Welcome to my home lab Confluence server 🙌😚!  I'm using this server to host my home lab experiments 👨‍🔬, documentation and learning ✍️.  I initially discovered Confluence via my workplace and thought it was a very nice document writing system.  When I found that Atlassian offered a $10/yr plan 🤩, I immediately bought one and setup this server.  Note:  This is a second reboot of this system.

A third reboot is in progress.  I'm planning to migrate all my applications to a Kubernetes cluster, where my apps will be managed through Helm chart installations.  The VM infrastructure will continue to exist, but will have one purpose, to be Kubernetes control or worker nodes.  I may have one VM serving as a bastion host.

🏡 Infrastructure

The is a home lab diagram that focuses on the general communications path to reach my on-premises resources from the Internet.  I've rebuilt the infrastructure in various ways and each time it gets simpler, easier and more robust 🤗.


Notes

  • The frontend-1 node has a container that updates the DNS record in Cloudflare for frontend.tenzin.io every 1 hour with its public IP address found via http://checkip.amazonaws.com service.
    • The repo.tenzin.io, confluence.tenzin.io, vault.tenzin.io are CNAMEs to the frontend.tenzin.io  DNS record.
  • The frontend-1 node sends all request to the backend-1 node via the Tailscale network.  The backend-1 node process the forwarded server_name field and send it to the correct machine.
  • The firewall node has a dynamic DNS client that will update the firewall.tenzin.io DNS record with my home lab's Internet IP address.
  • The squid node in Oracle Cloud is essential in troubleshooting the Internet HTTP request path versus the internal home lab HTTP request path.

Host Table

Home lab repositoryhttps://github.com/tenzin-io

HostRepositoryDescription
1frontend-1https://github.com/tenzin-io/frontend
  • Internet access to on-premises hosted applications.
  • An Nginx proxy that sends request to the backend host connected on the Tailscale network.
2backend-1https://github.com/tenzin-io/backend
  • An Nginx proxy will route to the designated upstream server depending on the server_name  that was received.
3repo-1https://github.com/tenzin-io/repo
  • A JFrog Artifactory server (JCR version) that stores artifacts generated by home lab build pipelines.
  • Repository for Docker images, Helm charts and generic blobs.
4confluence-1https://github.com/tenzin-io/confluence
  • This Confluence server!
5vault-1https://vault.tenzin.io
  • A Hashicorp Vault server to store all my home lab secrets 👀.
6oci-squidhttps://github.com/tenzin-io/squid
  • A Squid proxy server on the Tailscale network.
  • I can use Oracle Cloud's Internet gateway for web browser traffic.
7firewallhttps://www.pfsense.org/download
  • pfSense firewall host.
  • Protects the Home Lab.
  • Currently the Home Lab's DNS forwarder and DHCP server.

Services


Access URLService Description
1

https://confluence.tenzin.io

This Confluence server!
2

https://vault.tenzin.io

My Hashicorp Vault server.
3https://firewall.tenzin.io
  • pfSense firewall appliance.
  • Protects the home lab infrastructure.
4https://repo.tenzin.io

JFrog Artifactory server, the JCR version.

  • Repository for Helm charts and Docker images.
  • Repository for generic blob artifacts.
5

https://vs.tenzin.io

VMware vSphere 7 hypervisor to host virtual machines.

Child Pages

  • No labels