mocode-software/meldestelle
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Fix: Align table formatting in Zora documentation and update Keycloak-related configurations
Build and Publish Docker Images / build-and-push (., backend/infrastructure/gateway/Dockerfile, api-gateway, api-gateway) (push) Successful in 7m42s
Details
Build and Publish Docker Images / build-and-push (., backend/services/ping/Dockerfile, ping-service, ping-service) (push) Successful in 7m1s
Details
Build and Publish Docker Images / build-and-push (., config/docker/caddy/web-app/Dockerfile, web-app, web-app) (push) Successful in 2m58s
Details
Build and Publish Docker Images / build-and-push (., config/docker/keycloak/Dockerfile, keycloak, keycloak) (push) Successful in 1m34s
Details

Browse Source
This commit is contained in:
Stefan Mogeritsch
2026-03-10 21:39:30 +01:00
parent d825e962d2
commit 92cb45f4f1
12 changed files with 195 additions and 119 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/01_Architecture/Minisforum-MS-R1/SSoT_Konfigurations-Masterplan_Zora.md
+75 -75
View File
@@ -7,13 +7,13 @@ owner: DevOps Engineer
## 1. System-Umgebung (Infrastruktur)
| Parameter | Wert | Erklärung |
|:-----------------------|:----------------|:-------------------------------------------------------------|
| **Architektur** | `linux/arm64` | Native Architektur von Zora (CIX P1 / CP8180). |
| **Hypervisor** | Proxmox VE 8.4.10 | `pve.mo-code.at` — Web-UI: `https://pve.mo-code.at:8006` |
| **Proxmox-Node-IP** | `10.0.0.20` | SSH: `ssh root@10.0.0.20` |
| **Netz-Bridge** | `vmbr0` | Alle VMs und Container im Subnetz `10.0.0.0/24` |
| **Gateway (Router)** | `10.0.0.138` | Standard-Gateway für alle VMs/Container |
| Parameter | Wert | Erklärung |
|:---------------------|:------------------|:---------------------------------------------------------|
| **Architektur** | `linux/arm64` | Native Architektur von Zora (CIX P1 / CP8180). |
| **Hypervisor** | Proxmox VE 8.4.10 | `pve.mo-code.at` — Web-UI: `https://pve.mo-code.at:8006` |
| **Proxmox-Node-IP** | `10.0.0.20` | SSH: `ssh root@10.0.0.20` |
| **Netz-Bridge** | `vmbr0` | Alle VMs und Container im Subnetz `10.0.0.0/24` |
| **Gateway (Router)** | `10.0.0.138` | Standard-Gateway für alle VMs/Container |
### VM & Container Übersicht
@@ -30,77 +30,77 @@ owner: DevOps Engineer
### Detaillierte Ressourcen-Konfiguration
#### CT 100 — pangolin-client (LXC)
| Parameter | Wert |
|:-----------------|:---------------------------------------|
| **OS** | Ubuntu, arm64 |
| **CPU** | 4 Cores (cpulimit=4) |
| **RAM** | 512 MiB + 512 MiB Swap |
| **Disk** | 8 GB (`local:100/vm-100-disk-0.raw`) |
| **Netzwerk** | eth0 → vmbr0, IP `10.0.0.21/24`, GW `10.0.0.138`, Firewall: Yes |
| **Typ** | Unprivileged, nesting=1 |
| **Autostart** | Ja — order=1, up=30 |
| Parameter | Wert |
|:--------------|:----------------------------------------------------------------|
| **OS** | Ubuntu, arm64 |
| **CPU** | 4 Cores (cpulimit=4) |
| **RAM** | 512 MiB + 512 MiB Swap |
| **Disk** | 8 GB (`local:100/vm-100-disk-0.raw`) |
| **Netzwerk** | eth0 → vmbr0, IP `10.0.0.21/24`, GW `10.0.0.138`, Firewall: Yes |
| **Typ** | Unprivileged, nesting=1 |
| **Autostart** | Ja — order=1, up=30 |
#### CT 101 — gitea (LXC)
| Parameter | Wert |
