d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
579a3bbe3a5ef114973496975ca25eebdcbcee1d
proxmox/config/proxmox-operational-template.json
defiQUG dbd517b279 Sync workspace: config, docs, scripts, CI, operator rules, and submodule pointers. 
- Update dbis_core, cross-chain-pmm-lps, explorer-monorepo, metamask-integration, pr-workspace/chains
- Omit embedded publish git dirs and empty placeholders from index

Made-with: Cursor
2026-04-12 06:12:20 -07:00

2051 lines
49 KiB
JSON
Raw Blame History

{
"schemaVersion": "1.0.0",
"updated": "2026-04-09",
"description": "Operational template: Proxmox VE nodes, LAN/WAN, NPMplus ingress, workloads (VMID/IP/hostname/FQDN), Besu peering summary, and deployment prerequisites. Authoritative detail remains in docs/04-configuration/ALL_VMIDS_ENDPOINTS.md and config/ip-addresses.conf \u2014 update those first, then sync this file. Proxmox hypervisor mgmt FQDN: mgmt_fqdn on each proxmox_nodes[] entry = short-hostname.sankofa.nexus (see PROXMOX_FQDN_*). Live inventory: Order VMIDs 10000/10001/10020 on r630-01; five-node SSH audit default. Prior: 2026-04-05 Hyperledger recovery, VMID 2410, 7806.",
"canonicalSources": [
"config/ip-addresses.conf",
"docs/04-configuration/ALL_VMIDS_ENDPOINTS.md",
"docs/11-references/NETWORK_CONFIGURATION_MASTER.md",
"docs/03-deployment/DEPLOYMENT_ORDER_OF_OPERATIONS.md",
"docs/02-architecture/CHAIN138_CANONICAL_NETWORK_ROLES_VALIDATORS_SENTRY_AND_RPC.md"
],
"network": {
"management_lan": {
"cidr": "192.168.11.0/24",
"gateway": "192.168.11.1",
"vlan_id": 11,
"vlan_name": "MGMT-LAN",
"dns_resolvers_preferred": [
"1.1.1.1",
"1.0.0.1"
]
},
"public_ipv4_block_spectrum": {
"cidr": "76.53.10.32/28",
"gateway": "76.53.10.33",
"udm_pro_port_forwards": "80/443/81 per NPMplus instance; see npmplus_instances[]"
}
},
"proxmox_nodes": [
{
"hostname": "ml110",
"mgmt_fqdn": "ml110.sankofa.nexus",
"mgmt_ipv4": "192.168.11.10",
"role": "legacy_cluster_member_or_wan_aggregator",
"ui_url": "https://192.168.11.10:8006",
"notes": "Repurpose to OPNsense/pfSense WAN aggregator planned; migrate workloads to R630s before cutover. See NETWORK_CONFIGURATION_MASTER.md."
},
{
"hostname": "r630-01",
"mgmt_fqdn": "r630-01.sankofa.nexus",
"mgmt_ipv4": "192.168.11.11",
"role": "primary_compute_chain138_rpc_ccip_relay_sankofa",
"ui_url": "https://192.168.11.11:8006",
"cluster_name": "h"
},
{
"hostname": "r630-02",
"mgmt_fqdn": "r630-02.sankofa.nexus",
"mgmt_ipv4": "192.168.11.12",
"role": "firefly_npmplus_secondary_mim4u_mifos_support",
"ui_url": "https://192.168.11.12:8006",
"cluster_name": "h"
},
{
"hostname": "r630-03",
"mgmt_fqdn": "r630-03.sankofa.nexus",
"mgmt_ipv4": "192.168.11.13",
"role": "spare_compute_storage_thin_pools_core_rpc2",
"ui_url": "https://192.168.11.13:8006",
"cluster_name": "h",
"notes": "Besu core RPC 2102 and related when placed here; often empty of guests. See NETWORK_CONFIGURATION_MASTER.md."
},
{
"hostname": "r630-04",
"mgmt_fqdn": "r630-04.sankofa.nexus",
"mgmt_ipv4": "192.168.11.14",
"role": "spare_compute_ceph_osd",
"ui_url": "https://192.168.11.14:8006",
"cluster_name": "h",
"notes": "Spare guests; Ceph OSDs per hardware plan."
}
],
"cluster_peering": {
"stack": "Proxmox VE + corosync",
"cluster_name": "h",
"ring0": {
"network": "192.168.11.0/24",
"description": "Management LAN; all nodes reach gateway 192.168.11.1"
},
"firewall_udp": [
"5405-5412"
],
"documentation": [
"docs/04-configuration/UDM_PRO_PROXMOX_CLUSTER.md"
]
},
"besu_chain138_peering_model": {
"chain_id": 138,
"summary": "Validators (1000\u20131004) \u2194 Sentries (1500\u20131510) \u2194 RPC tier (2101\u20132103 core/admin, 2201 public, 230x/2400/2420\u20132480 permissioned-private, 2401\u20132403 thirdweb specialized). Use canonical roles doc for allowed adjacencies and ops.",
"p2p_port_tcp_udp": 30303,
"doc_ref": "docs/02-architecture/CHAIN138_CANONICAL_NETWORK_ROLES_VALIDATORS_SENTRY_AND_RPC.md"
},
"deployment_requirements": {
"infrastructure": [
"UDM Pro: VLAN 11, gateway, port forwards to NPMplus internal IPs",
"Proxmox: quorate cluster; vmbr0 (VLAN-aware) on each node; storage for CT/VM disks",
"DNS: public A/AAAA or Cloudflare for d-bis.org, sankofa.nexus, defi-oracle.io hostnames",
"NPMplus proxy hosts aligned with ALL_VMIDS_ENDPOINTS NPMplus table (fix stale targets e.g. rpc.public-0138 \u2192 192.168.11.240:443)"
],
"chain138_contracts": [
"Core RPC VMID 2101 http://192.168.11.211:8545 for deploy only",
"smom-dbis-138/.env: PRIVATE_KEY, RPC_URL_138, gas/nonce discipline per DEPLOYMENT_ORDER_OF_OPERATIONS.md Phase 0"
],
"operator_automation": [
"Repo root .env + smom-dbis-138/.env for operator scripts (load-project-env.sh)",
"Phoenix Deploy API optional: PHOENIX_RAILING_URL on Sankofa API; manifest GET /api/v1/public-sector/programs"
]
},
"npmplus_instances": [
{
"vmid": 10233,
"internal_ipv4": [
"192.168.11.166",
"192.168.11.167"
