Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


PlantUML Macro

actor users as "Internet Users" #Pink#White

rectangle cloud_flare as "Cloudflare (" {

    card internet_dns_names #PaleGreen [
    card firewall_dns_name as "" #PaleGreen

    database tenzin_io_dns as ""  #PaleGreen
    tenzin_io_dns .. internet_dns_names
    tenzin_io_dns .. firewall_dns_name


users --> tenzin_io_dns

rectangle github as "GitHub (" {
    database github_repo as "GitHub Repos" #violet
    database actions_runner as "GitHub Actions" #violet
    github_repo --> actions_runner

rectangle oracle_cloud as "Oracle Cloud Infra (tenzin)" {
    node oci_squid as "oci-squid" #AliceBlue
    node frontend_1 as "frontend-1" #AliceBlue
    node runner_1 as "runner-1" #AliceBlue
    node runner_2 as "runner-2" #AliceBlue
    actions_runner --> runner_1
    actions_runner --> runner_2

internet_dns_names --> frontend_1

rectangle home_lab as "Home Lab" #AliceBlue {
    actor home_user as "Home Users" #AliceBlue
    rectangle pfsense as "pfSense Firewall" {
        node firewall as "firewall UI" #Pink
        firewall_dns_name ---> firewall
        database tenzin_io_dns_home as "" #AliceBlue

        rectangle home_dns_names #AliceBlue [

        card home_firewall_dns_name as "" #AliceBlue
        firewall <-- home_firewall_dns_name
        home_dns_names .. tenzin_io_dns_home
        home_firewall_dns_name .. tenzin_io_dns_home
    rectangle vsphere_2 as "vSphere Host" {
        port vsphere_ui as "vSphere UI"
        node confluence as "confluence-1" #AliceBlue
        node repo as "repo-1" #AliceBlue
        node vault as "vault-1" #AliceBlue
        node backend_1 as "backend-1" #AliceBlue

        backend_1 <-- home_dns_names

        vaultbackend_1 --> vault
        backend_1 --> repo
        repobackend_1 --> backend_1confluence
        confluencebackend_1 --> backendvsphere_1ui


    home_user -> tenzin_io_dns_home

cloud tailscale_net as "Tailscale Network" #AliceBlue

frontend_1 --> tailscale_net
oci_squid -- tailscale_net

backendtailscale_1net <--> tailscalebackend_net1

legend right
| Color | Type |
|<#AliceBlue>| Home lab|
|<#Pink>| Firewall |
|<#violet>| GitHub|
|<#PaleGreen>| Cloudflare |



  • The frontend-1 node has a side-car container that updates the DNS record in Cloudflare for every 1 hour with its public IP address found via service.
    • The  and confluence,,  are CNAMEs to the  DNS record.
  • The frontend-1 node sends all request to the backend node which will then process the given server_name field-1 node via the Tailscale network.  The backend-1 node process the forwarded server_name field and send it to the correct machine.
  • The firewall node has a dynamic DNS client that will update the DNS record with my home lab's Internet IP address.
  • The squid node in Oracle Cloud is essential in troubleshooting the Internet HTTP request path versus the internal home lab HTTP request path.