GSM/docs/infrastructure.md

# Homelab Infrastructure

## Netzwerktopologie

```
Internet
    |
    v
+------------------+
|  Router/Modem    |  62.155.227.77 (dynamisch, Telekom)
|  192.168.2.1     |
+--------+---------+
         |
         v
+-------------------------------------------------------------+
|                    LAN 192.168.2.0/24                       |
+-------------------------------------------------------------+
|                                                             |
|  +--------------+    +--------------+    +--------------+   |
|  |  Raspberry   |    |   Proxmox    |    |   Windows    |   |
|  |  Pi (Himbeer)|    |    Server    |    |     PC       |   |
|  |  .10         |    |    .20       |    |              |   |
|  +------+-------+    +------+-------+    +--------------+   |
|         |                   |                               |
|         |           +-------+-------+-------+               |
|         |           |       |       |       |               |
|         |           v       v       v       v               |
|         |        +-----+ +-----+ +-----+ +-----+            |
|         |        | .30 | | .50 | | .51 | | .52 |            |
|         |        | LXC | | LXC | | VM  | | VM  |            |
|         |        |Monit| |Facto| | MC  | |VRis |            |
|         |        +-----+ +-----+ +-----+ +-----+            |
|         |                                                   |
+---------+---------------------------------------------------+
          |
          v
    +-----------+
    |  Docker   |
    |  Services |
    +-----------+
```

---

## Server-Uebersicht

### Raspberry Pi (alex@Himbeer) - 192.168.2.10

**Rolle:** Reverse Proxy & DNS Management

| Service | Container | Funktion |
|---------|-----------|----------|
| Nginx Proxy Manager | nginx-proxy-manager | Reverse Proxy + SSL (Let's Encrypt) |
| Cloudflare DDNS | cloudflare-ddns | Dynamische DNS-Updates |
| Nextcloud | nextcloud | Cloud Storage |
| MariaDB | nextcloud-db | Nextcloud Datenbank |

**NPM Admin-UI:** http://192.168.2.10:81

**Cloudflare DDNS Domains:**
- home.dimension47.de
- factorio.dimension47.de
- minecraft.dimension47.de
- monitor.dimension47.de
- grafana.dimension47.de

---

### Proxmox Server - 192.168.2.20

**Rolle:** Virtualisierungshost

| VMID | Name | Typ | IP | Cores | RAM | Funktion |
|------|------|-----|-----|-------|-----|----------|
| 100 | atm10 | VM (QEMU) | .51 | 4 | 12 GB | Minecraft ATM 10 |
| 101 | factorio | LXC | .50 | 2 | 4 GB | Factorio Server |
| 102 | gameserver-monitor | LXC | .30 | 2 | 4 GB | Monitoring Webapp |
| 103 | vrising | VM (QEMU) | .52 | 4 | 12 GB | V Rising Server |

---

### Gameserver Monitor (root@192.168.2.30) - LXC 102

**Rolle:** Gameserver Ueberwachung & Administration

**URL:** https://monitor.dimension47.de

**Default Login:** admin / admin (Passwort aendern nach erstem Login!)

**Tech Stack:**
- OS: Debian 13 (Trixie)
- Frontend: React + Vite + TailwindCSS 4 + recharts
- Backend: Node.js + Express
- Auth: JWT + bcrypt + SQLite
- Monitoring: Prometheus + Grafana
- Reverse Proxy: nginx

**Features:**
- Oeffentliches Dashboard (ohne Login sichtbar)
- Live CPU/RAM Metriken (via SSH)
- Gameserver-Uptime (Prozess-Uptime statt Host-Uptime)
- Metrics History via Prometheus (15m/1h/6h/24h)
- Player Count + Spielerliste via RCON
- Game-Logos neben Servernamen
- Interaktives Navbar-Logo (Hover-Effekt, Link zu zeasy.software)
- Start/Stop/Restart Server (Moderator+)
- Console Logs (live, Moderator+)
- RCON Console (Moderator+)
- Minecraft Whitelist-Verwaltung mit serverseitigem Caching
- Rollensystem: user, moderator, superadmin

**Todos:**
- Auto-Shutdown: Gameserver automatisch abschalten wenn zu lange kein Spieler online war

**Prometheus Targets:**
- localhost:9100 (monitor)
- 192.168.2.50:9100 (factorio)
- 192.168.2.51:9100 (minecraft)
- 192.168.2.52:9100 (vrising)

**Grafana:** https://grafana.dimension47.de

---

### Factorio Server (root@192.168.2.50) - LXC 101

| Eigenschaft | Wert |
|-------------|------|
| Runtime | Docker |
| Container | factorio |
| Game Port | 34197/udp |
| RCON Port | 27015 |
| RCON Password | jieTig6IkixaKuu |

---

### Minecraft Server (root@192.168.2.51) - VM 100

| Eigenschaft | Wert |
|-------------|------|
| Modpack | All The Mods 10 (ATM10) |
| Runtime | screen |
| Screen Name | minecraft |
| Game Port | 25565 |
| RCON Port | 25575 |
| RCON Password | gsm-mc-2026 |
| Pfad | /opt/minecraft |

---

### V Rising Server (root@192.168.2.52) - VM 103

| Eigenschaft | Wert |
|-------------|------|
| Runtime | systemd |
| Service Name | vrising |
| Game Port | 9876/udp, 9877/udp |
| Pfad | /home/steam/vrising |

---

### Project Zomboid Server (pzuser@10.0.30.66) - Extern via WireGuard

| Eigenschaft | Wert |
|-------------|------|
| Runtime | screen |
| Screen Name | zomboid |
| RCON Port | 27015 |
| Pfad | /opt/pzserver |
| Log | /home/pzuser/Zomboid/server-console.txt |
| Netzwerk | Erreichbar via WireGuard-Tunnel "melih" |

---

## WireGuard VPN

Der Gameserver-Monitor (.30) nutzt einen WireGuard-Tunnel um externe Server (z.B. Zomboid auf 10.0.30.66) zu erreichen.

**Interface:** melih
**Lokale IP:** 10.0.200.201/32

### WireGuard Watchdog

Ein Cronjob prueft alle 2 Minuten ob der Tunnel aktiv ist und startet ihn bei Bedarf neu.

| Komponente | Wert |
|------------|------|
| Script | /usr/local/bin/wg-watchdog.sh |
| Cronjob | */2 * * * * |
| Timeout | 5 Minuten ohne Handshake |
| Log | /var/log/wg-watchdog.log |

---

## SSH-Zugang

Der Gameserver-Monitor (.30) hat SSH-Key-Zugang zu:
- 192.168.2.20 (Proxmox)
- 192.168.2.50 (Factorio)
- 192.168.2.51 (Minecraft)
- 192.168.2.52 (V Rising)

Key: /root/.ssh/id_ed25519

---

## Wartung

### Backend (PM2)
```bash
# Status pruefen
ssh root@192.168.2.30 "pm2 status"

# Logs anschauen
ssh root@192.168.2.30 "pm2 logs gameserver-backend --lines 50"

# Neu starten
ssh root@192.168.2.30 "pm2 restart gameserver-backend"
```

### Frontend neu bauen
```bash
ssh root@192.168.2.30 "cd /opt/gameserver-monitor/frontend && npm run build && nginx -s reload"
```