|:-----------------|:---------------------------------------|
| **OS** | Ubuntu, arm64 |
| **CPU** | 4 Cores |
| **RAM** | 1.00 GiB + 512 MiB Swap |
| **Disk** | 20 GB (`local:101/vm-101-disk-0.raw`) |
| **Netzwerk** | eth0 → vmbr0, IP `10.0.0.22/24`, GW `10.0.0.138`, Firewall: Yes |
| **Typ** | Unprivileged, nesting=1 |
| **Autostart** | Ja — order=2, up=30 |
| Parameter | Wert |
|:--------------|:----------------------------------------------------------------|
| **OS** | Ubuntu, arm64 |
| **CPU** | 4 Cores |
| **RAM** | 1.00 GiB + 512 MiB Swap |
| **Disk** | 20 GB (`local:101/vm-101-disk-0.raw`) |
| **Netzwerk** | eth0 → vmbr0, IP `10.0.0.22/24`, GW `10.0.0.138`, Firewall: Yes |
| **Typ** | Unprivileged, nesting=1 |
| **Autostart** | Ja — order=2, up=30 |
#### CT 103 — immich (LXC)
| Parameter | Wert |
|:-----------------|:---------------------------------------|
| **OS** | Ubuntu, arm64 |
| **CPU** | 8 Cores |
| **RAM** | 10.00 GiB + 512 MiB Swap |
| **Root Disk** | 200 GB (`local:103/vm-103-disk-0.raw`) |
| **Mount Point** | mp0: `/mnt/immich_gross``/mnt/fotos` (Foto-Bibliothek) |
| **Netzwerk** | eth0 → vmbr0, IP `10.0.0.24/24`, GW `10.0.0.138`, Firewall: Yes |
| **Typ** | Unprivileged, nesting=1, keyctl=1, fuse=1 |
| **Autostart** | Ja — order=3, up=30 |
| Parameter | Wert |
|:----------------|:----------------------------------------------------------------|
| **OS** | Ubuntu, arm64 |
| **CPU** | 8 Cores |
| **RAM** | 10.00 GiB + 512 MiB Swap |
| **Root Disk** | 200 GB (`local:103/vm-103-disk-0.raw`) |
| **Mount Point** | mp0: `/mnt/immich_gross``/mnt/fotos` (Foto-Bibliothek) |
| **Netzwerk** | eth0 → vmbr0, IP `10.0.0.24/24`, GW `10.0.0.138`, Firewall: Yes |
| **Typ** | Unprivileged, nesting=1, keyctl=1, fuse=1 |
| **Autostart** | Ja — order=3, up=30 |
#### CT 120 — ai-stack (LXC)
| Parameter | Wert |
|:-----------------|:---------------------------------------|
| **OS** | Ubuntu 24.04, arm64 |
| **CPU** | 10 Cores (cpulimit=10, cpuunits=1024) |
| **RAM** | 48.00 GiB + 4.00 GiB Swap |
| **Disk** | 200 GB (`local:120/vm-120-disk-0.raw`) |
| **Netzwerk** | eth0 → vmbr0, IP `10.0.0.60/24`, GW `10.0.0.138`, Firewall: Yes |
| **Typ** | Unprivileged, nesting=1, keyctl=1 |
| **Autostart** | Nein |
| **Dienste** | Ollama :11434, Open WebUI :3001 |
| Parameter | Wert |
|:--------------|:----------------------------------------------------------------|
| **OS** | Ubuntu 24.04, arm64 |
| **CPU** | 10 Cores (cpulimit=10, cpuunits=1024) |
| **RAM** | 48.00 GiB + 4.00 GiB Swap |
| **Disk** | 200 GB (`local:120/vm-120-disk-0.raw`) |
| **Netzwerk** | eth0 → vmbr0, IP `10.0.0.60/24`, GW `10.0.0.138`, Firewall: Yes |
| **Typ** | Unprivileged, nesting=1, keyctl=1 |
| **Autostart** | Nein |
| **Dienste** | Ollama :11434, Open WebUI :3001 |
#### VM 110 — meldestelle-host (QEMU/KVM)
| Parameter | Wert |
|:-----------------|:-----------------------------------------------------------------|
| **BIOS** | OVMF (UEFI) |
| **Machine** | virt (ARM64, aarch64) |
| **CPU** | 8 Cores (1 Socket, host-type, numa=1) |
| **RAM** | 16.00 GiB (balloon=0, kein Dynamic Memory) |
| **Disk** | 150 GB SSD (`local:110/vm-110-disk-1.qcow2`, aio=io_uring, iothread=1, ssd=1) |
| **EFI Disk** | `local:110/vm-110-disk-0.qcow2`, efitype=4m, 64 MB |
