Domus Digitalis
Components
Domus Digitalis (Hub) Work Chronicles
Infrastructure Ops ISE Operations ISE Linux 802.1X ISE Windows 802.1X Identity & SSO
Linux Operations Windows Operations Python Operations netapi CLI Automation Ops
Secrets Infrastructure SIEM Operations Observability
Runbooks
PKI & Certificates PKI Strategy DOMUS PKI Ceremony Vault PKI Cert Issuance Vault PKI Quick Reference Vault PKI Verification Vault Cert Deployment ISE Certificate Troubleshooting BYOD Certificate Management
Infrastructure VyOS HA Deployment k3s Kubernetes Windows Server 2025 Core DC ISE 3.4 Deployment 802.1X Troubleshooting
Backup & Recovery Backup Strategy (3-2-1) Backup All Infrastructure Disaster Recovery
Documentation Antora UI Architecture Cloudflare Access + Antora
Tools
Core Tools dsec - Domain Secrets netapi - Network Automation
netapi Commands ISE Commands WLC Commands Cloudflare Commands Vault Commands Keycloak Commands KVM Commands Synology Commands IOS Commands Wazuh Commands
Data Tools DataConnect Queries
Linux
Arch Linux RHEL/Rocky/Alma Debian/Ubuntu
GitHub