],
"primary_ingress_ip": "192.168.11.167",
"public_ipv4": "76.53.10.36",
"purpose": "Main d-bis.org, explorer, Option B RPC hostnames, MIM4U, primary ingress"
},
{
"vmid": 10234,
"internal_ipv4": [
"192.168.11.168"
],
"public_ipv4": "76.53.10.37",
"purpose": "Secondary / HA NPMplus (verify running; doc may show stopped)",
"status_note": "Confirm on cluster before relying on HA"
},
{
"vmid": 10235,
"internal_ipv4": [
"192.168.11.169"
],
"public_ipv4": "76.53.10.38",
"designated_public_ip_alt": "76.53.10.42",
"purpose": "rpc-core-2, Alltra, HYBX \u2014 see NPMPLUS_ALLTRA_HYBX_MASTER_PLAN.md"
},
{
"vmid": 10236,
"internal_ipv4": [
"192.168.11.170"
],
"public_ipv4": "76.53.10.40",
"purpose": "Dev/Codespaces tunnel, Gitea, Proxmox admin UI"
},
{
"vmid": 10237,
"internal_ipv4": [
"192.168.11.171"
],
"purpose": "Mifos NPMplus front; mifos.d-bis.org \u2192 VMID 5800"
}
],
"services": [
{
"vmid": 100,
"hostname": "proxmox-mail-gateway",
"ipv4": "192.168.11.32",
"preferred_node": "r630-03",
"category": "infra",
"purpose": "Proxmox Mail Proxy / LAN SMTP relay for apps (dbis_core, alerts); Postfix 25+587+465 live on CT (2026-03-30)",
"ports": [
{
"port": 25,
"name": "smtp"
},
{
"port": 587,
"name": "submission"
},
{
"port": 465,
"name": "smtps"
}
],
"fqdns": []
},
{
"vmid": 101,
"hostname": "proxmox-datacenter-manager",
"ipv4": "192.168.11.33",
"preferred_node": "r630-02",
"category": "infra",
"ports": [
{
"port": 8006,
"name": "pve-ui"
}
],
"fqdns": []
},
{
"vmid": 104,
"hostname": "gitea",
"ipv4": "192.168.11.31",
"preferred_node": "r630-02",
"category": "infra",
"ports": [
{
"port": 80,
"name": "http"
},
{
"port": 443,
"name": "https"
}
],
"fqdns": []
},
{
"vmid": 105,
"hostname": "nginxproxymanager",
"ipv4": "192.168.11.26",
"preferred_node": "r630-01",
"category": "legacy_proxy",
"ports": [
{
"port": 80
},
{
"port": 81
},
{
"port": 443
}
],
"fqdns": []
},
{
"vmid": 130,
"hostname": "monitoring-1",
"ipv4": "192.168.11.27",
"preferred_node": "r630-01",
"category": "monitoring",
"ports": [
{
"port": 80
},
{
"port": 443
}
],
"fqdns": []
},
{
"vmid": 1000,
"hostname": "besu-validator-1",
"ipv4": "192.168.11.100",
"preferred_node": "r630-01",
"category": "besu_validator",
"ports": [
{
"port": 30303,
"name": "p2p"
},
{
"port": 9545,
"name": "metrics"
}
],
"peering_layer": "validators_to_sentries",
"fqdns": []
},
{
"vmid": 1001,
"hostname": "besu-validator-2",
"ipv4": "192.168.11.101",
"preferred_node": "r630-01",
"category": "besu_validator",
"ports": [
{
"port": 30303
},
{
"port": 9545
}
],
"peering_layer": "validators_to_sentries",
"fqdns": []
},
{
"vmid": 1002,
"hostname": "besu-validator-3",
"ipv4": "192.168.11.102",
"preferred_node": "r630-01",
"category": "besu_validator",
"ports": [
{
"port": 30303
},
{
"port": 9545
}
],
"peering_layer": "validators_to_sentries",
"fqdns": []
},
{
"vmid": 1003,
"hostname": "besu-validator-4",
"ipv4": "192.168.11.103",
"preferred_node": "r630-03",
"category": "besu_validator",
"ports": [
{
"port": 30303
},
{
"port": 9545
}
],
"peering_layer": "validators_to_sentries",
"fqdns": []
},
{
"vmid": 1004,
"hostname": "besu-validator-5",
"ipv4": "192.168.11.104",
"preferred_node": "r630-03",
"category": "besu_validator",
"ports": [
{
"port": 30303
},
{
"port": 9545
}
],
"peering_layer": "validators_to_sentries",
"fqdns": []
},
{
"vmid": 1500,
"hostname": "besu-sentry-1",
"ipv4": "192.168.11.150",
"preferred_node": "r630-01",
"category": "besu_sentry",
"ports": [
{
"port": 30303
},
{
"port": 9545
}
],
"peering_layer": "sentry_boundary",
"fqdns": []
},
{
"vmid": 1501,
"hostname": "besu-sentry-2",
"ipv4": "192.168.11.151",
"preferred_node": "r630-01",
"category": "besu_sentry",
"ports": [
{
"port": 30303
},
{
"port": 9545
}
],
"peering_layer": "sentry_boundary",
"fqdns": []
},
{
"vmid": 1502,
"hostname": "besu-sentry-3",
"ipv4": "192.168.11.152",
"preferred_node": "r630-01",
"category": "besu_sentry",
"ports": [
{
"port": 30303
},
{
"port": 9545
}
],
"peering_layer": "sentry_boundary",
"fqdns": []
},
{
"vmid": 1503,
"hostname": "besu-sentry-4",
"ipv4": "192.168.11.153",
"preferred_node": "r630-03",
"category": "besu_sentry",
"ports": [
{
"port": 30303
},
{
"port": 9545
}
],
"peering_layer": "sentry_boundary",
"fqdns": []
},
{
"vmid": 1504,
"hostname": "besu-sentry-ali",
"ipv4": "192.168.11.154",
"preferred_node": "r630-03",
"category": "besu_sentry",
"ports": [
{
"port": 30303
},
{
"port": 9545
}
],
"peering_layer": "sentry_boundary",
"fqdns": []
},
{
"vmid": 1505,
"hostname": "besu-sentry-alltra-1",
"ipv4": "192.168.11.213",
"preferred_node": "r630-03",
"category": "besu_sentry",
"ports": [
{
"port": 30303
},
{
"port": 9545
}
],
"peering_layer": "sentry_boundary",
"fqdns": []
},
{
"vmid": 1506,
"hostname": "besu-sentry-alltra-2",
"ipv4": "192.168.11.214",
"preferred_node": "r630-03",
"category": "besu_sentry",
"ports": [
{
"port": 30303
},
{
"port": 9545
