===== TorresVault Architecture Overview =====
This page documents the high-level architecture of the **TorresVault** home lab:
* Proxmox cluster and storage
* Network (UniFi, VLANs, WiFi)
* Core services (DNS, reverse proxy, storage, monitoring)
* Automation & lighting (Home Assistant, FPP)
* Future expansion plans (NAS hybrid box, mini PC cluster)
----
==== 1. High-Level Diagram ====
This is the birds-eye view of TorresVault as it exists today + near-term plans.
┌──────────────── Internet ────────────────┐
│ Ting Fiber (WAN1) │
└────────────────────┬─────────────────────┘
│
[ WAN1 @ Port 5 ]
│
┌────────────────────────────────┐
│ UCG Max (192.168.1.1) │
│ - Router / Firewall │
│ - DHCP for all VLANs │
└─────┬───────────┬──────────────┘
│ │
VLAN 1 (192.168.1.0/24) │ │ VLAN 10 (192.168.10.0/24)
│ │
┌─────┴───────┐ │
│ USW-Lite-8 │ │
│ 8-PoE │ │
│ 192.168.1.194 │
└─────┬───────┘ │
│ │
┌───────────────────┼───────────┼────────────────────┐
│ │ │ │
[Hallway AP] [Front-end [Other wired [Downstream
192.168.1.236 devices] devices] uplinks]
(WiFi for multiple
VLANs via SSIDs)
Hallway AP (mesh) ──► UDB Switch (192.168.1.98)
┌────────── Proxmox / Compute Layer ──────────┐
VLAN 10 / 20 uplinks via:
- USW Flex (192.168.10.7)
- USW Flex 2.5G 5 (192.168.10.104)
┌────────────────────────────────────────────┐
│ Proxmox Cluster │
│ │
│ PVE1: (details TBD) │
│ - CPU: │
│ - RAM: │
│ - Storage: 12–14 × 1TB 2.5" disks │
│ - HBA: │
│ │
│ PVE2: (details TBD) │
│ - CPU: │
│ - RAM: │
│ - Storage: 12–14 × 1TB 2.5" disks │
│ - HBA: │
│ │
│ QDevice: Raspberry Pi (corosync qdevice) │
└────────────────────────────────────────────┘
┌────────────────────────────────────────────┐
│ Future: NAS / Proxmox Hybrid (Define 7) │
│ - ASRock Rack X570D4U │
│ - Ryzen CPU │
│ - RAM: TBD │
│ - 2 × HBAs │
│ - 16 × 6TB SAS enterprise drives │
│ - Dual Intel X550 10GbE │
│ - 1 mgmt, 2 × 1G, 2 × 10G │
└────────────────────────────────────────────┘
┌────────────────────────────────────────────┐
│ Services Cluster (Mini PCs) │
│ - 2 × MINISFORUM UM890 Pro │
│ - Future use: k3s / services / AI │
└────────────────────────────────────────────┘
┌────────────── Automation & Lighting Layer ─────────────┐
VLAN 60 (Torres Family Lights) → 192.168.60.0/24
- FPP Controller: 192.168.60.55
- Kulp controllers / smart receivers
- WLED instances (including wled_car_warning)
----
==== 2. Network & VLAN Layout ====
The network core is provided by the **UCG Max** gateway and a UniFi switch/AP stack.
=== Core UniFi Devices ===
* **UCG Max** – 192.168.1.1
* WAN1: Ting Fiber
* Handles DHCP for all VLANs
* Router for all subnets
* **Switches**
* USW Flex – 192.168.10.7 (uplink from UCG Max Port 4)
* USW Flex 2.5G 5 – 192.168.10.104 (uplink from USW Flex Port 5)
* USW-Lite-8-PoE – 192.168.1.194 (uplink from UCG Max Port 1)
* UDB Switch – 192.168.1.98 (meshed via Hallway AP)
* **Access Points**
* Master Bedroom AP – 192.168.10.201 (uplink from USW Flex Port 4)
* Hallway AP – 192.168.1.236 (uplink from USW-Lite-8-PoE, provides mesh to UDB)
=== VLANs & Subnets ===
Current layer-3 networks:
^ Name ^ VLAN ID ^ Subnet ^ DHCP ^ Notes ^
| Default | 1 | 192.168.1.0/24 | Yes | Core LAN / Infra |
| stark_user | 10 | 192.168.10.0/24 | Yes | User devices |
| stark_IOT | 20 | 192.168.20.0/24 | Yes | Home IoT |
| guest | 30 | 192.168.30.0/24 | Yes | Guest WiFi |
| IOT+ | 50 | 192.168.50.0/24 | Yes | Higher-trust IoT / bridge |
| Torres Family lights| 60 | 192.168.60.0/24 | Yes | FPP, controllers, WLED etc. |
=== WiFi SSIDs ===
^ SSID ^ VLAN / Network ^ Bands ^ Purpose ^
| stark_IOT | stark_IOT (20) | 2.4 / 5 GHz | Bulk IoT |
| stark_user | stark_user (10)| 2.4 / 5 GHz | User phones / laptops |
| stark_IOT+ | IOT+ (50) | 2.4 / 5 GHz | Special IoT / bridges |
----
==== 3. Proxmox Cluster Architecture ====
The hypervisor layer currently consists of **two main Proxmox nodes plus a qdevice**, with a future third node / NAS hybrid.
