What it is: Web UI for managing Docker containers, images, volumes, and networks. The control plane for everything running in CT 100.

Notes:

• Use Portainer to inspect container logs, restart services, and update images (pull → recreate)
• All other Docker services are deployed via docker-compose files in /opt/docker/ on CT 100
• Portainer itself is started via a standalone docker run command, not compose

What it is: Self-hosted uptime monitoring dashboard. Pings services on a schedule and alerts via Gotify when something goes down.

Monitored services:

• Proxmox Web UI (192.168.8.221:8006)
• Portainer (192.168.8.100:9443)
• Gotify (192.168.8.100:8070)
• N8N (192.168.8.100:5678)
• Pangolin VPS (pangolin.troglodyteconsulting.com)
• Mac Studio ping (192.168.8.180)

Notes:

• Notifications route to Gotify (push to phone)
• Add new monitors from the dashboard — no config file needed

What it is: Self-hosted push notification server. Uptime Kuma and other services send alerts here; the Gotify app on your phone receives them.

Notes:

• Install the Gotify app on iPhone and point it at http://192.168.8.100:8070
• Each sending service (Uptime Kuma, N8N, etc.) needs its own application token — create in the Gotify web UI under Apps
• Messages are stored and browsable in the web UI

What it is: Visual workflow automation engine — think self-hosted Zapier/Make. Connects services together via trigger → action workflows.

Notes:

• Workflows are stored in the data volume — back this up before updating the image
• Can trigger on webhooks, schedules, or incoming messages
• Integrates with Gotify for sending alerts from custom workflows
• Accessible externally via Pangolin if a public webhook endpoint is needed

What it is: Self-hosted music streaming server, Subsonic/OpenSubsonic-compatible. Serves your music library to Feishin on Mac and any Subsonic-compatible app on mobile.

Clients:

• Desktop: Feishin (connects via OpenSubsonic API)
• Mobile: DSub, Symfonium, or any Subsonic app

Notes:

• Library rescans automatically when files change in /mnt/music
• New music lands via the seedbox pipeline: Lidarr → NZBGet → sync-seedbox.sh → /nvmepool/music
• Last.fm scrobbling configured in Navidrome user settings

What it is: Automated music collection manager. Monitors wanted artists/albums, finds them on Usenet via NZBHydra2, and sends download requests to NZBGet on the seedbox.

Pipeline:

1. Daily 4am cron triggers MissingAlbumSearch — Lidarr actively searches all monitored missing albums
2. Lidarr queries Headphones VIP indexer (primary — proper t=music support) and NZBHydra2 (broken for music — altHUB doesn’t support t=music)
3. Matched releases sent to NZBGet on seedbox (tunnel at 192.168.8.221:16789)
4. NZBGet downloads to completed/Music/ on seedbox at ~70 MB/s
5. seedbox-sync.sh (every 15 min) pulls to /nvmepool/ingest/Music/ on Proxmox
6. Lidarr import picks up files and moves to /mnt/music (requires ≥80% MusicBrainz match)
7. Navidrome rescans and adds to library

Notes:

• Image: lscr.io/linuxserver/lidarr:nightly (nightly required for plugin support)
• Quality profile: Lossless (FLAC) preferred
• Release profile blocks: Greatest Hits, Best Of, Collection, Anthology, etc. (prevents import loop)
• 114 monitored artists, ~3,819 missing albums (March 2026)
• Plugins planned: Tidal (TrevTV), Tubifarry (TypNull)
• See Music Pipeline page for full detail

What it is: Self-hosted audiobook and podcast server with a polished web UI and mobile apps.

Notes:

• iOS app available — connects to the local URL or via Pangolin tunnel for remote access
• Supports progress sync across devices
• Podcast feeds can be added directly — no separate podcast app needed
• Metadata fetched from Audible and Google Books automatically

What it is: Book tracking and discovery app — think self-hosted Goodreads backed by the Hardcover catalog.

Notes:

• Uses the Hardcover API for book metadata and cover art
• Track read/reading/want-to-read status
• Separate from Audiobookshelf — this is for physical/ebook tracking, not audio playback

What it is: Book and audiobook search tool that aggregates sources. Proxied outbound through the seedbox SOCKS5 tunnel for exit via Netherlands IP.

