Retired (Apr 2026): BIGGIE (Seagate 5TB USB), Big (932GB SSD), Birch (3×4TB RAIDZ1 — pool destroyed, seedbox sync moved to nvmepool/ingest). Nextcloud removed.

Dataset breakdown (nvmepool):

Dataset breakdown (Biggest):

Speedy, TimeMachineOne, Ichabod/Sort, Amigo/delgross, Amigo/Youtube, Possible Delete — all deleted (Apr 7 and Apr 16 2026). Special vdev (Optane 110GB) and cache SSD (465GB) removed from pool.

Dataset breakdown (offsite):

The offsite pool is a single 18.2 TB drive that travels intermittently to the farm for geographic redundancy. Manual sync before each departure.

CT 100 — docker-host (primary media/apps container)

Bind mounts into CT 100:

CT 101 — immich (dedicated Immich photo management host, created Apr 18 2026)

Bind mounts into CT 101:

Docker-specific notes: IPv6 disabled in /etc/docker/daemon.json (required — ghcr.io was causing connection resets because CT101 has no IPv6 default route). DNS set to 8.8.8.8 + 1.1.1.1.

CT 105 — roon (Roon Server, created May 2026)

Bind mounts into CT 105:

Services: Roon Server (/opt/RoonServer/start.sh) managed by systemd roonserver.service. Roon clients connect via mDNS discovery on LAN or via NetBird (Roon ARC for remote).

Immich is a self-hosted photo and video management platform (Google Photos alternative). Deployed as a 4-container stack on CT 101 via Docker Compose at /opt/immich/. External library points at /nvmepool/photos (1.4 TB, ~134K files) in read-only mode so originals are never modified. Immich’s own data (uploads, thumbnails, transcoded video, Postgres DB, ML model cache) lives in /nvmepool/container-data/immich/. Admin account created on first web access. DB password stored in /opt/immich/.env. Image tag locked to :release.

Plex serves movies, music, photos, video, and audiobooks from nvmepool. Plexamp (iOS/Mac client) connects to it for music. Uses network_mode: host.

Radarr manages the movie library at /mnt/movies (nvmepool/movies). Searches via Prowlarr indexers, downloads via seedbox, auto-renames and organizes movies for Plex. API key: b117993eb50f465ea485654bc0118861. Compose at /opt/radarr/docker-compose.yml.

Filebot (v5.2.1) is installed as a system package on CT100 (/bin/filebot) for ad-hoc movie/media renaming. Not containerized.

Calibre-Web Automated (CWA) serves the book library from /mnt/books (nvmepool/books). Auto-ingests books dropped into /mnt/books/ingest, auto-converts 28 formats to epub, fetches metadata, detects duplicates. Calibre bundled. Default login: admin / admin123. Image: crocodilestick/calibre-web-automated:latest.

Kiwix serves offline reference content (Wikipedia, Stack Exchange, Project Gutenberg, etc.) from /mnt/kiwix (Biggest/Kiwix — zstd compressed, 5.6TB available). ZIM files are downloaded manually from library.kiwix.org. A cron-based watcher (/usr/local/bin/kiwix-watcher.sh, every 5 min) detects new/changed ZIMs via MD5 hash of the file list and restarts the container to pick them up. Compose at /opt/kiwix/docker-compose.yml. Starter ZIM: wikipedia_en_simple_all_nopic_2026-02.zim (922 MB).

Wallabag is a self-hosted read-it-later service (alternative to Pocket/Instapaper). Stack: Wallabag app + MariaDB 11 (wallabag-db) + Redis 7 (wallabag-redis), all on dedicated wallabag-net bridge network. Compose at /opt/wallabag/docker-compose.yml. Secrets (DB password, Symfony secret) saved in /opt/wallabag/credentials.txt (root-only, chmod 600). Data persisted in named Docker volumes (wallabag-db, wallabag-redis, wallabag-images). Default admin account needs to be created on first visit. Browser extensions for Firefox/Chrome and mobile apps (iOS/Android) support direct capture.

ConvertX is a self-hosted file converter supporting 1000+ formats via FFmpeg, Pandoc, LibreOffice, GraphicsMagick, Inkscape, and more. Compose at /opt/convertx/docker-compose.yml. Data persisted in named volume convertx-data. Account registration disabled after first account creation (ACCOUNT_REGISTRATION=false). Converted files auto-delete after 24 hours (AUTO_DELETE_EVERY_N_HOURS=24). HTTP_ALLOWED=true set for local HTTP access.

All shares configured in /etc/samba/smb.conf (no registry shares). valid users = bee, ownership standardized to bee:bee across all datasets. Apple vfs objects = fruit streams_xattr for macOS compatibility.