Infrastructure Operations

    • Overview
    • Validated Designs
      • Overview
      • Network Infrastructure
        • pfSense HA
        • Cisco Switching
        • Cisco WLC 9800
        • VLAN Architecture
        • BIND DNS
      • Identity & Access
        • Active Directory
        • FreeIPA
        • Keycloak IdP
        • Cisco ISE
        • 802.1X Wired
        • 802.1X Wireless
        • MAB for IoT
        • iPSK
      • PKI & Certificates
        • Vault PKI Hierarchy
        • Vault SSH CA
        • EAP-TLS Certs
        • Server TLS
        • Code Signing
      • Secrets Management
        • gopass Taxonomy
        • Vault KV
        • dsec Workflow
        • Credential Rotation
      • Virtualization
        • KVM/libvirt
        • cloud-init
        • Rocky Linux Base
        • Arch Workstation
      • Kubernetes
        • k3s HA Cluster
        • Cilium CNI
        • MetalLB
        • Traefik Ingress
        • Vault Agent
        • ArgoCD GitOps
        • NFS StorageClass
      • Observability
        • Wazuh SIEM
        • Prometheus Stack
        • Grafana Dashboards
        • AlertManager
        • Log Aggregation
      • Storage & Backup
        • Synology NAS
        • Borg Backup
        • Vault Backup
        • 3-2-1 Strategy
        • Disaster Recovery
      • Automation
        • Ansible Structure
        • Terraform Modules
        • CI/CD Pipelines
        • Pre-commit Hooks
      • Documentation
        • Antora Multi-Repo
        • AsciiDoc Standards
        • D2 Diagrams
        • Cloudflare Pages
      • CLI Tooling
        • netapi CLI
        • dsec CLI
        • Shell Environment
        • Dotfiles
      • Security
        • Linux Hardening
        • Vault Hardening
        • Network Segmentation
        • Certificate Lifecycle
      • VD Template
    • Infrastructure
      • Infrastructure Diagrams
      • Infrastructure Inventory
      • Network Reference
      • Network Topology
    • Documentation Platform
      • Antora Documentation System
      • Team Module Template
      • Documentation Hub Setup
      • Diagram Validation
      • Antora UI Architecture
      • Antora UI Quick Reference
      • Cloudflare Access + Antora
      • Cloudflare Pages Setup
      • Antora Xref Maintenance
    • Services
      • pfSense Overview
      • pfSense DNS Automation
      • pfSense Firewall Rules
      • Network Infrastructure Discovery
      • KVM Overview
      • KVM VM Management
      • KVM Operations & Maintenance
      • KVM Network Discovery
      • KVM HA Shared Storage
      • kvm-01 Migration Plan
      • kvm-02 Deployment
      • kvm-01 Rocky Rebuild
      • Active Directory
      • Keycloak
    • Roadmaps
      • Critical
        • Disaster Recovery (P0)
        • Vault Enterprise Hardening (P1)
      • Security
        • Password Consolidation (gopass v3)
        • ISE 3.4 Cert API Auth
      • Platform
        • Certificore - Certificate Platform
        • FreeIPA Identity Management
        • Documentation Hosting
        • Infrastructure Backup (Jan 2026)
        • Project Polish
      • Hardware
        • Network Visibility TAP
      • Learning
        • Python Crash Course
        • Public Domain Portfolio
      • Templates
        • Roadmap Template
    • Projects
      • Project Inventory
        • Overview
        • Flagship Products
        • Platform Infrastructure
        • Developer Tools
        • Documentation Systems
      • Migrations
        • VyOS Migration (pfSense → VyOS)
          • Overview
          • Planning
          • Phases
            • A: DNS Infrastructure
            • B: VyOS VM Deployment
            • C: Security & Observability
            • D: Pre-Cutover Testing
            • E: VRRP HA
            • F: Advanced Features
          • Rollback
          • Validation & Stabilization
          • Reference
          • Decisions & Risks
          • Field Notes
      • Platform Infrastructure
        • Kubernetes (k3s) Platform
        • Vault PKI Infrastructure
        • Terraform IaC
        • 802.1X Zero Trust Network
        • iPSK Manager HA
        • Secrets Infrastructure
      • CLI Tools
        • netapi CLI
          • Overview
          • Features
          • Implementation
          • Decisions
        • dsec Secrets
          • Overview
          • Architecture
          • Commands
          • Implementation
          • Decisions & Security
        • domus-cli Orchestration
        • dotfiles-optimus
          • Overview
          • Packages
          • Implementation
          • Decisions
      • Documentation Systems
        • domus-docs System
          • Overview
          • Architecture
          • Operations
          • Decisions
        • architectus.dev
        • Architectus Documentation Site
          • Overview
          • Architecture
          • Implementation
          • Operations
          • Decisions
      • Deployment Patterns
        • Linux Research Workstation
      • Completed
        • DC & Vault PKI Migration
        • dsec Vault Migration
          • Overview
          • Architecture
          • Implementation
          • Operations
          • Decisions & Security
      • Reference
        • Linux Ops Reference
      • Templates
        • Project Template
    • Runbooks
      • Active Directory
