# =========================================== # INVENTÁRIO FÍSICO — Single Source of Truth # =========================================== # Este arquivo mapeia TODAS as máquinas físicas do homelab. # UPDATE: Sempre que mudar algo físico (IP, MAC, disco), atualize aqui PRIMEIRO. # =========================================== physical_hosts: # =========================================== # HESTIA — Notebook (esta máquina) # =========================================== hestia: description: "Notebook Dell Latitude 5490 — usado como workstation e runner de CI/CD" location: "rack caseiro" hardware: cpu: "Intel i5-8250U" ram_gb: 16 disk: - device: /dev/sda type: SSD size_gb: 224 mount: / network: mac: "74:86:7a:f9:15:c1" # enp9s0 (cabo, sem link atualmente) wifi_mac: "0c:84:dc:d5:03:d1" # wlp6s0 (WiFi, IP atual) ip: "10.0.10.100" # WiFi VLAN10 (sem cabo conectado) gateway: "10.0.0.1" # ER605 dns: "10.0.0.2" # AdGuard os: distro: "Debian" version: "13" hostname: "hestia" roles: - runner-ci # Gitea Actions runner - workstation ssh: user: "iamferreirajp" port: 22 # =========================================== # PROXMOX — Server principal # =========================================== proxmox: description: "Servidor mini-ITX — Proxmox VE rodando VMs e containers" location: "rack caseiro" hardware: cpu: "PLACEHOLDER" ram_gb: 64 disk: - device: /dev/sda type: SSD size_gb: 512 mount: / role: "Proxmox OS" network: mac: "b8-97-5a-f0-87-a1" # Omada: Proxmox Server 1 ip: "10.0.0.20" # VLAN1 (infra) gateway: "10.0.0.1" # ER605 dns: "10.0.0.2" os: distro: "Proxmox VE" version: "PLACEHOLDER" hostname: "proxmox" roles: - hypervisor # Proxmox (gerencia VMs) - nfs-client # Mount TrueNAS volumes ssh: user: "root" port: 22 # =========================================== # TRUENAS — Storage server # =========================================== truenas: description: "Servidor de storage — TrueNAS Scale baremetal" location: "rack caseiro" hardware: cpu: "PLACEHOLDER" ram_gb: 32 disk: # TODO: lsblk -d -o NAME,SIZE,TYPE | grep disk - device: /dev/sdb type: HDD size_tb: 4 role: "data" - device: /dev/sdc type: HDD size_tb: 4 role: "data" - device: /dev/sdd type: HDD size_tb: 4 role: "data" - device: /dev/sde type: HDD size_tb: 4 role: "data" - device: /dev/sdf type: SSD size_gb: 500 role: "SLOG/Cache" network: mac: "00-e0-21-47-21-2b" # Omada: truenas-scale ip: "10.0.0.30" # VLAN1 (infra) gateway: "10.0.0.1" # ER605 dns: "10.0.0.2" os: distro: "TrueNAS Scale" version: "PLACEHOLDER" hostname: "truenas" roles: - storage # NFS/SMB shares - nfs-server # Exporta volumes ssh: user: "root" port: 22 # =========================================== # ER605 — Router TP-Link (Omada) # =========================================== er605: description: "Router TP-Link ER605 v2.20 — gateway + DHCP + VLANs + PoE" location: "rack caseiro" hardware: model: "TP-Link ER605" firmware: "v2.20" wan_ports: 2 # WAN1 + WAN/LAN2 lan_ports: 4 # WAN/LAN2-4 + LAN4 network: mac: "b0-19-21-fa-63-71" # Omada: Router ER605 ip: "10.0.0.1" # VLAN1 gateway gateway: "PLACEHOLDER" # upstream WAN dns: "10.0.0.2" omada: controller_url: "https://omada.hackerfortress.cc:8043" omadac_id: "1e2cbaa10f2197906ea1e1e22fd9ecdb" site_id: "67fd45c09d548c34d5cbe278" site_name: "Homefortress" roles: - gateway - dhcp-server - firewall - poe-switch # SG2428P faz switch PoE, mas ER605 tb management: web_ui: "https://omada.hackerfortress.cc" ssh: "disabled" wan: wan1: status: up link_speed: "1Gbps" wan2: status: up link_speed: "1Gbps" # =========================================== # SG2428P — Switch 24-port PoE # =========================================== sg2428p: description: "Switch TP-Link SG2428P 24-port Gigabit PoE — backbone da rede" location: "rack caseiro" hardware: model: "TP-Link SG2428P" firmware: "v5.30" ports: 24 poe_ports: 24 network: mac: "d8-44-89-52-a0-df" # Omada: Switch 24p ip: "10.0.0.2" # VLAN1 (infra) - mesmo IP do AdGuard? gateway: "10.0.0.1" dns: "10.0.0.2" omada: name: "Switch 24p" site_id: "67fd45c09d548c34d5cbe278" roles: - switch - poe-switch management: web_ui: "via Omada Controller" uplink: "ER605 LAN5 (port 5)" # =========================================== # EAP610 — Access Points (2x) # =========================================== eap610-sala: description: "Access Point EAP610 na sala" hardware: model: "TP-Link EAP610(US)" firmware: "v3.0" network: mac: "98-ba-5f-c3-9c-80" ip: "10.0.0.10" omada: name: "AP-SALA" site_id: "67fd45c09d548c34d5cbe278" clients: 8 roles: - access-point management: web_ui: "via Omada Controller" uplink_switch: "SG2428P port 5" eap610-suite: description: "Access Point EAP610 na suíte" hardware: model: "TP-Link EAP610(US)" firmware: "v3.0" network: mac: "98-ba-5f-c3-84-fc" ip: "10.0.0.11" omada: name: "AP-SUÍTE" site_id: "67fd45c09d548c34d5cbe278" clients: 11 roles: - access-point management: web_ui: "via Omada Controller" uplink_switch: "SG2428P port 4" # =========================================== # VLANs — mapeamento de rede # =========================================== vlans: 1: name: "infra" subnet: "10.0.0.0/24" dhcp_range: "10.0.0.100-10.0.0.200" description: "Infraestrutura — Gitea, AdGuard, Omada Controller" 10: name: "geral" subnet: "10.0.10.0/24" dhcp_range: "10.0.10.100-10.0.10.200" description: "Workstations e laptops" 20: name: "iot" subnet: "10.0.20.0/24" dhcp_range: "10.0.20.100-10.0.20.200" description: "Dispositivos IoT — sensores, câmeras" 30: name: "guests" subnet: "10.0.30.0/24" dhcp_range: "10.0.30.100-10.0.30.200" description: "Rede de visitantes" # =========================================== # DNS — AdGuard # =========================================== dns: adguard: description: "DNS recursivo + bloqueador de ads" ip: "10.0.0.2" roles: - dns-recursive - dns-block web_ui: "http://10.0.0.2" upstream_dns: - "1.1.1.1" - "8.8.8.8"