}
],
"peering_layer": "sentry_boundary",
"fqdns": []
},
{
"vmid": 2101,
"hostname": "besu-rpc-core-1",
"ipv4": "192.168.11.211",
"preferred_node": "r630-01",
"category": "rpc_core",
"ports": [
{
"port": 8545,
"name": "jsonrpc-http"
},
{
"port": 8546,
"name": "jsonrpc-ws"
},
{
"port": 30303,
"name": "p2p"
}
],
"peering_layer": "rpc_tier",
"fqdns": [
"rpc-http-prv.d-bis.org",
"rpc-ws-prv.d-bis.org"
]
},
{
"vmid": 2102,
"hostname": "besu-rpc-core-2",
"ipv4": "192.168.11.212",
"preferred_node": "r630-03",
"category": "rpc_core",
"ports": [
{
"port": 8545
},
{
"port": 8546
},
{
"port": 30303
}
],
"peering_layer": "rpc_tier",
"fqdns": [
"rpc-core-2.d-bis.org"
],
"notes": "Nathan core-2; NPMplus 10235 / tunnel per NPMPLUS_FOUR_INSTANCES_MASTER.md"
},
{
"vmid": 2201,
"hostname": "besu-rpc-public-1",
"ipv4": "192.168.11.221",
"preferred_node": "r630-02",
"category": "rpc_public",
"ports": [
{
"port": 8545
},
{
"port": 8546
},
{
"port": 30303
}
],
"peering_layer": "rpc_tier",
"fqdns": [
"rpc-http-pub.d-bis.org",
"rpc-ws-pub.d-bis.org"
]
},
{
"vmid": 2301,
"hostname": "besu-rpc-private-1",
"ipv4": "192.168.11.232",
"preferred_node": "r630-03",
"category": "rpc_private",
"ports": [
{
"port": 8545
},
{
"port": 8546
}
],
"peering_layer": "rpc_tier",
"fqdns": [],
"status_note": "Documented stopped at times; verify before production dependency"
},
{
"vmid": 2303,
"hostname": "besu-rpc-ali-0x8a",
"ipv4": "192.168.11.233",
"preferred_node": "r630-02",
"category": "rpc_named",
"ports": [
{
"port": 8545
},
{
"port": 8546
},
{
"port": 30303
}
],
"peering_layer": "rpc_tier",
"fqdns": []
},
{
"vmid": 2304,
"hostname": "besu-rpc-ali-0x1",
"ipv4": "192.168.11.234",
"preferred_node": "r630-03",
"category": "rpc_named",
"ports": [
{
"port": 8545
},
{
"port": 8546
},
{
"port": 30303
}
],
"peering_layer": "rpc_tier",
"fqdns": []
},
{
"vmid": 2305,
"hostname": "besu-rpc-luis-0x8a",
"ipv4": "192.168.11.235",
"preferred_node": "r630-02",
"category": "rpc_named",
"ports": [
{
"port": 8545
},
{
"port": 8546
},
{
"port": 30303
}
],
"peering_layer": "rpc_tier",
"fqdns": []
},
{
"vmid": 2306,
"hostname": "besu-rpc-luis-0x1",
"ipv4": "192.168.11.236",
"preferred_node": "r630-02",
"category": "rpc_named",
"ports": [
{
"port": 8545
},
{
"port": 8546
},
{
"port": 30303
}
],
"peering_layer": "rpc_tier",
"fqdns": []
},
{
"vmid": 2307,
"hostname": "besu-rpc-putu-0x8a",
"ipv4": "192.168.11.237",
"preferred_node": "r630-02",
"category": "rpc_named",
"ports": [
{
"port": 8545
},
{
"port": 8546
},
{
"port": 30303
}
],
"peering_layer": "rpc_tier",
"fqdns": []
},
{
"vmid": 2308,
"hostname": "besu-rpc-putu-0x1",
"ipv4": "192.168.11.238",
"preferred_node": "r630-02",
"category": "rpc_named",
"ports": [
{
"port": 8545
},
{
"port": 8546
},
{
"port": 30303
}
],
"peering_layer": "rpc_tier",
"fqdns": []
},
{
"vmid": 2400,
"hostname": "thirdweb-rpc-1",
"ipv4": "192.168.11.240",
"preferred_node": "r630-03",
"category": "rpc_thirdweb",
"runtime_state": "active",
"notes": "Thirdweb permissioned/private RPC with translator. No ADMIN API.",
"ports": [
{
"port": 443,
"name": "nginx"
},
{
"port": 8545
},
{
"port": 8546
},
{
"port": 9645,
"name": "translator-http"
},
{
"port": 9646,
"name": "translator-ws"
}
],
"peering_layer": "rpc_tier",
"fqdns": [
"rpc.public-0138.defi-oracle.io"
]
},
{
"vmid": 2410,
"hostname": "info-defi-oracle-web",
"ipv4": "192.168.11.218",
"preferred_node": "r630-02",
"category": "dapp",
"runtime_state": "active_public_site",
"notes": "Dedicated nginx static host for the Chain 138 info site and token-aggregation reverse proxy. Live CT config on 2026-04-05 confirmed hostname info-defi-oracle-web, onboot=1, and running state.",
"ports": [
{
"port": 80,
"name": "nginx"
}
],
"fqdns": [
"info.defi-oracle.io",
"www.info.defi-oracle.io"
]
},
{
"vmid": 2401,
"hostname": "besu-rpc-thirdweb-0x8a-1",
"ipv4": "192.168.11.241",
"preferred_node": "r630-02",
"category": "rpc_thirdweb_specialized",
"runtime_state": "active_specialized_rpc",
"notes": "Thirdweb specialized RPC. No ADMIN API. HTTP profile: ETH, NET, WEB3, DEBUG, TRACE. WS profile: ETH, NET, WEB3.",
"ports": [
{
"port": 8545
},
{
"port": 8546
},
{
"port": 30303
}
],
"peering_layer": "rpc_tier",
"fqdns": []
},
{
"vmid": 2402,
"hostname": "besu-rpc-thirdweb-0x8a-2",
"ipv4": "192.168.11.242",
"preferred_node": "r630-03",
"category": "rpc_thirdweb_specialized",
"runtime_state": "active_specialized_rpc",
"notes": "Thirdweb specialized RPC. No ADMIN API. HTTP profile: ETH, NET, WEB3, DEBUG, TRACE. WS profile: ETH, NET, WEB3.",
"ports": [
{
"port": 8545
},
{
"port": 8546
},
{
"port": 30303
}
],
"peering_layer": "rpc_tier",
"fqdns": []
},
{
"vmid": 2403,
"hostname": "besu-rpc-thirdweb-0x8a-3",
"ipv4": "192.168.11.243",
"preferred_node": "r630-03",
"category": "rpc_thirdweb_specialized",
"runtime_state": "active_specialized_rpc",
