Infrastructure Operations

Project Summary

Field Value

Field	Value
PRJ ID	PRJ-SPOKE-005
Owner	Evan Rosado
Priority	P0 (Critical)
Status	Active
Repository	`~/atelier/_bibliotheca/domus-infra-ops`
Antora Component	`infra-ops`
Antora Title	Infrastructure Operations
Category	Infrastructure
2026 Commits	917
Site URL	docs.domusdigitalis.dev/infra-ops/

PRJ ID

PRJ-SPOKE-005

Owner

Evan Rosado

Priority

P0 (Critical)

Status

Active

Repository

~/atelier/_bibliotheca/domus-infra-ops

Antora Component

infra-ops

Antora Title

Infrastructure Operations

The Infrastructure Operations component is the largest documentation repository in the Domus ecosystem (917 commits). It is the single source of truth for the entire home enterprise infrastructure: network topology, VLAN design, IP address management, server inventory, VyOS firewall HA, Vault PKI cluster, k3s Kubernetes, DNS (BIND), hypervisor (KVM) management, switch configurations, and operational runbooks.

Every other spoke references infra-ops attributes for IP addresses, hostnames, VLANs, and subnets. It contains over 500 Antora attributes covering every host, IP, VLAN, port, and policy name in the environment.

Scope

In Scope

Network topology and VLAN architecture (7 VLANs, segmented by function)
VyOS HA firewall (VRRP, zone-based policy, NAT, VPN)
Catalyst 3560-CX / C9300 switch configuration (IBNS 2.0, C3PL)
Catalyst 9800-CL WLC and 9120AX AP deployment
HashiCorp Vault 3-node cluster (PKI, SSH CA, KV)
k3s Kubernetes cluster (3 masters, 3 workers, Cilium BGP)
BIND DNS (primary/secondary, forward/reverse zones)
KVM hypervisor management (libvirt, bridges, IPMI)
Wazuh, Zabbix, Prometheus/Grafana monitoring stack
ISE, AD DS, Keycloak, FreeIPA identity services
NAS/Gitea/MinIO storage tier
Deployment runbooks, disaster recovery, change records
ISP/WAN configuration (AT&T Fiber, BGW320)

Out of Scope

Application-level documentation (covered by respective spoke repos)
Secrets management procedures (covered by secrets-ops)
Platform-specific OS administration (covered by linux-ops, windows-ops)

Status

Indicator	Detail
Activity Level	Highly Active — 917 commits, most active repo in the ecosystem
Maturity	Production — comprehensive attribute system (500+ attributes), complete network documentation
Last Activity	Daily — continuous updates
Key Milestones	VyOS HA deployment (replaced pfSense, March 2026) Vault PKI cluster (3-node Raft) k3s cluster with Cilium BGP LoadBalancer BIND DNS (replaced AD DNS) kvm-02 second hypervisor node
Deployment Status	Full production infrastructure documented and operational

Indicator

Detail

Activity Level

Highly Active — 917 commits, most active repo in the ecosystem

Maturity

Production — comprehensive attribute system (500+ attributes), complete network documentation

Last Activity

Daily — continuous updates

Key Milestones

VyOS HA deployment (replaced pfSense, March 2026)
Vault PKI cluster (3-node Raft)
k3s cluster with Cilium BGP LoadBalancer
BIND DNS (replaced AD DNS)
kvm-02 second hypervisor node

Deployment Status

Full production infrastructure documented and operational

Metadata

Field	Value
PRJ ID	PRJ-SPOKE-005
Author	Evan Rosado
Date Created	2026-03-30
Last Updated	2026-03-30
Status	Active
Next Review	2026-04-15

Field

Value

PRJ ID

PRJ-SPOKE-005

Author

Evan Rosado

Date Created

2026-03-30

Last Updated

2026-03-30

Status

Active

Next Review

2026-04-15