il/ilnmors-homelab
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f69771506584ac904e7fc0e8b8dd4c4ac5b85ae4
ilnmors-homelab/docs/specifications/environments.md
T
il f697715065 feat(sure): release sure (we-promise/sure) 
deployment notes:
- let's try three of budget apps, actual budget, ezbookkeeping, and sure
2026-05-06 18:52:31 +09:00

162 lines
3.9 KiB
Markdown
Raw Blame History

# Server and client environments
## Console
- OS: WSL2 \(Debian 13\)
- Processor: 4vCPU
- Memory: 4GiB
- Disk:
- 32GiB for `/` \(VHD file\)
- Services:
- [x] Terminal
- [x] Step-CLI
- [x] Ansible
- [x] Git
- [x] Kopia
- [x] cloud-image-utils
## vmm \(Hypervisor\)
- OS: Debian13
- Processor: pCPU \(N150\)
- Memory: 3GiB \(margin\)
- KSM allows more than 3GiB for vmm
- MAC:
- c8:ff:bf:05:aa:b0
- c8:ff:bf:05:aa:b1
- Disk:
- SSD:
- 64GiB for `/` \(ext4 in LVM\)
- 700GiB for `/var/lib/libvirt` \(ext4 in LVM\)
- Services:
- [x] QEMU/KVM
- [x] libvirtd
- [x] ksmtuned
## fw \(Firewall\)
- OS: Debian13
- Processor: 2vCPU
- cputune.shares 2048
- Memory: 4GiB
- MAC:
- 0a:49:6e:4d:00:00
- 0a:49:6e:4d:00:01
- Disk:
- SSD: 64GiB for `/` \(ext4 in qcow2 file\)
- Services:
- native packages:
- [x] nftables \(firewall based on ZONE\)
- [x] Suricata \(IDS\)
- [x] CrowdSec LAPI \(IPS\)
- [x] Kea DHCP
- [x] Wireguard-tool
- [x] BIND9 \(Local authoritative DNS\)
- [x] Blocky \(Resolver DNS\)
- Scripts:
- [x] ddns.sh
## infra \(Infrastructure\)
- OS: Debian13
- Processor: 2vCPU
- cputune.shares 1024
- Memory: 6GiB
- MAC: 0a:49:6e:4d:01:00
- Disk:
- SSD: 256GiB for `/` \(ext4 in qcow2 file\)
- Services:
- Rootless containers:
- [x] PostgreSQL
- [x] lldap
- [x] Step-CA
- [x] Caddy \(with nsupdate\)
- [x] Prometheus \(alloy - push\)
- [x] Loki \(alloy\)
- [x] Grafana
<!--
Mail service is not needed, especially Diun is not needed.
- Postfix
- Dovecot
- mbsync
- Diun
- Study \(Rootless container\):
- Kali
- Debian
-->
## auth \(Authorization\)
- OS: Debian13
- Processor: 2vCPU
- cputune.shares 512
- Memory: 2GiB
- MAC: 0a:49:6e:4d:02:00
- Disk:
- SSD: 64GiB for `/` \(ext4 in qcow2 file\)
- Services:
- Rootless containers:
- [x] Caddy \(with nsupdate, crowdsec-http, crowdsec-bouncer module\)
- [x] authelia
## app \(Application\)
- OS: Debian13
- Processor: 4vCPU
- cputune.shares 1024
- Memory: 16GiB
- MAC: 0a:49:6e:4d:03:00
- Disk:
- SSD: 256GiB for `/` \(ext4 in qcow2 file\)
- HDD: 4TB for `/home/app/data` \(btrfs\)
- VFIO \(Hardware passthrough):
- Graphic: N150 iGPU
- Disk: SATA Controller
- Services:
- OIDC native services:
- [x] Vaultwarden
- [x] Gitea
- [x] Immich
- [x] Actual budget
- [x] Paperless-ngx
- [x] vikunja (Comparing to Nextcloud deck)
- [x] OpenCloud (Comparing to Nextcloud)
- [x] affine \(Notion substitution\)
- [x] Nextcloud \(Use nextcloud as CalDAV and CardDav, kanban and todo\)
- [x] Collabora office \(Link to Nextcloud, it works well\)
- [x] ezBookkeeping
- use budget.ilnmors.com for ezBookkeeping, actual budget domain is changed as actualbudget.ilnmors.com
- [x] sure
- comparing sure, ezBookkeeping, and actualbudget
- ezbookkeeping has no function to share the account and budget to the other users.
- actual budget's YNAB way is hard to adjust
- sure is heavy, but it is not YNAB and it allows to share account the other users
- WriteFreely
- MediaCMS or PeerTube
- Funkwhale or Navidrome or Jellyfin
- Kavita
- Audiobookshelf
- Miniflux
- Linkwarden
- Ralph
- Conduit
- SnappyMail
<!--
- n8n
- Forward_auth
- Homepage
-->
## External Backup server
- OS: DSM \(Synology\)
- Processor: pCPU \(Realtek RTD1619B\)
- Memory: 1GiB
- MAC: 90:09:d0:65:a9:db
- Disk:
- HDD: 4TB
- Services:
- SFTP
- Kopia repository server
- CloudSync \(Upload backup files to Cloud\)
Reference in New Issue View Git Blame Copy Permalink