Infrastructure Overview

Services

Service	Subdomain	Port	Container	Stack Path	Status	Notes
BudStab	bud.buckstabu.dev	5000	budstab	/root/server/budstab/	Active	Custom app, Watchtower EXCLUDED
Authelia	auth.buckstabu.dev	9091	authelia	/root/server/authelia/	Active	2FA for all *.buckstabu.dev
Vaultwarden	vault.buckstabu.dev	80	vaultwarden	/root/server/vaultwarden/	Active	Bitwarden-compatible
Ente (web)	ente.buckstabu.dev	3000	my-ente-web-1	/root/server/my-ente/	Active	Google Photos replacement
Ente (API)	api.ente.buckstabu.dev	8080	my-ente-museum-1	/root/server/my-ente/	Active	MEGA S4 backend
Navidrome	music.buckstabu.dev	4533	navidrome	/root/server/navidrome/	Active	rclone MEGA mount
Trek	trek.buckstabu.dev	—	trek	/root/server/trek/	Active	Needs SETUID/SETGID
Blinko	blinko.buckstabu.dev	1111	blinko	/root/server/blinko/	Active	Notes/bookmarks
Watchtower	—	—	watchtower	/root/server/watchtower/	Active	Auto-updates, excludes BudStab
Glance	—	—	glance	/root/server/glance/	Active	Dashboard
Memos	—	—	memos	/root/server/memos/	Active	Memos
Actual	—	—	actual	/root/server/actual/	Active	Budget
SMTP Relay	—	—	smtp-relay	/root/server/smtp-relay/	Active	Brevo, boky/postfix
Notes	—	—	notes	/root/server/notes/	Active	Standard Notes instance
BudStab DB	—	—	—	/root/server/budstab/	Active	SQLite, backup at 03:00

Time	Service	Method	Destination
03:00	BudStab SQLite	GPG AES-256	MEGA S4 dedicated bucket
03:30	Vaultwarden	GPG AES-256	MEGA S4 dedicated bucket
04:00	Ente Postgres	GPG AES-256	MEGA S4 dedicated bucket

SSH Login:

$ssh thomas@89.167.7.211

Navigate to server dir:

$cd /root/server && ls

Check running containers:

$docker ps

Check CrowdSec status:

$sudo systemctl status crowdsec

No-IP DDNS: router sends LAN IP instead of WAN IP to scatto.ddns.net → CrowdSec dynamic home IP whitelisting incomplete
Spotify playlist import: into Navidrome (tunesynctool / NaviSpot) — blocked until MusicBrainz Picard library reorg complete
Seafile: self-hosted E2E storage — not yet implemented