Iron-Legion/documentation
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3f0e36c8bb1bb34fbf09af620d321495dd9474d9
documentation/04-service-catalog.md
F.R.I.D.A.Y. 4af50ec883 docs(fleet): add PegaProx, iVentoy remastering procedures, update admin cheat sheet 
- fleet/admin-cheat-sheet.md: Added PegaProx section, updated MK33/MK34/MK39
  statuses to Online (PVE), added iVentoy remastering notes, iVentoy Pro
  upgrade pending marker.
- procedures/pega-prox-deploy.md: New procedure for deploying PegaProx on
  Docker Swarm (host mode, CSRF, API gotchas).
- procedures/iventoy-remaster-procedure.md: New procedure for remastering
  Proxmox ISOs with embedded answer URLs and locked gfxmode.
- changelog/2026-05-31-pxe-pegaprox-deployment.md: Changelog entry for todays
  fleet work.
- 04-service-catalog.md: Added PegaProx to Management / Dashboard section.
2026-05-31 21:38:45 -04:00

69 lines
4.6 KiB
Markdown
Raw Blame History

# Iron Legion Homelab Services Stack — Service Catalog
## Verified DockerHub Metadata (as of 2026-05-25)
### Swarm Placement Legend
| Placement | Swarm Behavior |
|-----------|----------------|
| **Global** | One replica on EVERY node (including manager) |
| **Replicated (N)** | N replicas distributed across workers by scheduler |
| **Manager Constraint** | Only on manager node(s) |
| **Label Constraint** | Only on nodes with matching `node.label` |
### Placement Rules for 5-Node Swarm (1 manager + 4 workers)
- **MK7** = Manager (can run global services + manager-constrained services)
- **MK33, MK34, MK39, MK42** = Workers (run global services + replicated services)
- **No node labels yet** — will label storage nodes (e.g., media storage) as Phase 3
---
### Network Layer
| Service | Image | Pulls | Stars | Updated | Placement | Notes |
|---------|-------|-------|-------|---------|-----------|-------|
| **Traefik** | `traefik` | 3.49B | 3,634 | 2026-05-13 | **Global** | Every node receives ingress routing + Docker socket read-only |
| **Technitium DNS** | `technitium/dns-server` | 8.99M | 156 | 2026-05-09 | **Manager Constraint** | Authoritative `.ai.home` + recursive with DoT to Cloudflare, ad blocking — port 53 on MK7 only |
| **~~AdGuard Home~~** | ~~`adguard/adguardhome`~~ | ~~170.7M~~ | ~~1,408~~ | ~~2026-05-25~~ | ~~**Removed**~~ | ~~Technitium built-in ad blocking replaces AdGuard~~ |
### Monitoring / Observability
| Service | Image | Pulls | Stars | Updated | Placement | Notes |
|---------|-------|-------|-------|---------|-----------|-------|
| **Prometheus** | `prom/prometheus` | 1.97B | 2,064 | 2026-05-25 | **Manager Constraint** | Central scraping server on MK7 |
| **Prometheus Node Exporter** | `prom/node-exporter` | — | — | — | **Global** | Runs on every node — scrapes CPU/mem/disk |
| **Grafana** | `grafana/grafana` | 5.22B | 3,540 | 2026-05-16 | **Replicated (1)** | Any worker (Phase 3, needs data history first) |
| **Beszel Hub** | `henrygd/beszel` | 12.58M | 32 | 2026-04-30 | **Manager Constraint** | Central hub on MK7 collects metrics from agents |
| **Beszel Agent** | `henrygd/beszel-agent` | — | — | — | **Pending** | Planned global — reports to hub. Not yet deployed. |
| **Dozzle** | `amir20/dozzle` | 309.6M | 144 | 2026-05-25 | **Replicated (1)** | Any worker — read-only Docker socket |
### Management / Dashboard
| Service | Image | Pulls | Stars | Updated | Placement | Notes |
|---------|-------|-------|-------|---------|-----------|-------|
| **Portainer CE** | `portainer/portainer-ce` | 1.46B | 2,665 | 2026-05-20 | **Replicated (1)** | MK7 — agentless mode, no portainer-agent needed |
| **PegaProx** | `pegaprox/pegaprox` | — | — | — | **Manager Constraint** | MK7 — PVE cluster manager (host mode ports 5000-5002) |
| **Homepage** | `gethomepage/homepage` | 1.31M | 40 | 2026-05-25 | **Replicated (1)** | Any worker — all endpoints via env vars |
### Security / Identity
| Service | Image | Pulls | Stars | Updated | Placement | Notes |
|---------|-------|-------|-------|---------|-----------|-------|
| **Authelia** | `authelia/authelia` | 75.2M | 208 | 2026-05-25 | **Replicated (1)** | Any worker — Traefik ForwardAuth middleware |
### Existing External Services (NOT in Swarm)
| Service | Location | Status | Notes |
|---------|----------|--------|-------|
| **Vaultwarden** | Neo (Nebuchadnezzar) | ✅ Production | Already deployed via Docker. Managed separately. |
| **Nextcloud** | Neo (Nebuchadnezzar) | ✅ Production | Nextcloud AIO. NOT part of G9 Swarm stack. |
> These services live outside the G9 Swarm cluster. No migration planned unless Bobby explicitly requests it.
### Media Stack (*arr + Jellyfin)
| Service | Image | Pulls | Stars | Updated | Placement | Notes |
|---------|-------|-------|-------|---------|-----------|-------|
| **Jellyfin** | `jellyfin/jellyfin` | 370.4M | 1,535 | 2026-05-25 | **Label Constraint** | Nodes with `node.label.storage=media` (Phase 3) |
| **Sonarr** | `linuxserver/sonarr` | 2.34B | 2,118 | 2026-05-23 | **Replicated (1)** | Any worker — needs shared /downloads mount |
| **Radarr** | `linuxserver/radarr` | 2.36B | 1,791 | 2026-05-25 | **Replicated (1)** | Any worker — needs shared /downloads mount |
| **Prowlarr** | `linuxserver/prowlarr` | 35.9M | 403 | 2026-05-25 | **Replicated (1)** | Any worker — feeds Sonarr/Radarr via network |
## Total Services: 16 (catalog) + 3 (existing external) = 19 total fleet services
## Swarm Services: 15 active + 1 pending (Beszel Agent) + 4 Phase 2/3 planned = 16 catalog entries
## Total DockerHub Pulls (aggregate): ~16.0B
## All images updated within 90 days
Reference in New Issue View Git Blame Copy Permalink