"notes": "Thirdweb specialized RPC. No ADMIN API. HTTP profile: ETH, NET, WEB3, DEBUG, TRACE. WS profile: ETH, NET, WEB3.",
"ports": [
{
"port": 8545
},
{
"port": 8546
},
{
"port": 30303
}
],
"peering_layer": "rpc_tier",
"fqdns": []
},
{
"vmid": 5000,
"hostname": "blockscout-1",
"ipv4": "192.168.11.140",
"preferred_node": "r630-01",
"category": "explorer",
"ports": [
{
"port": 80
},
{
"port": 443
},
{
"port": 4000,
"name": "blockscout-api"
}
],
"fqdns": [
"explorer.d-bis.org"
]
},
{
"vmid": 3500,
"hostname": "oracle-publisher-1",
"ipv4": "192.168.11.29",
"preferred_node": "r630-02",
"category": "oracle",
"ports": [],
"fqdns": []
},
{
"vmid": 3501,
"hostname": "ccip-monitor-1",
"ipv4": "192.168.11.28",
"preferred_node": "r630-02",
"category": "ccip",
"ports": [],
"fqdns": []
},
{
"vmid": 5200,
"hostname": "cacti-1",
"ipv4": "192.168.11.80",
"preferred_node": "r630-02",
"category": "monitoring",
"runtime_state": "active_besu_connector_gateway",
"notes": "Live Besu-facing Hyperledger Cacti gateway reverified on 2026-04-05; local API on 4000 and local gRPC sidecar on 5000 are healthy.",
"ports": [
{
"port": 80
},
{
"port": 443
},
{
"port": 4000
},
{
"port": 5000
}
],
"fqdns": []
},
{
"vmid": 6000,
"hostname": "fabric-1",
"ipv4": "192.168.11.113",
"preferred_node": "r630-02",
"category": "dlt",
"runtime_state": "active_sample_network",
"notes": "Restored and reverified on 2026-04-05 as an operational Hyperledger Fabric sample network with one orderer and two peers on mychannel. Boot recovery is handled by fabric-sample-network.service inside the CT.",
"ports": [
{
"port": 7051
},
{
"port": 7050
},
{
"port": 9443
},
{
"port": 9444
},
{
"port": 9445
}
],
"fqdns": []
},
{
"vmid": 6400,
"hostname": "indy-1",
"ipv4": "192.168.11.64",
"preferred_node": "r630-02",
"category": "dlt",
"runtime_state": "active_validator_pool",
"notes": "Reverified on 2026-04-05 as a healthy four-node local Indy validator pool with listeners bound on 9701-9708.",
"ports": [
{
"port": 9701,
"name": "indy-range-start"
}
],
"fqdns": []
},
{
"vmid": 6200,
"hostname": "firefly-1",
"ipv4": "192.168.11.35",
"preferred_node": "r630-02",
"category": "firefly",
"runtime_state": "active_minimal_gateway",
"notes": "Restored 2026-03-28 as a minimal local FireFly gateway on ghcr.io/hyperledger/firefly:v1.2.0; reverified on 2026-04-05 with API, Postgres, IPFS, and firefly.service all healthy after normalizing the compose version line for the installed docker-compose.",
"ports": [
{
"port": 80
},
{
"port": 443
},
{
"port": 5000
}
],
"fqdns": []
},
{
"vmid": 6201,
"hostname": "firefly-ali-1",
"ipv4": "192.168.11.57",
"preferred_node": "r630-02",
"category": "firefly",
"runtime_state": "retired_standby_until_rebuilt",
"notes": "CT exists in inventory only. As of 2026-03-28 it is stopped, its rootfs is effectively empty, and no valid FireFly deployment payload is present. Do not treat as an active secondary node.",
"ports": [
{
"port": 80
},
{
"port": 443
},
{
"port": 5000
}
],
"fqdns": []
},
{
"vmid": 10100,
"hostname": "dbis-postgres-primary",
"ipv4": "192.168.11.105",
"preferred_node": "r630-01",
"category": "dbis",
"ports": [
{
"port": 5432
}
],
"fqdns": []
},
{
"vmid": 10101,
"hostname": "dbis-postgres-replica-1",
"ipv4": "192.168.11.106",
"preferred_node": "r630-01",
"category": "dbis",
"ports": [
{
"port": 5432
}
],
"fqdns": []
},
{
"vmid": 10120,
"hostname": "dbis-redis",
"ipv4": "192.168.11.125",
"preferred_node": "r630-01",
"category": "dbis",
"ports": [
{
"port": 6379
}
],
"fqdns": []
},
{
"vmid": 10130,
"hostname": "dbis-frontend",
"ipv4": "192.168.11.130",
"preferred_node": "r630-01",
"category": "dbis",
"ports": [
{
"port": 80
},
{
"port": 443
}
],
"fqdns": [
"dbis-admin.d-bis.org",
"secure.d-bis.org"
]
},
{
"vmid": 10150,
"hostname": "dbis-api-primary",
"ipv4": "192.168.11.155",
"preferred_node": "r630-01",
"category": "dbis",
"purpose": "Reserved for dbis_core API; live CT runs python http.server placeholder; /tmp/smtp.env.example for SMTP when Node deployed",
"ports": [
{
"port": 3000
}
],
"fqdns": [
"dbis-api.d-bis.org"
]
},
{
"vmid": 10151,
"hostname": "dbis-api-secondary",
"ipv4": "192.168.11.156",
"preferred_node": "r630-01",
"category": "dbis",
"purpose": "Same as 10150: placeholder static server until dbis_core Node API deployed",
"ports": [
{
"port": 3000
}
],
"fqdns": [
"dbis-api-2.d-bis.org"
]
},
{
"vmid": 7810,
"hostname": "mim-web-1",
"ipv4": "192.168.11.37",
"preferred_node": "r630-02",
"category": "mim4u",
"ports": [
{
"port": 80
},
{
"port": 443
}
],
"fqdns": [
"mim4u.org",
"www.mim4u.org",
"secure.mim4u.org",
"training.mim4u.org"
],
"notes": "nginx proxies /api/ to 7811"
},
{
"vmid": 7811,
"hostname": "mim-api-1",
"ipv4": "192.168.11.36",
"preferred_node": "r630-02",
"category": "mim4u",
"ports": [
{
"port": 3001,
"name": "api-backend"
}
],
"fqdns": []
},
{
"vmid": 7800,
"hostname": "sankofa-api-1",
"ipv4": "192.168.11.50",
