Service Catalog¶
Active Services¶
| Service | Purpose | Status |
|---|---|---|
| OPNsense | Firewall, routing, DNS, VPN, IDS/IPS | Production |
| Proxmox VE | Virtualisation and container management (3-node cluster) | Production |
| OpenMediaVault 7 | NAS — file sharing (NFS/SMB), RAID management | Production |
| UniFi Controller | Switch and AP management | Production |
| Prometheus | Metrics collection — 30 scrape targets across all infrastructure | Production |
| Grafana | Dashboards — Command Center (v2) + Freedom Fleet | Production |
| InfluxDB | Time-series storage for fleet and long-term metrics | Production |
| Uptime Kuma | Service availability monitoring | Production |
| Homepage | Service dashboard at dash.goozlab.net | Production |
| Frigate Exporter | Custom Python exporter — camera FPS, detection, inference metrics | Production |
| Blackbox Exporter | ICMP ping monitoring for IoT VLAN cameras | Production |
| SNMP Exporter | UniFi switch and AP metrics via SNMP v2c | Production |
| Caddy | Reverse proxy — auto-HTTPS for services via Cloudflare DNS-01 | Production |
| Suricata | Network IDS (Hyperscan, igc0/LAN) — tuning in Alert mode | Production |
| CrowdSec | Collaborative threat intelligence and IP blocking | Production |
| Psiphon Conduit | Internet freedom proxy (6-node fleet, shirokhorshid compartment) | Production |
| Tor Snowflake | Additional circumvention bridge — deployed on all Conduit nodes | Production |
| Watchtower | Automated Docker container updates — all Conduit nodes | Production |
| Frigate NVR | Camera recording + AI detection (4 cameras, OpenVINO) | Production |
| Home Assistant | Smart home — Frigate, solar monitoring, MQTT, notifications | Production |
| Wazuh | Security operations centre — SIEM/XDR, 7 agents, vulnerability scanning, MITRE ATT&CK, active response | Production |
Planned Services¶
These follow the established Docker Host LXC pattern:
| Service | Purpose | FUTO Alignment |
|---|---|---|
| Ollama + Open WebUI | Local AI inference | Replaces cloud AI dependencies |
| n8n | Workflow automation | Connects HA, Frigate, Wazuh, Ollama |
| Jellyfin | Media streaming server | Replaces Netflix/Plex cloud |
| Immich | Photo management | Replaces Google Photos (FUTO-sponsored!) |
| Vaultwarden | Password manager | Replaces cloud-based Bitwarden |
| Syncthing | Phone backup and file sync | Replaces Google/iCloud backup |
Deployment Pattern¶
All containerised services use the Docker Host LXC architecture, with the exception of Home Assistant which runs as a dedicated HAOS VM on Proxmox. See Docker Services for the deployment pattern and conventions.