| **Netzwerk** | virtio, bridge=vmbr0, Firewall: Yes |
| **SCSI** | VirtIO SCSI single |
| **Autostart** | Nein (order=any) |
| **QEMU Agent** | Enabled |
| **Dienste** | Docker App-Stack (API :8081, Keycloak :8180, Prometheus :9090, Grafana :3000) |
| Parameter | Wert |
|:---------------|:------------------------------------------------------------------------------|
| **BIOS** | OVMF (UEFI) |
| **Machine** | virt (ARM64, aarch64) |
| **CPU** | 8 Cores (1 Socket, host-type, numa=1) |
| **RAM** | 16.00 GiB (balloon=0, kein Dynamic Memory) |
| **Disk** | 150 GB SSD (`local:110/vm-110-disk-1.qcow2`, aio=io_uring, iothread=1, ssd=1) |
| **EFI Disk** | `local:110/vm-110-disk-0.qcow2`, efitype=4m, 64 MB |
| **Netzwerk** | virtio, bridge=vmbr0, Firewall: Yes |
| **SCSI** | VirtIO SCSI single |
| **Autostart** | Nein (order=any) |
| **QEMU Agent** | Enabled |
| **Dienste** | Docker App-Stack (API :8081, Keycloak :8180, Prometheus :9090, Grafana :3000) |
#### VM 102 — gitea-runner (QEMU/KVM)
| Parameter | Wert |
|:-----------------|:-----------------------------------------------------------------|
| **BIOS** | OVMF (UEFI) |
| **Machine** | virt (ARM64) |
| **CPU** | 8 Cores (1 Socket, host-type, numa=1) |
| **RAM** | 16.00 GiB (balloon=0, kein Dynamic Memory) |
| **Disk** | 50 GB SSD (`local:102/vm-102-disk-1.qcow2`, aio=io_uring, iothread=1) |
| **EFI Disk** | `local:102/vm-102-disk-0.qcow2`, efitype=4m, 64 MB |
| **Netzwerk** | virtio, bridge=vmbr0, Firewall: Yes |
| **SCSI** | VirtIO SCSI single |
| Parameter | Wert |
|:-------------|:----------------------------------------------------------------------|
| **BIOS** | OVMF (UEFI) |
| **Machine** | virt (ARM64) |
| **CPU** | 8 Cores (1 Socket, host-type, numa=1) |
| **RAM** | 16.00 GiB (balloon=0, kein Dynamic Memory) |
| **Disk** | 50 GB SSD (`local:102/vm-102-disk-1.qcow2`, aio=io_uring, iothread=1) |
| **EFI Disk** | `local:102/vm-102-disk-0.qcow2`, efitype=4m, 64 MB |
| **Netzwerk** | virtio, bridge=vmbr0, Firewall: Yes |
| **SCSI** | VirtIO SCSI single |
## 2. Mail-Relay (SSoT Identity)
@@ -112,13 +112,13 @@ Diese Daten müssen in der Spring Boot `application.yml` oder `.env` abgeglichen
## 3. Docker-Image Checkliste (ARM64 Kompatibilität)
| Dienst | Empfohlenes Image | Status |
|:---------------|:-------------------------------------------|:-----------------------------------------------|
| **Datenbank** | `postgres:16-alpine` | ARM64 Support: Ja |
| **Cache** | `valkey/valkey:9-alpine` | ARM64 Support: Ja (Besserer Support als Redis) |
| **Identity** | `quay.io/keycloak/keycloak:26.4` | ARM64 Support: Ja (Offiziell) |
| **Monitoring** | `prom/prometheus:v3.7.3` | ARM64 Support: Ja |
| **Dashboards** | `grafana/grafana:12.3` | ARM64 Support: Ja |
| Dienst | Empfohlenes Image | Status |
|:---------------|:-----------------------------------|:------------------------------|
| **Datenbank** | `postgres:16-alpine` | ARM64 Support: Ja |
| **Cache** | `valkey/valkey:9-alpine` | ARM64 Support: Ja |
| **Identity** | `quay.io/keycloak/keycloak:26.5.5` | ARM64 Support: Ja (Offiziell) |
| **Monitoring** | `prom/prometheus:v3.7.3` | ARM64 Support: Ja |
| **Dashboards** | `grafana/grafana:12.3` | ARM64 Support: Ja |
## 4. Backend & Gateway (Spring Boot)