"preferred_node": "r630-01",
"category": "sankofa_phoenix",
"ports": [
{
"port": 4000,
"name": "graphql"
}
],
"fqdns": [
"phoenix.sankofa.nexus",
"www.phoenix.sankofa.nexus"
]
},
{
"vmid": 7801,
"hostname": "sankofa-portal-1",
"ipv4": "192.168.11.51",
"preferred_node": "r630-01",
"category": "sankofa_phoenix",
"runtime_state": "active_client_sso_surface",
"notes": "Client SSO Next.js surface for portal.sankofa.nexus and admin.sankofa.nexus. Corporate apex ownership moved to VMID 7806.",
"ports": [
{
"port": 3000
}
],
"fqdns": [
"portal.sankofa.nexus",
"admin.sankofa.nexus"
]
},
{
"vmid": 7802,
"hostname": "sankofa-keycloak-1",
"ipv4": "192.168.11.52",
"preferred_node": "r630-01",
"category": "sankofa_phoenix",
"ports": [
{
"port": 8080
}
],
"fqdns": []
},
{
"vmid": 7803,
"hostname": "sankofa-postgres-1",
"ipv4": "192.168.11.53",
"preferred_node": "r630-01",
"category": "sankofa_phoenix",
"ports": [
{
"port": 5432
}
],
"fqdns": []
},
{
"vmid": 7804,
"hostname": "gov-portals-dev",
"ipv4": "192.168.11.54",
"preferred_node": "r630-01",
"category": "sankofa_phoenix",
"ports": [
{
"port": 80
}
],
"fqdns": [
"*.xom-dev.phoenix.sankofa.nexus"
],
"notes": "Sole owner of 192.168.11.54 (gov portals). Order-legal (10070) uses IP_ORDER_LEGAL / 192.168.11.87."
},
{
"vmid": 7805,
"hostname": "sankofa-studio",
"ipv4": "192.168.11.72",
"preferred_node": "r630-01",
"category": "sankofa_phoenix",
"ports": [
{
"port": 8000
}
],
"fqdns": [
"studio.sankofa.nexus"
]
},
{
"vmid": 7806,
"hostname": "sankofa-public-web",
"ipv4": "192.168.11.63",
"preferred_node": "r630-01",
"category": "sankofa_phoenix",
"runtime_state": "active_public_site",
"notes": "Corporate / marketing Next.js surface for sankofa.nexus. Live CT config on 2026-04-05 confirmed hostname sankofa-public-web, onboot=1, and running state.",
"ports": [
{
"port": 3000,
"name": "nextjs"
}
],
"fqdns": [
"sankofa.nexus",
"www.sankofa.nexus"
]
},
{
"vmid": 8640,
"hostname": "vault-phoenix-1",
"ipv4": "192.168.11.200",
"preferred_node": "r630-01",
"category": "vault",
"ports": [
{
"port": 8200
}
],
"fqdns": []
},
{
"vmid": 8641,
"hostname": "vault-phoenix-2",
"ipv4": "192.168.11.215",
"preferred_node": "r630-01",
"category": "vault",
"ports": [
{
"port": 8200
}
],
"fqdns": []
},
{
"vmid": 8642,
"hostname": "vault-phoenix-3",
"ipv4": "192.168.11.202",
"preferred_node": "r630-01",
"category": "vault",
"ports": [
{
"port": 8200
}
],
"fqdns": []
},
{
"vmid": 5800,
"hostname": "mifos-fineract",
"ipv4": "192.168.11.85",
"preferred_node": "r630-02",
"category": "mifos",
"ports": [
{
"port": 80
}
],
"fqdns": [
"mifos.d-bis.org"
]
},
{
"vmid": 5802,
"hostname": "rtgs-scsm-1",
"ipv4": "192.168.11.89",
"preferred_node": "r630-02",
"category": "rtgs-sidecar",
"runtime_state": "active_internal_health_ok",
"notes": "Deployed 2026-03-28/29 as the DBIS RTGS SCSM sidecar. systemd service active, local Redis active, and /actuator/health returned UP. Live Fineract reachability to 5800 is confirmed at the HTTP layer; authenticated production flow still requires final tenant/auth freeze.",
"ports": [
{
"port": 8080
},
{
"port": 6379
}
],
"fqdns": []
},
{
"vmid": 5803,
"hostname": "rtgs-funds-1",
"ipv4": "192.168.11.90",
"preferred_node": "r630-02",
"category": "rtgs-sidecar",
"runtime_state": "active_internal_health_ok",
"notes": "Deployed 2026-03-28/29 as the DBIS RTGS server-funds sidecar. systemd service active, local Redis active, and /actuator/health returned UP. Live Fineract reachability to 5800 is confirmed at the HTTP layer; authenticated production flow still requires final tenant/auth freeze.",
"ports": [
{
"port": 8080
},
{
"port": 6379
}
],
"fqdns": []
},
{
"vmid": 5804,
"hostname": "rtgs-xau-1",
"ipv4": "192.168.11.92",
"preferred_node": "r630-02",
"category": "rtgs-sidecar",
"runtime_state": "active_internal_health_ok",
"notes": "Deployed 2026-03-28/29 as the DBIS RTGS off-ledger-to-on-ledger XAU sidecar. systemd service active and /actuator/health returned UP. Live Fineract reachability to 5800 is confirmed at the HTTP layer; authenticated production flow still requires final tenant/auth freeze.",
"ports": [
{
"port": 8080
},
{
"port": 6379
}
],
"fqdns": []
},
{
"vmid": 5801,
"hostname": "dapp-smom",
"ipv4": "192.168.11.58",
"preferred_node": "r630-02",
"category": "dapp",
"ports": [
{
"port": 80
}
],
"fqdns": [
"dapp.d-bis.org"
]
},
{
"vmid": 5700,
"hostname": "dev-vm-gitops",
"ipv4": "192.168.11.59",
"preferred_node": "any",
"category": "dev",
"ports": [],
"fqdns": [],
"notes": "Shared dev / Gitea; see DEV_VM_GITOPS_PLAN.md"
},
{
"vmid": 5751,
"hostname": "op-stack-deployer-1",
"ipv4": "192.168.11.69",
"preferred_node": "r630-02",
"category": "ai_app",
"ports": [
{
"port": 22,
"name": "ssh"
}
],
"fqdns": [],
"notes": "OP Stack deployer/operator workspace on r630-02 thin5: op-deployer, op-validator, manifests, rollup/genesis artifacts."