=== PVE1 ===
* Hostname: **pve1**
* CPU: **Intel Core i5-2500 @ 3.30 GHz (4 cores / 4 threads, 1 socket)**
* RAM: **32 GB DDR3L 1600 MHz**
* 4 × 8 GB Timetec DDR3L (PC3L-12800) UDIMMs
* Disks (approximate):
* Multiple **1 TB WDC WD1003FBYX** enterprise HDDs
* Multiple **1 TB Seagate ST91000640NS** drives
* Total of ~12 × 1 TB disks for VM storage
* Storage stack:
* System disk on onboard Intel SATA controller
* Data disks on GLOTRENDS SATA card, grouped into Proxmox storage (LVM/ZFS + zvols)
* HBAs / SATA:
* Onboard **Intel SATA controller (RAID mode)**
* **ASMedia ASM1064 SATA controller**
* **GLOTRENDS SA3112-C 12-Port PCIe x1 SATA Expansion Card**
* Networking:
* Onboard **Intel 82579LM Gigabit NIC**
* **Intel I350 quad-port 1 GbE** PCIe NIC
* vmbr interfaces used for:
* LAN / management
* Cluster interconnect (10.10.10.0/30 link to PVE2)
* Roles:
* Hosts many of the core VMs (Nextcloud, NPM, Jellyfin, Prometheus/Grafana, etc.)
* Part of 2-node Proxmox cluster
=== PVE2 ===
* Hostname: **pve2**
* CPU: **Intel Core i5-4570 @ 3.20 GHz (4 cores / 4 threads, 1 socket)**
* RAM: **32 GB DDR3L 1600 MHz**
* Same Timetec 4 × 8 GB kit as PVE1
* Disks (approximate):
* Multiple **1 TB Seagate ST91000640NS** drives
* Total of ~12 × 1 TB disks for VM storage
* Storage stack:
* System disk on onboard Intel 9-Series SATA controller (AHCI)
* Data disks on GLOTRENDS SATA card
* HBAs / SATA:
* **Intel 9 Series SATA controller (AHCI mode)**
* **ASMedia ASM1064 SATA controller**
* **GLOTRENDS SA3112-C 12-Port PCIe x1 SATA Expansion Card**
* Networking:
* Same **Intel I350 quad-port 1 GbE** NIC family as PVE1 (4 ports)
* Bridges mirror PVE1 layout for easy VM migration
* Roles:
* Redundant node for critical services
* General lab workloads and testing
=== QDevice ===
* Hardware: **Raspberry Pi**
* Purpose: runs **corosync-qdevice** to provide quorum for the 2-node Proxmox cluster
* Goal: avoid split-brain if one Proxmox node goes offline
=== Future: NAS / Proxmox Hybrid (Define 7 XL) ===
* Case: **Fractal Design Define 7 XL**
* Motherboard: **ASRock Rack X570D4U**
* CPU: **Ryzen (exact model TBD)**
* RAM: **TBD (planned upgrade path from 32 GB → higher)**
* Disks: **16 × 6 TB SAS enterprise drives** via dual HBAs
* Network:
* 1 × dedicated management port
* 2 × 1 GbE
* 2 × 10 GbE (Intel X550)
* Role:
* High-capacity NAS for the cluster
* Additional Proxmox node for storage-heavy workloads
* Long-term “set it and forget it” anchor of **TorresVault 2.0**
=== Future: Services / Mini-PC Cluster ===
* **2 × MINISFORUM UM890 Pro** mini PCs
* Planned roles:
* Lightweight Kubernetes / k3s or Docker swarm node(s)
* Local AI / automation services
* Offload non-critical or experimental workloads from PVE1/PVE2
----
==== 4. Core Services Layout ====
Key always-on services and where they live conceptually:
* **DNS & Filtering**
* Pi-hole pair with VIP **192.168.1.5**
* Handles internal DNS including `torresvault.com` / `in.torresvault.com`
* **Reverse Proxy**
* NGINX Proxy Manager
* Exposes external services under `torresvault.com`
* Internal apps reachable via `in.torresvault.com`
* **Storage & Files**
* Nextcloud VM
* Backed by Proxmox storage + future NAS
* **Monitoring**
* Prometheus + Grafana
* Targets: Proxmox nodes, UniFi, FPP, key VMs & containers
* **Home Automation**
* Home Assistant (currently on a Pi)
* Integrations:
* UniFi presence / network health
* BLE tracking
* FPP (192.168.60.55)
* WLED (including car warning instance)
* Zigbee/Z-Wave/other smart devices
* **Media**
* Jellyfin VM
* Access protected via NPM / auth
----
==== 5. Automation & Lighting (Torres Family Lights) ====
The holiday light show runs on a dedicated VLAN and infrastructure:
* VLAN 60 – **Torres Family lights** – 192.168.60.0/24
* FPP primary controller – 192.168.60.55
* Kulp 32 controllers and smart receivers
* Mega tree, matrix, rooflines, and other props
* Home Assistant controls:
* Start/Stop show
* Sequence selection
* Monitoring FPP state
* WLED instances:
* `wled_car_warning` used for in-car item reminders
This layer is intentionally isolated using its own VLAN and firewall rules, while still tightly integrated with Home Assistant for automations.
----
==== 6. Future Direction (TorresVault 2.0) ====
Planned upgrades and architectural goals:
* Bring NAS / Proxmox hybrid online as a third cluster member and storage anchor.
* Deploy the 2 × MINISFORUM UM890 Pro mini PCs as a lightweight services/AI cluster.
* Migrate more VMs to containerized services (Docker / k3s) where it makes sense.
* Standardize on voice + automation (Home Assistant Voice, local AI).
* Tighten monitoring + alerting across Proxmox, UniFi, FPP, Pi-hole, and services.
* Document **every** major component and procedure in this wiki for future you.