LXC / Conception
Description
This badly named LXC container (docker containers, inception for nested virtualization) is responsible for running the majority of my services.
Configuration
Resources
| Hostname | CPU | Memory |
|---|---|---|
| conception.hermz | 4 vCPU | 4096MB |
Storage
| Mount Point | Source | Destination |
|---|---|---|
| mp0 | /storage/zpool10/downloads | /storage/downloads |
| mp1 | /storage/zpool10/downloads/incomplete | /storage/downloads/incomplete |
| mp2 | /storage/zpool10/media | /storage/media |
| mp3 | /storage/zpool10/services | /storage/services |
Networking
Interfaces
| ID | Name | Bridge | IP Address |
|---|---|---|---|
| net0 | eth0 | vmbr1 | 10.0.2.2/21 |
| net1 | eth1 | vmbr2 | 192.168.0.2/24 |
Docker Networks
blackbox_containers
All publically accessible containers should be part of this network. The idea is that Traefik receives public traffic and proxies it to the appropriate container through this network. Containers can directly address other containers in this network using their hostname without going back through SSL or leaving the network.
a_wireguarded
All containers which should be run through
Installed Software
Services
See Services