sascha.dodenhoeft/expertfab-infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit: Infrastructure documentation

Browse Source 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Sascha Dodenhöft
2026-05-03 13:46:47 +02:00
commit bbe86c55d9
9 changed files with 568 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

97
diagrams/k8s_cluster_diagram.py Normal file
View File

@@ -0,0 +1,97 @@
from diagrams import Cluster, Diagram, Edge
from diagrams.k8s.network import Ingress
from diagrams.k8s.compute import Deployment, StatefulSet
from diagrams.k8s.storage import PVC, StorageClass
from diagrams.onprem.network import Opnsense
from diagrams.onprem.certificates import CertManager
from diagrams.onprem.proxmox import ProxmoxVE
from diagrams.onprem.vcs import Gitea
from diagrams.generic.os import Windows
graph_attr = {
"fontsize": "13",
"pad": "0.6",
"nodesep": "0.5",
"ranksep": "1.0",
"splines": "ortho",
}
with Diagram(
"ExpertFab Infrastruktur",
filename="k8s_cluster",
outformat="png",
show=False,
direction="TB",
graph_attr=graph_attr,
):
# ── Physische Ebene ───────────────────────────────────────────────────────
with Cluster("Proxmox Cluster efproxcl02 95.156.232.42"):
with Cluster("efproxcl02n01 64 vCPU / 128 GB"):
fw = Opnsense("efscfw01\nOPNsense / FW\n10.42.70.1")
n01_kctl = ProxmoxVE("efsckubctl\nK3s control plane")
n01_kn02 = ProxmoxVE("efsckubnode02\nK3s worker")
n01_smtp = ProxmoxVE("efsmtprelay")
n01_trade = ProxmoxVE("eftrade01")
n01_git = Gitea("efgit01 / Gitea\ngit.expertfab.de")
with Cluster("efproxcl02n02 64 vCPU / 128 GB"):
n02_kn1 = ProxmoxVE("efsckubnode1\nK3s worker")
n02_af = ProxmoxVE("efscairflow01\nAirflow")
n02_veeam = ProxmoxVE("efscveeam01\nVeeam Backup")
n02_dc = Windows("efscdc01\nDomain Controller")
n02_print = ProxmoxVE("efscprint01\nPrintserver")
n02_moni = ProxmoxVE("efscmoni01\nMonitoring")
# ── Logische K3s-Ebene ────────────────────────────────────────────────────
# K3s läuft auf: efsckubctl (control) + efsckubnode1 + efsckubnode02
with Cluster("K3s Cluster (efsckubctl · efsckubnode1 · efsckubnode02)"):
cert = CertManager("cert-manager\nLet's Encrypt")
traefik = Ingress("Traefik Ingress\n10.42.71.60")
cert >> traefik
with Cluster("erpnext expertfab.de / www.expertfab.de"):
nginx = Deployment("Nginx")
gunicorn = Deployment("Gunicorn")
workers = Deployment("Workers\ndefault / short / long")
mariadb = StatefulSet("MariaDB 10.6")
df_cache = Deployment("DragonflyDB\ncache")
df_queue = Deployment("DragonflyDB\nqueue")
nginx >> gunicorn >> workers
[gunicorn, workers] >> mariadb
[gunicorn, workers] >> df_cache
workers >> df_queue
with Cluster("paperless docs.expertfab.de"):
paperless = Deployment("Paperless-NGX")
with Cluster("zitadel auth.expertfab.de"):
zitadel = Deployment("Zitadel")
with Cluster("rabbitmq api.expertfab.de"):
fastapi = Deployment("FastAPI")
with Cluster("coworkbase coworkbase.de"):
cowork = Deployment("Coworkbase")
with Cluster("qubicticker qubicticker.qchief.io"):
ticker = Deployment("Qubicticker")
traefik >> [nginx, paperless, zitadel, fastapi, cowork, ticker]
with Cluster("Longhorn Storage"):
sc = StorageClass("longhorn")
pvc_mariadb = PVC("MariaDB 10 Gi RWO")
pvc_sites = PVC("Sites 10 Gi RWX")
pvc_logs = PVC("Logs 5 Gi RWX")
pvc_queue = PVC("Queue 2 Gi RWO")
sc >> [pvc_mariadb, pvc_sites, pvc_logs, pvc_queue]
mariadb >> Edge(style="dashed") >> pvc_mariadb
gunicorn >> Edge(style="dashed") >> pvc_sites
nginx >> Edge(style="dashed") >> pvc_logs
df_queue >> Edge(style="dashed") >> pvc_queue
# ── Verbindungen ──────────────────────────────────────────────────────────
fw >> traefik
n01_git >> Edge(label="image pull", style="dashed") >> nginx