Mac Finder access: smb://192.168.8.221/<share_name> or via Network → PVE (Avahi/mDNS advertised).

The seedbox is a remote Usenet server at ismene.usbx.me (IP 46.232.210.50). NZBGet runs on the seedbox and downloads to categorized folders. Two SSH tunnels on Proxmox expose the seedbox UIs locally, and cron scripts pull completed files down.

Data flow:

1. Sonarr/Radarr/Lidarr request content → send to NZBGet (Usenet) or Transmission (torrents) on seedbox
2. NZBGet/Transmission download to completed/ directories
3. seedbox-sync.sh (every 15 min) pulls completed downloads to /nvmepool/ingest/
4. *arr apps detect, rename, and move files to final libraries (movies, tv, music, books)
5. Plex library scan triggered automatically via *arr notification on import
6. Plex/Navidrome serve from nvmepool

Download clients on seedbox (ismene.usbx.me):

Indexers (Prowlarr):

Mac Studio Sync:

Backups:

Offsite Backup:

A 20TB Seagate Exos (ST20000NM002C, serial ZXA0FLHC) in an ASMT105x USB 3.2 enclosure serves as the offsite backup drive. Formatted as ZFS pool offsite with zstd compression, atime=off, xattr=sa, ashift=12. Negotiates USB 3.2 Gen 2 (10 Gbps SuperSpeed Plus) on Bus 6 Port 1 — critical to plug into the correct USB-A port: the other USB-A ports on the Minisforum Venus are USB 2.0 and will bottleneck transfers to ~42 MB/s. On the USB 3 port, rsync hits ~200 MB/s sustained (bottlenecked by spinning disk sequential write).

Script: /usr/local/bin/offsite-backup.sh — rsync with --delete for incremental updates. Workflow: connect drive → zpool import offsite → offsite-backup.sh → zpool export offsite → disconnect and take offsite.

Health Monitoring (v2, updated Apr 18 2026):

Script: /usr/local/bin/system-health-check.sh — runs every 15 min via /etc/cron.d/system-health-check. Pushes alerts to Gotify. Checks: root disk space, all 4 active ZFS pools (nvmepool, Biggest, backups, offsite — health + suspended + capacity + removed/faulted vdevs), backup age/location, USB hub errors and pool suspension events, snapshot counts, key services (pveproxy, pvedaemon, smbd). Daily summary at 7 AM.

ZFS Maintenance:

Uptime Kuma (kuma.edmd.me) — 60 monitors covering:

Notification chain: Uptime Kuma → Gotify (pri 8) → Telegram bridge → @beenetworkbot

Notification priority tiers:

All *arr apps (Lidarr, Sonarr, Radarr, Bookshelf) have split Gotify notifications: “Gotify (Info)” at priority 2 for grabs/downloads, “Gotify (Alert)” at priority 8 for health issues and failures.

Cron errors on hpve and CT100 are captured by cron-gotify-wrapper.sh and pushed to Gotify at priority 5 (warning → Telegram). MAILTO="" is set in both crontabs.

Gotify-Telegram Bridge (Docker, /opt/gotify-telegram/): Polls Gotify every 10 seconds via client token. Three-tier priority filtering (Apr 21 2026): only messages with priority ≥5 are forwarded to Telegram (🔴 ≥8 critical, 🟡 5-7 warning). Messages with priority <5 (grabs, routine reports, Watchtower) stay in Gotify only. This prevents notification floods from burying real alerts.

Prometheus + Alertmanager (Docker, monitoring_monitoring network): 19 alert rules across 4 severity groups: critical (host down, disk >90%, OOM, predictive fill), warning (disk >80%, high CPU/RAM/IO, container resource spikes), info (reboots, failed systemd units). Alertmanager routes to a custom Gotify webhook bridge (alertmanager-gotify container) that maps severity → Gotify priority → Telegram filtering. Prometheus scrapes 6 targets: itself, node-ct100, node-proxmox, cadvisor, weather-exporter, alertmanager. Retention: 5 years (1825d). Weather alerts: FrostWarning (<36°F), FreezeAlert (<32°F), HighWindAlert (>40mph gust), HeavyRain (>1in/hr).

Health Check Script (/usr/local/bin/system-health-check.sh): Runs every 15 min via cron (wrapped with cron-gotify-wrapper.sh for stderr capture). Monitors root disk space, all 4 ZFS pools (nvmepool, Biggest, backups, offsite — health/suspended/capacity/vdevs), backup age, USB hub errors, snapshot counts, key services. Daily summary at 7 AM. Alerts via Gotify → Telegram. Updated Apr 18 2026.