# `network.tjo.cloud`

Handling networking between nodes and between virtual machines.

# Architecture

<img align="left" src="docs/arhitecture.excalidraw.svg" width="40%">

__WAN interface__ either represents an actual public interface (on Hetzner) or an interface in home LAN that has port-forwarded ports to it from home router.

__LAN interface__ is an ordinary lan network.

__ingress.tjo.cloud__ has port-forwarded all public ports to it (22, 25, 80, 443, 587 etc.). No other VM is accessible from the internet.

__network.tjo.cloud__ establishes Tailscale VPN connection between other network.tjo.cloud VMs. Using subnet routing it makes it possible that each VM can connect to all other VMs on any Proxmox host.

# Subnets

| Host    | Subnet        |
|---------|---------------|
| batuu   | 10.0.0.16/20  |
| jakku   | 10.0.0.32/20  |
| nevaroo | 10.0.0.48/20  |
|         | 10.0.0.64/20  |
|         | 10.0.0.80/20  |
|         | 10.0.0.96/20  |
|         | 10.0.0.112/20 |
|         | 10.0.0.128/20 |
|         | 10.0.0.144/20 |
|         | 10.0.0.160/20 |
|         | 10.0.0.176/20 |
|         | 10.0.0.192/20 |
|         | 10.0.0.208/20 |
|         | 10.0.0.224/20 |
|         | 10.0.0.240/20 |

# Setting up new Host

### 1. Add new device to terraform.tfvars.

### 2. Manually configure vmbr0 and use import to import it.

### 3. Deploy terraform and manually install OPNsense via console.

### 4. Manually configure Tailscale.
Ref: https://tailscale.com/kb/1097/install-opnsense

### 5. Done!