diff --git a/10-systems/automations/smart-home-overview.md b/10-systems/automations/smart-home-overview.md new file mode 100644 index 0000000..791f8f8 --- /dev/null +++ b/10-systems/automations/smart-home-overview.md @@ -0,0 +1,66 @@ +--- +owner: gmikcon +status: active +last_reviewed: 2026-05-10 +review_interval: 90d +confidence: medium +source_of_truth: owner-described-and-nmap-observed +--- + +# Smart Home Overview + +The smart-home environment is a separate operational domain inside the home infrastructure. It is connected to both local networks through the dual-homed smart-home server. + +## Core Host + +- Host inventory id: `smart-home-server`. +- Home LAN address: `192.168.1.101`. +- Home IoT LAN address: `192.168.2.101`. +- Related host document: [../servers/smart-home-server.md](../servers/smart-home-server.md) + +## Network Context + +Smart-home and IoT devices primarily belong to `home-iot-lan`: + +- CIDR: `192.168.2.0/24`. +- Gateway: `192.168.2.1`. +- Router interface: `re0` / `LANTECH`. +- Wi-Fi nodes: `home_iot_0`, `home_iot_1`, `home_iot_2`. +- Mesh mode: disabled intentionally. + +The smart-home server is also present on `home-lan`: + +- CIDR: `192.168.1.0/24`. +- Gateway: `192.168.1.1`. +- Router interface: `re2` / `LANMAIN`. + +Current policy allows full access between `home-lan` and `home-iot-lan`. Future policy may isolate the networks and may deny internet access from the IoT network. + +## Known Service Surface + +Observed on `smart-home-server`: + +- SSH on TCP `22`. +- HTTP on TCP `80`. +- HTTPS on TCP `443`. +- rpcbind on TCP `111`. + +The exact smart-home application stack still needs to be documented. + +## Documentation Policy + +Document smart-home knowledge at three levels: + +- network topology and trust boundaries; +- controller/server stack and backup procedure; +- important device classes and automations. + +Do not promote every sensor, lamp, phone, TV, or temporary device into canonical inventory. Keep dynamic device sightings in discovery observations unless the device is infrastructure-relevant, has a static/reserved address, or participates in critical automation. + +## Open Questions + +- Exact smart-home platform and version. +- Backup procedure for smart-home configuration. +- Device classes present in `home-iot-lan`. +- Which devices require internet access. +- Which devices should remain reachable from `home-lan` after future isolation. diff --git a/10-systems/hardware/3d-printers.md b/10-systems/hardware/3d-printers.md new file mode 100644 index 0000000..a71547c --- /dev/null +++ b/10-systems/hardware/3d-printers.md @@ -0,0 +1,54 @@ +--- +owner: gmikcon +status: active +last_reviewed: 2026-05-10 +review_interval: 180d +confidence: low +source_of_truth: owner-described +--- + +# 3D Printers + +This document records the known 3D-printing devices in the home infrastructure. It is intentionally high-level until exact IP addresses, management UIs, and operational workflows are confirmed. + +## Inventory + +### Klipper 3D Printer + +- Inventory id: `klipper-3d-printer`. +- Type: 3D printer. +- Controller: Raspberry Pi. +- Firmware/control stack: Klipper. +- Network: local network, exact address not yet documented. +- Management UI: not yet documented. + +### Bambu Lab A1 + +- Inventory id: `bambulab-a1-3d-printer`. +- Vendor/model: Bambu Lab A1. +- Type: 3D printer. +- Network: local network, exact address not yet documented. +- Management UI/API: not yet documented. + +## Documentation Policy + +3D printers are infrastructure-relevant because they are networked devices with local management surfaces and physical side effects. + +Document: + +- static or reserved IP addresses; +- management UI/API endpoints; +- controller host details for the Klipper printer; +- update and backup procedures for printer configuration; +- whether the device requires internet/cloud access; +- firewall or network-isolation constraints. + +Do not document account passwords, API tokens, cloud credentials, or printer access secrets. + +## Open Questions + +- Which network each printer uses: `home-lan` or `home-iot-lan`. +- Whether either printer has a static DHCP lease. +- Exact IP addresses and hostnames. +- Klipper UI stack: Mainsail, Fluidd, OctoPrint, or another interface. +- Whether Bambu Lab A1 is used only locally or through Bambu cloud features. diff --git a/10-systems/servers/smart-home-server.md b/10-systems/servers/smart-home-server.md index a4a299f..0f0ac03 100644 --- a/10-systems/servers/smart-home-server.md +++ b/10-systems/servers/smart-home-server.md @@ -34,4 +34,8 @@ The current policy allows full access between the two local networks. A future policy may isolate the IoT LAN from the home LAN and possibly deny IoT internet access. +## Related Documentation + +- Smart-home overview: [../automations/smart-home-overview.md](../automations/smart-home-overview.md) + No raw credentials are documented here. diff --git a/40-inventory/hardware.yml b/40-inventory/hardware.yml index 2c4a4ea..09af8f4 100644 --- a/40-inventory/hardware.yml +++ b/40-inventory/hardware.yml @@ -107,3 +107,36 @@ docs: ../10-systems/networks/pfsense-router.md last_reviewed: 2026-05-10 source_of_truth: ssh-pfsense + +- id: klipper-3d-printer + name: Klipper 3D Printer + type: 3d-printer + status: active + location: home + hardware_role: + - fabrication-device + - network-device + controller: + type: raspberry-pi + firmware_stack: Klipper + network_interfaces: [] + runs_hosts: [] + docs: ../10-systems/hardware/3d-printers.md + last_reviewed: 2026-05-10 + source_of_truth: owner-described + +- id: bambulab-a1-3d-printer + name: Bambu Lab A1 + type: 3d-printer + status: active + location: home + vendor: Bambu Lab + model: A1 + hardware_role: + - fabrication-device + - network-device + network_interfaces: [] + runs_hosts: [] + docs: ../10-systems/hardware/3d-printers.md + last_reviewed: 2026-05-10 + source_of_truth: owner-described diff --git a/40-inventory/services.yml b/40-inventory/services.yml index 9ffbc5b..0c3f24b 100644 --- a/40-inventory/services.yml +++ b/40-inventory/services.yml @@ -103,3 +103,24 @@ runbook: "" last_reviewed: 2026-05-09 source_of_truth: ssh-nginx-and-owner-confirmed + +- id: smart-home-platform + name: Smart Home Platform + type: smart-home + status: active + host: smart-home-server + domains: [] + ports: + - 80 + - 443 + criticality: high + network_context: + - home-lan + - home-iot-lan + controlled_device_scope: + - smart-home-devices + - iot-devices + docs: ../10-systems/automations/smart-home-overview.md + runbook: "" + last_reviewed: 2026-05-10 + source_of_truth: owner-described-and-nmap-observed