Notes:

• The SOCKS5 proxy is provided by seedbox-socks.service (autossh systemd service on CT 100)
• Shelfmark is also exposed as a Pangolin private resource — accessible remotely without opening a local port
• If searches fail, check that seedbox-socks.service is running: systemctl status seedbox-socks.service on CT 100

What it is: Self-hosted RSS feed aggregator with a clean web UI and API support for mobile clients.

Notes:

• Compatible with Fever and Google Reader APIs — most RSS apps on iOS connect via one of these
• OPML import/export supported for migrating feeds
• Feeds refresh on a configurable schedule (default every hour)

What it is: Self-hosted file sync, sharing, and collaboration platform. Runs with a MariaDB backend.

Notes:

• Database container (nextcloud-db) must be running for Nextcloud to function — they share a Docker network
• Desktop sync client points to http://192.168.8.100:8280
• For remote access, expose via Pangolin — do not open port 8280 to the public internet directly
• Run occ commands via: docker exec -u www-data nextcloud php occ <command>

What it is: The remote access stack running on the SSDNodes VPS. Pangolin manages tunnels and access control, Gerbil handles WireGuard, and Traefik is the reverse proxy.

Architecture:

• VPS runs Pangolin + Gerbil (WireGuard) + Traefik
• Proxmox host (192.168.8.221) runs Newt as a systemd service — creates outbound WireGuard tunnel to VPS
• All LAN devices reachable through the tunnel as Pangolin resources
• Farm Proxmox (192.168.0.191) runs its own Newt for the 192.168.0.x subnet

Private resources (accessible without exposing local ports):

• Proxmox Web UI
• Mac Studio
• Router
• Shelfmark

Notes:

• Newt on Proxmox is a systemd service: systemctl status newt on 192.168.8.221
• To add a new resource: Pangolin Dashboard → Sites → Proxmox → Add Resource
• Pangolin version: Community Edition 1.16.2 — check GitHub releases for updates

Services running directly on macOS — not containerized.

Notes:

• Hugo Hub serves the bee-hub documentation site during development; rebuild with hugo to update /public
• Life Archive API and MCP server start via launch agents or manual scripts — check ~/scripts/ for startup commands
• Embed server (LM Studio or custom) must be running for Life Archive RAG embeddings to work

Remote Usenet server accessed via SSH tunnels on Proxmox.

Tunnel management: Both NZBGet and NZBHydra2 tunnels run as systemd services on Proxmox (nzbget-tunnel.service, nzbhydra2-tunnel.service). Check with systemctl status nzbget-tunnel on 192.168.8.221.

What it is: Lightweight web-based server management UI — CPU, memory, disk, storage, logs, services, terminal, and updates all in one browser tab. Runs on both Proxmox and the VPS.

Notes:

• Cockpit is socket-activated — cockpit.service shows inactive until you open the URL, which is normal. cockpit.socket is always listening on port 9090.
• Login with the system root credentials
• Useful for checking logs (journalctl), restarting services, monitoring disk/CPU, and running a quick terminal session without SSH
• Self-signed cert — browser will warn on first visit, just accept

What it is: Open-source smart home automation platform. Runs at the Farm (Brownsville, 192.168.0.x subnet).

Remote access:

• Exposed via Pangolin tunnel from Farm Proxmox (192.168.0.191)
• Farm Proxmox runs its own Newt as a systemd service (not Docker)
• Accessible at ha.troglodyteconsulting.com when the Farm tunnel is up

Notes:

• Farm Proxmox (192.168.0.191) is on a separate network and not always reachable from home — use Pangolin remote URL when off-site or if LAN route is unavailable
• Farm also runs its own Portainer (192.168.0.100:9443), Uptime Kuma (192.168.0.100:3001), and Gotify (192.168.0.100:8070)
• HA configuration lives in the Docker data volume on Farm CT 100 — back up before updates

What it is: Self-hosted document management system with OCR, auto-tagging, and full-text search. Runs on the Mac Studio via Docker.

Start/stop:

cd ~/paperless-ngx/docker
docker compose up -d
docker compose down

Consume folder: Drop files into ~/paperless-ngx/consume/ to ingest. Paperless OCRs, tags, and indexes automatically.

Key volumes:

Notes:

• paperless-ai container is stopped — was used for AI auto-tagging, disabled after memory issues
• Integrated with Life Archive — Paperless documents are a source for the RAG pipeline
• Admin login: delgross / see secure notes