# Applications, websites, infrastructure services, workers, and daemons. --- - id: external-openvpn-server name: External OpenVPN Server type: vpn status: active host: external-vps domains: [] ports: [] criticality: high docs: ../10-systems/traffic-routes/public-gnexus-space-to-internal-nginx.md runbook: "" last_reviewed: 2026-05-09 source_of_truth: owner-confirmed - id: internal-openvpn-client name: Internal OpenVPN Client type: vpn-client status: active host: internal-proxy-vps domains: [] ports: [] criticality: high docs: ../10-systems/servers/internal-proxy-vps.md runbook: "" last_reviewed: 2026-05-09 source_of_truth: owner-confirmed - id: internal-nginx-proxy name: Internal nginx Reverse Proxy type: reverse-proxy status: active host: internal-proxy-vps domains: - gnexus-space - git-gnexus-space - jellyfin-gnexus-space - lytvak-gnexus-space - minecraft-gnexus-space - auth-gnexus-space - cloud-gnexus-space - files-gnexus-space - navi-gnexus-space - transmission-gnexus-space ports: - 80 - 443 nginx: version: nginx/1.18.0 enabled_sites: - auth.gnexus.space - cloud.gnexus.space - files.gnexus.space - git.gnexus.space - gnexus.space - jellyfin.gnexus.space - navi.gnexus.space - transmission.gnexus.space available_sites_not_confirmed_enabled: - anicusi.gnexus.space - cats.gnexus.space - fdroid.gnexus.space - ferumina.gnexus.space - lytvak.gnexus.space - mail.gnexus.space - minecraft.gnexus.space - ollama.gnexus.space - sups.gnexus.space - topics.gnexus.space proxy_mappings: - domain: auth.gnexus.space upstream: http://192.168.1.167 enabled: true - domain: cloud.gnexus.space upstream: http://192.168.1.152 enabled: true - domain: files.gnexus.space upstream: http://192.168.1.157 enabled: true - domain: git.gnexus.space upstream: http://192.168.1.156 enabled: true - domain: gnexus.space upstream: http://192.168.1.151 enabled: true - domain: jellyfin.gnexus.space upstream: http://192.168.1.153:8096 enabled: true - domain: navi.gnexus.space upstream: http://192.168.1.168:8000 enabled: true - domain: transmission.gnexus.space upstream: http://192.168.1.154:3000 enabled: true - domain: lytvak.gnexus.space upstream: http://192.168.1.167 enabled: false - domain: minecraft.gnexus.space upstream: tcp://192.168.1.218:25565 enabled: false criticality: high docs: ../10-systems/servers/internal-proxy-vps.md runbook: "" last_reviewed: 2026-05-09 source_of_truth: ssh-nginx-and-owner-confirmed - id: smart-home-platform name: Smart Home Platform type: smart-home status: active host: smart-home-server domains: [] ports: - 80 - 443 criticality: high network_context: - home-lan - home-iot-lan controlled_device_scope: - smart-home-devices - iot-devices stack: backend: PHP 8.3 FPM web_server: nginx database: MySQL framework: Fury custom PHP microframework frontend: JavaScript/SCSS build with gulp/esbuild/sass device_firmware: ESP8266/ESP32 firmware using sh_core_esp8266 application_paths: repository: /home/shome/smart-home-server backend_root: /home/shome/smart-home-server/server webclient_root: /home/shome/smart-home-server/webclient devices_root: /home/shome/smart-home-server/devices docs_root: /home/shome/smart-home-server/docs architecture_policy: automation_logic: ControlScripts are the only intended place for device-control business logic. device_control: Devices and web clients should not directly control other devices through external REST APIs. docs: ../10-systems/automations/smart-home-overview.md runbook: "" last_reviewed: 2026-05-10 source_of_truth: owner-described-and-ssh-host - id: gitbucket name: GitBucket type: git-hosting status: active host: gitbucket domains: - git-gnexus-space ports: - 80 criticality: high public_url: https://git.gnexus.space/ internal_upstream: http://192.168.1.156 repository_owner: root repository_count_observed: 65 api: base_url: https://git.gnexus.space/api/v3 compatibility: GitHub-compatible API surface auth: personal-access-token credential_reference: owner-managed docs: ../10-systems/applications/gitbucket.md runbook: "" last_reviewed: 2026-05-10 source_of_truth: gitbucket-api-and-nginx-proxy