},
{
"vmid": 5752,
"hostname": "op-stack-ops-1",
"ipv4": "192.168.11.70",
"preferred_node": "r630-02",
"category": "ai_app",
"ports": [
{
"port": 22,
"name": "ssh"
}
],
"fqdns": [],
"notes": "OP Stack runtime/service staging on r630-02 thin5: op-geth, op-node, batcher, proposer, challenger."
},
{
"vmid": 10230,
"hostname": "order-vault",
"ipv4": "192.168.11.55",
"preferred_node": "r630-01",
"category": "order",
"ports": [
{
"port": 8200
}
],
"fqdns": []
},
{
"vmid": 10232,
"hostname": "ct10232",
"ipv4": "192.168.11.56",
"preferred_node": "r630-01",
"category": "general",
"ports": [],
"fqdns": []
},
{
"vmid": 10060,
"hostname": "order-dataroom",
"ipv4": "192.168.11.42",
"preferred_node": "r630-01",
"category": "order",
"ports": [
{
"port": 80
}
],
"fqdns": []
},
{
"vmid": 10070,
"hostname": "order-legal",
"ipv4": "192.168.11.87",
"preferred_node": "r630-01",
"category": "order",
"ports": [],
"fqdns": [],
"notes": "Moved off .54 2026-03-25 (ARP conflict with VMID 7804). Use IP_ORDER_LEGAL in ip-addresses.conf."
},
{
"vmid": 10210,
"hostname": "order-haproxy",
"ipv4": "192.168.11.39",
"preferred_node": "r630-01",
"category": "order",
"ports": [
{
"port": 80
},
{
"port": 443
}
],
"fqdns": [
"the-order.sankofa.nexus",
"www.the-order.sankofa.nexus"
],
"notes": "NPMplus → HTTP :80; TLS at NPM (LE). VMID 10210."
},
{
"vmid": 10020,
"hostname": "order-redis",
"ipv4": "192.168.11.38",
"preferred_node": "r630-01",
"category": "order",
"ports": [
{
"port": 6379
}
],
"fqdns": [],
"notes": "Dedicated Order Redis LXC (VMID 10020); ORDER_REDIS_IP in ip-addresses.conf."
},
{
"vmid": 3000,
"hostname": "ml-node-1",
"ipv4": "192.168.11.60",
"preferred_node": "r630-03",
"category": "monitoring",
"notes": "Legacy monitor / RPC-adjacent Ubuntu guest. systemd-networkd was re-enabled on 2026-04-05 so the configured static LAN IP is active again.",
"ports": [],
"fqdns": []
},
{
"vmid": 3001,
"hostname": "ml-node-2",
"ipv4": "192.168.11.61",
"preferred_node": "r630-03",
"category": "monitoring",
"notes": "Legacy monitor / RPC-adjacent Ubuntu guest. systemd-networkd was re-enabled on 2026-04-05 so the configured static LAN IP is active again.",
"ports": [],
"fqdns": []
},
{
"vmid": 3002,
"hostname": "ml-node-3",
"ipv4": "192.168.11.62",
"preferred_node": "r630-03",
"category": "monitoring",
"notes": "Legacy monitor / RPC-adjacent Ubuntu guest. systemd-networkd was re-enabled on 2026-04-05 so the configured static LAN IP is active again.",
"ports": [],
"fqdns": []
},
{
"vmid": 3003,
"hostname": "ml-node-4",
"ipv4": "192.168.11.66",
"preferred_node": "r630-03",
"category": "monitoring",
"notes": "Legacy monitor / RPC-adjacent Ubuntu guest. Readdressed from 192.168.11.63 to 192.168.11.66 on 2026-04-05 to remove the live LAN conflict with VMID 7806 (sankofa-public-web), and systemd-networkd was re-enabled the same day.",
"ports": [],
"fqdns": []
},
{
"vmid": 10233,
"hostname": "npmplus-primary",
"ipv4": "192.168.11.167",
"preferred_node": "r630-01",
"category": "npmplus",
"ports": [
{
"port": 80
},
{
"port": 81
},
{
"port": 443
}
],
"fqdns": [],
"notes": "Also .166 on eth0; ingress .167 per NETWORK_CONFIGURATION_MASTER"
},
{
"vmid": 10234,
"hostname": "npmplus-secondary",
"ipv4": "192.168.11.168",
"preferred_node": "r630-02",
"category": "npmplus",
"ports": [
{
"port": 80
},
{
"port": 81
},
{
"port": 443
}
],
"fqdns": []
},
{
"vmid": 10235,
"hostname": "npmplus-alltra-hybx",
"ipv4": "192.168.11.169",
"preferred_node": "r630-02",
"category": "npmplus",
"ports": [
{
"port": 80
},
{
"port": 81
},
{
"port": 443
}
],
"fqdns": []
},
{
"vmid": 10236,
"hostname": "npmplus-fourth-dev",
"ipv4": "192.168.11.170",
"preferred_node": "r630-02",
"category": "npmplus",
"ports": [
{
"port": 80
},
{
"port": 81
},
{
"port": 443
}
],
"fqdns": []
},
{
"vmid": 10237,
"hostname": "npmplus-mifos",
"ipv4": "192.168.11.171",
"preferred_node": "r630-02",
"category": "npmplus",
"ports": [
{
"port": 80
},
{
"port": 81
},
{
"port": 443
}
],
"fqdns": []
},
{
"vmid": 102,
"hostname": "cloudflared",
"ipv4": "192.168.11.34",
"preferred_node": "r630-01",
"category": "tunnel",
"ports": [],
"fqdns": [],
"notes": "Cloudflare tunnel / ingress helper"
},
{
"vmid": 1507,
"hostname": "besu-sentry-hybx-1",
