VM-HM-SVC-PROD-01

Feld	Wert
Site	Home (Proxmox VE-IO-01)
Hypervisor host	VE-IO-01
Rolle	HM-Service-Tier PROD — UptimeKuma + Homepage + CUPS + UniFi
OS	Debian 12.x
Primary IP	10.100.100.102 (VLAN 100 SERVER)
DNS-intern	vm-hm-svc-prod-01.hm.blackreset.internal
Last-changed	2026-05-04

Stack	Image	Port	DB
`uptime-app`	`louislam/uptime-kuma:1`	3001 (Traefik)	MariaDB auf vm-hm-db-01
`homepage-app`	`ghcr.io/gethomepage/homepage:latest`	3000	none (config-files)
~~`cups-app`~~	~~custom CUPS+SMB~~	—	DECOMMISSIONED 2026-05-06 — Print-Spooler läuft jetzt direkt auf vm-dc-01 (Windows-nativ). Container-Daten archiviert in `/opt/cups.archived-2026-05-06/`. Siehe archive/policies/printer-access.
`unifi-app`	`lscr.io/linuxserver/unifi-network-application:9`	8443/8080/8843	MongoDB-Sidecar `unifi-mongo`
`unifi-mongo`	`mongo:7`	27017 (LAN-only)	self
`portainer-agent`	`portainer/agent:2.41`	9001	—

Stack	Image	Port	Use	Auth
`n8n`	`docker.n8n.io/n8nio/n8n:1.121.1`	5678	Workflow-Automation	Perimeter-Auth via Authentik proxy outpost (HM-EDGE Traefik fwauth, n8n-community hat keine native OIDC)
`ollama`	`ollama/ollama:0.13.5`	11434	LLM-Backend (LAN-only, kein Public-Reverse-Proxy)	none (LAN-trust)
`openwebui`	`ghcr.io/open-webui/open-webui:v0.9.2`	3030→8080	Browser-UI für Ollama	Authentik OIDC native (OAUTH_CLIENT_ID/SECRET env, OPENID_PROVIDER_URL)

¶ VM-HM-SVC-PROD-01