        • Windows Server 2025 Core DC
        • Windows DC02 (WS2025)
        • AD Bootstrap (ISE Integration)
        • AD Bootstrap Scripts
        • Windows DC & AD CS (Legacy)
      • Vault & PKI
        • PKI Strategy
        • DOMUS PKI Key Ceremony
        • Vault PKI Cert Issuance
        • Vault PKI Quick Reference
        • Vault PKI Verification
        • Vault Certificate Deployment
        • Vault External TLS
        • Vault KV Secrets Deployment
        • Vault SSH CA
        • Vault Backup to NAS
        • Vault HA Deployment
        • Vault Troubleshooting
        • Vault-Wazuh Integration (stub)
        • Rename certmgr-01 → vault-01
        • AD CS Linux Cert Template
        • BYOD Certificate Management
      • ISE & 802.1X
        • ISE 3.5 Deployment
        • ISE Certificate Troubleshooting
        • ISE Guest Cert Automation
        • 802.1X EAP-TLS Troubleshooting
        • Printer EAP-TTLS
        • iPSK Manager Deployment
        • iPSK Manager Failover
        • ISE TAC Case Template
      • Firewall & WAN
        • BGP Dual-Home Deployment
        • pfSense Audit & Backup
        • VyOS Deployment
        • VyOS Quick Ref
        • VyOS VLAN Fast-Track
        • Switch VyOS Integration
        • WLC VyOS Integration
        • pfSense Decommission
      • Wireless
        • WLC HA SSO (9800-CL)
        • WLC EAP-TLS VLAN/DACL
      • DNS & Network
        • BIND DNS Deployment
        • BIND-02 Replica Deployment
        • BIND Infrastructure Records
        • BIND Quick Ref
        • BIND RPZ Content Filtering
        • DNS Operations
        • Add New Host
      • Kubernetes (k3s)
        • k3s Deployment
        • k3s Operations & Maintenance
        • k3s Prometheus + Grafana
        • k3s ArgoCD GitOps
        • k3s Traefik Ingress
        • k3s MetalLB LoadBalancer
        • k3s Wazuh SIEM
        • k3s MinIO S3
      • Backup & DR
        • Backup Strategy (3-2-1)
        • Backup All Infrastructure
        • NAS Share Management
        • Disaster Recovery
        • Cloudflare Pages Git Failover
        • M-Disc Quick Backup
      • Identity & SSH
        • Keycloak Rebuild
        • FreeIPA Deployment
        • SSH Operations
        • YubiKey SSH Validation
        • YubiKey Setup
      • SIEM & Monitoring
        • Wazuh Integrations
        • Wazuh Dashboard Export
      • DevOps & IaC
        • Terraform IaC
        • Git Repository Operations
        • New Domus Repo Checklist
      • Templates
        • Runbook Template
    • Recovery
      • Recovery Architecture
      • Borg Backup
      • Full System Restore
      • Ansible Restore
      • LUKS Header Backup
      • Snapper Snapshots
      • Credential Chain
      • Gocryptfs Vaults
      • Secrets Recovery
      • Git Repositories
      • Storage Layout
      • Recovery Scenarios
      • Recovery Drills
      • Verification
      • Quick Reference
      • mDisk Verbatim
      • Seagate SSD 1
      • Seagate SSD 2
    • Incidents
      • ISE SAML Restoration
      • ISE Certificate Binding Bug
      • Incident Template
    • Sessions
      • Overview & Workflow
      • Session Template
    • Tools
      • dsec Integration
      • netapi Integration
      • DataConnect Query Library
      • Git & Repo Management
      • sed Operations
      • gopass Password Manager
      • Vim / Neovim
      • Browser DevTools
      • gopass Taxonomy
      • gopass Migration Plan
      • Documentation Audit
    • Reference
      • Vault SSH CA Architecture
      • D2/AsciiDoc/Unix Mastery
      • Kubernetes Architecture
      • Kubernetes Advanced
      • Docs as Code
      • AsciiDoc Mastery
    • Hardware
      • Equipment Inventory
      • Supermicro E300-9D-8CN8TP
      • Cisco CW9166I WiFi 6E AP
      • AT&T Fiber Internet 600
    • Reviews
      • Review Template
    • Root Cause Analysis
      • 2026-02-26 Missing Antora Attributes
      • 2026-02-24 Include/Tag Mismatch
      • RCA Template
    • Change Requests
      • CR-2026-03-10 C9130AX AP Deployment
      • CR-2026-03-04 VyOS BIND DNS Records (P1)
      • CR-2026-02-26 Claude Settings Exposure (P0)
      • CR-2026-02-26 Antora Build Fixes (P2)
      • CR-2026-02-26 Wazuh SIEM Integration (P1)
      • CR-2026-02-25 Wazuh Credential Rotation (P0)
      • CR-2026-02-25 Attribute Conversion
      • CHG-2026-02-24 TEAP Implementation
    • Changelog
      • 2026-02-24 Wazuh DNS Fix
      • 2026-02-24 Vault HA Phase 5
      • 2026-02-21 Backup Docs
      • Changelog Template
Infrastructure Operations
  • Automation Operations
  • Domus Digitalis
  • DOMUS ISE Linux
  • Identity & SSO
  • Infrastructure Operations
  • ISE Operations
  • ISE Windows 802.1X
  • Linux Operations
  • netapi - Network Automation Library
  • Observability Operations
  • Python Operations
  • Secrets Infrastructure
  • SIEM Operations
  • Windows Operations
  • Work Chronicles
  • Infrastructure Operations
  • Infrastructure
  • Network Topology

Network Topology

Network topology documentation.

1. Physical Topology

Content pending migration from LaTeX documentation.

2. Logical Topology

See IP Addressing Scheme for network segmentation.

Network Reference Antora Documentation System

This page was built using the Antora default UI.

The source code for this UI is licensed under the terms of the MPL-2.0 license.