"ipv4": "192.168.11.244",
"preferred_node": "r630-03",
"category": "besu_sentry",
"ports": [
{
"port": 30303
},
{
"port": 9545
}
],
"peering_layer": "sentry_boundary",
"fqdns": []
},
{
"vmid": 1508,
"hostname": "besu-sentry-hybx-2",
"ipv4": "192.168.11.245",
"preferred_node": "r630-03",
"category": "besu_sentry",
"ports": [
{
"port": 30303
},
{
"port": 9545
}
],
"peering_layer": "sentry_boundary",
"fqdns": []
},
{
"vmid": 1509,
"hostname": "besu-sentry-thirdweb-01",
"ipv4": "192.168.11.219",
"preferred_node": "r630-03",
"category": "besu_sentry",
"ports": [
{
"port": 30303
},
{
"port": 9545
}
],
"peering_layer": "sentry_boundary",
"fqdns": [],
"runtime_state": "active",
"notes": "Active Thirdweb sentry on r630-03"
},
{
"vmid": 1510,
"hostname": "besu-sentry-thirdweb-02",
"ipv4": "192.168.11.220",
"preferred_node": "r630-03",
"category": "besu_sentry",
"ports": [
{
"port": 30303
},
{
"port": 9545
}
],
"peering_layer": "sentry_boundary",
"fqdns": [],
"runtime_state": "active",
"notes": "Active Thirdweb sentry on r630-03"
},
{
"vmid": 2103,
"hostname": "besu-rpc-core-thirdweb",
"ipv4": "192.168.11.217",
"preferred_node": "r630-01",
"category": "rpc_core",
"ports": [
{
"port": 8545
},
{
"port": 8546
},
{
"port": 30303
}
],
"peering_layer": "rpc_tier",
"fqdns": []
},
{
"vmid": 2420,
"hostname": "besu-rpc-alltra-1",
"ipv4": "192.168.11.172",
"preferred_node": "r630-01",
"category": "rpc_alltra_hybx",
"ports": [
{
"port": 8545
},
{
"port": 8546
},
{
"port": 30303
}
],
"fqdns": []
},
{
"vmid": 2430,
"hostname": "besu-rpc-alltra-2",
"ipv4": "192.168.11.173",
"preferred_node": "r630-01",
"category": "rpc_alltra_hybx",
"ports": [
{
"port": 8545
},
{
"port": 8546
},
{
"port": 30303
}
],
"fqdns": []
},
{
"vmid": 2440,
"hostname": "besu-rpc-alltra-3",
"ipv4": "192.168.11.174",
"preferred_node": "r630-01",
"category": "rpc_alltra_hybx",
"ports": [
{
"port": 8545
},
{
"port": 8546
},
{
"port": 30303
}
],
"fqdns": []
},
{
"vmid": 2460,
"hostname": "besu-rpc-hybx-1",
"ipv4": "192.168.11.246",
"preferred_node": "r630-01",
"category": "rpc_alltra_hybx",
"ports": [
{
"port": 8545
},
{
"port": 8546
},
{
"port": 30303
}
],
"fqdns": []
},
{
"vmid": 2470,
"hostname": "besu-rpc-hybx-2",
"ipv4": "192.168.11.247",
"preferred_node": "r630-01",
"category": "rpc_alltra_hybx",
"ports": [
{
"port": 8545
},
{
"port": 8546
},
{
"port": 30303
}
],
"fqdns": []
},
{
"vmid": 2480,
"hostname": "besu-rpc-hybx-3",
"ipv4": "192.168.11.248",
"preferred_node": "r630-01",
"category": "rpc_alltra_hybx",
"ports": [
{
"port": 8545
},
{
"port": 8546
},
{
"port": 30303
}
],
"fqdns": []
},
{
"vmid": 5010,
"hostname": "tsunamiswap",
"ipv4": "192.168.11.91",
"preferred_node": "r630-01",
"category": "defi",
"ports": [
{
"port": 80
}
],
"fqdns": []
},
{
"vmid": 5201,
"hostname": "cacti-alltra-1",
"ipv4": "192.168.11.177",
"preferred_node": "r630-02",
"category": "monitoring",
"runtime_state": "active_public_cacti_surface",
"notes": "Public Alltra Cacti surface reverified on 2026-04-05 with nginx on 80/443 and the local Hyperledger Cacti API healthy on 4000.",
"ports": [
{
"port": 80
},
{
"port": 443
},
{
"port": 4000
}
],
"fqdns": []
},
{
"vmid": 5202,
"hostname": "cacti-hybx-1",
"ipv4": "192.168.11.251",
"preferred_node": "r630-02",
"category": "monitoring",
"runtime_state": "active_public_cacti_surface",
"notes": "Public HYBX Cacti surface reverified on 2026-04-05 with nginx on 80/443 and the local Hyperledger Cacti API healthy on 4000.",
"ports": [
{
"port": 80
},
{
"port": 443
},
{
"port": 4000
}
],
"fqdns": []
},
{
"vmid": 5702,
"hostname": "ai-inf-1",
"ipv4": "192.168.11.82",
"preferred_node": "r630-01",
"category": "ai_infra",
"ports": [],
"fqdns": []
},
{
"vmid": 5705,
"hostname": "ai-inf-2",
"ipv4": "192.168.11.86",
"preferred_node": "r630-01",
"category": "ai_infra",
"ports": [],
"fqdns": []
},
{
"vmid": 6001,
"hostname": "fabric-alltra-1",
"ipv4": "192.168.11.178",
"preferred_node": "r630-02",
"category": "dlt",
"runtime_state": "reserved_placeholder_stopped",
"notes": "As of 2026-03-28 this CT has been reclassified as a reserved placeholder and stopped. Earlier app-native checks found no active Fabric payload, processes, or listeners.",
"ports": [
{
"port": 7051
}
],
