XM XM SYSTEMS self-hosted infrastructure

NETWORK TOPOLOGY

Zen · 1Gbps FTTP Unifi Debian 13
Physical network topology
Zen Internet City Fibre · 1 Gbps FTTP · Symmetrical ↗ docs Port 5 · WAN XAN-CGU Unifi Cloud Gateway Ultra 10.36.100.1 · Firewall · IDS/IPS · VLAN routing ↗ docs CGU Port 2 CGU Port 3 XAN-USW-DOWNSTAIRS USW Lite 16 PoE · 10.36.100.11 P4 · P5 · P7 · P10 · P15 · P16 ↗ docs XAN-USW-UPSTAIRS USW Lite 16 PoE · 10.36.100.10 P3 · P5 · P7 ↗ docs P16 P10 P15 P4 P7 PoE P5 · VLAN 102 P3 P7 PoE P5 · VLAN 102 Titan 10.36.100.150 i5-12600 · 64GB RTX4000 · 32TB Debian 13 31 containers Phobos 10.36.100.151 i5-10400 · 32GB Jonsbo N4 NAS Debian 13 14 containers Tethys 10.36.100.152 i5-6500 · 16GB HP 280 G2 SFF Debian 13 Monitoring NCC-1702 10.36.100.2 Raspberry Pi 4 Pi-hole Primary nebula-sync + PiVPN U6-Enterprise 10.36.100.254 WiFi 6 · 802.11ax 2.4 / 5 GHz Downstairs PoE powered VLAN 102 Reolink 10.36.102.225 Indoor PoE Cam VLAN 102 isolated ↗ motioneye NCC-1703 10.36.100.3 Raspberry Pi 3B Pi-hole 2ndary nebula-sync Upstairs UAP-AC-LR 10.36.100.253 WiFi 5 · 802.11ac 2.4 / 5 GHz Seamless roaming Upstairs VLAN 102 Dahua 10.36.102.222 Outdoor PoE Cam VLAN 102 isolated ↗ motioneye — services & DNS DNS · Pi-hole sync reverse proxy · Traefik metrics scrape · Prometheus PiVPN · WireGuard Pi-hole × 3 NCC-1702 (.2) · NCC-1703 (.3) · NCC-1704 (Docker · Phobos) Synced via nebula-sync · Network-wide ad-blocking Upstream: Cloudflare 1.1.1.1 / 1.0.0.1 ↗ docs Cloudflare DNS 1.1.1.1 · 1.0.0.1 · Upstream resolver External Access Traefik · Reverse proxy · Titan PiVPN · WireGuard · NCC-1702 Monitoring · Tethys Prometheus · Grafana · CheckMK Uptime Kuma (Phobos) · Unpoller Scrapes: Titan · Phobos · Tethys · Unifi · Pi-hole ↗ docs 10.36.100.0/24 · XMSystems LAN 10.36.102.0/24 · Cameras VLAN
Servers / Gateway
Switches
DNS / Pi-hole
Network / WiFi AP
Cameras · VLAN 102
Monitoring
↗ = link to docs.xmsystems.co.uk
Device quick reference
🌐
XAN-CGU
Gateway · Router · Firewall
10.36.100.1
Model: Unifi Cloud Gateway Ultra
WAN: City Fibre · 1Gbps FTTP · Port 5
DS Switch: Port 2 · US Switch: Port 3
🔀
XAN-USW-DOWNSTAIRS
PoE Switch · Ground Floor
10.36.100.11
Model: USW Lite 16 PoE
Uplink: CGU Port 2
Ports: Titan(P16) Phobos(P10) Tethys(P15) NCC-1702(P4) U6E(P7) Reolink(P5)
🔀
XAN-USW-UPSTAIRS
PoE Switch · First Floor
10.36.100.10
Model: USW Lite 16 PoE
Uplink: CGU Port 3
Ports: NCC-1703(P3) UAP-AC-LR(P7) Dahua(P5)
🖥
Titan
Primary Server
10.36.100.150
CPU: Intel i5-12600 · 64GB DDR4
GPU: Nvidia Quadro RTX 4000
Storage: 32TB RAID6 (6×8TB SAS) + 2TB NVMe
OS: Debian 13 · Headless · 31 containers
🖥
Phobos
Secondary Server · NAS
10.36.100.151
CPU: Intel i5-10400 · 32GB DDR4
Case: Jonsbo N4 NAS
Storage: 4×8TB + 1×4TB WD Red
OS: Debian 13 · Headless · 14 containers
📊
Tethys
Monitoring Host
10.36.100.152
CPU: Intel i5-6500 · 16GB DDR4
Model: HP 280 G2 SFF
OS: Debian 13 · Headless
Stack: Prometheus · Grafana · CheckMK · Unpoller
🛡
NCC-1702
Pi-hole Primary · PiVPN
10.36.100.2
Hardware: Raspberry Pi 4
Role: Primary DNS · Ad-blocking · WireGuard VPN
Switch: Downstairs Port 4
🛡
NCC-1703
Pi-hole Secondary
10.36.100.3
Hardware: Raspberry Pi 3B
Role: Secondary DNS · Ad-blocking
Switch: Upstairs Port 3
📡
U6-Enterprise
WiFi 6 Access Point
10.36.100.254
Standard: WiFi 6 (802.11ax)
Bands: 2.4GHz · 5GHz
Switch: Downstairs Port 7 (PoE)
📡
UAP-AC-LR
WiFi 5 Access Point
10.36.100.253
Standard: WiFi 5 (802.11ac)
Bands: 2.4GHz · 5GHz
Roaming: Seamless with U6-Enterprise
Switch: Upstairs Port 7 (PoE)
📷
Reolink
Indoor PoE Camera
10.36.102.225
VLAN: 102 · Cameras (isolated)
Location: Internal · Downstairs
Switch: Downstairs Port 5 (PoE)
NVR: MotionEye on Phobos
📷
Dahua
Outdoor PoE Camera
10.36.102.222
VLAN: 102 · Cameras (isolated)
Location: External · Upstairs
Switch: Upstairs Port 5 (PoE)
NVR: MotionEye on Phobos