4.3 KiB
4.3 KiB
Iron Legion Homelab Services Stack — Service Catalog
Verified DockerHub Metadata (as of 2026-05-25)
Swarm Placement Legend
| Placement | Swarm Behavior |
|---|---|
| Global | One replica on EVERY node (including manager) |
| Replicated (N) | N replicas distributed across workers by scheduler |
| Manager Constraint | Only on manager node(s) |
| Label Constraint | Only on nodes with matching node.label |
Placement Rules for 5-Node Swarm (1 manager + 4 workers)
- MK7 = Manager (can run global services + manager-constrained services)
- MK33, MK34, MK39, MK42 = Workers (run global services + replicated services)
- No node labels yet — will label storage nodes (e.g., media storage) as Phase 3
Network Layer
| Service | Image | Pulls | Stars | Updated | Placement | Notes |
|---|---|---|---|---|---|---|
| Traefik | traefik |
3.49B | 3,634 | 2026-05-13 | Global | Every node receives ingress routing + Docker socket read-only |
| Technitium DNS | technitium/dns-server |
8.99M | 156 | 2026-05-09 | Manager Constraint | Single authoritative DNS — port 53 on MK7 only |
| AdGuard Home | adguard/adguardhome |
170.7M | 1,408 | 2026-05-25 | Replicated (2) | 2 replicas across workers for redundancy — port 3000 |
Monitoring / Observability
| Service | Image | Pulls | Stars | Updated | Placement | Notes |
|---|---|---|---|---|---|---|
| Prometheus | prom/prometheus |
1.97B | 2,064 | 2026-05-25 | Manager Constraint | Central scraping server on MK7 |
| Prometheus Node Exporter | prom/node-exporter |
— | — | — | Global | Runs on every node — scrapes CPU/mem/disk |
| Grafana | grafana/grafana |
5.22B | 3,540 | 2026-05-16 | Replicated (1) | Any worker (Phase 3, needs data history first) |
| Beszel Hub | henrygd/beszel |
12.58M | 32 | 2026-04-30 | Manager Constraint | Central hub on MK7 collects metrics from agents |
| Beszel Agent | henrygd/beszel-agent |
— | — | — | Global | Runs on every node — reports to hub |
| Dozzle | amir20/dozzle |
309.6M | 144 | 2026-05-25 | Replicated (1) | Any worker — read-only Docker socket |
Management / Dashboard
| Service | Image | Pulls | Stars | Updated | Placement | Notes |
|---|---|---|---|---|---|---|
| Portainer CE | portainer/portainer-ce |
1.46B | 2,665 | 2026-05-20 | Manager Constraint | MK7 only — agentless mode, no portainer-agent needed |
| Homepage | gethomepage/homepage |
1.31M | 40 | 2026-05-25 | Replicated (1) | Any worker — all endpoints via env vars |
Security / Identity
| Service | Image | Pulls | Stars | Updated | Placement | Notes |
|---|---|---|---|---|---|---|
| Authelia | authelia/authelia |
75.2M | 208 | 2026-05-25 | Replicated (1) | Any worker — Traefik ForwardAuth middleware |
Existing External Services (NOT in Swarm)
| Service | Location | Status | Notes |
|---|---|---|---|
| Vaultwarden | Neo (Nebuchadnezzar) | ✅ Production | Already deployed via Docker. Managed separately. |
| Nextcloud | Neo (Nebuchadnezzar) | ✅ Production | Nextcloud AIO. NOT part of G9 Swarm stack. |
These services live outside the G9 Swarm cluster. No migration planned unless Bobby explicitly requests it.
Media Stack (*arr + Jellyfin)
| Service | Image | Pulls | Stars | Updated | Placement | Notes |
|---|---|---|---|---|---|---|
| Jellyfin | jellyfin/jellyfin |
370.4M | 1,535 | 2026-05-25 | Label Constraint | Nodes with node.label.storage=media (Phase 3) |
| Sonarr | linuxserver/sonarr |
2.34B | 2,118 | 2026-05-23 | Replicated (1) | Any worker — needs shared /downloads mount |
| Radarr | linuxserver/radarr |
2.36B | 1,791 | 2026-05-25 | Replicated (1) | Any worker — needs shared /downloads mount |
| Prowlarr | linuxserver/prowlarr |
35.9M | 403 | 2026-05-25 | Replicated (1) | Any worker — feeds Sonarr/Radarr via network |