"fqdns": []
},
{
"vmid": 6002,
"hostname": "fabric-hybx-1",
"ipv4": "192.168.11.252",
"preferred_node": "r630-02",
"category": "dlt",
"runtime_state": "reserved_placeholder_stopped",
"notes": "As of 2026-03-28 this CT has been reclassified as a reserved placeholder and stopped. Earlier app-native checks found no active Fabric payload, processes, or listeners.",
"ports": [
{
"port": 7051
}
],
"fqdns": []
},
{
"vmid": 6401,
"hostname": "indy-alltra-1",
"ipv4": "192.168.11.179",
"preferred_node": "r630-02",
"category": "dlt",
"runtime_state": "reserved_placeholder_stopped",
"notes": "As of 2026-03-28 this CT has been reclassified as a reserved placeholder and stopped. Earlier app-native checks found no active Indy payload, processes, or listeners.",
"ports": [],
"fqdns": []
},
{
"vmid": 6402,
"hostname": "indy-hybx-1",
"ipv4": "192.168.11.253",
"preferred_node": "r630-02",
"category": "dlt",
"runtime_state": "reserved_placeholder_stopped",
"notes": "As of 2026-03-28 this CT has been reclassified as a reserved placeholder and stopped. Earlier app-native checks found no active Indy payload, processes, or listeners.",
"ports": [],
"fqdns": []
},
{
"vmid": 6500,
"hostname": "aries-1",
"ipv4": "192.168.11.88",
"preferred_node": "r630-02",
"category": "identity_agent",
"runtime_state": "active_identity_agent",
"notes": "ACA-Py / askar-anoncreds primary agent reverified on 2026-04-05 with DIDComm on 8030, admin API on 8031, and the local Indy genesis mounted.",
"ports": [
{
"port": 8030
},
{
"port": 8031
}
],
"fqdns": []
},
{
"vmid": 6600,
"hostname": "caliper-1",
"ipv4": "192.168.11.93",
"preferred_node": "r630-02",
"category": "benchmark",
"runtime_state": "active_benchmark_workspace",
"notes": "Hyperledger Caliper workspace reverified on 2026-04-05 with the Besu 1.4 binding and outbound Chain 138 RPC reachability.",
"ports": [],
"fqdns": []
},
{
"vmid": 10000,
"hostname": "order-postgres-primary",
"ipv4": "192.168.11.44",
"preferred_node": "r630-01",
"category": "order",
"ports": [
{
"port": 5432
}
],
"fqdns": [],
"notes": "Sovereign Cloud / Order band; ORDER_POSTGRES_PRIMARY in ip-addresses.conf."
},
{
"vmid": 10001,
"hostname": "order-postgres-replica",
"ipv4": "192.168.11.45",
"preferred_node": "r630-01",
"category": "order",
"ports": [
{
"port": 5432
}
],
"fqdns": [],
"notes": "ORDER_POSTGRES_REPLICA in ip-addresses.conf."
},
{
"vmid": 10030,
"hostname": "order-identity",
"ipv4": "192.168.11.40",
"preferred_node": "r630-01",
"category": "order",
"ports": [],
"fqdns": []
},
{
"vmid": 10040,
"hostname": "order-intake",
"ipv4": "192.168.11.41",
"preferred_node": "r630-01",
"category": "order",
"ports": [],
"fqdns": []
},
{
"vmid": 10050,
"hostname": "order-finance",
"ipv4": "192.168.11.49",
"preferred_node": "r630-01",
"category": "order",
"ports": [],
"fqdns": []
},
{
"vmid": 10080,
"hostname": "order-eresidency",
"ipv4": "192.168.11.43",
"preferred_node": "r630-01",
"category": "order",
"ports": [],
"fqdns": []
},
{
"vmid": 10090,
"hostname": "order-portal-public",
"ipv4": "192.168.11.36",
"preferred_node": "r630-01",
"category": "order",
"ports": [
{
"port": 80
}
],
"fqdns": [],
"notes": "Candidate backend for the-order.sankofa.nexus when wired"
},
{
"vmid": 10091,
"hostname": "order-portal-internal",
"ipv4": "192.168.11.35",
"preferred_node": "r630-01",
"category": "order",
"ports": [],
"fqdns": []
},
{
"vmid": 10092,
"hostname": "order-mcp-legal",
"ipv4": "192.168.11.94",
"preferred_node": "r630-01",
"category": "order",
"ports": [],
"fqdns": [],
"notes": "Moved off 192.168.11.37 on 2026-03-29 after ARP conflict with VMID 7810 mim-web-1. Use IP_ORDER_MCP_LEGAL in ip-addresses.conf."
},
{
"vmid": 10200,
"hostname": "order-prometheus",
"ipv4": "192.168.11.46",
"preferred_node": "r630-01",
"category": "order",
"ports": [
{
"port": 9090
}
],
"fqdns": []
},
{
"vmid": 10201,
"hostname": "order-grafana",
"ipv4": "192.168.11.47",
"preferred_node": "r630-01",
"category": "order",
"ports": [
{
"port": 3000
}
],
"fqdns": []
},
{
"vmid": 10202,
"hostname": "order-opensearch",
"ipv4": "192.168.11.48",
"preferred_node": "r630-01",
"category": "order",
"ports": [
{
"port": 9200
}
],
"fqdns": []
}
]
}
Reference in New Issue View Git Blame Copy Permalink