e48 Initial: Iron Legion Homelab Services Stack PRD 
Verifies 16 DockerHub images, assigns target nodes per locked policy,
defines 3-phase deployment order (Infra → Media → Polish).

Domain: *.ai.home
No public internet exposure.
Services: Traefik, Technitium DNS, AdGuard Home, Prometheus, Grafana,
Beszel, Dozzle, Portainer, Homepage, Authelia, Vaultwarden, Jellyfin,
Sonarr, Radarr, Prowlarr, Nextcloud
 2026-05-25 17:25:40 -04:00