oskar/homelab-codex-ws
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Document current homelab state

Browse source
This commit is contained in:
Oskar Kapala 2026-04-15 17:37:25 +02:00
commit a1a74f30ba
8 changed files with 268 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

0
.codex Normal file
View file

53
README.md Normal file
View file

@ -0,0 +1,53 @@
# Homelab Current State
## Description
This repository documents the current known state of the homelab.
The documentation is based only on stated facts. Missing details are recorded as unknowns and need clarification.
## Current configuration
- Main server hardware: Raspberry Pi 5
- Core stack:
- Docker
- Portainer
- Nginx Proxy Manager
- Network position: behind NAT
- Public access path: Nginx Proxy Manager with HTTPS using Let's Encrypt
- Private access path: Tailscale
- Known port forwarding:
- External ports `80-81` forward to internal ports `4480-4481`
- External port `443` forwards to internal port `4443`
## Documentation index
- [Hardware](docs/hardware.md)
- [Core stack](docs/core-stack.md)
- [Networking](docs/networking.md)
- [Access](docs/access.md)
- [Services](docs/services.md)
- [Unknowns and clarification questions](docs/questions.md)
## Known facts
- The homelab has one known main server: Raspberry Pi 5.
- Docker is part of the current stack.
- Portainer is part of the current stack.
- Nginx Proxy Manager is part of the current stack.
- The homelab is behind NAT.
- Public services are exposed through Nginx Proxy Manager with HTTPS certificates from Let's Encrypt.
- Private access is provided through Tailscale.
## Unknown / needs clarification
- Operating system and version on the Raspberry Pi 5.
- Storage layout and attached disks.
- Network interface configuration.
- LAN IP addresses.
- Public domain names.
- List of all running containers.
- Exact Nginx Proxy Manager proxy host configuration.
- Tailscale tailnet, device name, and subnet/exit-node configuration if any.
- Backup configuration.
- Monitoring and alerting configuration.

34
docs/access.md Normal file
View file

@ -0,0 +1,34 @@
# Access
## Description
This page documents the currently known access methods for the homelab.
## Current configuration
- Public services are accessed through Nginx Proxy Manager.
- Public HTTPS certificates are issued using Let's Encrypt.
- Private access is provided through Tailscale.
## Known facts
- Nginx Proxy Manager is the public reverse proxy.
- HTTPS is used for public services.
- Let's Encrypt is used for public TLS certificates.
- Tailscale is used for private access.
## Unknown / needs clarification
- Public domain names and subdomains.
- Which services are public.
- Which services are private-only.
- Nginx Proxy Manager proxy hosts.
- Nginx Proxy Manager SSL certificate settings.
- Whether HTTP-to-HTTPS redirection is enabled.
- Whether Nginx Proxy Manager access lists are used.
- Tailscale device name for the Raspberry Pi 5.
- Whether Tailscale SSH is enabled.
- Whether the Raspberry Pi 5 advertises subnet routes.
- Whether the Raspberry Pi 5 is an exit node.
- User accounts or groups with access through Tailscale.
- Local administrator access method for the Raspberry Pi 5.

32
docs/core-stack.md Normal file
View file

@ -0,0 +1,32 @@
# Core Stack
## Description
This page documents the known core software stack running in the homelab.
## Current configuration
- Docker
- Portainer
- Nginx Proxy Manager
## Known facts
- Docker is used as part of the core stack.
- Portainer is used as part of the core stack.
- Nginx Proxy Manager is used as part of the core stack.
## Unknown / needs clarification
- Docker version.
- Docker installation method.
- Whether Docker Compose is used.
- Location of Compose files, stack files, or deployment manifests.
- Portainer deployment method.
- Portainer exposed URL or access method.
- Nginx Proxy Manager deployment method.
- Nginx Proxy Manager exposed URL or access method.
- Container restart policies.
- Container network names and topology.
- Persistent volume locations.
- Backup method for Portainer and Nginx Proxy Manager data.

24
docs/hardware.md Normal file
View file

@ -0,0 +1,24 @@
# Hardware
## Description
This page documents the currently known physical hardware for the homelab.
## Current configuration
- Main server: Raspberry Pi 5
## Known facts
- The Raspberry Pi 5 is the main server.
## Unknown / needs clarification
- Raspberry Pi 5 RAM size.
- Raspberry Pi 5 operating system boot media.
- Storage devices attached to the Raspberry Pi 5.
- Power supply model or rating.
- Case, cooling, fan, or heatsink details.
- UPS presence or absence.
- Network connection type: Ethernet or Wi-Fi.
- Physical location of the server.

