# vault # Physical Hardware ![](https://bookstack.swigg.net/uploads/images/gallery/2021-10/protectli-fw2.jpg)## Basic Components [Proectli Vault](https://protectli.com/product/fw1/) ### Compute #### Processor [Intel Celeron Bay Trail-D J1800](https://ark.intel.com/content/www/us/en/ark/products/78866/intel-celeron-processor-j1800-1m-cache-up-to-2-58-ghz.html) - Provides excellent mix between performance and efficiency using only 10W.


Cores / Threads	2 / 2
Base Frequency	2.41 GHz
Burst Frequency	2.58 GHz
Cache	1MB L2 Cache
TDP	10W

#### GPU Intel HD Graphics for Intel Atom Processor Z3700 Series


Base Frequency	688 MHz
Burst Frequency	792 MHz
QuickSync Video	Yes

### Motherboard


Form Factor	Proprietary
CPU	Soldered Intel Celeron J1800
Chipset	unknown
Memory	1x DDR3L 1333MHz SODIMM, 1.35v, Max 8GB
Video	1x VGA
Networking	2x Intel Gigabit 82583V 1GbE
PCI	none
Storage	- 1x mSATA
USB	- 1x External USB 2.0 (Type-A) - 1x External USB 3.0 (Type-A) - 1x Internal USB 2.0 (mPCIe)
COM	1\*RS232

### Memory


Slot 1 ![](https://bookstack.swigg.net/uploads/images/gallery/2021-03/scaled-1680-/timetec-ddr3-1866.png)	Timetec Hynix IC 8GB DDR3L 1333MHz (1x8GB) - 2Rx8 Dual Rank - CAS Latency 13 - 1.35V

### Case n/a ### Storage


SATA1 ![](https://bookstack.swigg.net/uploads/images/gallery/2021-03/scaled-1680-/dogfish-ssd.png)	Dogfish 64GB mSATA MLC SSD

### Cooling n/a ### Power Supply n/a ### UPS n/a ## Add-On Cards


mPCIe (USB) ![](https://bookstack.swigg.net/uploads/images/gallery/2021-03/intel-ax200.png)	Protectli Wifi Adapter - Wireless B/G/N at 2.4Ghz - USB Channel communication

# Base Install ## Operating System --- [Proxmox Virtual Environment](https://www.proxmox.com/en/) 6.x ## Configuration

Proxmox configuration has been transitioned to being automated by an [Ansible Role](https://gitlab.swigg.net/dustins/ansible/-/blob/master/proxmox.yml)

# Configuration (deprecated) ## DHCP Server

Domain	Subnet	Gateway
hermz	10.0.0.0/21	10.0.1.1

### IP Reservations A few reservations were setup to ensure certain interfaces get a static IP address assigned to make managing these machines/devices easier.

MAC Address	Client Id	IP Address	Description
`02:1c:83:7d:15:8e`	firewall	10.0.1.1	PfSense firewall
`02:1c:83:7d:15:8e`	pihole	10.0.2.2	Pi-hole DNS
`02:1c:83:7d:15:8e`	wireguarded	10.0.2.2	wireguarded
`b4:fb:e4:8f:f9:74`		10.0.2.99	Ubiquiti UniFi Switch 8
`e0:d5:5e:63:fe:30`	blackbox	10.0.3.2	[blackbox](https://bookstack.swigg.net/books/blackboxhermz) proxmox management
`e0:d5:5e:63:fe:30`	mini	10.0.3.3	[mini](https://bookstack.swigg.net/books/minihermz) proxmox management
`d0:a6:37:ed:8c:7f`	silverbook	10.0.4.4	Dustin's MacBook Pro (wifi)
`82:13:00:9c:c7:00`		10.0.4.5	thunderbolt ethernet adapter
`32:cc:fb:a3:1a:57`	docked	10.0.44.4	docker services

## DNS Resolver DNS overrides were setup to allow accessing some services directly across the LAN instead of going through the router.

Home	Domain	Address/Alias	Description
No overrides are currently being used

## Firewall/NAT

Interface	Protocol	Destination	Port(s)
WAN	IPv4 TCP	docked.hermz	80 (HTTP) 8080 (HTTP alternative) 443 (HTTPS) 8443 (HTTPS alternative)
WAN	IPv4 TCP	docked.hermz	2222 (SSH alternative)
WAN	IPv4 TCP/UDP	wireguarded.hermz	51820 (Wireguard)

## Dynamic DNS

Interface	Service	Hostname
WAN	Namecheap	@.swigg.net
WAN	Namecheap	\*.swigg.net
WAN	Namecheap	@.dustins.site
WAN	Namecheap	\*.dustins.site
WAN	Namecheap	@.notgandhi.com
WAN	Namecheap	\*.notgandhi.com

# VM / firewall (needs verification) ## Description This VM is for running [VyOS](https://en.wikipedia.org/wiki/VyOS) to act as a [firewall](https://en.wikipedia.org/wiki/Firewall_(computing))/[router](https://en.wikipedia.org/wiki/Router_(computing)) for the network. Originally this machine was running [pfSense](https://en.wikipedia.org/wiki/PfSense) (which is excellent) but that is based on [FreeBSD](https://en.wikipedia.org/wiki/FreeBSD) and I wanted a firewall/router based on [Linux](https://en.wikipedia.org/wiki/Linux). ## Configuration ### Resources

Hostname	CPU	Memory
firewall	2 vCPU	512MB

### Storage

Disk	Controller	Size	Purpose
vpool-zfs:vm-104-disk-0	ide0	1M	EFI

### Networking #### Interfaces

ID	Name	Bridge	IP Address
net0	n/a	vmbr0	(DHCP)
net1	n/a	vmbr1	10.0.1.1/21

# VM / homeassistant ![](https://upload.wikimedia.org/wikipedia/commons/thumb/6/6e/Home_Assistant_Logo.svg/220px-Home_Assistant_Logo.svg.png)## Description This VM is for running [HomeAssistant](https://www.home-assistant.io/) which acts as the control system for smart home devices with focus on local control and privacy. ## Configuration ### Resources

Hostname	CPU	Memory
homeassistant	2 vCPU	4096MB

### Storage

Disk	Controller	Size	Purpose
vpool-zfs:vm-104-disk-0	ide0	1M	EFI

### Networking #### Interfaces

ID	Name	Bridge	IP Address
net0	n/a	vmbr0	(DHCP)