ZimaBoard running Proxmox VE 8.4.1 with LXC containers
| Service | Local URL | Public URL |
|---|---|---|
| Proxmox UI | https://192.168.1.123:8006 | - |
| CyberTask | http://192.168.1.190:3000 | https://viable-system.com |
| CyberTask API | http://192.168.1.190:3001 | https://api.viable-system.com |
| MCP Gateway | http://192.168.1.196:3000 | http://mcp.deploystack.run |
| Coolify | http://192.168.1.190:8000 | - |
| Plex | http://192.168.1.221:32400/web | https://app.plex.tv |
| Sonarr | http://192.168.1.178:8989 | - |
| Radarr | http://192.168.1.178:7878 | - |
| Invoice Ninja | http://192.168.1.179 | - |
ssh root@192.168.1.123Internet
↓
Router (192.168.1.1)
↓
╔═══════════════════════════════════════════════════════════════════╗
║ Proxmox Host: batmanosama (192.168.1.123) ║
║ ║
║ ┌─────────────────────────────────────────────────────────────┐ ║
║ │ vmbr0 Bridge (192.168.1.0/24 LAN) │ ║
║ └─────────────────────────────────────────────────────────────┘ ║
║ ↓ ↓ ↓ ↓ ↓ ↓ ║
║ ┌────────┐ ┌──────┐ ┌────────┐ ┌──────┐ ┌───────┐ ┌────────┐ ║
║ │ LXC100 │ │LXC102│ │ LXC106 │ │LXC108│ │LXC110 │ │ LXC111 │ ║
║ │coolify │ │wireg.│ │mcp-gw │ │ plex │ │ media │ │invoice │ ║
║ │ .190 │ │ .251 │ │ .196 │ │ .221 │ │ .178 │ │ .179 │ ║
║ └────────┘ └──────┘ └────────┘ └──────┘ └───────┘ └────────┘ ║
╚═══════════════════════════════════════════════════════════════════╝
Self-hosted PaaS Platform
| Service | Port | Description |
|---|---|---|
| Coolify | 8000 | Platform UI |
| CyberTask Frontend | 3000 | → viable-system.com |
| CyberTask Backend | 3001 | → api.viable-system.com |
| Autonomous Opponent | 4000 | AI game system |
| PostgreSQL | 5432 | Database |
| Redis | 6379 | Cache |
| Traefik | 80/443 | Reverse proxy |
Cloudflare Tunnel: 0a4c6c56-dda6-4dd4-bfd4-44655bf71673
VPN Server + PIA Client
| Service | Port | Description |
|---|---|---|
| WireGuard Dashboard | 10086 | VPN management UI |
| WireGuard Server | 51820 | VPN connections |
| PIA VPN | - | Upstream privacy VPN |
VPN Subnet: 10.8.155.0/24
Model Context Protocol Gateway
| Service | Port | Description |
|---|---|---|
| MCP Gateway | 3000 | → mcp.deploystack.run |
Cloudflare Tunnel (on host): 76abb802-24ee-48f8-b06f-0421ae4196f8
Media Server
| Service | Port | Description |
|---|---|---|
| Plex | 32400 | Media streaming |
GPU: Intel iGPU passthrough for hardware transcoding (/dev/dri)
*Complete arr Stack
| Service | Port | Description |
|---|---|---|
| Sonarr | 8989 | TV show automation |
| Radarr | 7878 | Movie automation |
| Prowlarr | 9696 | Indexer manager |
| SABnzbd | 8080 | Usenet downloader |
| qBittorrent | 8081 | Torrent client |
| Jackett | 9117 | Indexer proxy |
| Portainer | 9000 | Docker management |
| Tunarr | 8000 | IPTV/DVR |
Invoicing & Billing
| Service | Port | Description |
|---|---|---|
| Invoice Ninja | 80/443 | Invoicing platform |
# List all containers
pct list
# Start/Stop container
pct start 100
pct stop 100
# Enter container shell
pct enter 100
# View container config
pct config 100# Check container status from host
ssh root@192.168.1.123 "pct list"
# Check Docker in Coolify
ssh root@192.168.1.123 "pct exec 100 -- docker ps"
# Check Plex status
ssh root@192.168.1.123 "pct exec 108 -- systemctl status plexmediaserver"# Host-level tunnel (MCP Gateway)
ssh root@192.168.1.123 "systemctl status cloudflared"
# In-container tunnel (Coolify/CyberTask)
ssh root@192.168.1.123 "pct exec 100 -- docker ps | grep cloudflared"Active DNS Servers:
- Primary:
8.8.8.8(Google) - Secondary:
1.1.1.1(Cloudflare)
Note: Tailscale DNS disabled to allow Cloudflare tunnel resolution.
# List backups
ssh root@192.168.1.123 "ls -la /var/lib/vz/dump/"
# Create backup
ssh root@192.168.1.123 "vzdump 100 --compress zstd --storage local"Host: batmanosama IP: 192.168.1.123 Proxmox Version: 8.4.1 Last Updated: December 25, 2025