35
docs/networking.md Normal file
View file

@ -0,0 +1,35 @@
# Networking
## Description
This page documents the current known network position and port forwarding for the homelab.
## Current configuration
- The homelab is behind NAT.
- Port forwarding is configured as follows:
- External ports `80-81` forward to internal ports `4480-4481`
- External port `443` forwards to internal port `4443`
## Known facts
- NAT is present between the public internet and the homelab.
- Public HTTP/HTTPS traffic reaches the homelab through forwarded ports.
- External ports `80`, `81`, and `443` are known to be forwarded.
- Internal ports `4480`, `4481`, and `4443` are known forwarding targets.
## Unknown / needs clarification
- Router or firewall model.
- Whether the WAN IP is static, dynamic, or CGNAT.
- Internal IP address of the Raspberry Pi 5.
- Whether the Raspberry Pi 5 uses DHCP or static addressing.
- Exact mapping for external ports `80-81` to internal ports `4480-4481`:
- Whether `80` maps to `4480`.
- Whether `81` maps to `4481`.
- Protocols forwarded for each port: TCP, UDP, or both.
- Whether any other ports are forwarded.
- LAN subnet and gateway.
- DNS provider and DNS records.
- IPv6 availability or absence.
- Firewall rules on the Raspberry Pi 5.

50
docs/questions.md Normal file
View file

@ -0,0 +1,50 @@
# Unknowns and Clarification Questions
## Description
This page lists information that is missing or unclear from the current homelab documentation.
## Current configuration
The currently documented configuration is limited to:
- Raspberry Pi 5 as the main server.
- Docker, Portainer, and Nginx Proxy Manager as the core stack.
- NAT with forwarded ports:
- `80-81` to `4480-4481`
- `443` to `4443`
- Public access through Nginx Proxy Manager with Let's Encrypt HTTPS.
- Private access through Tailscale.
## Known facts
- The homelab is documented only from the known facts above.
- Anything not listed as known remains unconfirmed.
## Unknown / needs clarification
1. What operating system and version is running on the Raspberry Pi 5?
2. What is the Raspberry Pi 5 RAM size?
3. What storage devices are used, and where is persistent service data stored?
4. What is the Raspberry Pi 5 LAN IP address?
5. Is the Raspberry Pi 5 using DHCP or a static IP address?
6. What router or firewall performs NAT and port forwarding?
7. Is the WAN IP static, dynamic, or behind CGNAT?
8. Does external port `80` map to internal port `4480`, and does external port `81` map to internal port `4481`?
9. Are the forwarded ports TCP only, UDP only, or both?
10. Are any other ports forwarded?
11. What domain names or subdomains point to the homelab?
12. What are the Nginx Proxy Manager proxy hosts?
13. Which services are public, and which are private-only?
14. Is HTTP-to-HTTPS redirection enabled in Nginx Proxy Manager?
15. Are Nginx Proxy Manager access lists used?
16. How are Docker, Portainer, and Nginx Proxy Manager deployed?
17. Are Docker Compose files, Portainer stacks, or other manifests available?
18. What containers are currently running?
19. What Docker networks and volumes exist?
20. What is the Tailscale device name for the Raspberry Pi 5?
21. Does the Raspberry Pi 5 advertise Tailscale subnet routes?
22. Is the Raspberry Pi 5 configured as a Tailscale exit node?
23. Is Tailscale SSH enabled?
24. What backup system exists, if any?
25. What monitoring or alerting exists, if any?

40
docs/services.md Normal file
View file

@ -0,0 +1,40 @@
# Services
## Description
This page documents the currently known services in the homelab.
## Current configuration
Known services:
- Portainer
- Nginx Proxy Manager
Known supporting platform:
- Docker
## Known facts
- Portainer is present in the homelab.
- Nginx Proxy Manager is present in the homelab.
- Public services are exposed through Nginx Proxy Manager using HTTPS.
- Private access is available through Tailscale.
## Unknown / needs clarification
- Full list of running services and containers.
- Service names.
- Service purposes.
- Public or private exposure for each service.
- Internal ports for each service.
- External domains for each public service.
- Docker image names and versions.
- Data volume paths.
- Environment variables and secrets handling.
- Service dependencies.
- Restart policies.
- Health checks.
- Backup coverage for each service.
- Restore process for each service.