latest changes

2024-11-06 12:11:06 -05:00
parent aece8a8a1b
commit bcf01374d6
1 changed files with 7 additions and 8 deletions
--- a/README.md
+++ b/README.md
@@ -32,8 +32,8 @@ All of the sites and services that I run locally are hosted on various hardware

 | Form Factor  | Purpose         | Operating System | Notes                                                             |
 | ------------ | --------------- | ---------------- | ----------------------------------------------------------------- |
-| Embedded     | Gateway         | OpenWRT          | Gateway, firewall, and inbound reverse proxy. Migrating to IPfire |
-| Embedded     | Docker host     | Debian           | Docker containers live here                                       |
+| Embedded     | Gateway         | pfSense          | Gateway, firewall, and inbound reverse proxy. Migrating to IPfire |
+| Embedded x3  | Docker host     | Debian           | Docker containers live here                                       |
 | Mid-size ATX | Network storage | TrueNAS SCALE    | Central storage server - ZFS 50TiB                                |
 | Embedded     | Voice/audio     | Raspbian         | Listens for smart home commands and played TTS voices             |
 | Embedded     | Voice/audio     | Raspbian         | Listens for smart home commands and played TTS voices             |
@@ -43,22 +43,22 @@ All of the sites and services that I run locally are hosted on various hardware

 ## Software

-* `openwrt` - Gateway/firewall/wifi operating system. Used as a gateway/firewall/HTTPS reverse proxy.
-* `trueNAS scale` - File storage server implementing OpenZFS file system. Serves network file systems (SMB/NFS) as well as block storage (iSCSI).
+* `pfSense` - Gateway/firewall operating system. Also the VPN endpoint for road-warriors.
+* `TrueNAS scale` - File storage server implementing OpenZFS file system. Serves network file systems (SMB/NFS) as well as block storage (iSCSI).
 * `Kodi` - Dedicated and flexible media player software for displaying on the main TV. Ensures that media is played at high quality (4K, 60Hz, HDR10). Can be controlled from home automation.
-* `nginx` - Inbound HTTPS reverse proxy. Also used to reverse proxy sites hosted in docker (each docker compose stack has an nginx container).
+* `traefik` - Inbound HTTPS reverse proxy. Also used to reverse proxy sites hosted in docker swarm services.
 * `bind` - Local DNS authority. Serves master zones only.
 * `unbound` - Local DNS relay. Also performs DNS based ad-blocking.
 * `isc-dhcpd` - Local DHCP server. Works with bind to allocate DNS names to DHCP clients.
 * `wireguard` - VPN to cloud as well as road-warrior connections. Also used to VPN outbound for private internet browsing.
 * `acme.sh` - Public TLS certificate automation on gateway server.
-* `postfix` - Local email authority server (configured for virtual hosts and virtual address). This runs in the cloud (outbound relay, inbound queue) and on-prod (local mailbox).
+* `postfix` - Local email authority server for local mailboxes. Additional cloud deployment for outbound relay and inbound queue.
 * `dovecot` - IMAP access to mail directories.
 * `rspamd` - Inbound email spam filtering. This runs in the cloud.
 * `clamav` - Inbound email anti-virus. This run in the cloud.
 * `opendkim/opendmarc` - Inbound/outbound email signing/validation. This runs in the cloud (inbound validation) and on-prem (signing).
 * `postfixadmin` - Postfix admin website.
-* `home assistant` - Home automation software. Used with Zigbee smart devices. Can pipe music/voice into snapcast.
+* `home assistant` - Home automation software. Used with Zigbee smart devices.
 * `snapcast` - Synchronized multi-room home audio. This server plays audio (voice and music) to the 2 Raspberry Pi's.
 * `mopidy` - Media player server used to play media from multiple sources. Pipes music into snapcast.
 * `opentts` - Voice synthesizer. Used when requesting voice audio from smart home. API returns wav files for rhasspy.
@@ -81,7 +81,6 @@ All of the sites and services that I run locally are hosted on various hardware
 * `unifi` - WiFi access point management software. Connects to the Ubiquity WiFi AP.
 * `opencas` - Vulnerability management software.
 * `firefly-iii` - Local finance server. I've implemented a script that will grab OFX files from my bank and import into this server daily.
-* `traefik` - Ingress load balancer for kubernetes.

 [manios.ca-badge]: https://img.shields.io/badge/manios.ca-online-brightgreen
 [manios.ca]: https://www.manios.ca/