root
61274029de
Peer opnsense-jeanavril auf Horus angelegt; Anleitung für OPNsense-GUI, Firewall und Migration weg von VM-WG ohne Secrets im Repo. Co-authored-by: Cursor <cursoragent@cursor.com>
48 lines
2.1 KiB
Markdown
48 lines
2.1 KiB
Markdown
# VM 101 — ubuntu (Docker-Host)
|
|
|
|
| | |
|
|
|---|---|
|
|
| **Proxmox** | pve1, VMID 101 |
|
|
| **IP** | 192.168.10.10 |
|
|
| **Stacks** | `/opt/stacks/` |
|
|
| **Stack-UI** | Dockge → `:5001` |
|
|
| **Docker** | `iptables: false` → [docker-daemon.json](docker-daemon.json), NAT: [../../scripts/vm101-docker-nat-rules.sh](../../scripts/vm101-docker-nat-rules.sh) |
|
|
| **Horus VPS** | WireGuard `wg0` 10.1.1.5 → Horus 10.1.1.1 · SSH-Keys: [shared/ssh](../../shared/ssh/README.md#horus-vps-wireguard) · **Direkt via OPNsense:** [shared/horus-opnsense-wireguard.md](../../shared/horus-opnsense-wireguard.md) |
|
|
|
|
## Netzwerk `docbr0`
|
|
|
|
Externes Docker-Netz für Container mit **festen IPs** (`10.2.2.0/24`).
|
|
|
|
**Erreichbarkeit aus LAN/VLANs:** [docbr0-opnsense-routing.md](docbr0-opnsense-routing.md) (Instanz) · [How-To](../../../shared/opnsense-docker-subnet-routing.md) (allgemein)
|
|
|
|
| Stack / Service | Container | IP (docbr0) |
|
|
|-----------------|-----------|-------------|
|
|
| phpipam | phpipam-web | 10.2.2.19 |
|
|
| vaultwarden | vaultwarden | 10.2.2.18 |
|
|
| git2 | gitea server | 10.2.2.22 |
|
|
| sabnzbd | sabnzbd | 10.2.2.45 |
|
|
| audio | audiobookshelf | 10.2.2.40 |
|
|
| audio | airsonic | 10.2.2.43 |
|
|
| audio | refix | 10.2.2.44 |
|
|
| audio | navidrome | 10.2.2.48 |
|
|
| jeanavril | web | 10.2.2.100 |
|
|
| jeanavril | gitea | 10.2.2.101 |
|
|
| nextcloud | nextcloud | 10.2.2.253 |
|
|
| npm | app | 10.2.2.254 |
|
|
|
|
## Stacks
|
|
|
|
| Stack | Compose | Anmerkung |
|
|
|-------|---------|----------|
|
|
| [nextcloud](stacks/nextcloud/) | `compose.yml` | NC, Collabora, notify_push Sidecar; PHP/Nginx-Tuning unter `config/` |
|
|
| [npm](stacks/npm/) | `docker-compose.yml` | Reverse Proxy |
|
|
| [git2](stacks/git2/) | `compose.yml` | Gitea (git2) |
|
|
| [jeanavril](stacks/jeanavril/) | `compose.yml` | Website + Gitea |
|
|
| [audio](stacks/audio/) | `compose.yml` | Audiobookshelf, Airsonic, Navidrome, Refix |
|
|
| [dockge](stacks/dockge/) | `compose.yaml` | Stack-Verwaltung |
|
|
| [phpipam](stacks/phpipam/) | `compose.yml` | IPAM |
|
|
| [sabnzbd](stacks/sabnzbd/) | `compose.yml` | Usenet |
|
|
| [vaultwarden](stacks/vaultwarden/) | `compose.yml` | Passwortmanager |
|
|
|
|
Details Nextcloud-Betrieb: [../../06_ubuntu-vm-nextcloud.md](../../06_ubuntu-vm-nextcloud.md)
|