network/README.md

# `network.tjo.cloud`

Handling networking between nodes and between virtual machines.

# Architecture

<img align="left" src="docs/arhitecture.excalidraw.svg" width="40%">

__WAN interface__ either represents an actual public interface (on Hetzner) or an interface in home LAN that has port-forwarded ports to it from home router.

__LAN interface__ is an ordinary lan network.

__ingress.tjo.cloud__ has port-forwarded all public ports to it (22, 25, 80, 443, 587 etc.). No other VM is accessible from the internet.

__network.tjo.cloud__ establishes Tailscale VPN connection between other network.tjo.cloud VMs. Using subnet routing it makes it possible that each VM can connect to all other VMs on any Proxmox host.

# Subnets

| Host    | Subnet        |
|---------|---------------|
| batuu   | 10.0.0.16/20  |
| jakku   | 10.0.0.32/20  |
| nevaroo | 10.0.0.48/20  |
|         | 10.0.0.64/20  |
|         | 10.0.0.80/20  |
|         | 10.0.0.96/20  |
|         | 10.0.0.112/20 |
|         | 10.0.0.128/20 |
|         | 10.0.0.144/20 |
|         | 10.0.0.160/20 |
|         | 10.0.0.176/20 |
|         | 10.0.0.192/20 |
|         | 10.0.0.208/20 |
|         | 10.0.0.224/20 |
|         | 10.0.0.240/20 |

# Setting up new Host

### 1. Add new device to terraform.tfvars.

### 2. Manually configure vmbr0 and use import to import it.

### 3. Deploy terraform and manually install OPNsense via console.

### 4. Manually configure Tailscale.
Ref: https://tailscale.com/kb/1097/install-opnsense

### 5. Done!
docs: arhitecture 2024-11-03 09:29:23 +00:00			# `network.tjo.cloud`
Initial commit 2024-11-02 14:27:31 +00:00
docs: arhitecture 2024-11-03 09:29:23 +00:00			`Handling networking between nodes and between virtual machines.`
feat: initial deployment 2024-11-02 18:53:21 +00:00
docs: arhitecture 2024-11-03 09:29:23 +00:00			`# Architecture`

docs: arhitecture 2024-11-03 09:30:14 +00:00			`<img align="left" src="docs/arhitecture.excalidraw.svg" width="40%">`
docs: arhitecture 2024-11-03 09:29:23 +00:00
			`__WAN interface__ either represents an actual public interface (on Hetzner) or an interface in home LAN that has port-forwarded ports to it from home router.`

			`__LAN interface__ is an ordinary lan network.`

			`__ingress.tjo.cloud__ has port-forwarded all public ports to it (22, 25, 80, 443, 587 etc.). No other VM is accessible from the internet.`

			`__network.tjo.cloud__ establishes Tailscale VPN connection between other network.tjo.cloud VMs. Using subnet routing it makes it possible that each VM can connect to all other VMs on any Proxmox host.`

docs: subnets 2024-11-03 09:41:51 +00:00			`# Subnets`

			`\| Host \| Subnet \|`
			`\|---------\|---------------\|`
			`\| batuu \| 10.0.0.16/20 \|`
			`\| jakku \| 10.0.0.32/20 \|`
			`\| nevaroo \| 10.0.0.48/20 \|`
			`\| \| 10.0.0.64/20 \|`
			`\| \| 10.0.0.80/20 \|`
			`\| \| 10.0.0.96/20 \|`
			`\| \| 10.0.0.112/20 \|`
			`\| \| 10.0.0.128/20 \|`
			`\| \| 10.0.0.144/20 \|`
			`\| \| 10.0.0.160/20 \|`
			`\| \| 10.0.0.176/20 \|`
			`\| \| 10.0.0.192/20 \|`
			`\| \| 10.0.0.208/20 \|`
			`\| \| 10.0.0.224/20 \|`
			`\| \| 10.0.0.240/20 \|`

docs: arhitecture 2024-11-03 09:29:23 +00:00			`# Setting up new Host`
feat: initial deployment 2024-11-02 18:53:21 +00:00
			`### 1. Add new device to terraform.tfvars.`

			`### 2. Manually configure vmbr0 and use import to import it.`

			`### 3. Deploy terraform and manually install OPNsense via console.`

			`### 4. Manually configure Tailscale.`
			`Ref: https://tailscale.com/kb/1097/install-opnsense`

			`### 5. Done!`